urlscan.io logo urlscan.io
SecurityTrails logo

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36  Public Scan

Go To Rescan Add Verdict Report
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Submission: On May 14 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 76 IPs in 8 countries across 64 domains to perform 353 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.
This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 20.60.220.36 8075 (MICROSOFT...)
2 77.245.159.14 42868 (NIOBEBILI...)
2 94.138.206.83 49126 (AS49126)
1 2a00:1450:400... 15169 (GOOGLE)
40 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.139.128.10 20446 (STACKPATH...)
8 2.19.224.115 16625 (AKAMAI-AS)
20 185.7.176.222 42910 (PREMIERDC...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 23.32.185.123 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
3 108.138.180.50 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 35.241.45.217 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 8 37.157.6.245 198622 (ADFORM)
2 5 185.89.210.90 29990 (ASN-APPNEX)
3 85.111.6.48 9121 (TTNET)
1 3.70.144.169 16509 (AMAZON-02)
5 2602:803:c003... 26667 (RUBICONPR...)
1 95.101.149.35 16625 (AKAMAI-AS)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 216.52.2.6 32475 (SINGLEHOP...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
2 185.7.176.223 42910 (PREMIERDC...)
1 34.102.243.38 396982 (GOOGLE-CL...)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 33 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 52.222.209.4 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 185.7.176.221 42910 (PREMIERDC...)
3 185.7.176.218 ()
1 2a04:4e42::485 54113 (FASTLY)
2 2600:1901:0:7... 15169 (GOOGLE)
22 2606:4700:20:... 13335 (CLOUDFLAR...)
2 3 2620:116:800d... 16509 (AMAZON-02)
3 3 185.29.132.245 30419 (MEDIAMATH...)
6 24 142.250.186.130 15169 (GOOGLE)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 35.204.74.118 396982 (GOOGLE-CL...)
5 3.33.220.150 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
1 3 178.250.7.11 44788 (ASN-CRITE...)
1 2 46.228.164.11 56396 (AMOBEE)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
4 5 185.64.190.78 62713 (AS-PUBMATIC)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:d::2 44788 (ASN-CRITE...)
1 1 2600:9000:211... 16509 (AMAZON-02)
2 2 54.78.96.233 16509 (AMAZON-02)
4 4 142.250.185.230 15169 (GOOGLE)
4 4 84.200.5.215 44066 (DE-FIRSTC...)
2 167.233.13.224 24940 (HETZNER-AS)
2 104.102.45.165 16625 (AKAMAI-AS)
2 18.133.36.104 16509 (AMAZON-02)
4 37.157.5.72 198622 (ADFORM)
2 18.66.147.120 16509 (AMAZON-02)
2 99.86.4.52 16509 (AMAZON-02)
1 2 2a02:2638:3::c ()
4 3.9.126.162 ()
1 178.250.7.13 ()
1 23.35.236.188 ()
2 23.201.255.110 ()
2 23.32.184.192 ()
8 185.64.189.110 ()
1 1 193.0.160.130 ()
2 2 213.155.156.165 ()
1 34.249.208.98 ()
2 2 34.111.129.221 ()
1 34.111.131.239 ()
5 7 69.173.144.139 ()
1 2620:1ec:21::14 ()
353 76
4    20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pcloak.blob.core.windows.net
2    77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com
www.cloakan.co
2    94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)
ye-mek.net
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
40    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.ye-mek.net
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
images.dmca.com
8    2.19.224.115 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-115.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
20    185.7.176.222 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
static.virgul.com
ng.virgul.com
ng2.virgul.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    23.32.185.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-123.deploy.static.akamaitechnologies.com
z.moatads.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
22    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
19    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    108.138.180.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-180-50.mxp64.r.cloudfront.net
c.amazon-adsystem.com
10    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
8    37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
c1.adform.net
track.adform.net
5    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
3    85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns1.ttidc.com.tr
cpm.programattik.com
1    3.70.144.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-144-169.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
5    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
c1.imgiz.com
1    34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com
feed.pghub.io
10    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
33    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.222.209.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-4.fra56.r.cloudfront.net
aax.amazon-adsystem.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
7    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
rek.izlesene.com
3    185.7.176.218 (None, )

ASN- ()
rek-n18.nktcdn.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
22    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
3    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
24    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
4    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
5    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
3    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    2a05:d018:d29:3605:fdf6:466d:232e:738 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
6    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh5.googleusercontent.com
2    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2600:9000:211e:6000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    54.78.96.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-96-233.eu-west-1.compute.amazonaws.com
match.360yield.com
4    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
4    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
2    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
partner.blau.de
2    104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com
www.awin1.com
2    18.133.36.104 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-36-104.eu-west-2.compute.amazonaws.com
track.webgains.com
4    37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net
analytics.webgains.io
2    99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net
cdn.track.production.webgains.team
2    2a02:2638:3::c (None, )

ASN- ()
gum.criteo.com
4    3.9.126.162 (None, )

ASN- ()
api.webgains.io
1    178.250.7.13 (None, )

ASN- ()
mug.criteo.com
1    23.35.236.188 (None, )

ASN- ()
acdn.adnxs.com
2    23.201.255.110 (None, )

ASN- ()
eus.rubiconproject.com
2    23.32.184.192 (None, )

ASN- ()
ads.pubmatic.com
8    185.64.189.110 (None, )

ASN- ()
simage2.pubmatic.com
image2.pubmatic.com
1    193.0.160.130 (None, )

ASN- ()
p.rfihub.com
2    213.155.156.165 (None, )

ASN- ()
d5p.de17a.com
1    34.249.208.98 (None, )

ASN- ()
sync.crwdcntrl.net
2    34.111.129.221 (None, )

ASN- ()
cr.frontend.weborama.fr
1    34.111.131.239 (None, )

ASN- ()
idsync.frontend.weborama.fr
7    69.173.144.139 (None, )

ASN- ()
token.rubiconproject.com
pixel.rubiconproject.com
1    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
Apex Domain
Subdomains		 Transfer
59 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
ad.doubleclick.net — Cisco Umbrella Rank: 173
399 KB
57 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
787 KB
42 ye-mek.net
ye-mek.net — Cisco Umbrella Rank: 399852
cdn.ye-mek.net
636 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 31186
ad4m.at — Cisco Umbrella Rank: 11978
assets.ad4m.at — Cisco Umbrella Rank: 41727
1 MB
20 virgul.com
static.virgul.com — Cisco Umbrella Rank: 63243
ng.virgul.com — Cisco Umbrella Rank: 65891
ng2.virgul.com — Cisco Umbrella Rank: 73693
270 KB
16 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 506
image6.pubmatic.com — Cisco Umbrella Rank: 746
ads.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
28 KB
15 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 948
fastlane.rubiconproject.com — Cisco Umbrella Rank: 491
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
17 KB
12 adform.net
adx.adform.net — Cisco Umbrella Rank: 4323
c1.adform.net — Cisco Umbrella Rank: 585
track.adform.net — Cisco Umbrella Rank: 3820
s1.adform.net — Cisco Umbrella Rank: 9592
245 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 375
218 KB
10 google.com
adservice.google.com — Cisco Umbrella Rank: 83
www.google.com — Cisco Umbrella Rank: 2
2 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
367 KB
7 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 733
dis.criteo.com — Cisco Umbrella Rank: 674
gum.criteo.com
mug.criteo.com
9 KB
7 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1865
m.addthis.com
220 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 19754
api.webgains.io
63 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
acdn.adnxs.com
22 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
1 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
90 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 817
s.tribalfusion.com — Cisco Umbrella Rank: 2073
2 KB
4 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 153404
static-de.ad4mat.net — Cisco Umbrella Rank: 199770
7 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax.amazon-adsystem.com — Cisco Umbrella Rank: 406
s.amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com Failed
61 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 385
fonts.googleapis.com — Cisco Umbrella Rank: 50
imasdk.googleapis.com — Cisco Umbrella Rank: 468
156 KB
4 windows.net
pcloak.blob.core.windows.net
3 KB
3 weborama.fr
cr.frontend.weborama.fr
idsync.frontend.weborama.fr
898 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 792
2 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 505
2 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 740
1 KB
3 nktcdn.com
rek-n18.nktcdn.com
3 MB
3 programattik.com
cpm.programattik.com — Cisco Umbrella Rank: 59847
424 B
3 google.de
adservice.google.de — Cisco Umbrella Rank: 7680
818 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1651
mp.4dex.io — Cisco Umbrella Rank: 2234
25 KB
2 de17a.com
d5p.de17a.com
562 B
2 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 55691
18 KB
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 29871
4 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 17733
1 KB
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 74280
687 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 76060
442 B
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2410
808 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 664
59 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 949
r.turn.com — Cisco Umbrella Rank: 3697
869 B
2 imgiz.com
c1.imgiz.com — Cisco Umbrella Rank: 124947
131 KB
2 pghub.io
pghub.io — Cisco Umbrella Rank: 1834
feed.pghub.io — Cisco Umbrella Rank: 8229
6 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
89 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 13164
6 KB
2 cloakan.co
www.cloakan.co
1 KB
1 linkedin.com
px.ads.linkedin.com
647 B
1 crwdcntrl.net
sync.crwdcntrl.net
265 B
1 rfihub.com
p.rfihub.com
789 B
1 addthisedge.com
v1.addthisedge.com
1 KB
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 120897
1 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 87793
1 KB
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 761
439 B
1 googleusercontent.com
lh5.googleusercontent.com — Cisco Umbrella Rank: 171
944 KB
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 60165
606 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
10 KB
1 izlesene.com
rek.izlesene.com — Cisco Umbrella Rank: 441800
170 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 639
397 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1435
386 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
21 KB
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 499
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
46 KB
0 audrte.com Failed
a.audrte.com Failed
0 brealtime.com Failed
biddr.brealtime.com Failed
0 emxdgt.com Failed
hb.emxdgt.com Failed
353 64
Domain Requested by
40 cdn.ye-mek.net ye-mek.net
cdn.ye-mek.net
33 tpc.googlesyndication.com 1 redirects ye-mek.net
b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
24 cm.g.doubleclick.net 6 redirects b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ye-mek.net
22 securepubads.g.doubleclick.net static.virgul.com
securepubads.g.doubleclick.net
ye-mek.net
b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
pcloak.blob.core.windows.net
www.googletagservices.com
19 pagead2.googlesyndication.com static.virgul.com
pagead2.googlesyndication.com
b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
pcloak.blob.core.windows.net
googleads.g.doubleclick.net
ye-mek.net
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
12 assets.ad4m.at as.ad4m.at
10 cdn.ampproject.org securepubads.g.doubleclick.net
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
ye-mek.net
pcloak.blob.core.windows.net
googleads.g.doubleclick.net
b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
9 static.virgul.com ye-mek.net
static.virgul.com
pcloak.blob.core.windows.net
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
7 www.google.com 2 redirects b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
7 www.googletagservices.com b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
7 ng.virgul.com static.virgul.com
ye-mek.net
ng2.virgul.com
6 s7.addthis.com ye-mek.net
s7.addthis.com
5 image6.pubmatic.com 4 redirects ads.pubmatic.com
5 match.adsrvr.org b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
static.virgul.com
ads.pubmatic.com
5 fastlane.rubiconproject.com static.virgul.com
5 ib.adnxs.com 2 redirects static.virgul.com
acdn.adnxs.com
5 b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 token.rubiconproject.com 4 redirects
4 image2.pubmatic.com ads.pubmatic.com
4 simage2.pubmatic.com ads.pubmatic.com
4 api.webgains.io analytics.webgains.io
4 s1.adform.net static.virgul.com
track.adform.net
s1.adform.net
ye-mek.net
4 ad.doubleclick.net 4 redirects
4 ng2.virgul.com static.virgul.com
ye-mek.net
pcloak.blob.core.windows.net
4 fonts.gstatic.com fonts.googleapis.com
4 pcloak.blob.core.windows.net pcloak.blob.core.windows.net
3 pixel.rubiconproject.com 1 redirects
3 track.adform.net static.virgul.com
s1.adform.net
3 c1.adform.net 3 redirects
3 dis.criteo.com 1 redirects b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 sync.mathtag.com 3 redirects
3 cms.quantserve.com 2 redirects b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
3 rek-n18.nktcdn.com ye-mek.net
pcloak.blob.core.windows.net
3 cpm.programattik.com static.virgul.com
3 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 c.amazon-adsystem.com static.virgul.com
c.amazon-adsystem.com
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 ads.pubmatic.com static.virgul.com
ads.pubmatic.com
2 eus.rubiconproject.com static.virgul.com
eus.rubiconproject.com
2 gum.criteo.com 1 redirects static.criteo.net
2 cdn.track.production.webgains.team as.ad4m.at
2 analytics.webgains.io track.webgains.com
2 track.webgains.com as.ad4m.at
2 www.awin1.com as.ad4m.at
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 match.360yield.com 2 redirects
2 static.criteo.net static.virgul.com
static.criteo.net
2 static-de.ad4mat.net as.ad4m.at
2 pr-bh.ybp.yahoo.com 2 redirects
2 s.tribalfusion.com b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
ye-mek.net
2 a.tribalfusion.com 2 redirects
2 prod-rtb.ad4mat.net pcloak.blob.core.windows.net
googleads.g.doubleclick.net
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 c1.imgiz.com static.virgul.com
c1.imgiz.com
2 adx.adform.net static.virgul.com
2 script.4dex.io static.virgul.com
script.4dex.io
2 connect.facebook.net ye-mek.net
connect.facebook.net
2 images.dmca.com ye-mek.net
2 ye-mek.net www.cloakan.co
ye-mek.net
2 www.cloakan.co pcloak.blob.core.windows.net
1 px.ads.linkedin.com
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 acdn.adnxs.com static.virgul.com
1 mug.criteo.com pcloak.blob.core.windows.net
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 partner.blau.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 s.ad.smaato.net 1 redirects
1 lh5.googleusercontent.com b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
1 r.turn.com ye-mek.net
1 ad.turn.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 rek.izlesene.com 1 redirects
1 www.gstatic.com b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
1 imasdk.googleapis.com c1.imgiz.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 feed.pghub.io pghub.io
1 bidder.criteo.com static.virgul.com
1 mp.4dex.io static.virgul.com
1 ap.lijit.com static.virgul.com
1 hbopenbid.pubmatic.com static.virgul.com
1 a.teads.tv static.virgul.com
1 prebid-server.rubiconproject.com static.virgul.com
1 pghub.io static.virgul.com
1 www.google-analytics.com www.googletagmanager.com
1 z.moatads.com s7.addthis.com
1 www.googletagmanager.com ye-mek.net
1 ajax.googleapis.com ye-mek.net
0 aax-eu.amazon-adsystem.com Failed
0 s.amazon-adsystem.com Failed
0 a.audrte.com Failed ads.pubmatic.com
0 biddr.brealtime.com Failed static.virgul.com
0 hb.emxdgt.com Failed static.virgul.com
353 104

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2023-03-22 -
2024-03-22		 a year crt.sh
cpanel.cloakan.co
R3		 2023-05-03 -
2023-08-01		 3 months crt.sh
www.ye-mek.net
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-11-29 -
2023-07-07		 7 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
1099124734.rsc.cdn77.org
R3		 2023-04-04 -
2023-07-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
images.dmca.com
R3		 2023-05-13 -
2023-08-11		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
*.virgul.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-24 -
2023-09-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-05-22		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-08		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.programattik.com
GeoTrust RSA CA 2018		 2022-10-25 -
2023-10-25		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
teads.tv
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-31 -
2023-08-31		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.imgiz.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-27 -
2023-09-09		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-04-09 -
2023-07-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-07-13		 5 months crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh
*.nktcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-16 -
2023-11-06		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh

This page contains 46 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Frame ID: F0E9F120692EF88003ED9087DB63B5EC
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: 77A750143949A4A51A409FA9673D2DCD
Requests: 131 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 52366EDE564B03E52C1C94B6B63327D9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: DD62F72898FC641FC3CF72D06A03F4A3
Requests: 1 HTTP requests in this frame

Frame: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7C4EFF42B2CD52DB3F09C8853C2EB441
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096407618&bpp=3&bdt=608&idt=272&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&nras=1&correlator=4086367792434&frm=24&ife=1&pv=2&ga_vid=234754744.1684096408&ga_sid=1684096408&ga_hid=367780358&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C44773809%2C44788441%2C44789923&oid=2&pvsid=327531309901683&tmod=134537922&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.9zho45qrkqyz&fsb=1&dtd=285
Frame ID: 3EF60787505A8B19D63FE6A8C24D3A74
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: D683958ACAF1124B8CEBE8477D69B196
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Frame ID: 3887949F423F32480D726F3443498C47
Requests: 15 HTTP requests in this frame

Frame: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4C755CE1437E5F7FABBF0C058B65B9A3
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Frame ID: 9D048A46562ED3745A36A1DCB06BF9D5
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407281013&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096408381&bpp=7&bdt=151&idt=229&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&nras=1&correlator=1829164497988&frm=8&ife=1&pv=2&ga_vid=1592265203.1684096409&ga_sid=1684096409&ga_hid=1427992624&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1418013507&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759875%2C44759926%2C44759842%2C31074561%2C44788441%2C44790154&oid=2&pvsid=2523340466925134&tmod=1140472287&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.uurvf18accii&fsb=1&dtd=245
Frame ID: 975168CF050CCA49DDA5F9AB8BDD8BFF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096408388&bpp=1&bdt=157&idt=253&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1829164497988&frm=8&ife=1&pv=1&ga_vid=1592265203.1684096409&ga_sid=1684096409&ga_hid=1427992624&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1418013507&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759875%2C44759926%2C44759842%2C31074561%2C44788441%2C44790154&oid=2&pvsid=2523340466925134&tmod=1140472287&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.9u0ny9jk0w4x&fsb=1&dtd=259
Frame ID: 6C2D1A2515AD365BC1ACF73874942645
Requests: 8 HTTP requests in this frame

Frame: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 28E6C763C533FBCCCA457A0C49C0D511
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
Frame ID: 65526CDEABD46E63EA5163E68426DDDE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DT3odqsN6HaLu4Ww1gfvWEBBx_uHmN7FvpobU7yK1RATzJ9udW9Z9GMon1bQbW9KFUhPQZA2pZN1anL20ThQaT5PbAIzRQyklgVbigOmizcnwIzF43BbV6JzkYOqMQ55Wh0nYL-l56QBHiuJImff96troW3UQSMSou6e2iacuYrb8goOk&cry=1&dbm_d=AKAmf-CUWmHsCUMX1rliHFhGAV2n6jNePDLEOt2zyYu6eX9o6-qRH_GZkbe8bN3skapi99pUe2jhxsuZIjl_zKTS2hcYvmSUumlAao3qRJokB-L50_zXtrLx9UHQV88ELv7y0t-uklSnXusqbr5YcujyqNOSJoffOnpZyD3v5Ku5EQO9_nCzx-pLjb7jQpdav3Ar04K5kD8a3JJghdHoZDaMwKPv3tahZM0BAnKvJ3qR2MEzf1Ms1blMg8YPhiPRb5oAC06A0XR4oTaASsJeSkALnwcui5U33p6eyYnscNjLIdFJPpKjQSYpt8EXLQeRHLAiENSo9ZdjLTIsVRU8umDYc8ZL8Vj5pTKeX6USRdKW6SJFYm-mYlv7SFOuYzz0HGnOu8TGAIYq_HpUQ0-498inb13Tl46SMhsTNP2Y5KqM61u53fHEx6WselcMMtMY8c_yaKRFm5ltKk65DEmCQ1nlr4W8fGl-IIw8xhCDfqSRFN51OKdeWzoxOlMLNZ1tm01_mHgD1xToOatzRfKKjb7bA5lYoIWjHj1xbW0-ZFkAT9I08-DcBCb545813zRTezCfYtNLgSOE-jTBY31tBG-8KWfq39aNMiUrSPIauV3GnazNv_ZXO3nUZicYllGmw82DLV1EAn1lGeLq2h2HNAYXppgU1YYeh0k9DD1gS-GDGzxoC2ROZfb8R3p2lCkMaMaeG6q7Ethwe8uD4bWbJQzuLSQ0UcZnWA4esSNq8j0EHyIbHACTByWCLTyfqwEDuhEW4dhFaGbhsiOfWemhda3cgJneC9hB_yeYreWfstuGW1WMVV9WaTYFJhncFC1ac87Vljvc_zrMtEjB6UW-THpnS8BIMsJUhMUFuTj9pFhRhEq4w-356LAsCMVFmTHvyprsDDI37UdwlqyBnRQr79_l_tmgJld0TyebUbo1w868XfjULuVY3UBTlBeSNJqq0AlzsqyHgWIDjmlfPkU3JjTydJbT1rAWH2jjcmzqYTIFfjvWU-gwmzOFTUzAuTi8zu4DGLe8d5X5thBw747uIkn7K7clh0Z5mJqNOP1SDnjiPUMj3FmYvm7FmmAE97jKCt8vgmxXCArUjD_M2vDRIrAhdfphh61nA7quIqwK8Vz6z3Kj8fxxRgfCgbpa_ktZCV-EQIsJQvX1bO9PeMPzGb1kZdxD-aDS1v17BVwsKBYJNBl-H_RoeMQI73VHoYvSNJHBNT61hb-XEGLk_mDXJJooAWVdEsM7DIiLbgCMQmDx9oJgYdL0-32LY14i4p8-EaoYut9QRvDBLbWoG_E7rhM3-5Ocmr2MFCEo2gyyEJUpN0U631vUPSpFm6mSeJ4EXasUCtXPyVH2mfMSRiI0E9PYfBnyJHD1J9ejNN1GuQUdnikYTJYADzkVMKOVBddeiZ895r8RjpYlUpsFyD_vnFZyir47LQT7hZulFti1qsnFac1r0rujuOwj_beQKETwYExU6pdgTCu1ZrbxDQc1TdN3d9hNtzZGANw4PE_gLlF5q_DsEN4czrUoHv2eDhl6KWlt6kdGfCLgvC3EE_8DI3i2FV9Mnu9d7PguKCz_WjyXWKVk-SqtbBchYGRMDHjjfcxbXosT-CsB5IlZ0I-bdSQe4NZS_yzmV-TUg_9xNJjhhwDmAWjNgDDgEtq4aYyfKQBh2dNYtX0J8gDtDSMboY9swmGj_JdvO3LZmVqXiOIdKG_xYujzuQW3coFSDnSJ6qWD2fWMAl6M_2GHTgpm_aUg-2BS8hMZNQijjaRCN45N723cEgsVoRmrtoMhYDcDq9FrC2c3MhPMcSiFv9wffuT5j75EWcasnS9gzdodfr9thDvGHSWUs1h7qafNfFv8DdMGp2_AfqkJh63Jwz9LXMij3Sg3oumD8S6sxA5oWtWCQS8WNqDB8JqtsuyQUXSfDSeuoOQBXodyMkJ-cuuAbhUA_g30q_w8alQdLQoEBRsR1I8geERspX1wsXSX1VpG6ox09m8u8AqRF9VckQ3-8Z2xtYWPtRwJZJNyymoQcCk7ogIZMQmzFHIbyeTLiOM6SauZcWaeptQ1qy5abSRaYjV3EvLOw08WR2jUtOuAqhqkjvG2rvSXyzx_VQ1iUdBfoUnj-wCqEgncOWdtOMCJL7ZuehlT9iHBfDc43t4x0ohaYX-bt-YkPVSBuf3b6zlvXRcp0FAOnEZxHc222BB4AxJfU3oJPxdK8UOUvD7r2DJ5EONylR8mrKzIK7BzRPcXGlc9Y93a_BJ4jtFkI8STdIQ2CWAveAvz2B-7pJvviEV5rs9P4rC3ab4jJxbCLX6R1M5cgOmOgGkPxi0d0nIdP3Il_WKx4d29zzjsgnf2GUc6CYpjlHt1l2kb1siiDng800_JJ4XIU-0JkSSieRXopbHB58t7DIfQ9LuUMRMkjpGaW9trrA_ldUzrRu_RwM0A6kTy6M6kVAbt_iTejQKXirRB5PW9HJ54D0KGlZDcIAmefTa5R3V7FMeYgNwJNoaeiNQ3WwMU4u_fwDAiSsoazdlCOm9MqWWQshOCFDnfCS1RBWoTjebxTJ1j1zq7aUJQMtfN7EmFL-9BHRI-DgmLPAANOgooh1xaSXTqXDAEAh5gJZfT7ihLBV8pyFxN_8otaEvOpxyaJ-ODeUufQIJpy50kc4lz1tZNvZCQrXvTjoA0l0_mpQB50QbT8hHhMRXCVEMx3-C6qrJViFnEp8DKOXxW_BlLDLqfpk-_KhoFU73Rpec5EAUs3exkevgCc0X-dbYB2CLVzV_PhJp3vNrFXoD5kwFJBQvfW6F9VazClLieqlgoeeJH2WpgnpYcPXK_mChAz0qHfH8QTioMntGOGIqzH8i78FZ223H_pFfBDnNoHGULSS3HdFufn4sbjaphHI-myR6CYOrALPAA0pnpgQOfLTY3JSl-MUZBt6rqcREdf0kOIrhqeYn3jSiwq1rwILFRcv1MAa5wZuT6pJhk4rYX7fa0FPRJhDlep8pEm-dspgN8mBrN5RysaSaeBlXFwNPMGgpjzBSAkIioewX7hZ7xdXK0lOe0Hl_gX1dAo5ya9NnYFY1TBz2Jix6XPkBfEf2HthFVcLE8q5diXTVt1WZJEPT2yTIxZPC5loT556OXwEA_SO8XgUAzsGoIkdfhp8JDcUeQQYEqUE842BRAcY-PcCatcBIOr82ezxXux2hW7Bi4d7ZKUrGjsmHGlf_OkbgB1UWrA_2oZj4Tl7EpkZlLcoWm8dTXedjIZ0M9ySKpkvgK7jdppMYCnbLnqXQSpCsW0hzqP65yJ5CfzeBqB3WYCAUpnXTmFnsIMYb1v-Lr5j4N9hP94GGPezjL7Z3nSrQPPeSnlJ6bmkrXzjr-Akz2D97OAUR5xJHX4h_2IRF3bREjO826mg5ZuzlFm02pkNXugY-t9AoInIW7GRmQpohNTSS7lW3I0ioX9Of0hesrXadFTW7P0hM0QcgTexJgtitWEC7n-nnfZ8zIAz0PIyoMYBafxm5wYV3ke5MxiJtpCWvtCUA3DQAeJ4ap8VCQcmLoM_dZqFDEPA9yhOebWF8QA0jVNGMlbkTk4gl24mhNjvaKkhWvHFKGxjhu6e4znoWDdq2IiNTcFJSN5M0HbtxQVwpbV3mTTVqoqOirdiPFtXArF5MVKal0FRlBIeuQckk7lXTyLqUzzUYqH7fff4OHN-5S0PflBPUsevbLXnMpLQ7z27TxMqgfM35ME_PwTUxsIwI5YABFQIN0bTsSe85OrhThO7JlDgh6Jeq30dPec56C4wwGjXNCq11U3m1AAD63oSRrDdfQ-lkqZw9WlZDQskt6Fjcuy2xdUv5TVJKoNFGt-1xs2q8GD4H3aTYoeM_jV5HLVFOnzL849ai5PrTshaAY9O0Rzgm7l5k5dt2upk5CwY5lt6RKlNyo0Yve9Xmo4e9yUbvoW-RZL788tfaA2R7_0FI91-ofxS2c9kaET2iq3ha0w0Hqe79pA5SzAxKZwnJRsLJ9BNnZn20u3oJYRCbl6qJWEsHD80CV0JJbTI8CItoeFR8Po3lq6heBEIPNxcOagWcBmUjTcB6eWxPKu2FvEiT7OncAQCrgoT3xvvSl55z1zYJ_6n51m_9HycjbCu-Uh7cetEaRgcgpcsrpBcYC3WbaCkoVI7NK1UBJ6cTJU7QBehZ-0kV8hICpH90nHTWo95SaWL5CrNDIIIBby9kVj4OBj7_XNQlB7jbiVK7KATrYZ-l4U52h0iacs4ld-lDeCoaCkfJSSqz91Kto53sX9jIRKfnj3OSr8OTPJpuUwElf3IjcBbCNFQHMypCuHW9PvM_PiPYZbjVccQchyGkDRBmG79w1MEDB-xMMHIurj85VDicl3RKdBnc8Z4ppmoqCC9Dj&cid=CAQSOwBygQiD8WAySS8Mtn7z4v6gKyKI8OuGvlaqSwuxuFZXYNHDhcXa-wmeE9VSBHH0Ax0Mx1wspZOwAm7eGAE
Frame ID: 7103CFD21694D77FE0E684C7DCCE9983
Requests: 5 HTTP requests in this frame

Frame: https://ng2.virgul.com/adview?a=60b91f99e4b0b65b3ce7bc5b&t=pageskin:153493&r=153493@site_geneli@yemek_net:site_geneli&l=&mt=1684096407461&userId=vnet648faf63-4d0c-491e-9ece-7b21e8085b15&vmn=60b91f99e4b0b65b3ce7bc5b___1534931470113556
Frame ID: 868DDEC089F3A69BC710B223CB53C906
Requests: 2 HTTP requests in this frame

Frame: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E8691D906F7C753A1E3820056BDAB73A
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTwe1F51gymbngyY-y8ugDzA78Bz9FWk0bmw4eACyc-xsJKGhqg5EFukiwjYC88qqPvbJkys-MeZFku00pA6V7o5KAw7e-OC9bOUf_JJQ0AzzyJrvnflUJH5OGeSgbhEpLVVfeslXfuKwRgNbg4qL4KshoJiwprNEp5sheXRb88dP_j1ksKEC_NfkAuPtR0A38G6OtIpcyFo5S5CqbjhkGFOkZoI-wDJa-D6-dGOAPLMgx_AB2k2rpEfnJtARKxj1sjv8NrVJ5_bNFWIn0-eo-hxoPZfdOgQtQAPBjMNqcAjmzBnfCgEF0QerNloex2te0M44xI6UypC0O_cyh_8zDdDvT_a7QAbzp9dt3XyhV3Y7aw-WP&sai=AMfl-YS_rk2WPYpw9TtjPiqxF8561KLybXT7loOsHyVLvSjo8zAxNcVOF8OUC-D8WJK7UzuRaS-r12nN3WFjah8l-9E2gzj4LIP0pLEARgRu7qHjJSDKccDw7Njtn2lzrQ&sig=Cg0ArKJSzAWsztXjbB7hEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F083327A64A7E96AB3F300C53D76F729
Requests: 12 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jmwgdtkd59sjgf2d9dxp2759m4p0t1syggjy9v4vzttnxwtt363fez071n7wtg15mq139yemha4j8zfev7801846sfzawx86k42rnbhse4ke3kr6j81b0y3mfdkarb6ce3v220hrm7a3eq3n8ryzj3x4dt2xj5pv8m7wx3q5hsy4240hpzc49w3ct1zc550farp8bdt3fh55g0bzjfz6yqw4kee1arwf21g0fjqy7g5110km1k0xnn3vk5hrp0940vn39j7ymt2tw881wxtxc299hrhbt3wj7y44rnh4xzr12xtzhvc6w34caza97j9vrav6pd9fqwets58psxwba53tz8cebnpbx2y2wnq0b2eg6tjrvn7tjyjdt27n8jnmq022p8n5seznxy7kb9g27qhcfmsgbzqrc0j8bx41t9pjk59q4dsa26es7t10cmt2hfpjav42w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%26client%3Dca-pub-7983651257838282%26adurl%3D
Frame ID: 126831E1569ABCBE7B9B7614071454FB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A3C8F60B58F361A5146D1CC74C8FF7A1
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gh6k1j29a6g5kp3d76khcf3hqkcv9e2yyav7kq6g7bzhzt2sg9cya5cd4q39s9gh71q4dz0bc2hjqavm3kbgvq12fhqc365518f0a54ncb2fnjf6p27jz9k86mppqzdf79qmed63s9pva74b4cyb17gd8awz7b6cfd98abfb3e25bkyfmjts6cvdtwcrf43vf208z2svtfb1785x1vd3vm1bh6zxrcpttjn1q46eqd7jawtw7z6c4hhg6cs6q0wsacz5yt3bwabgj6smx9zqq8e1weaxmdspn4gte5aeqs1mhv9pvm7w0jjtxx9egvrvsm1956g05khtav10wzrktxf56wwc85tn1g2meewb6mhqpwn1v3a864pevrcg3yyxpy51kp36b6n4t2es9dpw03m3sra5b939790w5qyjn8cgn97mfvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%26client%3Dca-pub-6593523210010154%26adurl%3D
Frame ID: 2800E7FB3369205F5D4CD51DEBF18880
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C373309559EA77EAC1A82E64A845D119
Requests: 9 HTTP requests in this frame

Frame: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C39C76760F7A43C88AF487E6C6DCAD19
Requests: 12 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 502B8EF83C3F0269A116CE806350C4F2
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: CF9FB75EB2DBD8A935D22FC71BF4A50B
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=55426a3f08d6004a4a5bd6798cc703ca%2F2464836446579212803&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684096409356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2behbrmcy6ysv6z122fvyeydnw89e2w5wcz6e2x014s8jyzdrak6p9ecqkmrvsfawgsd08ac8q5qm0z72w847yrac80knzh3t42qc05k3kap0y6qb384fqn75eq4vp6ky03ab8h2bwgf1njpj9p3ky0mw8qj0f1hhr2q8hedq0xw13r026feadmdbt1s0zd5bd1hev590hy6vfs9aawcexcp27q615ctx8kbm2ykd45ckmrj69r6a3hv57sse0srv6j34fs4d8p2e03c5g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Frame ID: 03FE0C8398F50456D1E25D5F6B387DB4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0DD91884D93FE758860E90685FC398FC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 73775C250B5CB8D3BE4F7DBFE1FCB89C
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=ca2124d246388b52ca111b4e2a602533%2F14541388359378963250&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684096409368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbvep5hx6abn8z1cktq1xrsaedbcgrv5z2rcgjpd103b3qmef6wdq8s40rcdkb88n60s13tgz87cpyqfgmse3ep49zrjr2yw5cq18ek3n1bzmjaafa2eky2zgtqnb4d0ka97qpz14vtt7s4r3dhpns80jfsrz0r814mnt7bfsdjphh4s652d8ztw8bhcarjfhy6zj4bbtws8sa7rkehskttdywsbys97w1w9vd9nd237gs4cp2f3qc5ge5csfg9k3e10psbf58wq0kmwfx21xb7wr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Frame ID: E96E728A1F7A976F0EFC2E4987B719A6
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9A19D388CF222DFE70472D50AD38DE98
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9A45B5320EBA3304871D1A8391ED017C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
Frame ID: 4281A03E2AA44415960F06C717A70376
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: CE9ABCB05ED8194F0B468402CA3B8D76
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: FFFC8462940BA0D41B18D180D6E0FA86
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Frame ID: 90E557A4D98C93E73F989AEFB2755A39
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FDA49A35CC0D2AF978A627DD0504748A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 46BDE741B1148FFB72CE8A72A459A856
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 64669CADBC1F31C24338BCD77507A61A
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2D137CA7BD447023A5ECF9CEE4DEF18A
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Frame ID: 7F63A55F70E2481B0597795D8ECDFEA4
Requests: 11 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 536648EFA403838FC9FB4B061FC36FE7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9c956461-459a-4000-8558-135c603e7869&gdpr=0&gdpr_consent=
Frame ID: 89156E71F26DCC7C9FE6F59B89C1D6CC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825022227165
Frame ID: A51C8B5EF0A2837280264945AC165BF4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 89F41002B98C17E5A356399A36A007BB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5544836408944672905
Frame ID: 42258F8C13C558307B7EF7D209944D43
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1528997220194880934&gdpr=0&gdpr_consent=
Frame ID: 1FC21B6BEDB75F8F8A06A31810C72AC0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

353
Requests

89 %
HTTPS

42 %
IPv6

64
Domains

104
Subdomains

76
IPs

8
Countries

9069 kB
Transfer

15138 kB
Size

31
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 153
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 177
  • https://rek.izlesene.com/mockups/philips/Philips_utu_DB.mp4 HTTP 302
  • https://rek-n18.nktcdn.com/data/ads/mockups/philips/Philips_utu_DB.mp4
Request Chain 198
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHNdQ8-rSCqbu-dHXpC1NZQ&google_cver=1&google_push=ATf1kGObWDAQXHdjpKyF_VR8jPm2dln1xkdE7aPDU-7qKz7j6bnMQeLuN3Mk9ZUtGVj-4A7hIZ_5R7OIzp7iYp0L1Vgb3dkeIw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGObWDAQXHdjpKyF_VR8jPm2dln1xkdE7aPDU-7qKz7j6bnMQeLuN3Mk9ZUtGVj-4A7hIZ_5R7OIzp7iYp0L1Vgb3dkeIw
Request Chain 199
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJgFpP_eIoUR1F8YDH0OYhs&google_cver=1&google_push=ATf1kGMviq8VqMhNPMUhDWSeSNaT1zx5-ndvvpWJUwZPYmVPfyc7XwBUUumww_d8oIfaCs4OOqkysmem2B2Fyus3aqa54jc4uQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMviq8VqMhNPMUhDWSeSNaT1zx5-ndvvpWJUwZPYmVPfyc7XwBUUumww_d8oIfaCs4OOqkysmem2B2Fyus3aqa54jc4uQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJgFpP_eIoUR1F8YDH0OYhs&google_cver=1&google_push=ATf1kGMviq8VqMhNPMUhDWSeSNaT1zx5-ndvvpWJUwZPYmVPfyc7XwBUUumww_d8oIfaCs4OOqkysmem2B2Fyus3aqa54jc4uQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMviq8VqMhNPMUhDWSeSNaT1zx5-ndvvpWJUwZPYmVPfyc7XwBUUumww_d8oIfaCs4OOqkysmem2B2Fyus3aqa54jc4uQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 200
  • https://um.simpli.fi/gp_match?google_gid=CAESEPnSm6b41n1K2x_NmlmK2t4&google_cver=1&google_push=ATf1kGPa50y_RgtmfWs2BefNElLKdGqPCaW_T6PnOVqbGvdbWDXHCuKd5d1DycsovA1qGPBgTvdxrUTG5VzrJQ-tt3BGZNGk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0A3FC6B1ADC14B71B75EEBD5EF6BE494&google_push=ATf1kGPa50y_RgtmfWs2BefNElLKdGqPCaW_T6PnOVqbGvdbWDXHCuKd5d1DycsovA1qGPBgTvdxrUTG5VzrJQ-tt3BGZNGk
Request Chain 202
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPlyZEJPKZ_Ldc-6lTkb2Mg&google_cver=1&google_push=ATf1kGN9ljLg1OCpUp_4GZbsgWVv1RH0Jx0WyBs0tQu85PSDmiOMYNMoJpnlh64RhxoC3o6cBl48Km7TXZvaXk86uzhZNHXj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGN9ljLg1OCpUp_4GZbsgWVv1RH0Jx0WyBs0tQu85PSDmiOMYNMoJpnlh64RhxoC3o6cBl48Km7TXZvaXk86uzhZNHXj&google_hm=ay-lvzhrQ--eSyQTD6WKa8c
Request Chain 224
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEL1ihstvAHW6a2R7XdSeKbM&google_cver=1&google_push=ATf1kGOs0qr4AvJWnb7EjHT3-NC8gJyeIf43Auqd1cPCApDVM8r6EoA8EmkAVGbP_CG8oVwpuhbIN0RcVXKl1e1jw9-_eDxIE6xFUZXgaBtw2R4S3asj4cJwFdbnK1HrSmJVcnR-_rKn0Qm6zPy9r2fVi4n_FNE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzYwNjgwNjAzNTkyODg4NjU5OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL1ihstvAHW6a2R7XdSeKbM&google_cver=1
Request Chain 225
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGAA6P2gmOrmfIMlNNDAfaI&google_cver=1&google_push=ATf1kGNHxr9v4KctTKXp8RUyZoIjdgH_ovsFq-6rQVjzTu7BJl-tPs26t6U1fA4i3sl0iMkRICM4nVQWooKjAGYh5mL_Y7px3wyT8vVeaug7RPWpFiygV9PBPjoIYOrFgghP1T0qGFleavkLFaDIDgjBtIy7RUU HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNHxr9v4KctTKXp8RUyZoIjdgH_ovsFq-6rQVjzTu7BJl-tPs26t6U1fA4i3sl0iMkRICM4nVQWooKjAGYh5mL_Y7px3wyT8vVeaug7RPWpFiygV9PBPjoIYOrFgghP1T0qGFleavkLFaDIDgjBtIy7RUU&google_hm=nDtHF0ur7JOIls97X3j6fg
Request Chain 226
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHNdQ8-rSCqbu-dHXpC1NZQ&google_cver=1&google_push=ATf1kGNJ05L3YTuym7IDROzyNTyXrGARgRFg_x4qnOQiL_xSBcbE7m5fESOh9cp10VdPBL9JuDJp-3OF5hl8r1czGlA4YvDL9aUaHdC3JomQnl3JVaWzahsFUX-FZRtgYTg-5siIk4NKa7bCm_oB0FRDmx8RFfU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=nJVkYUWaQACFWBNcYD54aQ&google_push=ATf1kGNJ05L3YTuym7IDROzyNTyXrGARgRFg_x4qnOQiL_xSBcbE7m5fESOh9cp10VdPBL9JuDJp-3OF5hl8r1czGlA4YvDL9aUaHdC3JomQnl3JVaWzahsFUX-FZRtgYTg-5siIk4NKa7bCm_oB0FRDmx8RFfU
Request Chain 227
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJgFpP_eIoUR1F8YDH0OYhs&google_cver=1&google_push=ATf1kGNMzOqMLrSmOeBKIatfUlO730CCqM6O1gRDdbG5THmhhqv3AR1bkklERWEIUnKnC57k4n6E6qy9TeR6fNnD3GgBKQskfOCKQdghDPzOcWu4Tbetgg1CILY4LXjjIC7FckCzBjmV3mXbMczyFfyBRTJXSdU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNMzOqMLrSmOeBKIatfUlO730CCqM6O1gRDdbG5THmhhqv3AR1bkklERWEIUnKnC57k4n6E6qy9TeR6fNnD3GgBKQskfOCKQdghDPzOcWu4Tbetgg1CILY4LXjjIC7FckCzBjmV3mXbMczyFfyBRTJXSdU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJgFpP_eIoUR1F8YDH0OYhs&google_cver=1&google_push=ATf1kGNMzOqMLrSmOeBKIatfUlO730CCqM6O1gRDdbG5THmhhqv3AR1bkklERWEIUnKnC57k4n6E6qy9TeR6fNnD3GgBKQskfOCKQdghDPzOcWu4Tbetgg1CILY4LXjjIC7FckCzBjmV3mXbMczyFfyBRTJXSdU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNMzOqMLrSmOeBKIatfUlO730CCqM6O1gRDdbG5THmhhqv3AR1bkklERWEIUnKnC57k4n6E6qy9TeR6fNnD3GgBKQskfOCKQdghDPzOcWu4Tbetgg1CILY4LXjjIC7FckCzBjmV3mXbMczyFfyBRTJXSdU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 228
  • https://um.simpli.fi/gp_match?google_gid=CAESEPnSm6b41n1K2x_NmlmK2t4&google_cver=1&google_push=ATf1kGOBLIV0jaYNzhagtDW6zeJNi7MwQlq_6RZCCKbbYFW82S4V7K-23QawuYOTrGVRTVQ74PpE66U0zI8XqBwsj1FpghHoA-Dxd7AVUszqiGUZK8CoFygVfhC9wGi7cr1eWLDMcMV21RuFV-TpLEgoBLbrMss HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0A3FC6B1ADC14B71B75EEBD5EF6BE494&google_push=ATf1kGOBLIV0jaYNzhagtDW6zeJNi7MwQlq_6RZCCKbbYFW82S4V7K-23QawuYOTrGVRTVQ74PpE66U0zI8XqBwsj1FpghHoA-Dxd7AVUszqiGUZK8CoFygVfhC9wGi7cr1eWLDMcMV21RuFV-TpLEgoBLbrMss
Request Chain 229
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEE20lD3w6QoBSvGbNIJ9AFE&google_cver=1&google_push=ATf1kGMbIuIiOIliUMfBDrH-OyYF6yt9-rvDNsr1vuI9YqGrEN3QkKOFFbBDrqOg7EcuAMKKG6tW9mE5MZtDuh1g34RKlMTDedbxxfjxWBsrdpE-XRWXjOnru9bVDNC_Mjnz1MviBdn8LKzGlMWqfC_Owq6RLg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMbIuIiOIliUMfBDrH-OyYF6yt9-rvDNsr1vuI9YqGrEN3QkKOFFbBDrqOg7EcuAMKKG6tW9mE5MZtDuh1g34RKlMTDedbxxfjxWBsrdpE-XRWXjOnru9bVDNC_Mjnz1MviBdn8LKzGlMWqfC_Owq6RLg&google_hm=eS10LkNIaGM1RTJwR0ZEQi5xeVMwa1J5cU9JeGc4cWpnVH5B
Request Chain 230
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENycIWrp_RCNpwOlWVNH61k&google_cver=1&google_push=ATf1kGMAMT-bp0vVi5o66mA8A3d4yUP8hlclXF72GUQ88xxAXqz-JTImjzlN5rNVdfTPD-cg9W_JYhcvQh0oaQ9yhzed3PiVIPm_oSp_qiefHDu2nWDqRgijNvnC0d443Hj4uZf4PQrUSRztwiVviJLocLY7sjE HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENycIWrp_RCNpwOlWVNH61k&google_cver=1&google_push=ATf1kGMAMT-bp0vVi5o66mA8A3d4yUP8hlclXF72GUQ88xxAXqz-JTImjzlN5rNVdfTPD-cg9W_JYhcvQh0oaQ9yhzed3PiVIPm_oSp_qiefHDu2nWDqRgijNvnC0d443Hj4uZf4PQrUSRztwiVviJLocLY7sjE&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pNm9eZUIQnO6C8ba-DVkYA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMAMT-bp0vVi5o66mA8A3d4yUP8hlclXF72GUQ88xxAXqz-JTImjzlN5rNVdfTPD-cg9W_JYhcvQh0oaQ9yhzed3PiVIPm_oSp_qiefHDu2nWDqRgijNvnC0d443Hj4uZf4PQrUSRztwiVviJLocLY7sjE
Request Chain 236
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
  • https://tpc.googlesyndication.com/simgad/4091503581208051288
Request Chain 252
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 253
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGAA6P2gmOrmfIMlNNDAfaI&google_cver=1&google_push=ATf1kGM4Zei5KKAtmqZxQ6Fa2yaq8iyrUD6fB1fOBU3uRWsjsjO3XbsLRAGIgf6gIX2U5SoA6iLRct8GTL49mS_FnkW5zw4daHt0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGM4Zei5KKAtmqZxQ6Fa2yaq8iyrUD6fB1fOBU3uRWsjsjO3XbsLRAGIgf6gIX2U5SoA6iLRct8GTL49mS_FnkW5zw4daHt0&google_hm=nDtHF0ur7JOIls97X3j6fg
Request Chain 256
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMef3YO8f4EA39HYaHJRvrM&google_cver=1&google_push=ATf1kGOlfowVc3ReeELYiQ-zcQiTdEHnu21rP_o1b-1IHeIGNi87b214zQKnrS6JraSb8jNqLKP045d94OyFUVsZWccoyeEajvb5 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMef3YO8f4EA39HYaHJRvrM&google_cver=1&google_push=ATf1kGOlfowVc3ReeELYiQ-zcQiTdEHnu21rP_o1b-1IHeIGNi87b214zQKnrS6JraSb8jNqLKP045d94OyFUVsZWccoyeEajvb5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4ODE1Mjg4MTY2MTgzNDI2NQ&google_push=ATf1kGOlfowVc3ReeELYiQ-zcQiTdEHnu21rP_o1b-1IHeIGNi87b214zQKnrS6JraSb8jNqLKP045d94OyFUVsZWccoyeEajvb5
Request Chain 257
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENycIWrp_RCNpwOlWVNH61k&google_cver=1&google_push=ATf1kGPrK2P0qMNV9UKoA43AtgFdUDwFSGuMWGDK24yxUR14zw98mzf9SnxpWGicnwhkCWBUZsup1WN5andV1a2nlFVLIDMl0eIs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pNm9eZUIQnO6C8ba-DVkYA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPrK2P0qMNV9UKoA43AtgFdUDwFSGuMWGDK24yxUR14zw98mzf9SnxpWGicnwhkCWBUZsup1WN5andV1a2nlFVLIDMl0eIs
Request Chain 258
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBfKm0FktPmBALeLKxWcS8Y&google_cver=1&google_push=ATf1kGOKEoPjFYaLeKCvB77J_wqdEya0LHi58iO-jFHpgxq4V4JUm2ZdQydnll5G0rru0DGpxOc9ooDMte6_jCHnrLK3vbf-goVf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOKEoPjFYaLeKCvB77J_wqdEya0LHi58iO-jFHpgxq4V4JUm2ZdQydnll5G0rru0DGpxOc9ooDMte6_jCHnrLK3vbf-goVf
Request Chain 259
  • https://match.360yield.com/match/ebda?google_gid=CAESEHWIO9SmRhKXFrklnieNSlY&google_cver=1&google_push=ATf1kGMSs8RtHclXiHBX0N4m3npQMdA8N1aD67X5xt9jAKNRRNYDKklfSig0bJNCsPoLau-8qgqmsozoF2tOS_DcReTaAaTLv4NC HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHWIO9SmRhKXFrklnieNSlY&google_cver=1&google_push=ATf1kGMSs8RtHclXiHBX0N4m3npQMdA8N1aD67X5xt9jAKNRRNYDKklfSig0bJNCsPoLau-8qgqmsozoF2tOS_DcReTaAaTLv4NC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=nyfu_PeQS2GZ2DPnJGAfXA&google_push=ATf1kGMSs8RtHclXiHBX0N4m3npQMdA8N1aD67X5xt9jAKNRRNYDKklfSig0bJNCsPoLau-8qgqmsozoF2tOS_DcReTaAaTLv4NC
Request Chain 266
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIHlhoLU9f4CFYfOEQgduzYFQw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023051422332984930512147X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023051422332984930512147X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Request Chain 269
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CLHlhoLU9f4CFZnluwgdqDUM_g;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023051422332984930512145X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Request Chain 316
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=95oKM3xWQjA3bGdKNUhwcnIzZ0xsN2MwMVNVOGF2Nnp5Rk8vTlV3U0J2Ynk2em5CTWpUcVI0WDVNTXk0bitEQ1BtdUdaNWNNQ040RDJNazU5V3QyajJDaWRIdTNKQ04vckpFTFNNZ29PamJCcnNVc3hwS20wRDV3VmN4L05sYnA1aEkrT1g2TEcrYnAvV01yK1h1QlRkeVhvRTJVVTJ2aktvWUp1b1VWZkxDdFBUdjlBcWRaNS8rZGFLU0U0WFFQV0VXa0VtTE9SRHdlQ0RCZmZMWVJDRkdkK1d6SE1ESXJQZHdZbW1xMDNrQnFrL1UxcGdyaDFCRXNLeEZzMVZkNWpNZjJ1ckI2SThXalpZbWhZTTRuelFTOVRhUT09fA&cppv=2
Request Chain 337
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 339
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9c956461-459a-4000-8558-135c603e7869&gdpr=0&gdpr_consent=
Request Chain 340
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825022227165
Request Chain 341
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 342
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5544836408944672905
Request Chain 343
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1528997220194880934&gdpr=0&gdpr_consent=
Request Chain 344
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pNm9eZUIQnO6C8ba-DVkYA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 346
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=761200608 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A4D9BD79-9508-4273-BA0B-C6DAF8356460
Request Chain 348
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTREOUJENzktOTUwOC00MjczLUJBMEItQzZEQUY4MzU2NDYw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 349
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHNvcY1RfYzzkI3cAL5MYV8&google_cver=1
Request Chain 351
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1988152881661834265
Request Chain 353
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/IHpiRPyljXgVfROH8w8C0A?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-COzWawhE2oIXY_rU6Xs.NGlIUS.LTiYF7cJ6Hg--~A
Request Chain 354
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDVhMDUxYjE1YTAzNjQ1NTA1ZjRkMjhjY2I5NTY2MTcxMWJiNGFmZg
Request Chain 355
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHNVIOVQ-1G-QEP
Request Chain 357
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDn9Ejxo44MOea-v4aEix0g&google_cver=1
Request Chain 359
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Request Chain 360
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhOVklPVlEtMUctUUVQ HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGKcx5ISnUZsEd8BQ2s1YxU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhOVklPVlEtMUctUUVQ&google_push=

353 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6x6uf5z9e3262.html
pcloak.blob.core.windows.net/web/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
1324
Content-MD5
XPHdOVCmWyxrVVstkB9xGw==
Content-Type
text/html
Date
Sun, 14 May 2023 20:33:25 GMT
ETag
0x8DB304DFD1C41BC
Last-Modified
Wed, 29 Mar 2023 12:06:12 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
5dd8f293-401e-0010-58a3-868765000000
x-ms-version
2009-09-19
jquery.min.js
pcloak.blob.core.windows.net/web/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-request-id
5dd8f2e1-401e-0010-1fa3-868765000000
Date
Sun, 14 May 2023 20:33:25 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
cloakan.js
pcloak.blob.core.windows.net/web/ 		308 B
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 14 May 2023 20:33:25 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zPiKctHo6j8i1UGOFPpInw==
ETag
0x8DA4D4A263C11C2
Content-Type
text/javascript
x-ms-request-id
5dd8f354-401e-0010-09a3-868765000000
x-ms-version
2009-09-19
Content-Length
308
style.css
pcloak.blob.core.windows.net/web/ 		166 B
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/style.css
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 14 May 2023 20:33:25 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
9ruAIrm4XHnQO3/sM8J0AQ==
ETag
0x8DA4D4A26527CA0
Content-Type
text/css
x-ms-request-id
5dd8f322-401e-0010-5aa3-868765000000
x-ms-version
2009-09-19
Content-Length
166
px.php
www.cloakan.co/ 		743 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/px.php?id=6x6uf5z9e3262
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:23 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
404
nv.php
www.cloakan.co/ 		232 B
385 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:24 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
112
/
ye-mek.net/ Frame 77A7 		76 KB
76 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/
Requested by
Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
560daebf8176dc54a96722520cc37ee88cb66772df2dd3512e26a97722bc3696

Request headers

Referer
https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-length
77605
content-type
text/html; charset=utf-8
date
Sun, 14 May 2023 20:33:26 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 77A7 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 15:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 13 May 2024 15:30:26 GMT
yemeknet.js
ye-mek.net/js/ Frame 77A7 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/js/yemeknet.js?v=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 14 May 2023 20:33:26 GMT
content-encoding
br
last-modified
Tue, 20 Aug 2019 13:15:54 GMT
server
Microsoft-IIS/10.0
etag
"0a144655957d51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=691200
accept-ranges
bytes
content-length
2179
maincss.css
cdn.ye-mek.net/ Frame 77A7 		40 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ye-mek.net/maincss.css?v=434
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
2286965
x-accel-date
1681809442
x-77-nzt
AcO1ryd9MDP/deUiAA
x-accel-expires
@1713345442
last-modified
Tue, 24 Nov 2020 00:00:32 GMT
server
CDN77-Turbo
etag
W/"5fbc4d20-9e5b"
x-77-nzt-ray
25b02131d5f328c497456164d1f0ef03
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/ Frame 77A7 		116 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-38733763-1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
787c064218bbd65572f4e14be5b28b061dd20015172f5c36b1add53723cc8e9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46274
x-xss-protection
0
last-modified
Sun, 14 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 May 2023 20:33:27 GMT
searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame 77A7 		542 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2287007
x-accel-date
1681809400
content-length
542
x-77-nzt
AcO1ryc0z/7/n+UiAA
x-accel-expires
@1713345400
last-modified
Sat, 22 Oct 2022 20:00:57 GMT
server
CDN77-Turbo
etag
"63544bf9-21e"
x-77-nzt-ray
25b02131d5f328c497456164c041fc05
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ara.png
cdn.ye-mek.net/App_UI/Img/ Frame 77A7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286966
x-accel-date
1681809441
content-length
1651
x-77-nzt
AcO1ryd8ni3/duUiAA
x-accel-expires
@1713345441
last-modified
Mon, 14 May 2018 22:41:08 GMT
server
CDN77-Turbo
etag
"5afa1084-673"
x-77-nzt-ray
25b02131d5f328c4974561642b005506
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
buzlukta-bezelye-saklama-yontemi-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 77A7 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/buzlukta-bezelye-saklama-yontemi-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
cba1bbb36c4c34f5b97aa6e79234f4daebbf0f63e1eff3fe39c5a7748c27f839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
77101
x-accel-date
1684019306
content-length
16375
x-77-nzt
AcO1ryeKa9//LS0BAA
x-accel-expires
@1715555306
last-modified
Sat, 13 May 2023 22:43:17 GMT
server
CDN77-Turbo
etag
"64601285-3ff7"
x-77-nzt-ray
25b02131d5f328c497456164cb7a6906
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
yumurtali-ciris-otu-kavurmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 77A7 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/yumurtali-ciris-otu-kavurmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
cf5d15aa91ac6d6ccd06ddcf375983be7283bd8bc7a441f82113deb7b41f2743

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
169081
x-accel-date
1683927326
content-length
17596
x-77-nzt
AcO1ryelj+3/eZQCAA
x-accel-expires
@1715463326
last-modified
Fri, 12 May 2023 21:20:28 GMT
server
CDN77-Turbo
etag
"645ead9c-44bc"
x-77-nzt-ray
25b02131d5f328c4974561641f056e06
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
taze-bakla-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 77A7 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/taze-bakla-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d3c70a5ecb1b5c16ddff716d6a83d189efa57a07c4210acf01c978093e3a80eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
255185
x-accel-date
1683841222
content-length
15403
x-77-nzt
AcO1rydPkeb/0eQDAA
x-accel-expires
@1715377222
last-modified
Thu, 11 May 2023 20:25:52 GMT
server
CDN77-Turbo
etag
"645d4f50-3c2b"
x-77-nzt-ray
25b02131d5f328c4974561644bac7106
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
zeytinyagli-bezelye-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 77A7 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/zeytinyagli-bezelye-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0210c85818d68e70d5b2b7173b9c3ae65774adee772ad11018f968403f1abcc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
337290
x-accel-date
1683759117
content-length
17312
x-77-nzt
AcO1rye5LPj/iiUFAA
x-accel-expires
@1715295117
last-modified
Wed, 10 May 2023 22:21:12 GMT
server
CDN77-Turbo
etag
"645c18d8-43a0"
x-77-nzt-ray
25b02131d5f328c497456164139e7506
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-kiymali-patates-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/07/ Frame 77A7 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/07/firinda-kiymali-patates-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c7bb3478b0d96694781181456adc8e338e27432ca3e53dd805da648ec62d7fe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286313
x-accel-date
1681810094
content-length
11402
x-77-nzt
AcO1ryef3Ff/6eIiAA
x-accel-expires
@1713346094
last-modified
Wed, 01 May 2019 23:02:47 GMT
server
CDN77-Turbo
etag
"5cca2597-2c8a"
x-77-nzt-ray
25b02131d5f328c497456164dcca7706
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
pilic-topkapi-resimli-yemek-tarifi(24).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/04/ Frame 77A7 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/04/pilic-topkapi-resimli-yemek-tarifi(24).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7c61fa1cf06e1231a6cbcbd22e6fd065c2934749e2e2af038318feaa79f54c93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286899
x-accel-date
1681809508
content-length
15292
x-77-nzt
AcO1ryfhH3X/M+UiAA
x-accel-expires
@1713345508
last-modified
Mon, 26 Apr 2021 22:52:38 GMT
server
CDN77-Turbo
etag
"60874436-3bbc"
x-77-nzt-ray
25b02131d5f328c4974561647bf77906
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavuk-fajita-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/04/ Frame 77A7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2018/04/tavuk-fajita-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d966ecd46380ed5fdc36aadcd4b5a4bbd65ba852833ce5e834a4e37380ac9535

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2283415
x-accel-date
1681812992
content-length
12005
x-77-nzt
AcO1rydequb/l9ciAA
x-accel-expires
@1713348992
last-modified
Wed, 01 May 2019 23:32:42 GMT
server
CDN77-Turbo
etag
"5cca2c9a-2ee5"
x-77-nzt-ray
25b02131d5f328c497456164b2c17b06
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ev-koftesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/12/ Frame 77A7 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/12/ev-koftesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a1a1863860f40862a7df0b5316bc3805f213fa1c9fb01060bbd994d91dc140ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286897
x-accel-date
1681809510
content-length
17248
x-77-nzt
AcO1rycN3Z3/MeUiAA
x-accel-expires
@1713345510
last-modified
Sun, 25 Dec 2022 22:38:25 GMT
server
CDN77-Turbo
etag
"63a8d0e1-4360"
x-77-nzt-ray
25b02131d5f328c4974561640a797d06
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kaygana-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/03/ Frame 77A7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/03/kaygana-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7db39f0b9931b338e9cd0eabeef7fd618ace0e5bc5990061ce13a0a2ed8e8a0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2279250
x-accel-date
1681817157
content-length
11893
x-77-nzt
AcO1rydjt4X/UsciAA
x-accel-expires
@1713353157
last-modified
Wed, 01 May 2019 23:14:01 GMT
server
CDN77-Turbo
etag
"5cca2839-2e75"
x-77-nzt-ray
25b02131d5f328c49745616467967f06
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cerkez-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/04/ Frame 77A7 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/04/cerkez-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e8beffeee13257f2f5a0487655ffe800c5f6a3387b67fc3fa96ecd199a0d0504

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286885
x-accel-date
1681809522
content-length
15585
x-77-nzt
AcO1ryfy11v/JeUiAA
x-accel-expires
@1713345522
last-modified
Sun, 19 Apr 2020 03:03:38 GMT
server
CDN77-Turbo
etag
"5e9bbf8a-3ce1"
x-77-nzt-ray
25b02131d5f328c497456164ce2bba06
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
uskup-boregi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/08/ Frame 77A7 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/08/uskup-boregi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
75f2b3e1739c7ed8ee367a6990d7f5abdb0fd1040724273ee5a5f87489a41228

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2281987
x-accel-date
1681814420
content-length
12833
x-77-nzt
AcO1ryf9MhT/A9IiAA
x-accel-expires
@1713350420
last-modified
Sun, 23 Aug 2020 23:39:16 GMT
server
CDN77-Turbo
etag
"5f42fe24-3221"
x-77-nzt-ray
25b02131d5f328c49745616459a6bc06
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
orijinal-kibris-tatlisi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame 77A7 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/orijinal-kibris-tatlisi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d5232d54f552f36dea15ac9afdc160e549cb4e8eb52dd9da5f048eaf9264449a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286182
x-accel-date
1681810225
content-length
15360
x-77-nzt
AcO1rydUzbT/ZuIiAA
x-accel-expires
@1713346225
last-modified
Sun, 17 Apr 2022 12:57:04 GMT
server
CDN77-Turbo
etag
"625c0ea0-3c00"
x-77-nzt-ray
25b02131d5f328c49745616417bcbe06
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
yufkadan-findik-lahmacun-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/01/ Frame 77A7 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/01/yufkadan-findik-lahmacun-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d82c4906e4b728e92a7fcec80c1f8bcb5b16502d30a9de09a361dc503a70145a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286898
x-accel-date
1681809509
content-length
16684
x-77-nzt
AcO1rye0nY7/MuUiAA
x-accel-expires
@1713345509
last-modified
Wed, 01 May 2019 22:52:17 GMT
server
CDN77-Turbo
etag
"5cca2321-412c"
x-77-nzt-ray
25b02131d5f328c497456164fff4c006
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kilis-tava-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame 77A7 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/kilis-tava-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a89f7bfa14110d591435cd4944c46084d2eacf435adf24032626b6caebe8738f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286972
x-accel-date
1681809435
content-length
16352
x-77-nzt
AcO1ryfNX0n/fOUiAA
x-accel-expires
@1713345435
last-modified
Sat, 16 Apr 2022 14:03:03 GMT
server
CDN77-Turbo
etag
"625acc97-3fe0"
x-77-nzt-ray
25b02131d5f328c497456164b625c306
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cokertme-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2013/07/ Frame 77A7 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2013/07/cokertme-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
de828c1de3b057a2132f7e790523411695d4c0189b0eaeb5f0f4f3d92462a540

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286599
x-accel-date
1681809808
content-length
15954
x-77-nzt
AcO1ryfl9rr/B+QiAA
x-accel-expires
@1713345808
last-modified
Wed, 01 May 2019 22:16:47 GMT
server
CDN77-Turbo
etag
"5cca1acf-3e52"
x-77-nzt-ray
25b02131d5f328c497456164d655c506
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-kuzu-kol-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/03/ Frame 77A7 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/03/firinda-kuzu-kol-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
04768856c079a1aca293eb1fa81842cb300eacd20fc15f92126c9477ccc72209

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286851
x-accel-date
1681809556
content-length
16164
x-77-nzt
AcO1ryfrfRj/A+UiAA
x-accel-expires
@1713345556
last-modified
Mon, 06 Mar 2023 21:22:25 GMT
server
CDN77-Turbo
etag
"64065991-3f24"
x-77-nzt-ray
25b02131d5f328c497456164adadc706
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
yogurt-soslu-tavuk-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/06/ Frame 77A7 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/06/yogurt-soslu-tavuk-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
772de1eb224033fdc2d4f895698a95d01249b3e95be8f99991e8f9099c985df0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2278035
x-accel-date
1681818372
content-length
16582
x-77-nzt
AcO1rydx0+z/k8IiAA
x-accel-expires
@1713354372
last-modified
Thu, 09 Jun 2022 23:02:22 GMT
server
CDN77-Turbo
etag
"62a27bfe-40c6"
x-77-nzt-ray
25b02131d5f328c4974561643033ca06
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-sebzeli-tavuk-sote-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/11/ Frame 77A7 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2019/11/firinda-sebzeli-tavuk-sote-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b2ecd92de7982ef4ffd3778b02d62aaef7341b3c9ac5f4e53e749a9bde702119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286079
x-accel-date
1681810328
content-length
13621
x-77-nzt
AcO1ryc450///+EiAA
x-accel-expires
@1713346328
last-modified
Sat, 16 Nov 2019 21:54:33 GMT
server
CDN77-Turbo
etag
"5dd07019-3535"
x-77-nzt-ray
25b02131d5f328c497456164267ecc06
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavada-soslu-citir-tavuk-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/03/ Frame 77A7 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/03/tavada-soslu-citir-tavuk-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1e066beb1036ff4d1c6237858048930493e92415f9d6441b956c1133c6eafeef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2283415
x-accel-date
1681812992
content-length
14041
x-77-nzt
AcO1ryeppj7/l9ciAA
x-accel-expires
@1713348992
last-modified
Wed, 01 May 2019 22:55:30 GMT
server
CDN77-Turbo
etag
"5cca23e2-36d9"
x-77-nzt-ray
25b02131d5f328c49745616495a9ce06
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firin-posetinde-butun-tavuk-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ Frame 77A7 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/12/firin-posetinde-butun-tavuk-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4e454f18b44913721b60327717caa80d346f4e7a9df8af9aff86d5991ae430de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286899
x-accel-date
1681809508
content-length
15403
x-77-nzt
AcO1ryfrm+X/M+UiAA
x-accel-expires
@1713345508
last-modified
Tue, 29 Dec 2020 23:47:12 GMT
server
CDN77-Turbo
etag
"5febc000-3c2b"
x-77-nzt-ray
25b02131d5f328c49745616417dfd006
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
domatesli-kabak-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/06/ Frame 77A7 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/06/domatesli-kabak-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c43a592c09224db2985a3e074e7b50afe274ddce2b680b73e8f3a9c5cda4d35b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286514
x-accel-date
1681809893
content-length
14650
x-77-nzt
AcO1rydv72D/suMiAA
x-accel-expires
@1713345893
last-modified
Wed, 16 Jun 2021 22:40:57 GMT
server
CDN77-Turbo
etag
"60ca7df9-393a"
x-77-nzt-ray
25b02131d5f328c497456164f3eed606
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kabak-baligi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/06/ Frame 77A7 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/06/kabak-baligi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
43531e83c15a96469ab4c9157633196740214b7303c1f34cd46930a3a97bfd8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2284092
x-accel-date
1681812315
content-length
16514
x-77-nzt
AcO1rycQb1D/PNoiAA
x-accel-expires
@1713348315
last-modified
Thu, 04 Jun 2020 01:09:59 GMT
server
CDN77-Turbo
etag
"5ed849e7-4082"
x-77-nzt-ray
25b02131d5f328c497456164453fd906
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
butun-mantar-kavurmasi-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/09/ Frame 77A7 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/09/butun-mantar-kavurmasi-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a9813636d064a6c030d55ade3e86f5de6475ea07aa4bb75d2197f653bd8f60d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286333
x-accel-date
1681810074
content-length
15573
x-77-nzt
AcO1ryd8xqv//eIiAA
x-accel-expires
@1713346074
last-modified
Thu, 16 Sep 2021 22:01:48 GMT
server
CDN77-Turbo
etag
"6143becc-3cd5"
x-77-nzt-ray
25b02131d5f328c49745616422e1da06
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
portakalli-kereviz-yemegi-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/12/ Frame 77A7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2018/12/portakalli-kereviz-yemegi-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d5e0fdb2ad865d955935adf33701334ebd02983bd9c18274844cd4a9317717bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286552
x-accel-date
1681809855
content-length
11931
x-77-nzt
AcO1rycUSdH/2OMiAA
x-accel-expires
@1713345855
last-modified
Wed, 01 May 2019 23:42:47 GMT
server
CDN77-Turbo
etag
"5cca2ef7-2e9b"
x-77-nzt-ray
25b02131d5f328c4974561641554dc06
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
topcata-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 77A7 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/topcata-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
34963234993f556b873f499c31e1daae21990c332b81c63044b39127c5bad2c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286893
x-accel-date
1681809514
content-length
13418
x-77-nzt
AcO1ryc2Yx3/LeUiAA
x-accel-expires
@1713345514
last-modified
Fri, 01 May 2020 16:46:43 GMT
server
CDN77-Turbo
etag
"5eac5273-346a"
x-77-nzt-ray
25b02131d5f328c497456164b2cddd06
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
lokanta-usulu-mercimek-corbasi-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/11/ Frame 77A7 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/11/lokanta-usulu-mercimek-corbasi-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0c28128d4531849e77a1f8f5e29ebd5a3f84e41521c4ec3b6c14173600e5d541

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286640
x-accel-date
1681809767
content-length
10524
x-77-nzt
AcO1rycaNFv/MOQiAA
x-accel-expires
@1713345767
last-modified
Wed, 01 May 2019 23:26:55 GMT
server
CDN77-Turbo
etag
"5cca2b3f-291c"
x-77-nzt-ray
25b02131d5f328c497456164b35adf06
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
lokanta-usulu-ezogelin-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/05/ Frame 77A7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/05/lokanta-usulu-ezogelin-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1a6d6ecc5afe8b370681181e0077b6c838310f74f8473a1f36527577d5a1fab7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286700
x-accel-date
1681809707
content-length
11911
x-77-nzt
AcO1ryczfYX/bOQiAA
x-accel-expires
@1713345707
last-modified
Wed, 01 May 2019 22:58:45 GMT
server
CDN77-Turbo
etag
"5cca24a5-2e87"
x-77-nzt-ray
25b02131d5f328c49745616482c3e006
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
taze-bamya-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/08/ Frame 77A7 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/08/taze-bamya-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f7872af25867f187dd1d6da75afd129c9dff792b3c917aadcee869d68a7bbe15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1225311
x-accel-date
1682871096
content-length
10605
x-77-nzt
AcO1rycvrrr/X7ISAA
x-accel-expires
@1714407096
last-modified
Tue, 16 Aug 2022 22:30:13 GMT
server
CDN77-Turbo
etag
"62fc1a75-296d"
x-77-nzt-ray
25b02131d5f328c497456164044ae206
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
elmali-crumble-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/03/ Frame 77A7 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/03/elmali-crumble-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
78da9db43c13878a83c2add982d64622874181fd479875d2ab4c4be7cff84fe5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1857858
x-accel-date
1682238549
content-length
12773
x-77-nzt
AcO1rycCRKf/QlkcAA
x-accel-expires
@1713774549
last-modified
Sat, 27 Mar 2021 01:19:51 GMT
server
CDN77-Turbo
etag
"605e8837-31e5"
x-77-nzt-ray
25b02131d5f328c497456164c4bbe306
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
limonlu-magnolia-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/09/ Frame 77A7 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/09/limonlu-magnolia-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b973bcfa06c3c100ab181b34b6cb89b9cb658b8aedae9bb1ba1c84af345ff8f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2283106
x-accel-date
1681813301
content-length
12597
x-77-nzt
AcO1ryeHdez/YtYiAA
x-accel-expires
@1713349301
last-modified
Thu, 10 Sep 2020 22:48:42 GMT
server
CDN77-Turbo
etag
"5f5aad4a-3135"
x-77-nzt-ray
25b02131d5f328c497456164ea5fe506
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
iki-renkli-sutlu-irmik-tatlisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/06/ Frame 77A7 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/06/iki-renkli-sutlu-irmik-tatlisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1223d352430065cc6ee6ecfe6c3ed6e1e4b2f5714817dcf8967ffca08f192c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2283172
x-accel-date
1681813235
content-length
15229
x-77-nzt
AcO1ryfsYzf/pNYiAA
x-accel-expires
@1713349235
last-modified
Thu, 11 Jun 2020 22:59:34 GMT
server
CDN77-Turbo
etag
"5ee2b756-3b7d"
x-77-nzt-ray
25b02131d5f328c4974561640cf0e606
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
soguk-baklava-resimli-yemek-tarifi(24).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/05/ Frame 77A7 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/05/soguk-baklava-resimli-yemek-tarifi(24).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
08d0fcf3f85412d79222e02121ad69c48016719acdc466e011d708910aa92a64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286965
x-accel-date
1681809442
content-length
18562
x-77-nzt
AcO1rydryqD/deUiAA
x-accel-expires
@1713345442
last-modified
Tue, 04 May 2021 00:21:31 GMT
server
CDN77-Turbo
etag
"6090938b-4882"
x-77-nzt-ray
25b02131d5f328c4974561649864e906
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
yumurta-katlama-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/01/ Frame 77A7 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/01/yumurta-katlama-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
23d58172a13a810fa151cb35f5f0bee205d2294327be9d8b7172553719cf3e66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
146599
x-accel-date
1683949808
content-length
12735
x-77-nzt
AcO1ryen/jb/pzwCAA
x-accel-expires
@1715485808
last-modified
Wed, 20 Jan 2021 23:18:27 GMT
server
CDN77-Turbo
etag
"6008ba43-31bf"
x-77-nzt-ray
25b02131d5f328c49745616495c8eb06
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ispanakli-tuzlu-kek-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ Frame 77A7 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ispanakli-tuzlu-kek-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0e6ca498247c97add21344e3634348168a377e18380d9d022c08039092c728be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1784695
x-accel-date
1682311712
content-length
15209
x-77-nzt
AcO1ryezvmH/dzsbAA
x-accel-expires
@1713847712
last-modified
Sun, 20 Dec 2020 23:20:09 GMT
server
CDN77-Turbo
etag
"5fdfdc29-3b69"
x-77-nzt-ray
25b02131d5f328c49745616427bded06
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sebzeli-misir-ekmegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/11/ Frame 77A7 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/11/sebzeli-misir-ekmegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
886aadb9d7fd797e07b70c67dfc5e3f40f8cb9a350bee05e5cc4db9c078613c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1958040
x-accel-date
1682138367
content-length
12450
x-77-nzt
AcO1ryfZLAD/mOAdAA
x-accel-expires
@1713674367
last-modified
Sun, 08 Nov 2020 23:21:47 GMT
server
CDN77-Turbo
etag
"5fa87d8b-30a2"
x-77-nzt-ray
25b02131d5f328c49745616458efef06
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavada-bayat-ekmek-boregi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/01/ Frame 77A7 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/01/tavada-bayat-ekmek-boregi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
42794f0d6d307576c7e114ae55d96d7582bcd5a24ba188b0d44bb968354918f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286093
x-accel-date
1681810314
content-length
12783
x-77-nzt
AcO1rycoapP/DeIiAA
x-accel-expires
@1713346314
last-modified
Wed, 06 Jan 2021 22:45:50 GMT
server
CDN77-Turbo
etag
"5ff63d9e-31ef"
x-77-nzt-ray
25b02131d5f328c4974561646f5cf206
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
_dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame 77A7 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:27 GMT
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
Microsoft-IIS/10.0
etag
"8ae3cdbd420cc1:0"
x-powered-by
ASP.NET
x-hw
1684096407.cds239.fr8.hn,1684096407.cds153.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length
5605
addthis_widget.js
s7.addthis.com/js/300/ Frame 77A7 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-115.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Sun, 14 May 2023 20:33:27 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
x-host
s7.addthis.com
content-length
116356
DMCABadgeHelper.min.js
images.dmca.com/Badges/ Frame 77A7 		465 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:27 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
Microsoft-IIS/10.0
etag
"26b181f16d28d51:0"
x-powered-by
ASP.NET
x-hw
1684096407.cds239.fr8.hn,1684096407.cds057.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length
395
outside.js
static.virgul.com/theme/mockups/adcode/ Frame 77A7 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19491
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
3bf48016240e2a08d327f70eed169e186b2fca957544ed5c02e9b7c6c9af7d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:27 GMT
content-encoding
gzip
last-modified
Tue, 18 Apr 2023 08:37:30 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
sdk.js
connect.facebook.net/tr_TR/ Frame 77A7 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6f47415ecce20d5c55f0e2c45493b60cd17992337e1372f7e7ff0f93633c614d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 14 May 2023 20:33:27 GMT
content-md5
+c547niE1vLKzMfOrSrILA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
rhYEys2wDrGL3BeiAWXYaGtfbbM8xfeXvsfDEHqtgQ2vMzBGQg6VHuyVrVXnDHKy0TpqtO4djSNZGV00FUyn1Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
b4efb30d394a5bf8a48b408235621dd3
cross-origin-opener-policy
same-origin-allow-popups
etag
"6adca0c2fcd8b467c6b47b116442ecc9"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=()
x-frame-options
DENY
timing-allow-origin
*
expires
Sun, 14 May 2023 20:45:54 GMT
sprite_3.png
cdn.ye-mek.net/grafik/ Frame 77A7 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by
Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ye-mek.net/maincss.css?v=434
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 14 May 2023 20:33:27 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2286965
x-accel-date
1681809442
content-length
21525
x-77-nzt
AcO1ryeDnSr/deUiAA
x-accel-expires
@1713345442
last-modified
Mon, 14 May 2018 20:55:05 GMT
server
CDN77-Turbo
etag
"5af9f7a9-5415"
x-77-nzt-ray
25b02131d5f328c49745616431dbf406
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sdk.js
connect.facebook.net/tr_TR/ Frame 77A7 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js?hash=b8fe0945d9531877b6afb2f41be974d9
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
68469eacba124ddb1d6a9a621ae82d3ef876787c2a0b395e3549037d6f577126
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 14 May 2023 20:33:27 GMT
content-md5
8ozRoZstXvVOq+hvvGdnEQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88729
x-fb-rlafr
0
x-fb-debug
J1OSU7QJTC/ZBIs9eSGDOCPzxdJwkIo4Bfmvtchs1Snf9V9QdSEuNB/ziPFl5HOSA6TVsexJLpE7JO1QnB1hWA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
f28dfc06747671f1114f29c808668ccf
cross-origin-opener-policy
same-origin-allow-popups
etag
"761133c07677e2f55c0f7492e7acaad6"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Mon, 13 May 2024 19:29:22 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ Frame 77A7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
date
Sun, 14 May 2023 20:33:27 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
B402EDC6F7271ED7
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=47031
accept-ranges
bytes
content-length
948
x-amz-id-2
3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=
analytics.js
www.google-analytics.com/ Frame 77A7 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 14 May 2023 18:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
7068
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sun, 14 May 2023 20:35:39 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 77A7 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0841857f9470ac6a6943119cb4dc8bde6b00f34155302022bb06e9267628377
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25235
x-xss-protection
0
server
cafe
etag
921 / 19491 / m202305090101 / config-hash: 12209807291441061903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 14 May 2023 20:33:27 GMT
ads.js
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame 77A7 		120 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19491
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:27 GMT
last-modified
Wed, 21 Dec 2022 18:47:42 GMT
server
openresty/1.15.8.3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
120
str.html
static.virgul.com/theme/mockups/outside/ Frame 5236 		891 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19491
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=5184000
content-length
891
content-type
text/html
date
Sun, 14 May 2023 20:33:27 GMT
last-modified
Wed, 28 Sep 2022 10:07:57 GMT
server
openresty/1.15.8.3
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 77A7 		137 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c94290f0af57ee52138c25260a1061ae8a121af6b756f50d5b971b9a9004de15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47643
x-xss-protection
0
server
cafe
etag
11962186178618788846
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 14 May 2023 20:33:27 GMT
prebid7.38.0.js
static.virgul.com/theme/mockups/outside/ Frame 77A7 		489 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19491
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:27 GMT
content-encoding
gzip
last-modified
Mon, 27 Mar 2023 14:56:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
apstag.js
c.amazon-adsystem.com/aax2/ Frame 77A7 		230 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.180.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-180-50.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 19:41:26 GMT
content-encoding
gzip
via
1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront), 1.1 f3af529e1cd5e36acd18d2e16d2a96c6.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:07 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1, MXP64-P1
age
3123
x-amz-server-side-encryption
AES256
etag
W/"e6af4658ab1a6fdde1f0066b27d5372e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
cxxOJLN03MtfEjvZ2RD2iSuHnIgSrOj77WeICNa55371hvSTRFw4Hg==
pageview
ng.virgul.com/ Frame 77A7 		36 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/pageview?c=site_geneli&mt=1684096407461&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.57733898543239
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19491
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
2cf8eb2e52c4454ca8740bf3b7315ac62472554cbc8038d26fd0897da7979cf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:27 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://ye-mek.net
content-type
application/javascript
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
yemek_net.js
static.virgul.com/theme/mockups/fallback/ Frame 77A7 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19491
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19491
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
07849c46f2c450b07dfccf7163e986d80d942edd003d11dbe02f083bc21ac008

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:27 GMT
content-encoding
gzip
last-modified
Sat, 13 May 2023 21:52:47 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
hb
ng.virgul.com/ Frame 77A7 		49 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=467804
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19491
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
b9a4d474c6fc40a18927e5cd37316d5b2950ad2fb449f6057b5110a5d2334ec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:27 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://ye-mek.net
content-type
application/javascript
cache-control
max-age=3600
access-control-allow-credentials
true
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/ Frame 77A7 		402 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 16:37:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
14185
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127184
x-xss-protection
0
server
cafe
etag
3263738860219486170
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 13 May 2024 16:37:02 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ Frame 77A7 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
deb661289c8664bda5e825d4496d07dad0506173f9e7c479c28d9d413959d6d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122683
x-xss-protection
0
server
cafe
etag
326537989229193917
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 14 May 2023 20:33:27 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame DD62 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11911
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 17:14:56 GMT
etag
15057649708203361565
expires
Sun, 28 May 2023 17:14:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
empowerwebplayer3.js
static.virgul.com/theme/mockups/outside/ Frame 77A7 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:27 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 09:38:48 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
localstore.js
script.4dex.io/ Frame 77A7 		483 B
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Sun, 14 May 2023 20:33:27 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2082182
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pVnlaKcvtslQd0FrEMFPHVl8ed5dzrYDBQDwAjkTd2gUbslABgaFRzv5fKlXrU5DXpycjaLbF5lwR1iA72XMvvjiFL4%2BFPnLtoouYLwyLWJ5e2BHpLhKy7PF9%2F%2BASacdQZ4o6VkT9JRnzWE"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7c75ea951b1d9290-FRA
yemek_net.js
static.virgul.com/theme/mockups/sites/ Frame 77A7 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=467804
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19491
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:27 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 09:08:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
pandg-sdk.js
pghub.io/js/ Frame 77A7 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 19:34:09 GMT
content-encoding
gzip
age
3558
x-guploader-uploadid
ADPycdvRcsoozP4grM41QnmBZlkIa_NpQkpJ7BM2b1VP2ev9Xks3cal2NqeWXqKnookl8mMiIDHIe79RLoKuBEUBLfjqT5vIKYA-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4955
last-modified
Fri, 20 Jan 2023 18:31:19 GMT
server
UploadServer
etag
"b3517e216253857ea8c4209cb84004df"
vary
Accept-Encoding
x-goog-generation
1674239479122517
x-goog-hash
crc32c=rClt4g==, md5=s1F+IWJThX6oxCCcuEAE3w==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
4955
accept-ranges
bytes
content-type
application/javascript
zoneview
ng.virgul.com/ Frame 77A7 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1684096407804&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnet648faf63-4d0c-491e-9ece-7b21e8085b15&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.45088890653526437
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Sun, 14 May 2023 20:33:27 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
integrator.js
adservice.google.de/adsid/ Frame 77A7 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 77A7 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 77A7 		98 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=327531309901683&correlator=3273819702137980&eid=31072019%2C31074172%2C31074542&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=2&adks=352337171&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684096407461%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet648faf63-4d0c-491e-9ece-7b21e8085b15%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet648faf634d0c491e9ece7b21e8085b15&sc=1&cdm=ye-mek.net&abxe=1&dt=1684096407829&lmt=1684096407&dlt=1684096407010&idt=653&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=7m9k82daojlc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=234754744.1684096408&ga_sid=1684096408&ga_hid=367780358&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2cb0896f23970acb4c564844f1b1c5cbf4c7cefe75320d0f1541c9ba4c9b4b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34732
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 77A7 		52 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=327531309901683&correlator=3273819702137980&eid=31072019%2C31074172%2C31074542&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=3&adks=2928140480&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684096407461%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet648faf63-4d0c-491e-9ece-7b21e8085b15%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet648faf634d0c491e9ece7b21e8085b15&sc=1&cdm=ye-mek.net&abxe=1&dt=1684096407840&lmt=1684096407&dlt=1684096407010&idt=653&adxs=349&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ygnw6e6s7smu&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=234754744.1684096408&ga_sid=1684096408&ga_hid=367780358&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08fd1804e4715008dfbf41498ca4524c86a05d445dd64e60e439da5f4ad200c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12648
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 77A7 		55 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=327531309901683&correlator=3273819702137980&eid=31072019%2C31074172%2C31074542&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=4&adks=3052647768&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684096407461%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet648faf63-4d0c-491e-9ece-7b21e8085b15%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet648faf634d0c491e9ece7b21e8085b15&sc=1&cdm=ye-mek.net&abxe=1&dt=1684096407844&lmt=1684096407&dlt=1684096407010&idt=653&adxs=985&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=vnn0uzsnvn0e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=234754744.1684096408&ga_sid=1684096408&ga_hid=367780358&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
afe25473c3f30eef447690efc801bcc0dd68b72e7c0d0b70ac831d4cc5df22ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12968
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 77A7 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=327531309901683&correlator=141930966396706&eid=31072019%2C31074172%2C31074542&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=5&adks=3733009076&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684096407461%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet648faf63-4d0c-491e-9ece-7b21e8085b15%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet648faf634d0c491e9ece7b21e8085b15&sc=1&cdm=ye-mek.net&abxe=1&dt=1684096407846&lmt=1684096407&dlt=1684096407010&idt=653&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=cp68g68gf0y7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=234754744.1684096408&ga_sid=1684096408&ga_hid=367780358&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be2c867abb1d4a933a86c4b358663deb187252fba0e1005ad347fe5e5f5b1ca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10399
x-xss-protection
0
google-lineitem-id
6241543851
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425583957
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7C4E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:33:27 GMT
expires
Mon, 13 May 2024 20:33:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
openrtb
adx.adform.net/adx/ Frame 77A7 		0
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame 77A7 		19 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 20:33:27 GMT
AN-X-Request-Uuid
6ceabd8f-e930-4b75-b33c-9e5d7f723496
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ye-mek.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.199; 80.255.10.199; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
hb.emxdgt.com/ Frame 77A7 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 77A7 		360 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1085a43ef71f5baf52f39ecb5f626590512066f7cd4095c05e4966785bc2a5ad
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 20:33:27 GMT
AN-X-Request-Uuid
64a145d1-2cba-4cea-9a41-6bfb7d674883
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ye-mek.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.199; 80.255.10.199; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
360
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
cpm.programattik.com/ Frame 77A7 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=45&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns1.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Sun, 14 May 2023 20:33:27 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
hb
cpm.programattik.com/ Frame 77A7 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=44&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns1.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Sun, 14 May 2023 20:33:27 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
hb
cpm.programattik.com/ Frame 77A7 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=80&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns1.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Sun, 14 May 2023 20:33:27 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 77A7 		173 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.144.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-144-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b58f77833d598c65c51174e746bd76fa2a1a4e218ab78ac2a76ac8a8497a193d

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
gzip
x-prebid
pbs-java/1.118.0
content-type
application/json
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
167
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 77A7 		416 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862172&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=f08864ef-ff6e-40ef-bc22-25866221da25%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&tk_flint=pbjs_lite_v7.38.0&x_source.tid=5fc1a5a1-6f91-4e0e-9119-16ed56315658&l_pb_bid_id=24d1275dd83023f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6175491574241858
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ceb8d3343ecdc19a97fa7c373e89edb1c6a845460537296bc7535d368e9c5855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:27 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
416
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 77A7 		410 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862174&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=f08864ef-ff6e-40ef-bc22-25866221da25%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&tk_flint=pbjs_lite_v7.38.0&x_source.tid=3e02e4ad-71a2-405a-b1bf-fb5e8a55fa74&l_pb_bid_id=254fe85948772bf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3328351097629143
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7592db2b5b2a2e6429132c5f0d28a821241687e785f48960dcc34ae1e036430d

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
410
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 77A7 		398 B
948 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746730&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=f08864ef-ff6e-40ef-bc22-25866221da25%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=4ccb0c15-d383-4457-906f-d969dd3b7770&l_pb_bid_id=267bcf3dca00ec5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.02902469611820635
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7e1f82670d1c8b23d344d5880a1850e04def345a4f57e21cc859f51300f3d7af

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:27 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
398
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 77A7 		397 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746580&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=f08864ef-ff6e-40ef-bc22-25866221da25%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=d076145d-ff73-4ae0-8d04-5de57b0fbfb5&l_pb_bid_id=27a14b592ad84f4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.009918250523118122
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d8a6c78604026709de9672bab48038c4551bfadf400c29691c015ebb596fc737

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 77A7 		408 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862158&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=f08864ef-ff6e-40ef-bc22-25866221da25%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&tk_flint=pbjs_lite_v7.38.0&x_source.tid=ceebc13f-b4a4-48f6-8981-6c99018de869&l_pb_bid_id=29a62eaa3c41fd2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3208450487705745
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
321301bb052569db41963d7653fac7da622ecbcdc7ed84b0cbf26f1d11772508

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:27 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
408
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid-request
a.teads.tv/hb/ Frame 77A7 		16 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 14 May 2023 20:33:28 GMT
translator
hbopenbid.pubmatic.com/ Frame 77A7 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
date
Sun, 14 May 2023 20:33:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 77A7 		24 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.38.0
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a5a06ed81f4d8e900894fdcfd02d310021eddd4c2a72b746d68f638a88f1f802

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 14 May 2023 20:33:27 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ye-mek.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
mp.4dex.io/ Frame 77A7 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:27 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7c75ea956e942bb9-FRA
expires
0
cdb
bidder.criteo.com/ Frame 77A7 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.38.0&cb=19209639599&lsavail=0
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 May 2023 20:33:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://ye-mek.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
openrtb
adx.adform.net/adx/ Frame 77A7 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9c852909ead05e82a172103904d35f33e83232903ffac1f4748d7e40ac6a343b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 May 2023 20:33:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://ye-mek.net
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
googleads.g.doubleclick.net/pagead/ Frame 3EF6 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096407618&bpp=3&bdt=608&idt=272&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&nras=1&correlator=4086367792434&frm=24&ife=1&pv=2&ga_vid=234754744.1684096408&ga_sid=1684096408&ga_hid=367780358&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C44773809%2C44788441%2C44789923&oid=2&pvsid=327531309901683&tmod=134537922&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.9zho45qrkqyz&fsb=1&dtd=285
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:33:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
NoktaNpmPlayerApi.js
c1.imgiz.com/player_others/html5/ Frame 77A7 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19491
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 11:58:21 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sun, 21 May 2023 20:33:28 GMT
adagio.js
script.4dex.io/ Frame 77A7 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Sun, 14 May 2023 20:33:27 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
578830
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuh7IEMdtN6R6u0qXi9YsWjJLUjBgSQjK8M7vixsUxFA0z5F%2Bg5Djz2%2FILhrraWmUJagnldtbX9H7I5NrHXOVadeIutKOMDWMg0rpbv7jFW2UZEzh9qCIDT57%2Bsnftt254X%2BgBcDWbEaUnAA"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7c75ea95a8a92ba4-FRA
zoneview
ng.virgul.com/ Frame 77A7 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1684096407921&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnet648faf63-4d0c-491e-9ece-7b21e8085b15&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.30201222825087215
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Sun, 14 May 2023 20:33:27 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
tag
feed.pghub.io/ Frame D683 		13 B
257 B 		Document
General
Check archive.org
Download Go to
Full URL
https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Sun, 14 May 2023 20:33:27 GMT
strict-transport-security
max-age=31536000
via
1.1 google
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304262219000/ Frame 3887 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:27 GMT
age
523381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61839
x-xss-protection
0
server
sffe
etag
"ccf36922213b3ec5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:27 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 3887 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:27 GMT
age
523381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"4fd619331b8f64df"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:27 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 3887 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:27 GMT
age
523381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28884
x-xss-protection
0
server
sffe
etag
"6451d33588c99856"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:27 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 3887 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:27 GMT
age
523381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1906
x-xss-protection
0
server
sffe
etag
"83933b769a9f5701"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:27 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 3887 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:27 GMT
age
523381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12938
x-xss-protection
0
server
sffe
etag
"3f9bab308b30f46e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:27 GMT
css
fonts.googleapis.com/ Frame 3887 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 May 2023 20:31:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 May 2023 20:33:28 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3887 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 19:04:08 GMT
x-content-type-options
nosniff
server
cafe
age
5360
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
expires
Mon, 15 May 2023 19:04:08 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3887 		344 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
25098
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 15 May 2023 13:35:10 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3887 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C8Hudl0VhZJLAOKjN1fAP0q25gAv-hqz2b9WQkvmpEa_q5PHIARABIMCygmtgldqIgpgHoAGcrfTEAcgBCakCuEm_tTNnsj7gAgCoAwHIAwqqBIECT9DBkPf-KfkBvgai8RYgmIipCgfp4KRcsNYiOGAvWe3xckzRGJrXf7eOegtMYjalPSfRmJizhvczu2dNjFC2T7LNopbjUCdb8NJFWXrloaKCcFW1niTp_T6BNS_xgjV_2v-iWXLEu7zUTMTjWFK7PW1sJJBAZSsa8E3P4ZjhBcJK7LHuzabLizvJr3yxxrk4SzPoYV1QwaRYdepEomM7sOuBVEL_y9oHyYT1At7ViAbK8C_iGhn18L2qvVvBh_jGmfH8uJPcEGBuLTAwsIYXUxUzku3bhUkrnBjiDDxXJBbco_xf80YGXE5qIb9yji6869HoQiQbBeUKtOLNvb6Ehd_ABIze4eumBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfM0ou7AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEKRs0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA8gLAbgT5APYEwzQFQGAFwGyFx4KHAgAEhRwdWItNjU5MzUyMzIxMDAxMDE1NBjqwW0&sigh=YOmEVrmxw4Q&uach_m=[UACH]&cid=CAQSLQBygQiDS6tTwdJk8n7I6ir3EPZ6OoQ7alogvKuegmF2PfAkcXFFG5bcTuFzORgB&template_id=484
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
container.html
b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4C75 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:33:27 GMT
expires
Mon, 13 May 2024 20:33:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/18139684355494329713/ Frame 3887 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18139684355494329713/14763004658117789537
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b19ae3e2cf37909f8d19610ce1ca8cdd5e74d12b15ea9f9846e23c3d1240079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 10:41:44 GMT
x-content-type-options
nosniff
age
121904
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49042
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 15:40:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 12 May 2024 10:41:44 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/2783540341053227027/ Frame 3887 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2783540341053227027/14763004658117789537?w=100&h=100
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ac6573d1dbabe2d15ea7cdab167f404ed289a989319ea464a762fb209bafbb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 06:02:44 GMT
x-content-type-options
nosniff
age
138644
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1170
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 15:40:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 12 May 2024 06:02:44 GMT
truncated
/ Frame 3887 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ea6b63aedd2f7858f1efd4fdb3977d31792b143f7b82e17c122d13a99d74798

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4C75 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 14:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
193273
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 11 May 2024 14:52:15 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 4C75 		137 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f924b871eab4aca628e0cb7c75a4035f824d86181c9943b160db3812f6dcfc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
Origin
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47665
x-xss-protection
0
server
cafe
etag
1296457884597843992
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 14 May 2023 20:33:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4C75 		169 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 May 2023 20:33:28 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3887 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 23:14:12 GMT
x-content-type-options
nosniff
age
163156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 May 2024 23:14:12 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3887 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 06:22:44 GMT
x-content-type-options
nosniff
age
137444
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 06:22:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3887 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 06:10:15 GMT
x-content-type-options
nosniff
age
138193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 06:10:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4C75 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSIlMgb1ZaDFz-03ZriHb8fZsqoFn0DpbMYL9_Ch2v1DFPE5XMQAE6rhG0FZJNa0WD-hJsV8nF-yxhowf9Y6xEiQ_NPl3dHIeF5Xf4eGKOjrl7hfpMm8I0FI1o-URqBFCVZ-3gjzAZG4wPN6_2nRJO0ojN8MlgxCitdATvCDU3b8OZwaFWI7S-PW3XLkfGnUa_U4TesAET1Z31RJP1tP1pW_MCgGYMdujgwEQi9fEy8QfcuIdX6ia_mNQNpCan1KsESCC_fIhiQz3RE4-etK7ZY0zAojVBrhhMEVV2MN6ivQyfYJtAZLAAfuR3FPiaAo8MTQJjdf8MBW0536PPDJosKVlJmgUUUX9MZughunFDA-U5VuM&sai=AMfl-YRC4ZS5Yi7gUkv19koK3TqpR2keVYn1KgxCJA85ehaiswK9kcOYN2haHCZs-reHIfdkXW2T1Jy6HdYJ9PINRXK01snD9iPMjAUPiMtRVBg&sig=Cg0ArKJSzCxHRW6uFoXnEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
config
c.amazon-adsystem.com/cdn/prod/ Frame 77A7 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.180.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-180-50.mxp64.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 16:03:54 GMT
via
1.1 f3af529e1cd5e36acd18d2e16d2a96c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MXP64-P1
age
16174
x-cache
Hit from cloudfront
access-control-allow-origin
https://ye-mek.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
bHV_Glgnv7qN8bHe8leZdYULkdsZsh5G1f6o6w2DasD0hcw4cDHxFA==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 77A7 		23 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=16ehoeBzkz8E4&cb=0&ws=1600x1200&v=23.505.1627&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-4.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
RGHW54S7R4B2JE8WGQEY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
M3D0ucgpNB7hTWeGsMDPsBirM7cOBSNUkbKjVbXcya3vBp6IRMdIKQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 77A7 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.180.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-180-50.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 360b1bd33b8b23c22efaa08453fa0b68.cloudfront.net (CloudFront)
date
Sat, 13 May 2023 21:16:52 GMT
x-amz-cf-pop
MXP64-P1
age
83798
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
G-hbU-uoN7wv6bzldK6Gt9oEPZZz5LmBM8PCMteRyqDOs6Ck5UgdtA==
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/ Frame 4C75 		357 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com&bust=31074561
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2cab4b003712e0a49db28cbc990255645d746a7ca21ba8bc72ddbf68f5aa0851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122865
x-xss-protection
0
server
cafe
etag
15533333945842667867
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 14 May 2023 20:33:28 GMT
truncated
/ Frame 4C75 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94d7360c6a15a8ed0ea1752cd018e63bc369f3b5fd8103a205c0c5ac30647196

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 77A7 		360 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122883
x-xss-protection
0
expires
Sun, 14 May 2023 20:33:28 GMT
NoktaPlayer.js
c1.imgiz.com/player_others/html5/ Frame 77A7 		399 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=5/14/2023
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19491
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e183dfed35d6921278c39359a5d34fbb9dfaaf4f990ec6d210a7217a95e897db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
gzip
last-modified
Mon, 06 Mar 2023 16:42:16 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sun, 21 May 2023 20:33:28 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304262219000/ Frame 9D04 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:27 GMT
age
523381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61839
x-xss-protection
0
server
sffe
etag
"ccf36922213b3ec5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:27 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 9D04 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:27 GMT
age
523381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"4fd619331b8f64df"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:27 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 9D04 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:27 GMT
age
523381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28884
x-xss-protection
0
server
sffe
etag
"6451d33588c99856"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:27 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 9D04 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:27 GMT
age
523381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1906
x-xss-protection
0
server
sffe
etag
"83933b769a9f5701"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:27 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 9D04 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:27 GMT
age
523381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12938
x-xss-protection
0
server
sffe
etag
"3f9bab308b30f46e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:27 GMT
css
fonts.googleapis.com/ Frame 9D04 		9 KB
1005 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 May 2023 20:29:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 May 2023 20:33:28 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9D04 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 19:04:08 GMT
x-content-type-options
nosniff
server
cafe
age
5360
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
expires
Mon, 15 May 2023 19:04:08 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9D04 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
25098
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 15 May 2023 13:35:10 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9D04 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CpretmEVhZL_ZCIPN1fAPg5-viA2PjrO0cMj6jvjTEZPZldSqCRABIMCygmtglaqfgrAHoAHV8_jSA8gBBuACAKgDAaoE_QFP0Gsxga9tnEkAXeOY8fQqLivJWsQ0YmXmCMN-SI2KTKsIH2Il0IDqhfPR6jhXr56pwnvkD744lpu-ToiM9lhPgvFlsANswQHLJ4TND0mq8lnDIoVehiZbDAPtIh2jjDJdf32z7-yKp8p_twjhYLOm0IZGAC-XN5qaJcfzwVBvnj_H2LiVanLk7K5ci7zB_LoADM7tdYKbETCLwIB_j0ZvYuvzsyvWdUXO_xQqOrJxxjASWQ17FFngsxT4zwijaQQd72yPS7dGVKi8RbiZE1IIoH3TJfre2Rl1Mb3dhQK_luvcOXeLF4KQKMDmR52K_rr09q1MhRUZ_fxz1xszwAT0jcegigPgBAGSBQQIBBgBkgUECAUYBIAHk4yHLagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKuYAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgPICwHYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItNjU5MzUyMzIxMDAxMDE1NBjqwW0&sigh=kmU4msldkrs&uach_m=[UACH]&cid=CAQSLQBygQiDkpMWu6hX4cESjplEXL8GJhJtqkBApbTeC2N9hJDjx_IY5Bw90OFhGhgB&template_id=5007
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/10771188211099450222/ Frame 9D04 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10771188211099450222/14763004658117789537?w=600&h=314
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7abfcc86cf7fc1bc790ab61158a85ea1029df0eebec1a25740b9d3720c74383a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 13:08:24 GMT
x-content-type-options
nosniff
age
113104
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11171
x-xss-protection
0
last-modified
Tue, 09 May 2023 12:37:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 12 May 2024 13:08:24 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/5067619858329575060/ Frame 9D04 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5067619858329575060/14763004658117789537?w=100&h=100
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ce5a7846f3f99a18812ecdfb121843b024a304d20bf0d4f0c4d45175ea59927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 22:04:36 GMT
x-content-type-options
nosniff
age
80932
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4832
x-xss-protection
0
last-modified
Sun, 26 Jun 2022 23:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 12 May 2024 22:04:36 GMT
truncated
/ Frame 9D04 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ccdf735ca4d37fd882673c2e29b8b9b6ec62153e458a1867a09b55ff21ba279e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ Frame 77A7 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 77A7 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 77A7 		112 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=327531309901683&correlator=2086161282967585&eid=31072019%2C31074172%2C31074542&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=6&adks=3299242717&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684096407461%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet648faf63-4d0c-491e-9ece-7b21e8085b15%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet648faf634d0c491e9ece7b21e8085b15&sc=1&cdm=ye-mek.net&abxe=1&dt=1684096408541&lmt=1684096408&dlt=1684096407010&idt=653&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=c3w9bi1bcrz2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCvgVs5efRSW5vPcyeDCqQt3hFMxSl7B3YfG4lEfuWAobIc0zxXgW7lyJwmPUJAs0duFbIZvar-MKhPK30ELX5Q&ga_vid=234754744.1684096408&ga_sid=1684096408&ga_hid=367780358&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9bc1359c4828218630d8ca36db3099a5bd105ab7cae29fe2d3cba3943148348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37076
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 77A7 		124 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=327531309901683&correlator=2722196344927451&eid=31072019%2C31074172%2C31074542&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=7&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684096407461%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet648faf63-4d0c-491e-9ece-7b21e8085b15%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet648faf634d0c491e9ece7b21e8085b15&sc=1&cdm=ye-mek.net&abxe=1&dt=1684096408543&lmt=1684096408&dlt=1684096407010&idt=653&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=nr1f42kac3bk&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvgVs5efRSW5vPcyeDCqQt3hFMxSl7B3YfG4lEfuWAobIc0zxXgW7lyJwmPUJAs0duFbIZvar-MKhPK30ELX5Q&ga_vid=234754744.1684096408&ga_sid=1684096408&ga_hid=367780358&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59ab0f9b40cb11183f2f39b9fe250d888c1ac151f48ce87a1b125dca2030bd39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47146
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 77A7 		112 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=327531309901683&correlator=1010659402416075&eid=31072019%2C31074172%2C31074542&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=8&adks=3203893797&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684096407461%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet648faf63-4d0c-491e-9ece-7b21e8085b15%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet648faf634d0c491e9ece7b21e8085b15&sc=1&cdm=ye-mek.net&abxe=1&dt=1684096408545&lmt=1684096408&dlt=1684096407010&idt=653&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=gg5apks5dqks&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCvgVs5efRSW5vPcyeDCqQt3hFMxSl7B3YfG4lEfuWAobIc0zxXgW7lyJwmPUJAs0duFbIZvar-MKhPK30ELX5Q&ga_vid=234754744.1684096408&ga_sid=1684096408&ga_hid=367780358&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82f237a9b176d7c3ea33bb209c0f9aa39da6f1ddea311ea2a0b3f78b8a66ae9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37170
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 77A7 		32 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=327531309901683&correlator=1555859947116546&eid=31072019%2C31074172%2C31074542&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_pageskin&enc_prev_ius=%2F0%2F1&prev_iu_szs=1920x1051%7C100x100%7C100x400&ifi=9&adks=3698513385&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684096407461%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet648faf63-4d0c-491e-9ece-7b21e8085b15%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet648faf634d0c491e9ece7b21e8085b15&sc=1&cdm=ye-mek.net&abxe=1&dt=1684096408549&lmt=1684096408&dlt=1684096407010&idt=653&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=qjecl0wdz3i1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=900&ohw=0&psts=ABHeCvgVs5efRSW5vPcyeDCqQt3hFMxSl7B3YfG4lEfuWAobIc0zxXgW7lyJwmPUJAs0duFbIZvar-MKhPK30ELX5Q&ga_vid=234754744.1684096408&ga_sid=1684096408&ga_hid=367780358&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c630fe75a591436c871acce5bf4b651a98f007abe8d76d17fd731667b979cc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15882
x-xss-protection
0
google-lineitem-id
6271164171
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138430115743
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 77A7 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=327531309901683&correlator=3356006310017902&eid=31072019%2C31074172%2C31074542&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=10&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684096407461%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet648faf63-4d0c-491e-9ece-7b21e8085b15%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet648faf634d0c491e9ece7b21e8085b15&sc=1&cdm=ye-mek.net&abxe=1&dt=1684096408551&lmt=1684096408&dlt=1684096407010&idt=653&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=jsrmjz4rsy3x&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvgVs5efRSW5vPcyeDCqQt3hFMxSl7B3YfG4lEfuWAobIc0zxXgW7lyJwmPUJAs0duFbIZvar-MKhPK30ELX5Q&ga_vid=234754744.1684096408&ga_sid=1684096408&ga_hid=367780358&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29c7a7b63734ab3eda1d1a799c2fd0e29285bcde06749a884bc51b90632bd558
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12722
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 77A7 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=327531309901683&correlator=2039061806816194&eid=31072019%2C31074172%2C31074542&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=11&adks=2157304621&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D4.69%26hb_adid%3D5604c051e5c0432%26hb_bidder%3Dadformpbs%26hb_format_adformpbs%3Dbanner%26hb_size_adformpbs%3D728x90%26hb_pb_adformpbs%3D4.69%26hb_adid_adformpbs%3D5604c051e5c0432%26hb_bidder_adformpbs%3Dadformpbs%26hg_pb%3D4.69&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684096407461%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet648faf63-4d0c-491e-9ece-7b21e8085b15%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet648faf634d0c491e9ece7b21e8085b15&sc=1&cdm=ye-mek.net&abxe=1&dt=1684096408555&lmt=1684096408&dlt=1684096407010&idt=653&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=psuyw24rqn9x&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvgVs5efRSW5vPcyeDCqQt3hFMxSl7B3YfG4lEfuWAobIc0zxXgW7lyJwmPUJAs0duFbIZvar-MKhPK30ELX5Q&ga_vid=234754744.1684096408&ga_sid=1684096408&ga_hid=367780358&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42ec3e18bd83afce471d4ea71fe25a14b155410cc1b40e58d960f833068ee276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10807
x-xss-protection
0
google-lineitem-id
5617227515
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339352911
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 9D04 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 22:26:30 GMT
x-content-type-options
nosniff
age
79618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29728
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 16:59:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 22:26:30 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9D04
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Sun, 14 May 2023 20:33:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 4C75 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com&bust=31074561
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4C75 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com&bust=31074561
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9751 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407281013&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096408381&bpp=7&bdt=151&idt=229&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&nras=1&correlator=1829164497988&frm=8&ife=1&pv=2&ga_vid=1592265203.1684096409&ga_sid=1684096409&ga_hid=1427992624&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1418013507&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759875%2C44759926%2C44759842%2C31074561%2C44788441%2C44790154&oid=2&pvsid=2523340466925134&tmod=1140472287&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.uurvf18accii&fsb=1&dtd=245
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com&bust=31074561
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:33:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6C2D 		28 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096408388&bpp=1&bdt=157&idt=253&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1829164497988&frm=8&ife=1&pv=1&ga_vid=1592265203.1684096409&ga_sid=1684096409&ga_hid=1427992624&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1418013507&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759875%2C44759926%2C44759842%2C31074561%2C44788441%2C44790154&oid=2&pvsid=2523340466925134&tmod=1140472287&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.9u0ny9jk0w4x&fsb=1&dtd=259
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com&bust=31074561
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b89bd41a12f3500b5ff2b262fb271cb8be9e45249ee8089af8c8c01829974d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
13188
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:33:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
container.html
b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 28E6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:33:27 GMT
expires
Mon, 13 May 2024 20:33:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
6363a944e4b0125bde9e6739
ng.virgul.com/tck/imp/ Frame 77A7 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/imp/6363a944e4b0125bde9e6739?g=1&t=cpc_annotation&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1684096407461&userId=vnet648faf63-4d0c-491e-9ece-7b21e8085b15
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Sun, 14 May 2023 20:33:28 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
14763004658117789537
tpc.googlesyndication.com/simgad/688253542226465451/ Frame 28E6 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/688253542226465451/14763004658117789537
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e6c442a8e94cc69337e6268514e521cc2d612fd4344d7773cf0186cf9c581a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:05:55 GMT
x-content-type-options
nosniff
age
181653
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57713
x-xss-protection
0
last-modified
Fri, 28 Apr 2023 14:09:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 11 May 2024 18:05:55 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 28E6 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 12:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
29161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 May 2023 12:27:27 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 28E6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_knFmEVhZK76G-nJ1fAPluOguAT4ntbJcLPqv5KpEbv57JCCAhABIMCygmtglaqfgrAHoAHHhaDEA8gBBqkCuEm_tTNnsj7gAgCoAwHIA8sEqgSCAk_Qv_QL1fuScWwupHIGGUriwRWJBGIo2IHYgplz3GarnpxJD-ak-cbDxT3R6jOITyHNwlNHJ-Nyfuhx_H8zN_xrIoCDpk1kiaqj_IBYoKO3q3zaqmFH4VF1IpsLxZjxj-ZgB2evW2g_h68VQHCVvbB274P1hMtZV0TtTvDGxVKeAbexL_BdiiNLe85uL3KOYmP7vlW50cFEWDuCRkA5N9LhCaujQFy143OLzoaqE9LoOP9vqo8RJ_KsQRWBtd5SmZfCRfpkrl2BS2itxxmE3qoFqKInLc5771Lp_MOZIEfdqeE46wgfDGlHFY3DQO4FgTAD9n61joBjWYLSvnkJsUOOKsAEtpfW76EE4AQBkgUECAQYAZIFBAgFGASgBjeAB6H63zuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCFiQHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsB2BMCiBQE0BUBmBYBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt&sigh=TaK-3jwwrcs&uach_m=[UACH]&cid=CAQSLQBygQiD6N9EdQc5vYERJitNZ3tHVEwbRoH3uHd3_qO5ZR8b56cmyaLaEabaMxgB&template_id=492
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 28E6 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 12:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
29161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8754
x-xss-protection
0
server
cafe
etag
1905752258753453817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 May 2023 12:27:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 28E6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:15:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
26296
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 May 2023 13:15:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 28E6 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 12:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
29550
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 May 2023 12:20:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 28E6 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 May 2023 20:33:28 GMT
a0d8c68f3de0718362c8759993c4ce7f.js
www.gstatic.com/mysidia/ Frame 28E6 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 20:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13639
x-xss-protection
0
last-modified
Fri, 12 May 2023 20:16:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 20:47:03 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/688253542226465451/ Frame 28E6 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/688253542226465451/14763004658117789537?w=400&h=209
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f4377ac210e15bdd8496aac6eda671c2a38edf5cf8aa57bed62e61c687b76a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 08:21:51 GMT
x-content-type-options
nosniff
age
130297
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13311
x-xss-protection
0
last-modified
Fri, 28 Apr 2023 14:09:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 12 May 2024 08:21:51 GMT
truncated
/ Frame 28E6 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 28E6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab6d5242cf7e7b6622ce54b57e2900dd862c2c364e03bcf1c0c9a9ad222fc1cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
pagead2.googlesyndication.com/bg/ Frame 6552 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 12:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
29550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14771
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 May 2024 12:20:58 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7103 		42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DT3odqsN6HaLu4Ww1gfvWEBBx_uHmN7FvpobU7yK1RATzJ9udW9Z9GMon1bQbW9KFUhPQZA2pZN1anL20ThQaT5PbAIzRQyklgVbigOmizcnwIzF43BbV6JzkYOqMQ55Wh0nYL-l56QBHiuJImff96troW3UQSMSou6e2iacuYrb8goOk&cry=1&dbm_d=AKAmf-CUWmHsCUMX1rliHFhGAV2n6jNePDLEOt2zyYu6eX9o6-qRH_GZkbe8bN3skapi99pUe2jhxsuZIjl_zKTS2hcYvmSUumlAao3qRJokB-L50_zXtrLx9UHQV88ELv7y0t-uklSnXusqbr5YcujyqNOSJoffOnpZyD3v5Ku5EQO9_nCzx-pLjb7jQpdav3Ar04K5kD8a3JJghdHoZDaMwKPv3tahZM0BAnKvJ3qR2MEzf1Ms1blMg8YPhiPRb5oAC06A0XR4oTaASsJeSkALnwcui5U33p6eyYnscNjLIdFJPpKjQSYpt8EXLQeRHLAiENSo9ZdjLTIsVRU8umDYc8ZL8Vj5pTKeX6USRdKW6SJFYm-mYlv7SFOuYzz0HGnOu8TGAIYq_HpUQ0-498inb13Tl46SMhsTNP2Y5KqM61u53fHEx6WselcMMtMY8c_yaKRFm5ltKk65DEmCQ1nlr4W8fGl-IIw8xhCDfqSRFN51OKdeWzoxOlMLNZ1tm01_mHgD1xToOatzRfKKjb7bA5lYoIWjHj1xbW0-ZFkAT9I08-DcBCb545813zRTezCfYtNLgSOE-jTBY31tBG-8KWfq39aNMiUrSPIauV3GnazNv_ZXO3nUZicYllGmw82DLV1EAn1lGeLq2h2HNAYXppgU1YYeh0k9DD1gS-GDGzxoC2ROZfb8R3p2lCkMaMaeG6q7Ethwe8uD4bWbJQzuLSQ0UcZnWA4esSNq8j0EHyIbHACTByWCLTyfqwEDuhEW4dhFaGbhsiOfWemhda3cgJneC9hB_yeYreWfstuGW1WMVV9WaTYFJhncFC1ac87Vljvc_zrMtEjB6UW-THpnS8BIMsJUhMUFuTj9pFhRhEq4w-356LAsCMVFmTHvyprsDDI37UdwlqyBnRQr79_l_tmgJld0TyebUbo1w868XfjULuVY3UBTlBeSNJqq0AlzsqyHgWIDjmlfPkU3JjTydJbT1rAWH2jjcmzqYTIFfjvWU-gwmzOFTUzAuTi8zu4DGLe8d5X5thBw747uIkn7K7clh0Z5mJqNOP1SDnjiPUMj3FmYvm7FmmAE97jKCt8vgmxXCArUjD_M2vDRIrAhdfphh61nA7quIqwK8Vz6z3Kj8fxxRgfCgbpa_ktZCV-EQIsJQvX1bO9PeMPzGb1kZdxD-aDS1v17BVwsKBYJNBl-H_RoeMQI73VHoYvSNJHBNT61hb-XEGLk_mDXJJooAWVdEsM7DIiLbgCMQmDx9oJgYdL0-32LY14i4p8-EaoYut9QRvDBLbWoG_E7rhM3-5Ocmr2MFCEo2gyyEJUpN0U631vUPSpFm6mSeJ4EXasUCtXPyVH2mfMSRiI0E9PYfBnyJHD1J9ejNN1GuQUdnikYTJYADzkVMKOVBddeiZ895r8RjpYlUpsFyD_vnFZyir47LQT7hZulFti1qsnFac1r0rujuOwj_beQKETwYExU6pdgTCu1ZrbxDQc1TdN3d9hNtzZGANw4PE_gLlF5q_DsEN4czrUoHv2eDhl6KWlt6kdGfCLgvC3EE_8DI3i2FV9Mnu9d7PguKCz_WjyXWKVk-SqtbBchYGRMDHjjfcxbXosT-CsB5IlZ0I-bdSQe4NZS_yzmV-TUg_9xNJjhhwDmAWjNgDDgEtq4aYyfKQBh2dNYtX0J8gDtDSMboY9swmGj_JdvO3LZmVqXiOIdKG_xYujzuQW3coFSDnSJ6qWD2fWMAl6M_2GHTgpm_aUg-2BS8hMZNQijjaRCN45N723cEgsVoRmrtoMhYDcDq9FrC2c3MhPMcSiFv9wffuT5j75EWcasnS9gzdodfr9thDvGHSWUs1h7qafNfFv8DdMGp2_AfqkJh63Jwz9LXMij3Sg3oumD8S6sxA5oWtWCQS8WNqDB8JqtsuyQUXSfDSeuoOQBXodyMkJ-cuuAbhUA_g30q_w8alQdLQoEBRsR1I8geERspX1wsXSX1VpG6ox09m8u8AqRF9VckQ3-8Z2xtYWPtRwJZJNyymoQcCk7ogIZMQmzFHIbyeTLiOM6SauZcWaeptQ1qy5abSRaYjV3EvLOw08WR2jUtOuAqhqkjvG2rvSXyzx_VQ1iUdBfoUnj-wCqEgncOWdtOMCJL7ZuehlT9iHBfDc43t4x0ohaYX-bt-YkPVSBuf3b6zlvXRcp0FAOnEZxHc222BB4AxJfU3oJPxdK8UOUvD7r2DJ5EONylR8mrKzIK7BzRPcXGlc9Y93a_BJ4jtFkI8STdIQ2CWAveAvz2B-7pJvviEV5rs9P4rC3ab4jJxbCLX6R1M5cgOmOgGkPxi0d0nIdP3Il_WKx4d29zzjsgnf2GUc6CYpjlHt1l2kb1siiDng800_JJ4XIU-0JkSSieRXopbHB58t7DIfQ9LuUMRMkjpGaW9trrA_ldUzrRu_RwM0A6kTy6M6kVAbt_iTejQKXirRB5PW9HJ54D0KGlZDcIAmefTa5R3V7FMeYgNwJNoaeiNQ3WwMU4u_fwDAiSsoazdlCOm9MqWWQshOCFDnfCS1RBWoTjebxTJ1j1zq7aUJQMtfN7EmFL-9BHRI-DgmLPAANOgooh1xaSXTqXDAEAh5gJZfT7ihLBV8pyFxN_8otaEvOpxyaJ-ODeUufQIJpy50kc4lz1tZNvZCQrXvTjoA0l0_mpQB50QbT8hHhMRXCVEMx3-C6qrJViFnEp8DKOXxW_BlLDLqfpk-_KhoFU73Rpec5EAUs3exkevgCc0X-dbYB2CLVzV_PhJp3vNrFXoD5kwFJBQvfW6F9VazClLieqlgoeeJH2WpgnpYcPXK_mChAz0qHfH8QTioMntGOGIqzH8i78FZ223H_pFfBDnNoHGULSS3HdFufn4sbjaphHI-myR6CYOrALPAA0pnpgQOfLTY3JSl-MUZBt6rqcREdf0kOIrhqeYn3jSiwq1rwILFRcv1MAa5wZuT6pJhk4rYX7fa0FPRJhDlep8pEm-dspgN8mBrN5RysaSaeBlXFwNPMGgpjzBSAkIioewX7hZ7xdXK0lOe0Hl_gX1dAo5ya9NnYFY1TBz2Jix6XPkBfEf2HthFVcLE8q5diXTVt1WZJEPT2yTIxZPC5loT556OXwEA_SO8XgUAzsGoIkdfhp8JDcUeQQYEqUE842BRAcY-PcCatcBIOr82ezxXux2hW7Bi4d7ZKUrGjsmHGlf_OkbgB1UWrA_2oZj4Tl7EpkZlLcoWm8dTXedjIZ0M9ySKpkvgK7jdppMYCnbLnqXQSpCsW0hzqP65yJ5CfzeBqB3WYCAUpnXTmFnsIMYb1v-Lr5j4N9hP94GGPezjL7Z3nSrQPPeSnlJ6bmkrXzjr-Akz2D97OAUR5xJHX4h_2IRF3bREjO826mg5ZuzlFm02pkNXugY-t9AoInIW7GRmQpohNTSS7lW3I0ioX9Of0hesrXadFTW7P0hM0QcgTexJgtitWEC7n-nnfZ8zIAz0PIyoMYBafxm5wYV3ke5MxiJtpCWvtCUA3DQAeJ4ap8VCQcmLoM_dZqFDEPA9yhOebWF8QA0jVNGMlbkTk4gl24mhNjvaKkhWvHFKGxjhu6e4znoWDdq2IiNTcFJSN5M0HbtxQVwpbV3mTTVqoqOirdiPFtXArF5MVKal0FRlBIeuQckk7lXTyLqUzzUYqH7fff4OHN-5S0PflBPUsevbLXnMpLQ7z27TxMqgfM35ME_PwTUxsIwI5YABFQIN0bTsSe85OrhThO7JlDgh6Jeq30dPec56C4wwGjXNCq11U3m1AAD63oSRrDdfQ-lkqZw9WlZDQskt6Fjcuy2xdUv5TVJKoNFGt-1xs2q8GD4H3aTYoeM_jV5HLVFOnzL849ai5PrTshaAY9O0Rzgm7l5k5dt2upk5CwY5lt6RKlNyo0Yve9Xmo4e9yUbvoW-RZL788tfaA2R7_0FI91-ofxS2c9kaET2iq3ha0w0Hqe79pA5SzAxKZwnJRsLJ9BNnZn20u3oJYRCbl6qJWEsHD80CV0JJbTI8CItoeFR8Po3lq6heBEIPNxcOagWcBmUjTcB6eWxPKu2FvEiT7OncAQCrgoT3xvvSl55z1zYJ_6n51m_9HycjbCu-Uh7cetEaRgcgpcsrpBcYC3WbaCkoVI7NK1UBJ6cTJU7QBehZ-0kV8hICpH90nHTWo95SaWL5CrNDIIIBby9kVj4OBj7_XNQlB7jbiVK7KATrYZ-l4U52h0iacs4ld-lDeCoaCkfJSSqz91Kto53sX9jIRKfnj3OSr8OTPJpuUwElf3IjcBbCNFQHMypCuHW9PvM_PiPYZbjVccQchyGkDRBmG79w1MEDB-xMMHIurj85VDicl3RKdBnc8Z4ppmoqCC9Dj&cid=CAQSOwBygQiD8WAySS8Mtn7z4v6gKyKI8OuGvlaqSwuxuFZXYNHDhcXa-wmeE9VSBHH0Ax0Mx1wspZOwAm7eGAE
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7103 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 May 2023 20:33:28 GMT
adview
ng2.virgul.com/ Frame 868D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ng2.virgul.com/adview?a=60b91f99e4b0b65b3ce7bc5b&t=pageskin:153493&r=153493@site_geneli@yemek_net:site_geneli&l=&mt=1684096407461&userId=vnet648faf63-4d0c-491e-9ece-7b21e8085b15&vmn=60b91f99e4b0b65b3ce7bc5b___1534931470113556
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19491
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
aafaf62e42f8db8399aad239211240643821678ebb874b93cb3aa5622ff8e263

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://ye-mek.net
content-length
1129
content-type
text/html
date
Sun, 14 May 2023 20:33:28 GMT
expires
Tue, 04 Jan 2022 10:49:40 GMT
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
server
openresty/1.15.8.3
mobile_sound_on.gif
static.virgul.com/theme/mockups/icons/ Frame 77A7 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.virgul.com/theme/mockups/icons/mobile_sound_on.gif
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
d3b45b06882fe1aa9b47a8d88df978f19ce55a249840cc1b44eed3974a0fcd6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 14 May 2023 20:33:28 GMT
last-modified
Fri, 29 Jan 2021 08:57:46 GMT
server
openresty/1.15.8.3
accept-ranges
bytes
content-length
19674
content-type
image/gif
mobile_sound_off.png
static.virgul.com/theme/mockups/icons/ Frame 77A7 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.virgul.com/theme/mockups/icons/mobile_sound_off.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
5aa2370fd272d30acd5cb39f9b191a243d55a2adab6f0d7ff1950c39f028d331

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 14 May 2023 20:33:28 GMT
last-modified
Fri, 29 Jan 2021 08:57:44 GMT
server
openresty/1.15.8.3
accept-ranges
bytes
content-length
17986
content-type
image/png
Philips_utu_DB.mp4
rek-n18.nktcdn.com/data/ads/mockups/philips/ Frame 77A7
Redirect Chain
  • https://rek.izlesene.com/mockups/philips/Philips_utu_DB.mp4
  • https://rek-n18.nktcdn.com/data/ads/mockups/philips/Philips_utu_DB.mp4
80 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://rek-n18.nktcdn.com/data/ads/mockups/philips/Philips_utu_DB.mp4
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Server
185.7.176.218 -, , ASN (),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:30 GMT
last-modified
Wed, 19 Apr 2023 06:23:17 GMT
server
openresty/1.15.8.3
x-amz-request-id
tx00000000000000bcab3a5-006453c679-9e2f20a7-default
content-type
video/mp4
Content-Range
bytes 0-2913708/2913709
cache-control
max-age=5184000
Content-Length
2913709

Redirect headers

location
https://rek-n18.nktcdn.com/data/ads/mockups/philips/Philips_utu_DB.mp4
date
Sun, 14 May 2023 20:33:29 GMT
cache-control
max-age=0
content-type
text/html
server
openresty/1.15.8.3
content-length
151
expires
Sun, 14 May 2023 20:33:29 GMT
container.html
b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E869 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:33:27 GMT
expires
Mon, 13 May 2024 20:33:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F083 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTwe1F51gymbngyY-y8ugDzA78Bz9FWk0bmw4eACyc-xsJKGhqg5EFukiwjYC88qqPvbJkys-MeZFku00pA6V7o5KAw7e-OC9bOUf_JJQ0AzzyJrvnflUJH5OGeSgbhEpLVVfeslXfuKwRgNbg4qL4KshoJiwprNEp5sheXRb88dP_j1ksKEC_NfkAuPtR0A38G6OtIpcyFo5S5CqbjhkGFOkZoI-wDJa-D6-dGOAPLMgx_AB2k2rpEfnJtARKxj1sjv8NrVJ5_bNFWIn0-eo-hxoPZfdOgQtQAPBjMNqcAjmzBnfCgEF0QerNloex2te0M44xI6UypC0O_cyh_8zDdDvT_a7QAbzp9dt3XyhV3Y7aw-WP&sai=AMfl-YS_rk2WPYpw9TtjPiqxF8561KLybXT7loOsHyVLvSjo8zAxNcVOF8OUC-D8WJK7UzuRaS-r12nN3WFjah8l-9E2gzj4LIP0pLEARgRu7qHjJSDKccDw7Njtn2lzrQ&sig=Cg0ArKJSzAWsztXjbB7hEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame F083 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 14 May 2023 20:33:29 GMT
x-content-type-options
nosniff
content-encoding
br
age
27113
x-jsd-version
1.15.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9276
x-served-by
cache-fra-eddf8230064-FRA, cache-gig2250036-GIG
x-jsd-version-type
version
etag
W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F083 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 May 2023 20:33:28 GMT
truncated
/ Frame 7103 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ff45107c54f445d20e9fc4c01280ec8571a84c5290df29cb769b2c8cec40e7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 7103 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXdUqiHF3RSkTFkGrLQghrAeWWxoPPC-tqWV0Ktn3k1JOPgZDVxKYSAGQc3oH7PSxPd6NcrSmy9X00YVi5_dIElmkL1uDhQiVFUne8BqkgjLgI0K4QndyCeifGwIOrAl6-fph-5GicMbbK6gkwPMCgT3Z3ggoaeFcsdiUGs1a8eO5UmEWwuKqCqQOZ5OhGz6cznC7xHioyYLqF7CgGY-tNIDTrv3Duc3odPZAo4Dmm1p5a-BYhlvQ8Q2LkjU1rTVhrn85zc-MtVYPWRTQikoyAeiDUMO2wZKGxujQGz4vOXKG3brChwUtCyDj-U6PEJ7sdj7A9yeLlUfPZQHQwckbPeRqOgAQ&sai=AMfl-YR4y2s5VDJRe5ojRYu9-YSpVv3SPPSjfdCCkGorhoh783UBnq2oyppOSVuNABLY4CcVAm64JZ3SdiQe09ozG5Rcw2gCHLjLCU6vgy0zaQIuj4ERmhdsO4d8tAZC7Q&sig=Cg0ArKJSzM7il6W5q9REEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 14 May 2023 20:33:29 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E869 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzgramEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEmwJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjnm55yjgsbho6C99Gm5J2FYEH5oXoaov7v_ovUoSVMFyEanreb5U4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=vOm7uWq3LQ4&uach_m=[UACH]&cid=CAQSOwBygQiD5TsOgjGC8CrAq_Lfu_ubBtXyobh2tC6gFTk_-i5kjxMBzZnuNGAdhCOcEIISPPOMqW-39O1PGAE
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame E869 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j8eg9jwcn3t4e24drvr2zzvdrnvyjnwkzzajn63gjg528x00jskxdrvafmf720qv792pc5j8vvtxexj9xqpm7rvw4hx1c5js3n5ced2p0mnm89gz62h0a4rx9atgpybaevbffawcrg8e3a24ec35xm5ywmgherg02bm5cn441rnpep07j0h1wj7cybe044t0t7psbneyjpfwm3s1nsf6km492wekgxvnheq8aszapyh8pmqy44ppc64t022yc2622cwjhbreewqh5np5ys1rtxr9dhkwe507w30m1h1wgkjrvq8b88twvsxy2dp4t701s53hxa8gd2w0z36jspe7yc3y0zztzpp6eddb0zr4cycfaw352a3hzz3stf9rfmagw4hf3113g65m8na&b=ZGFFmAAJpt8IFWAmAA-xxgwLO0DjZ441sb3ueQ
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 14 May 2023 20:33:29 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 1268 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jmwgdtkd59sjgf2d9dxp2759m4p0t1syggjy9v4vzttnxwtt363fez071n7wtg15mq139yemha4j8zfev7801846sfzawx86k42rnbhse4ke3kr6j81b0y3mfdkarb6ce3v220hrm7a3eq3n8ryzj3x4dt2xj5pv8m7wx3q5hsy4240hpzc49w3ct1zc550farp8bdt3fh55g0bzjfz6yqw4kee1arwf21g0fjqy7g5110km1k0xnn3vk5hrp0940vn39j7ymt2tw881wxtxc299hrhbt3wj7y44rnh4xzr12xtzhvc6w34caza97j9vrav6pd9fqwets58psxwba53tz8cebnpbx2y2wnq0b2eg6tjrvn7tjyjdt27n8jnmq022p8n5seznxy7kb9g27qhcfmsgbzqrc0j8bx41t9pjk59q4dsa26es7t10cmt2hfpjav42w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%26client%3Dca-pub-7983651257838282%26adurl%3D
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fb0caa5ef63bcc397eda85e18e18e469502af725655d5c214edf7531ada5358
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c75ea9c9dd99a3c-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:33:29 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame E869 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:15:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
26297
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 May 2023 13:15:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A3C8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
60127
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 03:51:22 GMT
etag
48472445140208031
expires
Mon, 15 May 2023 03:51:22 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame E869 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 12:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
29551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 May 2023 12:20:58 GMT
l
www.google.com/ads/measurement/ Frame E869 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNBadGBJkyAz4BQs_q6gm0KvfaKhW94Rmc1A0B1Srn3S1a0aLMOEpeCP8H5y_j4uixPwvd19CszPJjxntypHp9U6vFkA
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E869 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 14:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
193274
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 11 May 2024 14:52:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E869 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 May 2023 20:33:29 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 6C2D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096408388&bpp=1&bdt=157&idt=253&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1829164497988&frm=8&ife=1&pv=1&ga_vid=1592265203.1684096409&ga_sid=1684096409&ga_hid=1427992624&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1418013507&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759875%2C44759926%2C44759842%2C31074561%2C44788441%2C44790154&oid=2&pvsid=2523340466925134&tmod=1140472287&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.9u0ny9jk0w4x&fsb=1&dtd=259
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:15:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
26297
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 May 2023 13:15:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 6C2D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096408388&bpp=1&bdt=157&idt=253&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1829164497988&frm=8&ife=1&pv=1&ga_vid=1592265203.1684096409&ga_sid=1684096409&ga_hid=1427992624&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1418013507&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759875%2C44759926%2C44759842%2C31074561%2C44788441%2C44790154&oid=2&pvsid=2523340466925134&tmod=1140472287&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.9u0ny9jk0w4x&fsb=1&dtd=259
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 12:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
29551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 May 2023 12:20:58 GMT
l
www.google.com/ads/measurement/ Frame 6C2D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTnMJlEynZfAischHpsZxdwbes2Ic9tha-xyY_n9h_l6zEp9uPfiiNMtkF__KXOPM0A9OE_OynEtDnf-PiYtv_kd6TUuw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096408388&bpp=1&bdt=157&idt=253&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1829164497988&frm=8&ife=1&pv=1&ga_vid=1592265203.1684096409&ga_sid=1684096409&ga_hid=1427992624&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1418013507&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759875%2C44759926%2C44759842%2C31074561%2C44788441%2C44790154&oid=2&pvsid=2523340466925134&tmod=1140472287&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.9u0ny9jk0w4x&fsb=1&dtd=259
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C2D 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096408388&bpp=1&bdt=157&idt=253&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1829164497988&frm=8&ife=1&pv=1&ga_vid=1592265203.1684096409&ga_sid=1684096409&ga_hid=1427992624&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1418013507&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759875%2C44759926%2C44759842%2C31074561%2C44788441%2C44790154&oid=2&pvsid=2523340466925134&tmod=1140472287&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.9u0ny9jk0w4x&fsb=1&dtd=259
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 May 2023 20:33:29 GMT
dpixel
cms.quantserve.com/ Frame A3C8 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGAA6P2gmOrmfIMlNNDAfaI&google_cver=1&google_push=ATf1kGOkrOTOetx0DY-1g4q8XJXp-9H29lWBYOfreoT4YVc9f_KWx4fXgfTfGyV-HzmuleC1at7q9VGAQkHz-KfyYIg0C8pN4A
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A3C8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHNdQ8-rSCqbu-dHXpC1NZQ&google_cver=1&google_push=ATf1kGObWDAQXHdjpKyF_VR8jPm2dln1xkdE7aPDU-7qKz7j6bnMQeLuN3Mk9ZUtGVj-4A7hIZ_5R7OIzp7iYp0L...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGObWDAQXHdjpKyF_VR8jPm2dln1xkdE7aPDU-7qKz7j6bnMQeLuN3Mk9ZUtGVj-4A7hIZ_5R7OIzp7iYp0L1Vgb3dkeIw
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGObWDAQXHdjpKyF_VR8jPm2dln1xkdE7aPDU-7qKz7j6bnMQeLuN3Mk9ZUtGVj-4A7hIZ_5R7OIzp7iYp0L1Vgb3dkeIw
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 14 May 2023 20:33:29 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x8 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGObWDAQXHdjpKyF_VR8jPm2dln1xkdE7aPDU-7qKz7j6bnMQeLuN3Mk9ZUtGVj-4A7hIZ_5R7OIzp7iYp0L1Vgb3dkeIw
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 14 May 2023 20:33:28 GMT
i.match
s.tribalfusion.com/z/ Frame A3C8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJgFpP_eIoUR1F8YDH0OYhs&google_cver=1&google_push=ATf1kGMviq8VqMhNPMUhDWSeSNaT1zx5-ndvvpWJUwZPYmVPfyc7XwBUUumww_d8oIfaCs4OOqkysmem2B2Fyus3aqa54jc4uQ&re...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJgFpP_eIoUR1F8YDH0OYhs&google_cver=1&google_push=ATf1kGMviq8VqMhNPMUhDWSeSNaT1zx5-ndvvpWJUwZPYmVPfyc7XwBUUumww_d8oIfaCs4OOqkysmem2B2Fyus3aqa54jc4uQ&...
43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJgFpP_eIoUR1F8YDH0OYhs&google_cver=1&google_push=ATf1kGMviq8VqMhNPMUhDWSeSNaT1zx5-ndvvpWJUwZPYmVPfyc7XwBUUumww_d8oIfaCs4OOqkysmem2B2Fyus3aqa54jc4uQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMviq8VqMhNPMUhDWSeSNaT1zx5-ndvvpWJUwZPYmVPfyc7XwBUUumww_d8oIfaCs4OOqkysmem2B2Fyus3aqa54jc4uQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c75ea9e3a9c9a23-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1204
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJgFpP_eIoUR1F8YDH0OYhs&google_cver=1&google_push=ATf1kGMviq8VqMhNPMUhDWSeSNaT1zx5-ndvvpWJUwZPYmVPfyc7XwBUUumww_d8oIfaCs4OOqkysmem2B2Fyus3aqa54jc4uQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMviq8VqMhNPMUhDWSeSNaT1zx5-ndvvpWJUwZPYmVPfyc7XwBUUumww_d8oIfaCs4OOqkysmem2B2Fyus3aqa54jc4uQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c75ea9cf8e29a23-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A3C8
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEPnSm6b41n1K2x_NmlmK2t4&google_cver=1&google_push=ATf1kGPa50y_RgtmfWs2BefNElLKdGqPCaW_T6PnOVqbGvdbWDXHCuKd5d1DycsovA1qGPBgTvdxrUTG5VzrJQ-tt3BGZNGk
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0A3FC6B1ADC14B71B75EEBD5EF6BE494&google_push=ATf1kGPa50y_RgtmfWs2BefNElLKdGqPCaW_T6PnOVqbGvdbWDXHCuKd5d1DycsovA1qGPBgTvdxrUTG5VzrJQ-...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0A3FC6B1ADC14B71B75EEBD5EF6BE494&google_push=ATf1kGPa50y_RgtmfWs2BefNElLKdGqPCaW_T6PnOVqbGvdbWDXHCuKd5d1DycsovA1qGPBgTvdxrUTG5VzrJQ-tt3BGZNGk
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 14 May 2023 20:33:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0A3FC6B1ADC14B71B75EEBD5EF6BE494&google_push=ATf1kGPa50y_RgtmfWs2BefNElLKdGqPCaW_T6PnOVqbGvdbWDXHCuKd5d1DycsovA1qGPBgTvdxrUTG5VzrJQ-tt3BGZNGk
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 13 May 2023 20:33:29 GMT
google
match.adsrvr.org/track/cmf/ Frame A3C8 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAz4YKzJkj3pXggxH6kjeQA&google_cver=1&google_push=ATf1kGMeTWcIwU8AqyrLsQUsNGsJXHTZsW2Eqa4NZt9hlkY-iqGrvCh9UQ08-3Y9MGORcjA9UE_ZWl5UHhci7TKO19c4Ce1hSA
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A3C8
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPlyZEJPKZ_Ldc-6lTkb2Mg&google_cver=1&google_push=ATf1kGN9ljLg1OCpUp_4GZbsgWVv1RH0Jx0WyBs0tQu85PSDmiOMYNMoJpnlh64RhxoC3o6cBl48Km7TXZv...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGN9ljLg1OCpUp_4GZbsgWVv1RH0Jx0WyBs0tQu85PSDmiOMYNMoJpnlh64RhxoC3o6cBl48Km7TXZvaXk86uzhZNHXj&google_hm=ay-lvzhrQ--eSyQTD6WKa8c
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGN9ljLg1OCpUp_4GZbsgWVv1RH0Jx0WyBs0tQu85PSDmiOMYNMoJpnlh64RhxoC3o6cBl48Km7TXZvaXk86uzhZNHXj&google_hm=ay-lvzhrQ--eSyQTD6WKa8c
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGN9ljLg1OCpUp_4GZbsgWVv1RH0Jx0WyBs0tQu85PSDmiOMYNMoJpnlh64RhxoC3o6cBl48Km7TXZvaXk86uzhZNHXj&google_hm=ay-lvzhrQ--eSyQTD6WKa8c
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame A3C8 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEPlm3ufrkABz6H4-UIU4DpA&google_cver=1&google_push=ATf1kGMmPJhZuK7ZR5df-L6UaO8YJePiLzAsyRSO6eaT3d0V8Th3H0ybBnp-XOmLuOHUjflUu0KjPCa7aWPh5O0tKXRC8DUD
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:28 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
319656
expires
Sun, 14 May 2023 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A3C8 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JUWEZFZlm2Y-cdX89IIBCD2YCVK3roQes1LVGJYGhGJ1zTQLYhuJuwF0wUd3o6al--qbdI
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
googleads.g.doubleclick.net/pagead/ Frame 6C2D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CHLKNmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTSAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzVRCgbouGfkoyylOTE_tcq1SPy97FBcE9Rap7hw-fph7aGQ7KXH5IAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjU5MzUyMzIxMDAxMDE1NBgA&sigh=ZLXXYT03j7Q&uach_m=[UACH]&cid=CAQSKQBygQiDhN6lBFqTCxPenFRj8oLzcZ7QXIt7QaPzWbwsjvBb4ua-0M04GAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096408388&bpp=1&bdt=157&idt=253&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1829164497988&frm=8&ife=1&pv=1&ga_vid=1592265203.1684096409&ga_sid=1684096409&ga_hid=1427992624&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1418013507&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759875%2C44759926%2C44759842%2C31074561%2C44788441%2C44790154&oid=2&pvsid=2523340466925134&tmod=1140472287&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.9u0ny9jk0w4x&fsb=1&dtd=259
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096408388&bpp=1&bdt=157&idt=253&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1829164497988&frm=8&ife=1&pv=1&ga_vid=1592265203.1684096409&ga_sid=1684096409&ga_hid=1427992624&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1418013507&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759875%2C44759926%2C44759842%2C31074561%2C44788441%2C44790154&oid=2&pvsid=2523340466925134&tmod=1140472287&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.9u0ny9jk0w4x&fsb=1&dtd=259
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 14 May 2023 20:33:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 6C2D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kscacapvh89qy0ce5nhga7pc8m03wnskph1y4k491jpj80wmyn4wg4qvxaznh0yww0brbgq510ryw20yrjvnayebkt3qgpkam0b9ddzwzq19yxntazy68w4aaxhtjf6vn8c54ddzj5gycr5ryx9ccwacaqe4zx7gdsb14gstwmsawn0q8ebqpzrafbzea3yph9bsgmm4t8ynankwp6h3b0rmw0nv8rapg17239xdhthsm0htdpth6ajzswtytjhvke3bkgeef2gm2rsy0b7pf14e96hn1c4ny0p18dvsmpkkcvpmy2sw8jqm8kr3ex72p9et94zphk9mr6kvn8dk3k0kbm3hhztmyqqdnfccsjx9dvwj635y4dwbk3hhy5bz4jmzw7094&b=ZGFFmAALITIFKNOlAA1TkHA15GZgmR1AiLgBDw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096408388&bpp=1&bdt=157&idt=253&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1829164497988&frm=8&ife=1&pv=1&ga_vid=1592265203.1684096409&ga_sid=1684096409&ga_hid=1427992624&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1418013507&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759875%2C44759926%2C44759842%2C31074561%2C44788441%2C44790154&oid=2&pvsid=2523340466925134&tmod=1140472287&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.9u0ny9jk0w4x&fsb=1&dtd=259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 14 May 2023 20:33:29 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 2800 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gh6k1j29a6g5kp3d76khcf3hqkcv9e2yyav7kq6g7bzhzt2sg9cya5cd4q39s9gh71q4dz0bc2hjqavm3kbgvq12fhqc365518f0a54ncb2fnjf6p27jz9k86mppqzdf79qmed63s9pva74b4cyb17gd8awz7b6cfd98abfb3e25bkyfmjts6cvdtwcrf43vf208z2svtfb1785x1vd3vm1bh6zxrcpttjn1q46eqd7jawtw7z6c4hhg6cs6q0wsacz5yt3bwabgj6smx9zqq8e1weaxmdspn4gte5aeqs1mhv9pvm7w0jjtxx9egvrvsm1956g05khtav10wzrktxf56wwc85tn1g2meewb6mhqpwn1v3a864pevrcg3yyxpy51kp36b6n4t2es9dpw03m3sra5b939790w5qyjn8cgn97mfvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%26client%3Dca-pub-6593523210010154%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096408388&bpp=1&bdt=157&idt=253&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1829164497988&frm=8&ife=1&pv=1&ga_vid=1592265203.1684096409&ga_sid=1684096409&ga_hid=1427992624&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1418013507&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759875%2C44759926%2C44759842%2C31074561%2C44788441%2C44790154&oid=2&pvsid=2523340466925134&tmod=1140472287&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.9u0ny9jk0w4x&fsb=1&dtd=259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1f678a526f494cab9a5e5eaf5036223a78a60016572280dce05b36cc2523329
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c75ea9cde1b9a3c-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:33:29 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C373 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096408388&bpp=1&bdt=157&idt=253&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1829164497988&frm=8&ife=1&pv=1&ga_vid=1592265203.1684096409&ga_sid=1684096409&ga_hid=1427992624&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1418013507&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759875%2C44759926%2C44759842%2C31074561%2C44788441%2C44790154&oid=2&pvsid=2523340466925134&tmod=1140472287&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.9u0ny9jk0w4x&fsb=1&dtd=259
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
60127
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 03:51:22 GMT
etag
48472445140208031
expires
Mon, 15 May 2023 03:51:22 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C39C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:33:27 GMT
expires
Mon, 13 May 2024 20:33:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 1268 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jmwgdtkd59sjgf2d9dxp2759m4p0t1syggjy9v4vzttnxwtt363fez071n7wtg15mq139yemha4j8zfev7801846sfzawx86k42rnbhse4ke3kr6j81b0y3mfdkarb6ce3v220hrm7a3eq3n8ryzj3x4dt2xj5pv8m7wx3q5hsy4240hpzc49w3ct1zc550farp8bdt3fh55g0bzjfz6yqw4kee1arwf21g0fjqy7g5110km1k0xnn3vk5hrp0940vn39j7ymt2tw881wxtxc299hrhbt3wj7y44rnh4xzr12xtzhvc6w34caza97j9vrav6pd9fqwets58psxwba53tz8cebnpbx2y2wnq0b2eg6tjrvn7tjyjdt27n8jnmq022p8n5seznxy7kb9g27qhcfmsgbzqrc0j8bx41t9pjk59q4dsa26es7t10cmt2hfpjav42w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jmwgdtkd59sjgf2d9dxp2759m4p0t1syggjy9v4vzttnxwtt363fez071n7wtg15mq139yemha4j8zfev7801846sfzawx86k42rnbhse4ke3kr6j81b0y3mfdkarb6ce3v220hrm7a3eq3n8ryzj3x4dt2xj5pv8m7wx3q5hsy4240hpzc49w3ct1zc550farp8bdt3fh55g0bzjfz6yqw4kee1arwf21g0fjqy7g5110km1k0xnn3vk5hrp0940vn39j7ymt2tw881wxtxc299hrhbt3wj7y44rnh4xzr12xtzhvc6w34caza97j9vrav6pd9fqwets58psxwba53tz8cebnpbx2y2wnq0b2eg6tjrvn7tjyjdt27n8jnmq022p8n5seznxy7kb9g27qhcfmsgbzqrc0j8bx41t9pjk59q4dsa26es7t10cmt2hfpjav42w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%26client%3Dca-pub-7983651257838282%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
536053
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T15MMO7gYNGuZE9hFSCwj0WIEPoDFUWUtZkYTfeIAk0fEeTHYM5jNM%2BqjxFf%2FAlyAPVd6ACZmW0riL0XVrqcALBHHS59%2FzhV%2F3WHj%2FCGUZFC9JGr1RAPXATvt8thb6Trs0ekWKJQuq4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7c75ea9d1e669a3c-FRA
expires
Sun, 14 May 2023 21:33:29 GMT
r62eglto.js
ad4m.at/ Frame 1268 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jmwgdtkd59sjgf2d9dxp2759m4p0t1syggjy9v4vzttnxwtt363fez071n7wtg15mq139yemha4j8zfev7801846sfzawx86k42rnbhse4ke3kr6j81b0y3mfdkarb6ce3v220hrm7a3eq3n8ryzj3x4dt2xj5pv8m7wx3q5hsy4240hpzc49w3ct1zc550farp8bdt3fh55g0bzjfz6yqw4kee1arwf21g0fjqy7g5110km1k0xnn3vk5hrp0940vn39j7ymt2tw881wxtxc299hrhbt3wj7y44rnh4xzr12xtzhvc6w34caza97j9vrav6pd9fqwets58psxwba53tz8cebnpbx2y2wnq0b2eg6tjrvn7tjyjdt27n8jnmq022p8n5seznxy7kb9g27qhcfmsgbzqrc0j8bx41t9pjk59q4dsa26es7t10cmt2hfpjav42w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
456457
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ed2A9TYVzRAiN1Cw3%2F8LATX%2B6Q5porPVLV%2B3d44%2Be56y2c9stACs0E%2FUevJx2IZMr%2FxEeD49DopNw5m8co9j2zS0J9y9oIiAqnexzmPzTAmEkaequ3Za2uwt5GjJNNUm8RjrBhA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7c75ea9d2e7d9a3c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 02 May 2023 13:46:04 GMT
truncated
/ Frame E869 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
671de0360e4ea49881df16cc8c57e7ff1e295c8936564f65983f2a369c264e03

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 2800 		103 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gh6k1j29a6g5kp3d76khcf3hqkcv9e2yyav7kq6g7bzhzt2sg9cya5cd4q39s9gh71q4dz0bc2hjqavm3kbgvq12fhqc365518f0a54ncb2fnjf6p27jz9k86mppqzdf79qmed63s9pva74b4cyb17gd8awz7b6cfd98abfb3e25bkyfmjts6cvdtwcrf43vf208z2svtfb1785x1vd3vm1bh6zxrcpttjn1q46eqd7jawtw7z6c4hhg6cs6q0wsacz5yt3bwabgj6smx9zqq8e1weaxmdspn4gte5aeqs1mhv9pvm7w0jjtxx9egvrvsm1956g05khtav10wzrktxf56wwc85tn1g2meewb6mhqpwn1v3a864pevrcg3yyxpy51kp36b6n4t2es9dpw03m3sra5b939790w5qyjn8cgn97mfvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gh6k1j29a6g5kp3d76khcf3hqkcv9e2yyav7kq6g7bzhzt2sg9cya5cd4q39s9gh71q4dz0bc2hjqavm3kbgvq12fhqc365518f0a54ncb2fnjf6p27jz9k86mppqzdf79qmed63s9pva74b4cyb17gd8awz7b6cfd98abfb3e25bkyfmjts6cvdtwcrf43vf208z2svtfb1785x1vd3vm1bh6zxrcpttjn1q46eqd7jawtw7z6c4hhg6cs6q0wsacz5yt3bwabgj6smx9zqq8e1weaxmdspn4gte5aeqs1mhv9pvm7w0jjtxx9egvrvsm1956g05khtav10wzrktxf56wwc85tn1g2meewb6mhqpwn1v3a864pevrcg3yyxpy51kp36b6n4t2es9dpw03m3sra5b939790w5qyjn8cgn97mfvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%26client%3Dca-pub-6593523210010154%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
536053
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ki8s1gFtcCRpxsSOPc2vtHhqp6dGYkYhkTMqmSoem%2BM1tLrt02D6qgW8aNX7cVpjBRSuDmm%2BrA9Vai14k7sA3%2FDkflOWcwcyNdxWaI6jvOPAy15KdFB%2BF353iPY5xroGRwlWsqwzJuc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7c75ea9d4e949a3c-FRA
expires
Sun, 14 May 2023 21:33:29 GMT
r62eglto.js
ad4m.at/ Frame 2800 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gh6k1j29a6g5kp3d76khcf3hqkcv9e2yyav7kq6g7bzhzt2sg9cya5cd4q39s9gh71q4dz0bc2hjqavm3kbgvq12fhqc365518f0a54ncb2fnjf6p27jz9k86mppqzdf79qmed63s9pva74b4cyb17gd8awz7b6cfd98abfb3e25bkyfmjts6cvdtwcrf43vf208z2svtfb1785x1vd3vm1bh6zxrcpttjn1q46eqd7jawtw7z6c4hhg6cs6q0wsacz5yt3bwabgj6smx9zqq8e1weaxmdspn4gte5aeqs1mhv9pvm7w0jjtxx9egvrvsm1956g05khtav10wzrktxf56wwc85tn1g2meewb6mhqpwn1v3a864pevrcg3yyxpy51kp36b6n4t2es9dpw03m3sra5b939790w5qyjn8cgn97mfvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
456457
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lj7jw9zvSI8lnSVaLwz5TN4BA2nCYIakkS9DamJEc5r3lpTS5ylH0j8CMvBYiz21Ey7Uze2FxE%2BshTfeOLoE%2Bm%2BE3ZB6NPMIaDE%2FrSjlmGdx4dlmKr%2FAmJQpzdhOqPJwXz5iO8k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7c75ea9d4e969a3c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 02 May 2023 13:46:04 GMT
60b91f99e4b0b65b3ce7bc5b
ng.virgul.com/tck/imp/ Frame 868D 		0
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/imp/60b91f99e4b0b65b3ce7bc5b?userId=vnet648faf63-4d0c-491e-9ece-7b21e8085b15&mt=1684096407461&sdr=&et=&r=153493@site_geneli@yemek_net:site_geneli&l=&info=&t=banner:153493@site_geneli@yemek_net:site_geneli&os=&c=&cs=1684096408991
Requested by
Host: ng2.virgul.com
URL: https://ng2.virgul.com/adview?a=60b91f99e4b0b65b3ce7bc5b&t=pageskin:153493&r=153493@site_geneli@yemek_net:site_geneli&l=&mt=1684096407461&userId=vnet648faf63-4d0c-491e-9ece-7b21e8085b15&vmn=60b91f99e4b0b65b3ce7bc5b___1534931470113556
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ng2.virgul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ng2.virgul.com
date
Sun, 14 May 2023 20:33:29 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
truncated
/ Frame 6C2D 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ac328d6b95802686da0874e1d04597f0ff59f5177d455bfdc197e612cff7345

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame C39C 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c10d63d7b41288794e705ce2cdb67caccbd96fe9ecd46c33aa47698be28a227e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
2423
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13484
x-xss-protection
0
server
cafe
etag
15319064171597158994
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 May 2023 19:53:06 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C39C 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 14:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
193274
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 11 May 2024 14:52:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C39C 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 May 2023 20:33:29 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame C39C 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 12:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
29162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8754
x-xss-protection
0
server
cafe
etag
1905752258753453817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 May 2023 12:27:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame C39C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:15:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
26297
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 May 2023 13:15:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame C39C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 12:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
29551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 May 2023 12:20:58 GMT
l
www.google.com/ads/measurement/ Frame C39C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSF5d2Z77ru4XgoRuCUx6fL9xgN5mh0V212qp7GQmT8HMoztaL6Q5UP16URrgSQS51NRoY4ohYOuqvilquiUeHR_TbZvQ
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame C373
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEL1ihstvAHW6a2R7XdSeKbM&google_cver=1&google_push=ATf1kGOs0qr4AvJWnb7EjHT3-NC8gJyeIf43Auqd1cPCApDVM8r6EoA8EmkAVGbP_CG8oVwpuhbIN0RcVXKl1e1jw9-_eDxIE6xFU...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzYwNjgwNjAzNTkyODg4NjU5OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL1ihstvAHW6a2R7XdSeKbM&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL1ihstvAHW6a2R7XdSeKbM&google_cver=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL1ihstvAHW6a2R7XdSeKbM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C373
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGAA6P2gmOrmfIMlNNDAfaI&google_cver=1&google_push=ATf1kGNHxr9v4KctTKXp8RUyZoIjdgH_ovsFq-6rQVjzTu7BJl-tPs26t6...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNHxr9v4KctTKXp8RUyZoIjdgH_ovsFq-6rQVjzTu7BJl-tPs26t6U1fA4i3sl0iMkRICM4nVQWooKjAGYh5mL_Y7px3wyT8vVeaug7RPWpFiygV9PBPjo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNHxr9v4KctTKXp8RUyZoIjdgH_ovsFq-6rQVjzTu7BJl-tPs26t6U1fA4i3sl0iMkRICM4nVQWooKjAGYh5mL_Y7px3wyT8vVeaug7RPWpFiygV9PBPjoIYOrFgghP1T0qGFleavkLFaDIDgjBtIy7RUU&google_hm=nDtHF0ur7JOIls97X3j6fg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096408388&bpp=1&bdt=157&idt=253&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1829164497988&frm=8&ife=1&pv=1&ga_vid=1592265203.1684096409&ga_sid=1684096409&ga_hid=1427992624&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1418013507&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759875%2C44759926%2C44759842%2C31074561%2C44788441%2C44790154&oid=2&pvsid=2523340466925134&tmod=1140472287&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.9u0ny9jk0w4x&fsb=1&dtd=259
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNHxr9v4KctTKXp8RUyZoIjdgH_ovsFq-6rQVjzTu7BJl-tPs26t6U1fA4i3sl0iMkRICM4nVQWooKjAGYh5mL_Y7px3wyT8vVeaug7RPWpFiygV9PBPjoIYOrFgghP1T0qGFleavkLFaDIDgjBtIy7RUU&google_hm=nDtHF0ur7JOIls97X3j6fg
pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C373
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHNdQ8-rSCqbu-dHXpC1NZQ&google_cver=1&google_push=ATf1kGNJ05L3YTuym7IDROzyNTyXrGARgRFg_x4qnOQiL_xSBcbE7m5fESOh9cp10VdPBL9JuDJp-3OF5hl8r1cz...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=nJVkYUWaQACFWBNcYD54aQ&google_push=ATf1kGNJ05L3YTuym7IDROzyNTyXrGARgRFg_x4qnOQiL_xSBcbE7m5fESOh9cp10VdPBL9JuDJp-3OF5hl8r1czGlA4YvDL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=nJVkYUWaQACFWBNcYD54aQ&google_push=ATf1kGNJ05L3YTuym7IDROzyNTyXrGARgRFg_x4qnOQiL_xSBcbE7m5fESOh9cp10VdPBL9JuDJp-3OF5hl8r1czGlA4YvDL9aUaHdC3JomQnl3JVaWzahsFUX-FZRtgYTg-5siIk4NKa7bCm_oB0FRDmx8RFfU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096408388&bpp=1&bdt=157&idt=253&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1829164497988&frm=8&ife=1&pv=1&ga_vid=1592265203.1684096409&ga_sid=1684096409&ga_hid=1427992624&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1418013507&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759875%2C44759926%2C44759842%2C31074561%2C44788441%2C44790154&oid=2&pvsid=2523340466925134&tmod=1140472287&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.9u0ny9jk0w4x&fsb=1&dtd=259
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 14 May 2023 20:33:29 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x11 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=nJVkYUWaQACFWBNcYD54aQ&google_push=ATf1kGNJ05L3YTuym7IDROzyNTyXrGARgRFg_x4qnOQiL_xSBcbE7m5fESOh9cp10VdPBL9JuDJp-3OF5hl8r1czGlA4YvDL9aUaHdC3JomQnl3JVaWzahsFUX-FZRtgYTg-5siIk4NKa7bCm_oB0FRDmx8RFfU
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 14 May 2023 20:33:28 GMT
i.match
s.tribalfusion.com/z/ Frame C373
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJgFpP_eIoUR1F8YDH0OYhs&google_cver=1&google_push=ATf1kGNMzOqMLrSmOeBKIatfUlO730CCqM6O1gRDdbG5THmhhqv3AR1bkklERWEIUnKnC57k4n6E6qy9TeR6fNnD3GgBKQskfOCKQ...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJgFpP_eIoUR1F8YDH0OYhs&google_cver=1&google_push=ATf1kGNMzOqMLrSmOeBKIatfUlO730CCqM6O1gRDdbG5THmhhqv3AR1bkklERWEIUnKnC57k4n6E6qy9TeR6fNnD3GgBKQskfOC...
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJgFpP_eIoUR1F8YDH0OYhs&google_cver=1&google_push=ATf1kGNMzOqMLrSmOeBKIatfUlO730CCqM6O1gRDdbG5THmhhqv3AR1bkklERWEIUnKnC57k4n6E6qy9TeR6fNnD3GgBKQskfOCKQdghDPzOcWu4Tbetgg1CILY4LXjjIC7FckCzBjmV3mXbMczyFfyBRTJXSdU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNMzOqMLrSmOeBKIatfUlO730CCqM6O1gRDdbG5THmhhqv3AR1bkklERWEIUnKnC57k4n6E6qy9TeR6fNnD3GgBKQskfOCKQdghDPzOcWu4Tbetgg1CILY4LXjjIC7FckCzBjmV3mXbMczyFfyBRTJXSdU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c75ea9f0b929a23-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
100
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJgFpP_eIoUR1F8YDH0OYhs&google_cver=1&google_push=ATf1kGNMzOqMLrSmOeBKIatfUlO730CCqM6O1gRDdbG5THmhhqv3AR1bkklERWEIUnKnC57k4n6E6qy9TeR6fNnD3GgBKQskfOCKQdghDPzOcWu4Tbetgg1CILY4LXjjIC7FckCzBjmV3mXbMczyFfyBRTJXSdU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNMzOqMLrSmOeBKIatfUlO730CCqM6O1gRDdbG5THmhhqv3AR1bkklERWEIUnKnC57k4n6E6qy9TeR6fNnD3GgBKQskfOCKQdghDPzOcWu4Tbetgg1CILY4LXjjIC7FckCzBjmV3mXbMczyFfyBRTJXSdU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c75ea9dca159a23-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C373
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEPnSm6b41n1K2x_NmlmK2t4&google_cver=1&google_push=ATf1kGOBLIV0jaYNzhagtDW6zeJNi7MwQlq_6RZCCKbbYFW82S4V7K-23QawuYOTrGVRTVQ74PpE66U0zI8XqBwsj1FpghHoA-Dxd7...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0A3FC6B1ADC14B71B75EEBD5EF6BE494&google_push=ATf1kGOBLIV0jaYNzhagtDW6zeJNi7MwQlq_6RZCCKbbYFW82S4V7K-23QawuYOTrGVRTVQ74PpE66U0zI8XqBw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0A3FC6B1ADC14B71B75EEBD5EF6BE494&google_push=ATf1kGOBLIV0jaYNzhagtDW6zeJNi7MwQlq_6RZCCKbbYFW82S4V7K-23QawuYOTrGVRTVQ74PpE66U0zI8XqBwsj1FpghHoA-Dxd7AVUszqiGUZK8CoFygVfhC9wGi7cr1eWLDMcMV21RuFV-TpLEgoBLbrMss
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096408388&bpp=1&bdt=157&idt=253&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1829164497988&frm=8&ife=1&pv=1&ga_vid=1592265203.1684096409&ga_sid=1684096409&ga_hid=1427992624&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1418013507&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759875%2C44759926%2C44759842%2C31074561%2C44788441%2C44790154&oid=2&pvsid=2523340466925134&tmod=1140472287&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.9u0ny9jk0w4x&fsb=1&dtd=259
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 14 May 2023 20:33:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0A3FC6B1ADC14B71B75EEBD5EF6BE494&google_push=ATf1kGOBLIV0jaYNzhagtDW6zeJNi7MwQlq_6RZCCKbbYFW82S4V7K-23QawuYOTrGVRTVQ74PpE66U0zI8XqBwsj1FpghHoA-Dxd7AVUszqiGUZK8CoFygVfhC9wGi7cr1eWLDMcMV21RuFV-TpLEgoBLbrMss
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 13 May 2023 20:33:29 GMT
pixel
cm.g.doubleclick.net/ Frame C373
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEE20lD3w6QoBSvGbNIJ9AFE&google_cver=1&google_push=ATf1kGMbIuIiOIliUMfBDrH-OyYF6yt9-rvDNsr1vuI9YqGrEN3QkKOFFbBDrqOg7EcuAMKKG6tW9mE5MZtDuh1g34RKlMT...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMbIuIiOIliUMfBDrH-OyYF6yt9-rvDNsr1vuI9YqGrEN3QkKOFFbBDrqOg7EcuAMKKG6tW9mE5MZtDuh1g34RKlMTDedbxxfjxWBsrdpE-XRWXjOnru9bVDNC_Mjnz1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMbIuIiOIliUMfBDrH-OyYF6yt9-rvDNsr1vuI9YqGrEN3QkKOFFbBDrqOg7EcuAMKKG6tW9mE5MZtDuh1g34RKlMTDedbxxfjxWBsrdpE-XRWXjOnru9bVDNC_Mjnz1MviBdn8LKzGlMWqfC_Owq6RLg&google_hm=eS10LkNIaGM1RTJwR0ZEQi5xeVMwa1J5cU9JeGc4cWpnVH5B
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 14 May 2023 20:33:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMbIuIiOIliUMfBDrH-OyYF6yt9-rvDNsr1vuI9YqGrEN3QkKOFFbBDrqOg7EcuAMKKG6tW9mE5MZtDuh1g34RKlMTDedbxxfjxWBsrdpE-XRWXjOnru9bVDNC_Mjnz1MviBdn8LKzGlMWqfC_Owq6RLg&google_hm=eS10LkNIaGM1RTJwR0ZEQi5xeVMwa1J5cU9JeGc4cWpnVH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame C373
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pNm9eZUIQnO6C8ba-DVkYA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pNm9eZUIQnO6C8ba-DVkYA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMAMT-bp0vVi5o66mA8A3d4yUP8hlclXF72GUQ88xxAXqz-JTImjzlN5rNVdfTPD-cg9W_JYhcvQh0oaQ9yhzed3PiVIPm_oSp_qiefHDu2nWDqRgijNvnC0d443Hj4uZf4PQrUSRztwiVviJLocLY7sjE
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pNm9eZUIQnO6C8ba-DVkYA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMAMT-bp0vVi5o66mA8A3d4yUP8hlclXF72GUQ88xxAXqz-JTImjzlN5rNVdfTPD-cg9W_JYhcvQh0oaQ9yhzed3PiVIPm_oSp_qiefHDu2nWDqRgijNvnC0d443Hj4uZf4PQrUSRztwiVviJLocLY7sjE
date
Sun, 14 May 2023 20:33:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
attr
cm.g.doubleclick.net/pixel/ Frame C373 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYsSr3uaHWy1OlhhNnqNiIssDwXMB87A7qUZ3fLjF3VdgqTFyrI-ttWAiqPR-_RmZZ_0vh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096408388&bpp=1&bdt=157&idt=253&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1829164497988&frm=8&ife=1&pv=1&ga_vid=1592265203.1684096409&ga_sid=1684096409&ga_hid=1427992624&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1418013507&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759875%2C44759926%2C44759842%2C31074561%2C44788441%2C44790154&oid=2&pvsid=2523340466925134&tmod=1140472287&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.9u0ny9jk0w4x&fsb=1&dtd=259
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1268 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
739
x-guploader-uploadid
ADPycdu_bETbAO3L7E3ZwmLe8QxiVBASGCjfRAxwlm_tkXJYko3jNEaJxZb3LISJ1TPqVw-ds5Su5eyQQRqdQCYhbG3a5A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uPkSEMlIXSJqs7ha7xnHohu3tWrLTftXctMmEUntT954tmem8635W8rDn%2FPEpYAEyMNjY0FsxD5z8ExZBAHytbSbB4vwfMNhzFqneWmASRn%2Fx1gTD2jszjq3M%2BxA9qssEJnf6it4xnGGDgWgWdKRzsh"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7c75ea9e2d56373d-FRA
expires
Sun, 14 May 2023 20:29:41 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 2800 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
739
x-guploader-uploadid
ADPycdu_bETbAO3L7E3ZwmLe8QxiVBASGCjfRAxwlm_tkXJYko3jNEaJxZb3LISJ1TPqVw-ds5Su5eyQQRqdQCYhbG3a5A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3mwopq1LKyvaiaeGG4o2HY1PU5t0eJ%2FNY4AjUzB3WNtxKZDU1pJJ%2Fscc3f4ZFkiL6hgEdapI%2F191CCr3JWi%2BzaQTcIa1URFrf8Ardz81En6TacNuVaS%2Fc4Z2CuyhiGRFIhZ9GNEhSXSwjD2o%2BnHz0Rp"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7c75ea9e2d58373d-FRA
expires
Sun, 14 May 2023 20:29:41 GMT
frame.html
ad4m.at/ Frame 502B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
322631
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7c75ea9de8525c85-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sun, 14 May 2023 20:33:29 GMT
expires
Mon, 08 May 2023 00:16:30 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVtZs7N7T2%2FK1HxQQiHB6o%2BpcZGb1alG23tbUuxI%2FaXAJ17Tjf%2FSVSxo7t2kPDGrCl3lfeXWk5Sn5xjAljtesQwZ6rkxvd4%2F4zPL%2FukWBLfPHyr%2BZ8acqnY7qNzk8HJIz5PlOVk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
EEWIQHXu5Ct0D0ESoPoPgn_nxgGx_fJqrl2kdgS3d-OTr-rSoYcphj14K42jg8XCe57aQVRsPQovhWY-wBX4nagYepA-QwP9-AeOU6eHdu8Ruqa85bKVfQ=w1200-h627-rp-pd
lh5.googleusercontent.com/proxy/ Frame C39C 		943 KB
944 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/proxy/EEWIQHXu5Ct0D0ESoPoPgn_nxgGx_fJqrl2kdgS3d-OTr-rSoYcphj14K42jg8XCe57aQVRsPQovhWY-wBX4nagYepA-QwP9-AeOU6eHdu8Ruqa85bKVfQ=w1200-h627-rp-pd
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c4b0426485c1bd14d3bf6c33a6c55ff7424e6bab4442b013f0c3484ca8b5f9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 16:41:28 GMT
x-content-type-options
nosniff
server
fife
age
13921
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
965995
x-xss-protection
0
expires
Mon, 15 May 2023 16:41:28 GMT
4091503581208051288
tpc.googlesyndication.com/simgad/ Frame C39C
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
  • https://tpc.googlesyndication.com/simgad/4091503581208051288
107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4091503581208051288
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 14:59:09 GMT
x-content-type-options
nosniff
age
106460
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109931
x-xss-protection
0
last-modified
Wed, 23 Oct 2019 12:45:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 12 May 2024 14:59:09 GMT

Redirect headers

date
Sat, 13 May 2023 23:21:09 GMT
x-content-type-options
nosniff
server
cafe
age
76340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 12 Jun 2023 23:21:09 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C39C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQ7QPmEVhZIn4Jt7K1fAPlc-igATNqtvGbeHB7MGoDP_Ror3AARABIMCygmtgldqIgpgHoAGwuqHXA8gBBqkCuEm_tTNnsj7gAgCoAwHIA8MEqgT5AU_Q59VFsYYVLOEaIjUavy2jiET2TNHvNOb1TFWAzlo0M46RAY2qOANdnRzpblEh5IAozSr_lupWCBbdCNjcBM-W20s4qjBq1GQiGxs7qQN4In4d2szm0agowIHY2xgB3p2x8rFKW862UgW0tMAqmT6PNetTwicvIiti_sRYT8KSAOqw4ktNk9lx-GMgDpBRVMuPXjFY_Oh05fk_WdzO826sYf01Q_H0vIpOztg1Toibp--iPQihUqLb_v7Glo3fcVxwVt3L1EbL567H0sHHAkJyB7Iwd6jII67YUUdh3ml-RxbMa5uiVUZw5_ZjsyUNXjLuUag1sT4L5MAE-eHiyo4D4AQBkgUECAQYAZIFBAgFGASgBjeAB7_ZvWCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQgdAB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA8gLAdgTDIgUAdAVAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=2gI68-PTAPM&uach_m=[UACH]&cid=CAQSOwBygQiDgAiC052u2NCGQpMW_ktk612rJWDhPTG1IL9dGYfWPHDkIeV-knk54UsuUjj6W09OxdSHtcREGAE&template_id=493
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
frame.html
ad4m.at/ Frame CF9F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
322631
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7c75ea9df8635c85-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sun, 14 May 2023 20:33:29 GMT
expires
Mon, 08 May 2023 00:16:30 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PF8Bcf3qjHRGIKAV69YYu1B2ac1gRy0Psnp3TBOR8RTNHhnZDWQvyLaQKOpyCNpb7SZxk%2Fll3xJ%2Bm3Vy%2BF7jRcDLs8AgYv4XV7AmxMB5ysFLX0vv7gdE0Tb6qbYOAc%2BrNbQIsiM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame 1268 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99257fad05afe423832269141e9e30a5b319b35845bf6c94af1327a99ac63a3b

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uy8IJWqKtTHgQpYFvLnz7UyLs3twCU6K2bII1EAqZKFbIVTIfW41Engt0RZFBZ9S3IDNmXygmfXrIX7yGylT4gmtXh0nhK1bY4kGxxe8Zgq1OeVd5LSEgJmmatxasfN0fLQdNZI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7c75ea9e8d579b46-FRA
x-backend-server
aa-reachservice-group-europe-west1-n6pb
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c75ea9e3cf49b46-FRA
content-length
24
content-type
text/plain
date
Sun, 14 May 2023 20:33:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9YxJ%2FUaDmL8l0pErGsRAVhLhC%2FQQE9K66L7JIC3yycFAxWpEdkupAXsnJV%2BjMLPq4UXw7YK5ZzUoi8sarHTGZtGYwOnVABS3%2BJRhPg%2FAXioT%2FfHgGrtI4jjq42wzGpe8eyAF8M%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-n6pb
rs
ad4m.at/ Frame 2800 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72eb8971f8b103364e729814a416ed64b214c8423b6e61fa78ebb4663f9ee0c0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Js4aMBc2fLB6s78tppY0ip0sCCqed1bdY%2Fz2oUT7QO4E3mffQgrzq5ytvjgIh01F6VI4CMFvuBVRTdWiUflD2hMR7VVIzXUqjM4kSwQE9vDR1ln3aDFu0l7InrNnpq6eelVWmrw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7c75ea9e7d3f9b46-FRA
x-backend-server
aa-reachservice-group-europe-west1-n6pb
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c75ea9e4cfe9b46-FRA
content-length
24
content-type
text/plain
date
Sun, 14 May 2023 20:33:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2nU%2Bl0qtqRzQiKdMqZfnEnZPAQWfhRbCTuEThwWAMFkkp7xCLoyzvtKQTeyk2DPgqYC6zsxnGXd%2FB%2FdzkfvyCaSlBMjClXLwH3fpp%2Bql37y2cnQdantVlybhwZlGDlkldtF1OA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-n6pb
view
securepubads.g.doubleclick.net/pcs/ Frame 4C75 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4o4xOVtlJ1sECxpuAjojOGfCURamixAOYHfgSlv90Gs2Jrnz505UjS-dzopBKq2bEcmqevXDcmEFygIHuonA7RIA9aFglCsB5_1cYLR4s9WXHgyUx9nou2Qia2at9Bku3-rIoixpVVUJFbeTJ1RsWt5d8jy7V6hoEh5zc5v28wTkHMF5eHDWjBvANxDjYzcdVCkqpVV4F1NSwq9wId2zBbyNWrj1TJAMf9u_tRw5S_LT7DLt7cDh7VunpfaCnx2K0SFP6dPkJqSVUd5lcixox73Td4PTYMPorPny8I6emMamzEd8VijWYgfx1IplqM_VMYuX2io9PSlSAtqnkNQj9SqMUVTmnmd9ox7oQ3k4vhqcwHU1ZmQ&sai=AMfl-YRCMf6D0XHLhhRaSyW9tMgXTE6t70dVtjMCt7qmLqY7mBRIKMJxX-oWVNgOmx4Z2OUegSiIGqNWdqWbtFeOIVXr8RE0WDEttSppwhUSXmM&sig=Cg0ArKJSzHw1DKr15IKGEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 14 May 2023 20:33:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4C75 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com&bust=31074561
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73d7b6b2ab0bdd72ebba0003a3f52ed9ea593e84542276447fecef0829490c91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11511
x-xss-protection
0
rar
as.ad4m.at/ad/ Frame 03FE 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=23576%2C197100%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=55426a3f08d6004a4a5bd6798cc703ca%2F2464836446579212803&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684096409356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2behbrmcy6ysv6z122fvyeydnw89e2w5wcz6e2x014s8jyzdrak6p9ecqkmrvsfawgsd08ac8q5qm0z72w847yrac80knzh3t42qc05k3kap0y6qb384fqn75eq4vp6ky03ab8h2bwgf1njpj9p3ky0mw8qj0f1hhr2q8hedq0xw13r026feadmdbt1s0zd5bd1hev590hy6vfs9aawcexcp27q615ctx8kbm2ykd45ckmrj69r6a3hv57sse0srv6j34fs4d8p2e03c5g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
897ee63436f7013441dc409eb145fc53e5a3187fe2c7aaca75b3cf5c2897c840
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gh6k1j29a6g5kp3d76khcf3hqkcv9e2yyav7kq6g7bzhzt2sg9cya5cd4q39s9gh71q4dz0bc2hjqavm3kbgvq12fhqc365518f0a54ncb2fnjf6p27jz9k86mppqzdf79qmed63s9pva74b4cyb17gd8awz7b6cfd98abfb3e25bkyfmjts6cvdtwcrf43vf208z2svtfb1785x1vd3vm1bh6zxrcpttjn1q46eqd7jawtw7z6c4hhg6cs6q0wsacz5yt3bwabgj6smx9zqq8e1weaxmdspn4gte5aeqs1mhv9pvm7w0jjtxx9egvrvsm1956g05khtav10wzrktxf56wwc85tn1g2meewb6mhqpwn1v3a864pevrcg3yyxpy51kp36b6n4t2es9dpw03m3sra5b939790w5qyjn8cgn97mfvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%26client%3Dca-pub-6593523210010154%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c75ea9ebfdf9a3c-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:33:29 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0DD9 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1353
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:10:56 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7377 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
60127
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 03:51:22 GMT
etag
48472445140208031
expires
Mon, 15 May 2023 03:51:22 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.135.js
static.criteo.net/js/ld/ Frame 77A7 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 May 2023 20:33:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4C75 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com&bust=31074561
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 May 2023 20:33:29 GMT
truncated
/ Frame C39C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35a66f46679d19468acc12d309a93f23456c28d708542940da0d24ba4f58cbea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
rar
as.ad4m.at/ad/ Frame E96E 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=ca2124d246388b52ca111b4e2a602533%2F14541388359378963250&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684096409368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbvep5hx6abn8z1cktq1xrsaedbcgrv5z2rcgjpd103b3qmef6wdq8s40rcdkb88n60s13tgz87cpyqfgmse3ep49zrjr2yw5cq18ek3n1bzmjaafa2eky2zgtqnb4d0ka97qpz14vtt7s4r3dhpns80jfsrz0r814mnt7bfsdjphh4s652d8ztw8bhcarjfhy6zj4bbtws8sa7rkehskttdywsbys97w1w9vd9nd237gs4cp2f3qc5ge5csfg9k3e10psbf58wq0kmwfx21xb7wr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2303648ecaa6cf535d8e3580af3e5cac49c2ff7786cee45e6d0e62a1431b7406
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jmwgdtkd59sjgf2d9dxp2759m4p0t1syggjy9v4vzttnxwtt363fez071n7wtg15mq139yemha4j8zfev7801846sfzawx86k42rnbhse4ke3kr6j81b0y3mfdkarb6ce3v220hrm7a3eq3n8ryzj3x4dt2xj5pv8m7wx3q5hsy4240hpzc49w3ct1zc550farp8bdt3fh55g0bzjfz6yqw4kee1arwf21g0fjqy7g5110km1k0xnn3vk5hrp0940vn39j7ymt2tw881wxtxc299hrhbt3wj7y44rnh4xzr12xtzhvc6w34caza97j9vrav6pd9fqwets58psxwba53tz8cebnpbx2y2wnq0b2eg6tjrvn7tjyjdt27n8jnmq022p8n5seznxy7kb9g27qhcfmsgbzqrc0j8bx41t9pjk59q4dsa26es7t10cmt2hfpjav42w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%26client%3Dca-pub-7983651257838282%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c75ea9ecff09a3c-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:33:29 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0DD9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:33:29 GMT
expires
Sun, 14 May 2023 20:33:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:33:29 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 7377
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGAA6P2gmOrmfIMlNNDAfaI&google_cver=1&google_push=ATf1kGM4Zei5KKAtmqZxQ6Fa2yaq8iyrUD6fB1fOBU3uRWsjsjO3XbsLRA...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGM4Zei5KKAtmqZxQ6Fa2yaq8iyrUD6fB1fOBU3uRWsjsjO3XbsLRAGIgf6gIX2U5SoA6iLRct8GTL49mS_FnkW5zw4daHt0&google_hm=nDtHF0ur7JOI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGM4Zei5KKAtmqZxQ6Fa2yaq8iyrUD6fB1fOBU3uRWsjsjO3XbsLRAGIgf6gIX2U5SoA6iLRct8GTL49mS_FnkW5zw4daHt0&google_hm=nDtHF0ur7JOIls97X3j6fg
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGM4Zei5KKAtmqZxQ6Fa2yaq8iyrUD6fB1fOBU3uRWsjsjO3XbsLRAGIgf6gIX2U5SoA6iLRct8GTL49mS_FnkW5zw4daHt0&google_hm=nDtHF0ur7JOIls97X3j6fg
pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 7377 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAz4YKzJkj3pXggxH6kjeQA&google_cver=1&google_push=ATf1kGNqByVTz2HgmGHrPzJuLXfbytONAIQwWaeN424WHl2Fc-1N5KAi_lWZrUVSMg6L74U1EJgC5p_HWsBYZMSrkxV5MZgz1dw2
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usersync.aspx
dis.criteo.com/dis/ Frame 7377 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEPlm3ufrkABz6H4-UIU4DpA&google_cver=1&google_push=ATf1kGOoX4y4VcFVRyf9_-NpMD27TqZnnUJPbK7n6YGorz72nULsm9nejoFwIWcboE6CaN7BihaGPgUlKu9fPKOGoJMhNoiWdsmT
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
273810
expires
Sun, 14 May 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7377
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMef3YO8f4EA39HYaHJRvrM&google_cver=1&google_push=ATf1kGOlfowVc3ReeELYiQ-zcQiTdEHnu21rP_o1b-1IHeIGNi87b214zQKnrS6JraSb8jNqLKP045d9...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMef3YO8f4EA39HYaHJRvrM&google_cver=1&google_push=ATf1kGOlfowVc3ReeELYiQ-zcQiTdEHnu21rP_o1b-1IHeIGNi87b214zQKnrS6JraSb8jNqLKP...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4ODE1Mjg4MTY2MTgzNDI2NQ&google_push=ATf1kGOlfowVc3ReeELYiQ-zcQiTdEHnu21rP_o1b-1IHeIGNi87b214zQKnrS6JraSb8jNqLKP045...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4ODE1Mjg4MTY2MTgzNDI2NQ&google_push=ATf1kGOlfowVc3ReeELYiQ-zcQiTdEHnu21rP_o1b-1IHeIGNi87b214zQKnrS6JraSb8jNqLKP045d94OyFUVsZWccoyeEajvb5
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4ODE1Mjg4MTY2MTgzNDI2NQ&google_push=ATf1kGOlfowVc3ReeELYiQ-zcQiTdEHnu21rP_o1b-1IHeIGNi87b214zQKnrS6JraSb8jNqLKP045d94OyFUVsZWccoyeEajvb5
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 7377
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pNm9eZUIQnO6C8ba-DVkYA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pNm9eZUIQnO6C8ba-DVkYA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPrK2P0qMNV9UKoA43AtgFdUDwFSGuMWGDK24yxUR14zw98mzf9SnxpWGicnwhkCWBUZsup1WN5andV1a2nlFVLIDMl0eIs
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pNm9eZUIQnO6C8ba-DVkYA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPrK2P0qMNV9UKoA43AtgFdUDwFSGuMWGDK24yxUR14zw98mzf9SnxpWGicnwhkCWBUZsup1WN5andV1a2nlFVLIDMl0eIs
date
Sun, 14 May 2023 20:33:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 7377
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBfKm0FktPmBALeLKxWcS8Y&google_cver=1&google_push=ATf1kGOKEoPjFYaLeKCvB77J_wqdEya0LHi58iO-jFHpgxq4V4JUm2ZdQydnll5G0rru0DGpxOc9ooDMte6_jCHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOKEoPjFYaLeKCvB77J_wqdEya0LHi58iO-jFHpgxq4V4JUm2ZdQydnll5G0rru0DGpxOc9ooDMte6_jCHnrLK3vbf-goVf
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOKEoPjFYaLeKCvB77J_wqdEya0LHi58iO-jFHpgxq4V4JUm2ZdQydnll5G0rru0DGpxOc9ooDMte6_jCHnrLK3vbf-goVf
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 14 May 2023 20:33:29 GMT
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOKEoPjFYaLeKCvB77J_wqdEya0LHi58iO-jFHpgxq4V4JUm2ZdQydnll5G0rru0DGpxOc9ooDMte6_jCHnrLK3vbf-goVf
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
dr7TjCnfFUqs9cPca90A8s2yCUR8r-YMYqhJub9U55VzXxibJ-k9Zw==
pixel
cm.g.doubleclick.net/ Frame 7377
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEHWIO9SmRhKXFrklnieNSlY&google_cver=1&google_push=ATf1kGMSs8RtHclXiHBX0N4m3npQMdA8N1aD67X5xt9jAKNRRNYDKklfSig0bJNCsPoLau-8qgqmsozoF2tOS_DcReTaAa...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHWIO9SmRhKXFrklnieNSlY&google_cver=1&google_push=ATf1kGMSs8RtHclXiHBX0N4m3npQMdA8N1aD67X5xt9jAKNRRNYDKklfSig0bJNCsPoLau-8qgqmsozoF2tOS_Dc...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=nyfu_PeQS2GZ2DPnJGAfXA&google_push=ATf1kGMSs8RtHclXiHBX0N4m3npQMdA8N1aD67X5xt9jAKNRRNYDKklfSig0bJNCsPoLau-8qgqmsozoF2tOS_D...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=nyfu_PeQS2GZ2DPnJGAfXA&google_push=ATf1kGMSs8RtHclXiHBX0N4m3npQMdA8N1aD67X5xt9jAKNRRNYDKklfSig0bJNCsPoLau-8qgqmsozoF2tOS_DcReTaAaTLv4NC
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=nyfu_PeQS2GZ2DPnJGAfXA&google_push=ATf1kGMSs8RtHclXiHBX0N4m3npQMdA8N1aD67X5xt9jAKNRRNYDKklfSig0bJNCsPoLau-8qgqmsozoF2tOS_DcReTaAaTLv4NC
access-control-allow-origin
*
date
Sun, 14 May 2023 20:33:29 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
attr
cm.g.doubleclick.net/pixel/ Frame 7377 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jw3ajsXJAFfvmTVxkYVTwXL9AtrRvyjrsIZB1RjkRNv4dymDG1RaswhVkn9na2DdchRAH9
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9A19 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
25912
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 13:21:37 GMT
expires
Mon, 13 May 2024 13:21:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9A45 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
65db605adf7fb7fb9d1577a7c4c518603db80e055b30058808d624555451a942
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zmlGWO9yRysEmgBemH2g5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-zmlGWO9yRysEmgBemH2g5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:33:29 GMT
expires
Sun, 14 May 2023 20:33:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 03FE 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=55426a3f08d6004a4a5bd6798cc703ca%2F2464836446579212803&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684096409356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2behbrmcy6ysv6z122fvyeydnw89e2w5wcz6e2x014s8jyzdrak6p9ecqkmrvsfawgsd08ac8q5qm0z72w847yrac80knzh3t42qc05k3kap0y6qb384fqn75eq4vp6ky03ab8h2bwgf1njpj9p3ky0mw8qj0f1hhr2q8hedq0xw13r026feadmdbt1s0zd5bd1hev590hy6vfs9aawcexcp27q615ctx8kbm2ykd45ckmrj69r6a3hv57sse0srv6j34fs4d8p2e03c5g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=23576%2C197100%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=55426a3f08d6004a4a5bd6798cc703ca%2F2464836446579212803&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684096409356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2behbrmcy6ysv6z122fvyeydnw89e2w5wcz6e2x014s8jyzdrak6p9ecqkmrvsfawgsd08ac8q5qm0z72w847yrac80knzh3t42qc05k3kap0y6qb384fqn75eq4vp6ky03ab8h2bwgf1njpj9p3ky0mw8qj0f1hhr2q8hedq0xw13r026feadmdbt1s0zd5bd1hev590hy6vfs9aawcexcp27q615ctx8kbm2ykd45ckmrj69r6a3hv57sse0srv6j34fs4d8p2e03c5g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
536053
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9ldcrfj76CI2uLJ0c%2B0R3RUu5nUKRiZBW%2Fh7Of3g97IDgzdjPFz2LR3ZV9IQXXRnfhK3brjCEcbeLUvx%2FU9asTb1cBn%2Fw5otQntj8QO5DjnfBrzZ4C6kocqSkUI6UKN1bGNh7Zk6HA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7c75ea9f2acf9bf8-FRA
expires
Sun, 14 May 2023 21:33:29 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 03FE 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=55426a3f08d6004a4a5bd6798cc703ca%2F2464836446579212803&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684096409356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2behbrmcy6ysv6z122fvyeydnw89e2w5wcz6e2x014s8jyzdrak6p9ecqkmrvsfawgsd08ac8q5qm0z72w847yrac80knzh3t42qc05k3kap0y6qb384fqn75eq4vp6ky03ab8h2bwgf1njpj9p3ky0mw8qj0f1hhr2q8hedq0xw13r026feadmdbt1s0zd5bd1hev590hy6vfs9aawcexcp27q615ctx8kbm2ykd45ckmrj69r6a3hv57sse0srv6j34fs4d8p2e03c5g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2358649
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJxt%2Fb0qu6HZ2y6oF2ru38X%2FFELeClbmh1k7LUgdHc6ZTI6u6prNPC2tRAjDddpdx5X9gfFdIe0Oy%2FZ0opuggx%2B2wBqRmsklp4Fq43IqYGqG0UiG3twVNzMvnNYk9Jg0NFxC1lnPzMoaCKkD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c75ea9f08299a3c-FRA
expires
Mon, 15 May 2023 20:33:29 GMT
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 03FE 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=55426a3f08d6004a4a5bd6798cc703ca%2F2464836446579212803&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684096409356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2behbrmcy6ysv6z122fvyeydnw89e2w5wcz6e2x014s8jyzdrak6p9ecqkmrvsfawgsd08ac8q5qm0z72w847yrac80knzh3t42qc05k3kap0y6qb384fqn75eq4vp6ky03ab8h2bwgf1njpj9p3ky0mw8qj0f1hhr2q8hedq0xw13r026feadmdbt1s0zd5bd1hev590hy6vfs9aawcexcp27q615ctx8kbm2ykd45ckmrj69r6a3hv57sse0srv6j34fs4d8p2e03c5g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
946463
cf-polished
qual=85, origFmt=jpeg, origSize=132437
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23154
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbsEftY5XJ9BebJlYq%2BQ2T54Qj9ZXaogmK%2FtyrAWte9aiDuCvlTHAtXdupbJcDQeLTEJW5dojN4BvorlHWHs%2F7MxwZpbKlfYbmsNx8t%2Fczbkv6KWczD3UZYwR%2FjuYslK3CyOFCKyp9GlWRYK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c75ea9f18329a3c-FRA
expires
Mon, 15 May 2023 20:33:29 GMT
/
partner.o2online.de/a/ Frame 03FE
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIHlhoLU9f4CFYfOEQgduzYFQw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023051422332984930512147X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023051422332984930512147X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023051422332984930512147X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=55426a3f08d6004a4a5bd6798cc703ca%2F2464836446579212803&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684096409356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2behbrmcy6ysv6z122fvyeydnw89e2w5wcz6e2x014s8jyzdrak6p9ecqkmrvsfawgsd08ac8q5qm0z72w847yrac80knzh3t42qc05k3kap0y6qb384fqn75eq4vp6ky03ab8h2bwgf1njpj9p3ky0mw8qj0f1hhr2q8hedq0xw13r026feadmdbt1s0zd5bd1hev590hy6vfs9aawcexcp27q615ctx8kbm2ykd45ckmrj69r6a3hv57sse0srv6j34fs4d8p2e03c5g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Sun, 14 May 2023 20:33:29 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023051422332984930512147X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023051422332984930512147X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date
Sun, 14 May 2023 20:33:29 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 03FE 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=55426a3f08d6004a4a5bd6798cc703ca%2F2464836446579212803&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684096409356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2behbrmcy6ysv6z122fvyeydnw89e2w5wcz6e2x014s8jyzdrak6p9ecqkmrvsfawgsd08ac8q5qm0z72w847yrac80knzh3t42qc05k3kap0y6qb384fqn75eq4vp6ky03ab8h2bwgf1njpj9p3ky0mw8qj0f1hhr2q8hedq0xw13r026feadmdbt1s0zd5bd1hev590hy6vfs9aawcexcp27q615ctx8kbm2ykd45ckmrj69r6a3hv57sse0srv6j34fs4d8p2e03c5g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
617324
cf-polished
origSize=24833, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13494
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0PMguvCvYd3hKzSi1VocLh%2BhPKsWB1aHKnL9kKCXCw9kvcfgHNWGD%2B1NAPh5IShYKsuoX43ign3rIQEBM%2FF3WcSaZqcN5sXYMSRPxNWfEy1ll6JOpVVY%2B%2FgEzXC79hmS1vatIxcTdZ2VDl9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c75ea9f18349a3c-FRA
expires
Mon, 15 May 2023 20:33:29 GMT
4203BD8B6DFC28122A57CD0F74F9CECD38E430D5675BBE6AD8D38A36BACBF4464C414E9D6B7C9D424BC78DD3AF8507AB207AAFC56090D4E89249C87620F96EE7
assets.ad4m.at/ Frame 03FE 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/4203BD8B6DFC28122A57CD0F74F9CECD38E430D5675BBE6AD8D38A36BACBF4464C414E9D6B7C9D424BC78DD3AF8507AB207AAFC56090D4E89249C87620F96EE7
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=55426a3f08d6004a4a5bd6798cc703ca%2F2464836446579212803&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684096409356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2behbrmcy6ysv6z122fvyeydnw89e2w5wcz6e2x014s8jyzdrak6p9ecqkmrvsfawgsd08ac8q5qm0z72w847yrac80knzh3t42qc05k3kap0y6qb384fqn75eq4vp6ky03ab8h2bwgf1njpj9p3ky0mw8qj0f1hhr2q8hedq0xw13r026feadmdbt1s0zd5bd1hev590hy6vfs9aawcexcp27q615ctx8kbm2ykd45ckmrj69r6a3hv57sse0srv6j34fs4d8p2e03c5g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b7e05564f91fc8ac5e933d73eb80f92bc95037220fe493bd7d617bf24d4aa00

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
516218
cf-polished
qual=85, origFmt=jpeg, origSize=42379
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12442
cf-bgj
imgq:85,h2pri
last-modified
Fri, 14 Apr 2023 14:20:26 GMT
server
cloudflare
etag
"d065bd00faf2a542b1b900322391648c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WF8LtjlzlIGMYaomPlnfzrDErspg%2F7hYXiOTWjD1WvuVfRXQkLjREYsHy2tx4gDnQGBhtTUKjiSG7Yy936aqbMdvGPYCuoB4fV%2BfcOtAGJJymvysqF13Ht3GQc7KoqCOa3zMdDL9UqnDRf2a"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c75ea9f18359a3c-FRA
expires
Mon, 15 May 2023 20:33:29 GMT
/
partner.blau.de/a/ Frame 03FE
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CLHlhoLU9f4CFZnluwgdqDUM_g;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023051422332984930512145X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023051422332984930512145X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=55426a3f08d6004a4a5bd6798cc703ca%2F2464836446579212803&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684096409356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2behbrmcy6ysv6z122fvyeydnw89e2w5wcz6e2x014s8jyzdrak6p9ecqkmrvsfawgsd08ac8q5qm0z72w847yrac80knzh3t42qc05k3kap0y6qb384fqn75eq4vp6ky03ab8h2bwgf1njpj9p3ky0mw8qj0f1hhr2q8hedq0xw13r026feadmdbt1s0zd5bd1hev590hy6vfs9aawcexcp27q615ctx8kbm2ykd45ckmrj69r6a3hv57sse0srv6j34fs4d8p2e03c5g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Sun, 14 May 2023 20:33:30 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023051422332984930512145X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date
Sun, 14 May 2023 20:33:29 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
assets.ad4m.at/logo/ Frame 03FE 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=55426a3f08d6004a4a5bd6798cc703ca%2F2464836446579212803&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684096409356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2behbrmcy6ysv6z122fvyeydnw89e2w5wcz6e2x014s8jyzdrak6p9ecqkmrvsfawgsd08ac8q5qm0z72w847yrac80knzh3t42qc05k3kap0y6qb384fqn75eq4vp6ky03ab8h2bwgf1njpj9p3ky0mw8qj0f1hhr2q8hedq0xw13r026feadmdbt1s0zd5bd1hev590hy6vfs9aawcexcp27q615ctx8kbm2ykd45ckmrj69r6a3hv57sse0srv6j34fs4d8p2e03c5g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50e734ffcdc09b70990c3eeab77d174cf6eb23513ced5bbe8204a12f934f6bca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
254022
cf-polished
origSize=12956, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8950
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 14:32:10 GMT
server
cloudflare
etag
"c6c297b07f296b60586b8613b6e9b5cd"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3%2F1nQ%2B5FbfSdbBLpi7B7TUUwBTqaT7zwLDc31dEDGzeckWv7hgFYdEU8AcZCP7hPS%2BmG4OC3NOmyBoj0jhUTM9iwMv7wuGCjcRchCYZ%2FeLf1RoS2av7%2F2b4wEnGVHxBlGSX0as05Sh5Rpz8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c75ea9f18369a3c-FRA
expires
Mon, 15 May 2023 20:33:29 GMT
A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
assets.ad4m.at/product_image/ Frame 03FE 		617 KB
618 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=55426a3f08d6004a4a5bd6798cc703ca%2F2464836446579212803&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684096409356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2behbrmcy6ysv6z122fvyeydnw89e2w5wcz6e2x014s8jyzdrak6p9ecqkmrvsfawgsd08ac8q5qm0z72w847yrac80knzh3t42qc05k3kap0y6qb384fqn75eq4vp6ky03ab8h2bwgf1njpj9p3ky0mw8qj0f1hhr2q8hedq0xw13r026feadmdbt1s0zd5bd1hev590hy6vfs9aawcexcp27q615ctx8kbm2ykd45ckmrj69r6a3hv57sse0srv6j34fs4d8p2e03c5g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8c219c355bb52839799b4dc163f122b16e7699a42300306793da4091977dbad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
627622
cf-polished
origSize=632572, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
631395
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Dec 2021 17:30:00 GMT
server
cloudflare
etag
"ee529fd62e145fb264303add5fb5a944"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkiGboIk%2BnmDOAQrKHLsfTkqCjH9HC1v6M%2BYGjUb%2BiQWV59%2FHPMO9Q9C0IZA%2BnjGn98nWrsVs4bjWbZP0GNca6Wp8x3IMrL0GmGJeWvxgm%2B7qmEwo2AdciBo1AZ9DQegasXAiXt4Jw8pAZS2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c75ea9f18389a3c-FRA
expires
Mon, 15 May 2023 20:33:29 GMT
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame E96E 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=ca2124d246388b52ca111b4e2a602533%2F14541388359378963250&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684096409368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbvep5hx6abn8z1cktq1xrsaedbcgrv5z2rcgjpd103b3qmef6wdq8s40rcdkb88n60s13tgz87cpyqfgmse3ep49zrjr2yw5cq18ek3n1bzmjaafa2eky2zgtqnb4d0ka97qpz14vtt7s4r3dhpns80jfsrz0r814mnt7bfsdjphh4s652d8ztw8bhcarjfhy6zj4bbtws8sa7rkehskttdywsbys97w1w9vd9nd237gs4cp2f3qc5ge5csfg9k3e10psbf58wq0kmwfx21xb7wr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=ca2124d246388b52ca111b4e2a602533%2F14541388359378963250&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684096409368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbvep5hx6abn8z1cktq1xrsaedbcgrv5z2rcgjpd103b3qmef6wdq8s40rcdkb88n60s13tgz87cpyqfgmse3ep49zrjr2yw5cq18ek3n1bzmjaafa2eky2zgtqnb4d0ka97qpz14vtt7s4r3dhpns80jfsrz0r814mnt7bfsdjphh4s652d8ztw8bhcarjfhy6zj4bbtws8sa7rkehskttdywsbys97w1w9vd9nd237gs4cp2f3qc5ge5csfg9k3e10psbf58wq0kmwfx21xb7wr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
536053
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsF0RgAV51%2Bdpl3OulRk%2FSBmUocrup%2B%2FHgRCBnF81sNRAqE7LWWtgHzaqfedOVarankkrsGVSpct9%2BbCwp9%2FD5sBM6L4t2c%2B6Fcw47p3tcdA18BlirvDUS0suj6rMOkXEXW8nlpmO4I%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7c75ea9f1ab69bf8-FRA
expires
Sun, 14 May 2023 21:33:29 GMT
C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame E96E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=ca2124d246388b52ca111b4e2a602533%2F14541388359378963250&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684096409368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbvep5hx6abn8z1cktq1xrsaedbcgrv5z2rcgjpd103b3qmef6wdq8s40rcdkb88n60s13tgz87cpyqfgmse3ep49zrjr2yw5cq18ek3n1bzmjaafa2eky2zgtqnb4d0ka97qpz14vtt7s4r3dhpns80jfsrz0r814mnt7bfsdjphh4s652d8ztw8bhcarjfhy6zj4bbtws8sa7rkehskttdywsbys97w1w9vd9nd237gs4cp2f3qc5ge5csfg9k3e10psbf58wq0kmwfx21xb7wr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
253432
cf-polished
origFmt=png, origSize=10283
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4736
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Apr 2023 12:21:02 GMT
server
cloudflare
etag
"b90d04a587c2a1ab6749e51d8bb195d1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lw2uImUiDS0JtcHzBsNshJwVsj0IbLGH0WsJNniDuC8DuE%2FHyzm1PYQN%2FfQOp%2FyT8iJf9zMuLEMsju9Uq9F50HnmbEV%2F8p23jfhsMfVDmZMyr7kcGm8WfnYcQ6DN%2FWouJsjjMVCW2SC48OW2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c75ea9f082c9a3c-FRA
expires
Mon, 15 May 2023 20:33:29 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame E96E 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=ca2124d246388b52ca111b4e2a602533%2F14541388359378963250&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684096409368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbvep5hx6abn8z1cktq1xrsaedbcgrv5z2rcgjpd103b3qmef6wdq8s40rcdkb88n60s13tgz87cpyqfgmse3ep49zrjr2yw5cq18ek3n1bzmjaafa2eky2zgtqnb4d0ka97qpz14vtt7s4r3dhpns80jfsrz0r814mnt7bfsdjphh4s652d8ztw8bhcarjfhy6zj4bbtws8sa7rkehskttdywsbys97w1w9vd9nd237gs4cp2f3qc5ge5csfg9k3e10psbf58wq0kmwfx21xb7wr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
343968
cf-polished
origFmt=png, origSize=105738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55786
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDAvPnu%2FuNiuaMJiZlGkcZDKzIFXbTqE%2B8i%2B5pYyahWM3qZ7U6%2BlAtMVG3W4uiLtct%2Fcg0doJR9FKMjwPejSGMSCRMSgOznUu3rT%2BX10F9pzmC6JBiebjKxUzHmQp8LD3UE0Q4SgquJoBT40"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c75ea9f183d9a3c-FRA
expires
Mon, 15 May 2023 20:33:29 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame E96E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=ca2124d246388b52ca111b4e2a602533%2F14541388359378963250&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684096409368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbvep5hx6abn8z1cktq1xrsaedbcgrv5z2rcgjpd103b3qmef6wdq8s40rcdkb88n60s13tgz87cpyqfgmse3ep49zrjr2yw5cq18ek3n1bzmjaafa2eky2zgtqnb4d0ka97qpz14vtt7s4r3dhpns80jfsrz0r814mnt7bfsdjphh4s652d8ztw8bhcarjfhy6zj4bbtws8sa7rkehskttdywsbys97w1w9vd9nd237gs4cp2f3qc5ge5csfg9k3e10psbf58wq0kmwfx21xb7wr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2110545
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BBLIkYxAVLnIFcBC06qjxlirDURI7mkwbfLlERyxLeLsyEwz9t9Xr4Ry%2BpipHq0B3j8GB1yEZh99EXHKP52Ft%2FmFaGOuVOqKPr%2F0wUEl5Aqk4MovTjhl7MmkMFe%2BlJMRFFam8v8ao7Jyt42"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c75ea9f183f9a3c-FRA
expires
Mon, 15 May 2023 20:33:29 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame E96E 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=ca2124d246388b52ca111b4e2a602533%2F14541388359378963250&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684096409368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbvep5hx6abn8z1cktq1xrsaedbcgrv5z2rcgjpd103b3qmef6wdq8s40rcdkb88n60s13tgz87cpyqfgmse3ep49zrjr2yw5cq18ek3n1bzmjaafa2eky2zgtqnb4d0ka97qpz14vtt7s4r3dhpns80jfsrz0r814mnt7bfsdjphh4s652d8ztw8bhcarjfhy6zj4bbtws8sa7rkehskttdywsbys97w1w9vd9nd237gs4cp2f3qc5ge5csfg9k3e10psbf58wq0kmwfx21xb7wr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1733769
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKvaBj%2Bp0hTOdc6zIrHWnLrXQ%2F32h5%2F2nWh7wurOh23aP8TcFiETqdyt1Uzv%2BuXWZXXtDMLELhAWS4EMj5L9x%2F%2BUXE%2FUdSm9bmSUDF%2F0%2FzEqAfzUk9msvxYaCRDgWUTQWxnOA%2FN%2FTaYUryns"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c75ea9f18419a3c-FRA
expires
Mon, 15 May 2023 20:33:29 GMT
cshow.php
www.awin1.com/ Frame E96E 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=ca2124d246388b52ca111b4e2a602533%2F14541388359378963250&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684096409368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbvep5hx6abn8z1cktq1xrsaedbcgrv5z2rcgjpd103b3qmef6wdq8s40rcdkb88n60s13tgz87cpyqfgmse3ep49zrjr2yw5cq18ek3n1bzmjaafa2eky2zgtqnb4d0ka97qpz14vtt7s4r3dhpns80jfsrz0r814mnt7bfsdjphh4s652d8ztw8bhcarjfhy6zj4bbtws8sa7rkehskttdywsbys97w1w9vd9nd237gs4cp2f3qc5ge5csfg9k3e10psbf58wq0kmwfx21xb7wr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 20:33:29 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame E96E 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=ca2124d246388b52ca111b4e2a602533%2F14541388359378963250&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684096409368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbvep5hx6abn8z1cktq1xrsaedbcgrv5z2rcgjpd103b3qmef6wdq8s40rcdkb88n60s13tgz87cpyqfgmse3ep49zrjr2yw5cq18ek3n1bzmjaafa2eky2zgtqnb4d0ka97qpz14vtt7s4r3dhpns80jfsrz0r814mnt7bfsdjphh4s652d8ztw8bhcarjfhy6zj4bbtws8sa7rkehskttdywsbys97w1w9vd9nd237gs4cp2f3qc5ge5csfg9k3e10psbf58wq0kmwfx21xb7wr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1825270
cf-polished
origFmt=png, origSize=62828
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36446
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90RkBBKYnjx0jneblDtKsEjhbUZXvfkAyfS2vBbS8rZ6V%2BtJjplLVwgSMYEZHZKOoM5Pq95z6%2FN2oBcE2%2BUWj32mAP8PqpBBiIhdd3eUMMrmfE%2Fgeyl%2FD0oR%2B0qTRVlu6UOh94tBuVKr8m3c"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c75ea9f18429a3c-FRA
expires
Mon, 15 May 2023 20:33:29 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame E96E 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=ca2124d246388b52ca111b4e2a602533%2F14541388359378963250&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684096409368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbvep5hx6abn8z1cktq1xrsaedbcgrv5z2rcgjpd103b3qmef6wdq8s40rcdkb88n60s13tgz87cpyqfgmse3ep49zrjr2yw5cq18ek3n1bzmjaafa2eky2zgtqnb4d0ka97qpz14vtt7s4r3dhpns80jfsrz0r814mnt7bfsdjphh4s652d8ztw8bhcarjfhy6zj4bbtws8sa7rkehskttdywsbys97w1w9vd9nd237gs4cp2f3qc5ge5csfg9k3e10psbf58wq0kmwfx21xb7wr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2240786
cf-polished
degrade=85, origSize=133780, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38661
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJpXq5LSE%2F5pErBVtlwm%2FFPbVY5EFe60XyKC%2BY%2FTPpVyMd7dOdvNdfFKTg7ilWOyTKwdcaqpTkRunFoOj6ZRDVnRSJlQbMq4fHx0mAJziyYlUFf6eS0Dx9Iuw4y3BzafXqOosI1p7NEwXrv%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c75ea9f18449a3c-FRA
expires
Mon, 15 May 2023 20:33:29 GMT
cshow.php
www.awin1.com/ Frame E96E 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=ca2124d246388b52ca111b4e2a602533%2F14541388359378963250&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684096409368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbvep5hx6abn8z1cktq1xrsaedbcgrv5z2rcgjpd103b3qmef6wdq8s40rcdkb88n60s13tgz87cpyqfgmse3ep49zrjr2yw5cq18ek3n1bzmjaafa2eky2zgtqnb4d0ka97qpz14vtt7s4r3dhpns80jfsrz0r814mnt7bfsdjphh4s652d8ztw8bhcarjfhy6zj4bbtws8sa7rkehskttdywsbys97w1w9vd9nd237gs4cp2f3qc5ge5csfg9k3e10psbf58wq0kmwfx21xb7wr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 20:33:29 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
pagead2.googlesyndication.com/bg/ Frame 4281 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
Requested by
Host: b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
URL: https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 12:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
29551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14771
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 May 2024 12:20:58 GMT
link.html
track.webgains.com/ Frame E96E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j375a3qkrxgk26jfddjk81hwak1q3k9s686wcn4eshsy1ryq6mkf9c11eee7jvtvzx957fg18ktb9x6ksykd192sws2vjexnb669fjyfk0x80k32y0rmpnpbqpvq8fcs2dnn0z709rsebbf9mcknc0w3ez96pdbe2c34vadc019en88851k3zdxdt3xynv7dm9167gcehrv27pp2c938mqrm7sj47xdnp7141r4cgbe4es7ywhd9zqavd3z2s0qdsg1w%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jbvep5hx6abn8z1cktq1xrsaedbcgrv5z2rcgjpd103b3qmef6wdq8s40rcdkb88n60s13tgz87cpyqfgmse3ep49zrjr2yw5cq18ek3n1bzmjaafa2eky2zgtqnb4d0ka97qpz14vtt7s4r3dhpns80jfsrz0r814mnt7bfsdjphh4s652d8ztw8bhcarjfhy6zj4bbtws8sa7rkehskttdywsbys97w1w9vd9nd237gs4cp2f3qc5ge5csfg9k3e10psbf58wq0kmwfx21xb7wr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%252526client%25253Dca-pub-7983651257838282%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=ca2124d246388b52ca111b4e2a602533%2F14541388359378963250&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684096409368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbvep5hx6abn8z1cktq1xrsaedbcgrv5z2rcgjpd103b3qmef6wdq8s40rcdkb88n60s13tgz87cpyqfgmse3ep49zrjr2yw5cq18ek3n1bzmjaafa2eky2zgtqnb4d0ka97qpz14vtt7s4r3dhpns80jfsrz0r814mnt7bfsdjphh4s652d8ztw8bhcarjfhy6zj4bbtws8sa7rkehskttdywsbys97w1w9vd9nd237gs4cp2f3qc5ge5csfg9k3e10psbf58wq0kmwfx21xb7wr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.36.104 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-36-104.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
6f2254330cb3451081f99ed9e363f2a7235d83565e0ecd0e246c5c5e06c2443a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
last-modified
Sun, 14 May 2023 20:33:29 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sun, 14 May 2023 20:34:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9A45 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=2523340466925134&rc=
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
link.html
track.webgains.com/ Frame 03FE 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kvjdfnn52hpac2pjv75hsy72gzbqgq2wrgq70hkatxs00456dk2j9kde1094pmd9761ykgkwhkaxkagezq8s9c955wsnspc0k90372dfv8qq4jw7f6p9dj2jnmeeq660rfxk93rmzw78rryv9m31ecah5nhe08excqkx6yce831cxy6v4nv6gnnxmg6jhrc1fde2qke2nvqx6tt2efye7d7g6t8et61jv7whtzhg42q74qf2md4nkrg70rbaw2ey460%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h2behbrmcy6ysv6z122fvyeydnw89e2w5wcz6e2x014s8jyzdrak6p9ecqkmrvsfawgsd08ac8q5qm0z72w847yrac80knzh3t42qc05k3kap0y6qb384fqn75eq4vp6ky03ab8h2bwgf1njpj9p3ky0mw8qj0f1hhr2q8hedq0xw13r026feadmdbt1s0zd5bd1hev590hy6vfs9aawcexcp27q615ctx8kbm2ykd45ckmrj69r6a3hv57sse0srv6j34fs4d8p2e03c5g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9oneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7oneid__suite_Netmix_Reach13_BlackFridayPush
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=55426a3f08d6004a4a5bd6798cc703ca%2F2464836446579212803&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684096409356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2behbrmcy6ysv6z122fvyeydnw89e2w5wcz6e2x014s8jyzdrak6p9ecqkmrvsfawgsd08ac8q5qm0z72w847yrac80knzh3t42qc05k3kap0y6qb384fqn75eq4vp6ky03ab8h2bwgf1njpj9p3ky0mw8qj0f1hhr2q8hedq0xw13r026feadmdbt1s0zd5bd1hev590hy6vfs9aawcexcp27q615ctx8kbm2ykd45ckmrj69r6a3hv57sse0srv6j34fs4d8p2e03c5g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.36.104 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-36-104.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
40a85f04b3bec822fd29da9a6b6d1d10610b2855e5813410a2ae808f98f59c25

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
last-modified
Sun, 14 May 2023 20:33:29 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sun, 14 May 2023 20:34:29 GMT
oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
pagead2.googlesyndication.com/bg/ Frame 9A19 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 12:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
29551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14771
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 May 2024 12:20:58 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 77A7 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
12ecb0e55747b4449fbdaf5e5e91a9023844eb4ea6131773d457675019ac6251
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 11 May 2023 09:44:47 GMT
server
nginx
etag
W/"645cb90f-17429"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 May 2023 20:33:29 GMT
5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame 77A7 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1684096407461&userId=vnet648faf63-4d0c-491e-9ece-7b21e8085b15
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Sun, 14 May 2023 20:33:29 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
/
track.adform.net/adfscript/ Frame F083 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=60438885;rtbwp=7SnUZCzxG8Prnu9P2mLaN6zboUFQG3yp0;rtbdata=JZ80VHNWRdSuHtSHW-UTvenSBRlVjTz_b33x7C8fdTfheKX89TQx1nOXMSifnFpnLmRp0OIKXxkOzLcj3nRoxOTFVe-UmPGOX7NN-4gaERNm1TWEtJDUOpQSIKD4R2CkRyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3pSVtlKQ2XrKAQGfHS1yXPxNd1q5GUooeEZHm7c395ALR5j6xnwGz8cR1p0e3faAkjwHiYqTOIGhjchrRekYYz21Mo41A3GzX2ZvMLAZBwLrY3MyE-ScwfCKpjMRdn3So8N4iOtIBxgX0;csid=81917;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=RLgHqnDmhD7uPWSLnwizxU8NZi7Dl_dq-PLZbKgqqszEnDxLCZDg12JDuWjDE0Dma-WKcMFZWlawDB6WwZA9NKGYNGdxBC70sfpp_YQUOrm_iHD91Dga7pjzVnwKxFgMMEmHCso2SegZp0K0vyYpoD-3ZXtyWvj5oz-nOrnH9LTVkkHWdc9-o-9r5mjjYXtGebwH7-C6fvXzCfDe1lFSvZKnIACB__HK0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEfQcB7Rwa8MJ9WYTyY0cG59tLCsZpK0NbYd78xISYFSJGTqnT3cMwH96vWmW1dlSa0;
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ffa86caaf522a3fea147468d0935c7ba4a285d395e0fc8ddbd8902e51f801b48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1316
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame F083 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx0000036c3b8447bdf0cc5-00637b6786-32941e2b-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
pvClk.min.js
analytics.webgains.io/ Frame E96E 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j375a3qkrxgk26jfddjk81hwak1q3k9s686wcn4eshsy1ryq6mkf9c11eee7jvtvzx957fg18ktb9x6ksykd192sws2vjexnb669fjyfk0x80k32y0rmpnpbqpvq8fcs2dnn0z709rsebbf9mcknc0w3ez96pdbe2c34vadc019en88851k3zdxdt3xynv7dm9167gcehrv27pp2c938mqrm7sj47xdnp7141r4cgbe4es7ywhd9zqavd3z2s0qdsg1w%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jbvep5hx6abn8z1cktq1xrsaedbcgrv5z2rcgjpd103b3qmef6wdq8s40rcdkb88n60s13tgz87cpyqfgmse3ep49zrjr2yw5cq18ek3n1bzmjaafa2eky2zgtqnb4d0ka97qpz14vtt7s4r3dhpns80jfsrz0r814mnt7bfsdjphh4s652d8ztw8bhcarjfhy6zj4bbtws8sa7rkehskttdywsbys97w1w9vd9nd237gs4cp2f3qc5ge5csfg9k3e10psbf58wq0kmwfx21xb7wr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%252526client%25253Dca-pub-7983651257838282%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 00:27:59 GMT
content-encoding
gzip
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
72331
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
G05DPG73vvyao1CftVVZU4fY7nxNXzj-Y5o0B416PTjgdPA7dKBHWQ==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame E96E 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1684096709&Signature=ZB3-TzJQytkDR~~ZuFTyEzIUTwYYJKIvTHnp3habYq0drT8r2zeFdr6afNf47YXPMSQjqNYt3nA6G3-83cIbh3af--8WuPgZF-DmScr8-Ws~HE7pgSMZcTNmSx1vXfe~LpqXpTrpJHtxUXol83vAaKNe1pOiUhI0ChJwS7AIYeITYBx464-tdljAbvkdwwtgp8UcP-K0mRDgKlNcC3uNjcRKRusn~aClAQsZ4cUxqz39sHolBvRSdXEYKtt~RzAG8aQXIT-3GEkzHtbhzA2uNF~eojCSgqB~8kmmtSJ75ChIjzImhSSxrB8YyzDTy3GvUiOHB7Obhmv05jVjcM9iyw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=ca2124d246388b52ca111b4e2a602533%2F14541388359378963250&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684096409368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbvep5hx6abn8z1cktq1xrsaedbcgrv5z2rcgjpd103b3qmef6wdq8s40rcdkb88n60s13tgz87cpyqfgmse3ep49zrjr2yw5cq18ek3n1bzmjaafa2eky2zgtqnb4d0ka97qpz14vtt7s4r3dhpns80jfsrz0r814mnt7bfsdjphh4s652d8ztw8bhcarjfhy6zj4bbtws8sa7rkehskttdywsbys97w1w9vd9nd237gs4cp2f3qc5ge5csfg9k3e10psbf58wq0kmwfx21xb7wr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 14 May 2023 13:37:25 GMT
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
24965
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
zAuyCZfboT0pr7Znc1VGB7J1GI0vBLKqkbeNYhq66RYDEt7Hj2My8Q==
pvClk.min.js
analytics.webgains.io/ Frame 03FE 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kvjdfnn52hpac2pjv75hsy72gzbqgq2wrgq70hkatxs00456dk2j9kde1094pmd9761ykgkwhkaxkagezq8s9c955wsnspc0k90372dfv8qq4jw7f6p9dj2jnmeeq660rfxk93rmzw78rryv9m31ecah5nhe08excqkx6yce831cxy6v4nv6gnnxmg6jhrc1fde2qke2nvqx6tt2efye7d7g6t8et61jv7whtzhg42q74qf2md4nkrg70rbaw2ey460%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h2behbrmcy6ysv6z122fvyeydnw89e2w5wcz6e2x014s8jyzdrak6p9ecqkmrvsfawgsd08ac8q5qm0z72w847yrac80knzh3t42qc05k3kap0y6qb384fqn75eq4vp6ky03ab8h2bwgf1njpj9p3ky0mw8qj0f1hhr2q8hedq0xw13r026feadmdbt1s0zd5bd1hev590hy6vfs9aawcexcp27q615ctx8kbm2ykd45ckmrj69r6a3hv57sse0srv6j34fs4d8p2e03c5g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9oneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7oneid__suite_Netmix_Reach13_BlackFridayPush
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 00:27:59 GMT
content-encoding
gzip
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
72331
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
FEmD9JlIdI6zCqmM24XPv7hvZgKX78TAb_jz6GVw6RnZSsiV5SANeg==
1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png
cdn.track.production.webgains.team/278155/ Frame 03FE 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/278155/1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png?Expires=1684096709&Signature=Y3CaPyvMtVo5g5x3Xr0URX3aaPO9CSD4vxnZllQV2qC4D~OyQshaCYs903wmlYPpyZBnK1gDtNM08pg5-1PGFQII5j2Jwdo9jUKv9hw~NvnEblNwIgmpda~~Wq4f4Vu7FSRGHA6ok4yeWKBw0gRDymTnJdN~h3UrObOgvvFKVJKZFEGH44q3UWp~j7hY~8cifPKoBtEceATJ~UOtbQP2jEqTSOMD-NQgV~FQ1lulYl0aMAROwsEowIKhDCJRhA8j8JznsOl29Sw4~vkDTZ1Efi~wfeBj3tgxs4wkD-gIN2T3vWMohJ9hgY8w3cBvBb6U2uHJGnRK7r-s-jCo0uNEBg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=55426a3f08d6004a4a5bd6798cc703ca%2F2464836446579212803&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684096409356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2behbrmcy6ysv6z122fvyeydnw89e2w5wcz6e2x014s8jyzdrak6p9ecqkmrvsfawgsd08ac8q5qm0z72w847yrac80knzh3t42qc05k3kap0y6qb384fqn75eq4vp6ky03ab8h2bwgf1njpj9p3ky0mw8qj0f1hhr2q8hedq0xw13r026feadmdbt1s0zd5bd1hev590hy6vfs9aawcexcp27q615ctx8kbm2ykd45ckmrj69r6a3hv57sse0srv6j34fs4d8p2e03c5g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 14 May 2023 10:07:19 GMT
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:31:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
37571
etag
"90a67412ed0b25c3e4ca2ad17658d5e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2545
x-amz-cf-id
K4CjCKW2fBzIxnpo_dsOQdNeXKXCTzERVjKRdN_NkhOkd-EUCcNZxw==
generate_204
tpc.googlesyndication.com/ Frame 9A19 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?h4NPQA
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame F083 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60438885;rtbwp=7SnUZCzxG8Prnu9P2mLaN6zboUFQG3yp0;rtbdata=JZ80VHNWRdSuHtSHW-UTvenSBRlVjTz_b33x7C8fdTfheKX89TQx1nOXMSifnFpnLmRp0OIKXxkOzLcj3nRoxOTFVe-UmPGOX7NN-4gaERNm1TWEtJDUOpQSIKD4R2CkRyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3pSVtlKQ2XrKAQGfHS1yXPxNd1q5GUooeEZHm7c395ALR5j6xnwGz8cR1p0e3faAkjwHiYqTOIGhjchrRekYYz21Mo41A3GzX2ZvMLAZBwLrY3MyE-ScwfCKpjMRdn3So8N4iOtIBxgX0;csid=81917;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=RLgHqnDmhD7uPWSLnwizxU8NZi7Dl_dq-PLZbKgqqszEnDxLCZDg12JDuWjDE0Dma-WKcMFZWlawDB6WwZA9NKGYNGdxBC70sfpp_YQUOrm_iHD91Dga7pjzVnwKxFgMMEmHCso2SegZp0K0vyYpoD-3ZXtyWvj5oz-nOrnH9LTVkkHWdc9-o-9r5mjjYXtGebwH7-C6fvXzCfDe1lFSvZKnIACB__HK0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEfQcB7Rwa8MJ9WYTyY0cG59tLCsZpK0NbYd78xISYFSJGTqnT3cMwH96vWmW1dlSa0;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ae684e653cf5edc8bec110ff0669b6daa58f690d550735f98954697799f963da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
gzip
last-modified
Tue, 18 Apr 2023 08:19:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 19 Apr 2023 13:55:16 GMT
/
track.adform.net/adfserve/ Frame F083 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=60438885;rtbwp=7SnUZCzxG8Prnu9P2mLaN6zboUFQG3yp0;rtbdata=JZ80VHNWRdSuHtSHW-UTvenSBRlVjTz_b33x7C8fdTfheKX89TQx1nOXMSifnFpnLmRp0OIKXxkOzLcj3nRoxOTFVe-UmPGOX7NN-4gaERNm1TWEtJDUOpQSIKD4R2CkRyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3pSVtlKQ2XrKAQGfHS1yXPxNd1q5GUooeEZHm7c395ALR5j6xnwGz8cR1p0e3faAkjwHiYqTOIGhjchrRekYYz21Mo41A3GzX2ZvMLAZBwLrY3MyE-ScwfCKpjMRdn3So8N4iOtIBxgX0;csid=81917;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=RLgHqnDmhD7uPWSLnwizxU8NZi7Dl_dq-PLZbKgqqszEnDxLCZDg12JDuWjDE0Dma-WKcMFZWlawDB6WwZA9NKGYNGdxBC70sfpp_YQUOrm_iHD91Dga7pjzVnwKxFgMMEmHCso2SegZp0K0vyYpoD-3ZXtyWvj5oz-nOrnH9LTVkkHWdc9-o-9r5mjjYXtGebwH7-C6fvXzCfDe1lFSvZKnIACB__HK0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEfQcB7Rwa8MJ9WYTyY0cG59tLCsZpK0NbYd78xISYFSJGTqnT3cMwH96vWmW1dlSa0;;js=1;adfxid=1x;8236;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fpcloak.blob.core.windows.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5e023b7a2e9faa6c1dda5059645445911dedf847899509f88c1b4caca1ce62eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3487
expires
-1
truncated
/ Frame F083 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b357c8e1e2d2eceb979c0c1f6958bc449a9b3358da3beed98c3fb5a86357d048

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F083 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNys9ZwIiYBUPVqi-sw9WB2j84Go5HFnbQVu7JVWNWrhlVLprHwuYFSV-L8qiuBpH5ISiDx0IkExj9Kg6ugE3LvmWv8iDQNqL9bh0m8gqJhya2DB9oaMQyoEqFrBFm2-aut1iitNMVL5NekTVoO_MIgMnojOAh7tn4CJeCrR9VkgRxukKziPCXHCZs0qwme-YQmnIJTaH5P8GHxuFYYqXNmqXennYw10krkTDQmKFb5tXGRgd1zO-ZJfmj-D5y56HGvd8KlowZd0Ikf4BFzRE8ZmI-tOnx7mMFk2p6ya_d07UgW7jSi1o6WDQ0b_XxGhVJbXfmCUqVnNcgy_sdLqHlqrKUDw9QmgLY5JU1vvWjp7_lkbmTv70&sai=AMfl-YS2cChmMp5h7UX7lMWore1ELBbH6nLxoh8tESOhgj6kcKIc-wucpCmWTY0iZPIus1UqfI8vlNmuDlfcVqWOL7e_w7wN9E_JYqv4EP291i4B22qmryUNHA0PUfbdew&sig=Cg0ArKJSzIL5I08yLftSEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 14 May 2023 20:33:29 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.228/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame F083 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.228/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:29 GMT
content-encoding
gzip
last-modified
Tue, 18 Apr 2023 08:19:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 19 Apr 2023 13:55:17 GMT
/
track.adform.net/csimpr/ Frame F083 		35 B
588 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=60438885&csi=wmMj7hZQiXku4LnAYOD9wWu8y0X_S8E-QGQYY4CDl20JDwKV3Zer3C9YWOwUqG4vPvvrSlxDlKwDQ5eDPSpQ_-LSFeXTyO4ccUAcIpDuM4R9BwHtHBrwwn1ZhPJjRwbn20sKxmkrQ1th3vzEhJgVIkZOqdPdwzAfLfh33PHKZj83UmrYtgUuVgO8_7rsP1jj0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
56816588.gif
s1.adform.net/Banners/56816588/ Frame F083 		156 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/56816588/56816588.gif?bv=2
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3129aa523d159f576a3ab572bfc966d6f78234ff62cde1fd4537242851b9c8dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:30 GMT
last-modified
Wed, 21 Dec 2022 16:44:52 GMT
server
nginx
x-amz-request-id
tx00000a1e786cac6e9494b-0063b0bef9-329354d9-default
etag
"0b8648136ea2b4c46facc933526b05c0"
x-cache-status
STALE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
160023
activeview
pagead2.googlesyndication.com/pcs/ Frame 7103 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss259gr8AqguGB6372Lx9txoYd7AMl9Q2Ek5EhVq42FKmWSAHF55tr5pNb7ary9yEJyw8xAg56wQoIpMMl0ltwvZTSdSwUxy5iFjyEXxks69jUchDNnwzSnHOJok9EQbLZCIVB44J1ATAOL4sD9YLe86Iz_rIERpqBu7gZfxemCQPmRCxNx6uxj2t1tOqfs5AqquR9E6KivkPXS5jVCkht6EQS5N5y4M3MImec&sai=AMfl-YTAOFU7qo3K7xfECjS_dG1TnLxzLPay-pXa8g2QoiYGlkkNAQ8L2DdJxF1dSbnaD824YWsFjiiQyu9UHd3WpOwClkxNL_EWksNnwh7g9NpsB_xeUImk4Vmp5ew&sig=Cg0ArKJSzIj_QZpj3rRJEAE&id=lidar2&mcvt=1001&p=0,0,100,100&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3698513385&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684096408914&rpt=96&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E869 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9V68ZvmFK3uq7RHNKWp9WOAiwSiHhnenxtoRlXFC8YtVuIzwHqJ0xwSZsOOVXhJXGV8V1yMMCPmL9X15pSUCmEVk_&sig=Cg0ArKJSzBxB883EesSxEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=456810305&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684096408966&rpt=188&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4C75 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=2523340466925134&bg=!h4SlhNDNAAYldGN0BXQ7ADkAdvg8Wgflwqpo5cJrP1VVFI4NEHWMoetn5gCIslezwAFGB4SE7oKwXntJP03TadEtkmUvYuaAMiMCAAAATlIAAAAEaAEHmQMNLdDenHopFnfuQLsP_BZaHmGEqqUowaWwb9wVHlfV9UJheqEfyhXuTYOMRcHhKlVz4u2UbwrwCxFdXpKaH0sN4CRSM1g8dE_jcyKVsmbhLyRDeHnXDW_reG-dRYPafHDkXJyQzrJfb5BGKCSFkheHuwtgAeDyabCdvXboQzmCcERU1catxp2pfZbodVvwFBauSP7I36OjzTnk3UPwnBZ0h0SCUKebYX2kBy_BKXS85S4oaHe03jw1x3X6w_hng0TQiPB0OIZMpZGX3PU9SO-pT0iN1u5hIZWvjScqe9sEJ4qBye3GKzI6Jhi-DrOLt7n4DNzckeLgRAeh-o03XIRCc7XWR1ytlzY1iIiyEXPKhN3jKkqU1dkf1DuR7p3FC8IYNKZjEpNxenJCjQDN09BDp4ql4ON_t70ut938CXzZyQ1TunMSyemgwdGE-7GUib74GjMdEcE4uSXqhOQw8-6C67Q5sDCDn-bABDC7itnVNtXEuwVFX-RoTvt2qLIJbDmFB-tHOBylUV30NLmLdo_-qC3tXCRtDHCuqn2M3AIbwUumPhpNHTLMnexBfxoIK99KCXO49yj-l5LLVAGcs7ED5etmXV0XDL-obwa_qnX6JKmv5x2nGi81YW1H-AITel36VHtHfZSDAqZI0DshypPwFik45_SNMWBhcwRUwA5-FDx5fVam-FN3qPz5z6KHcSN66FExooHw4QooPDJTesuazsQHQviavfo0k_XUIvyoSZmzOm5RXYB63RaH6OOHfFGCIT50vzDT23FF-SWxzvUOmP-Fl1iu_Bz0U-d8dx2req8fNfRzHsb_0o0CApJPYNyzFzALDeOo1Ye_l_qnlBQTh-doVariDLqyNi_bSPSvFRE5WysWXH5aR2ItAIdHZLZx1HkVqwM0xkrWMtKHlIzXic3-lvBgfmGMnEmJHmGknZlBNBR0v3pnq9CFzp9CtHrUUxEFV9wh-MRVARsIxRjPyI7BMIgUSNB5GBJE-SsgjH2n2pi7KMMidvPNjvBCK9Cun2kdwR6h8n1TTNaDUg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-51c60ec002340f16/ Frame 77A7 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-51c60ec002340f16/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-115.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
80a6bc8e05e84df98ca33712aaf3b520db8e4eb53cb97429d0a3f72fdb8bb35b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:30 GMT
content-encoding
gzip
etag
2086319854--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=22, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
1267
300lo.json
m.addthis.com/live/red_lojson/ Frame 77A7 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=6461459729c9d7e5&bkl=0&bl=1&pdt=304&sid=6461459729c9d7e5&pub=ra-51c60ec002340f16&rev=v8.28.8-wp&ln=tr&pc=men&cb=0&ab=-&dp=ye-mek.net&dr=pcloak.blob.core.windows.net&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=4&gen=100&chr=UTF-8&colc=1684096410475&jsl=129&skipb=1&callback=addthis.cbs.jsonp__69718712011733670
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-115.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
47224877ac01f1f0d04b0f52cdf904fdad6c612f94b5d84b272012e7bf41a21c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:30 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame CE9A 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame FFFC 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-115.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Sun, 14 May 2023 20:33:30 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
client.tr.min.json
s7.addthis.com/l10n/ Frame 77A7 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/l10n/client.tr.min.json
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-115.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
1f5a2a979149a9192bb49e10899322a37fbfda94dd47567b029823950adc0e2f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Sun, 14 May 2023 20:33:30 GMT
last-modified
Tue, 10 Sep 2019 15:15:17 GMT
server
nginx/1.15.8
etag
W/"5d77be05-d99"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, s-maxage=604800
x-host
s7.addthis.com
timing-allow-origin
*
content-length
1685
sodar
pagead2.googlesyndication.com/getconfig/ Frame 77A7 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26e28bfa1324cf64a11740022305c6386651891e3394e231a740d79aa9461fff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11219
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 90E5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:33:29 GMT
server
Kestrel
server-processing-duration-in-ticks
357098
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame 77A7 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1684096407461&userId=vnet648faf63-4d0c-491e-9ece-7b21e8085b15
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Sun, 14 May 2023 20:33:30 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Philips_utu_DB.mp4
rek-n18.nktcdn.com/data/ads/mockups/philips/ Frame 77A7 		29 KB
30 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://rek-n18.nktcdn.com/data/ads/mockups/philips/Philips_utu_DB.mp4
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.218 -, , ASN (),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
a9baef98a9f2b4098a8e9e4c62b30f1d89054be3b7dbca5058a7f13fe95a1887

Request headers

Referer
https://ye-mek.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=2883584-

Response headers

date
Sun, 14 May 2023 20:33:30 GMT
last-modified
Wed, 19 Apr 2023 06:23:17 GMT
server
openresty/1.15.8.3
x-amz-request-id
tx00000000000000bcab3a5-006453c679-9e2f20a7-default
content-type
video/mp4
Content-Range
bytes 2883584-2913708/2913709
cache-control
max-age=5184000
Content-Length
30125
tracking-event
api.webgains.io/ Frame 03FE 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.126.162 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 May 2023 20:33:30 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.126.162 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sun, 14 May 2023 20:33:30 GMT
server
nginx
sid
mug.criteo.com/ Frame 90E5
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=95oKM3xWQjA3bGdKNUhwcnIzZ0xsN2MwMVNVOGF2Nnp5Rk8vTlV3U0J2Ynk2em5CTWpUcVI0WDVNTXk0bitEQ1BtdUdaNWNNQ040RDJNazU5V3QyajJDaWRIdTNKQ04vckpFTFNNZ29PamJCcnNVc3hwS20wRDV3VmN4L0...
433 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=95oKM3xWQjA3bGdKNUhwcnIzZ0xsN2MwMVNVOGF2Nnp5Rk8vTlV3U0J2Ynk2em5CTWpUcVI0WDVNTXk0bitEQ1BtdUdaNWNNQ040RDJNazU5V3QyajJDaWRIdTNKQ04vckpFTFNNZ29PamJCcnNVc3hwS20wRDV3VmN4L05sYnA1aEkrT1g2TEcrYnAvV01yK1h1QlRkeVhvRTJVVTJ2aktvWUp1b1VWZkxDdFBUdjlBcWRaNS8rZGFLU0U0WFFQV0VXa0VtTE9SRHdlQ0RCZmZMWVJDRkdkK1d6SE1ESXJQZHdZbW1xMDNrQnFrL1UxcGdyaDFCRXNLeEZzMVZkNWpNZjJ1ckI2SThXalpZbWhZTTRuelFTOVRhUT09fA&cppv=2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Server
178.250.7.13 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
d2322d606b4d58cdc0c9a13f1a8b63990935c87b30d7ad58e852480190046679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:29 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1433874
expires
0

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:30 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=95oKM3xWQjA3bGdKNUhwcnIzZ0xsN2MwMVNVOGF2Nnp5Rk8vTlV3U0J2Ynk2em5CTWpUcVI0WDVNTXk0bitEQ1BtdUdaNWNNQ040RDJNazU5V3QyajJDaWRIdTNKQ04vckpFTFNNZ29PamJCcnNVc3hwS20wRDV3VmN4L05sYnA1aEkrT1g2TEcrYnAvV01yK1h1QlRkeVhvRTJVVTJ2aktvWUp1b1VWZkxDdFBUdjlBcWRaNS8rZGFLU0U0WFFQV0VXa0VtTE9SRHdlQ0RCZmZMWVJDRkdkK1d6SE1ESXJQZHdZbW1xMDNrQnFrL1UxcGdyaDFCRXNLeEZzMVZkNWpNZjJ1ckI2SThXalpZbWhZTTRuelFTOVRhUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
397223
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 77A7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 May 2023 20:33:30 GMT
tracking-event
api.webgains.io/ Frame E96E 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.126.162 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 May 2023 20:33:30 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.126.162 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sun, 14 May 2023 20:33:30 GMT
server
nginx
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ Frame 77A7 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-115.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Sun, 14 May 2023 20:33:30 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FDA4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
25913
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 13:21:37 GMT
expires
Mon, 13 May 2024 13:21:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 46BD 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
37cf2040ce4272ef407574da2719da70b45bd32d809d498e25e073a626b24607
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3tgtfBLmOArMwWguSY_BSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-3tgtfBLmOArMwWguSY_BSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:33:30 GMT
expires
Sun, 14 May 2023 20:33:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Philips_utu_DB.mp4
rek-n18.nktcdn.com/data/ads/mockups/philips/ Frame 77A7 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rek-n18.nktcdn.com/data/ads/mockups/philips/Philips_utu_DB.mp4
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.218 -, , ASN (),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
879ae7bc7101bb41ed1115bdc0acddffcbab22d393dcfb0327f989ae728f0fea

Request headers

Referer
https://ye-mek.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=65536-

Response headers

date
Sun, 14 May 2023 20:33:30 GMT
last-modified
Wed, 19 Apr 2023 06:23:17 GMT
server
openresty/1.15.8.3
x-amz-request-id
tx00000000000000bcab3a5-006453c679-9e2f20a7-default
content-type
video/mp4
Content-Range
bytes 65536-2913708/2913709
cache-control
max-age=5184000
Content-Length
2848173
truncated
/ Frame 77A7 		443 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
140.61020b6c086bdb8bc696.js
s7.addthis.com/static/ Frame 77A7 		2 KB
1010 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/140.61020b6c086bdb8bc696.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-115.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Sun, 14 May 2023 20:33:30 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-688"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
770
143.3d8bb49f121080f7c65c.js
s7.addthis.com/static/ Frame 77A7 		625 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/143.3d8bb49f121080f7c65c.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-115.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Sun, 14 May 2023 20:33:30 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-271"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
404
oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
pagead2.googlesyndication.com/bg/ Frame FDA4 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 12:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
29552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14771
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 May 2024 12:20:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 46BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305090101&jk=327531309901683&rc=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame 77A7 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1684096410820&userId=vnet648faf63-4d0c-491e-9ece-7b21e8085b15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Sun, 14 May 2023 20:33:30 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
generate_204
tpc.googlesyndication.com/ Frame FDA4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?EzGXqw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rid
match.adsrvr.org/track/ Frame 77A7 		63 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e74e8c2d9726dce043907616bbab249ac8d916114b0080cdfca45c533ff359b5

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 May 2023 20:33:31 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ye-mek.net
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 13 Jun 2023 20:33:31 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6466 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 14 May 2023 20:33:31 GMT
ETag
"623de86a-cf34"
Expires
Mon, 15 May 2023 20:33:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2D13 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 May 2023 20:33:31 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7F63 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=41003
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 14 May 2023 20:33:31 GMT
expires
Mon, 15 May 2023 07:56:54 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 5366 		0
0
usync.js
eus.rubiconproject.com/ Frame 2D13 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
530443fa0d332e8d7d6d4ec2c7ad756144c3be42d1120125ab13016b7bb8a34e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Sun, 14 May 2023 20:33:31 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 May 2023 07:12:43 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=38348
Connection
keep-alive
Content-Length
10019
Expires
Mon, 15 May 2023 07:12:39 GMT
bounce
ib.adnxs.com/ Frame 6466
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 20:33:31 GMT
AN-X-Request-Uuid
805df99f-cf0f-415b-8123-d68df1a6e6e6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.199; 80.255.10.199; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 14 May 2023 20:33:31 GMT
AN-X-Request-Uuid
849ff66e-ac76-45aa-9b2f-d83eab65cfea
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.199; 80.255.10.199; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 7F63 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12734799&p=159432&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4648f3b7e1c7cbfd910e9f7c6cc8c1220ac2ad7b42f2467abd991d65d30d1d2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 14 May 2023 20:33:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 8915
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9c956461-459a-4000-8558-135c603e7869&gdpr=0&gdpr_consent=
42 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9c956461-459a-4000-8558-135c603e7869&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 20:33:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 14 May 2023 20:33:31 GMT
Expires
Sun, 14 May 2023 20:33:30 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master zrh-pixel-x14 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9c956461-459a-4000-8558-135c603e7869&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame A51C
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825022227165
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825022227165
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 20:33:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sun, 14 May 2023 20:33:31 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825022227165
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame 89F4
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 20:33:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 20:33:30 GMT
expires
Sun, 14 May 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1179198
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 4225
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5544836408944672905
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5544836408944672905
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 20:33:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5544836408944672905
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 1FC2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1528997220194880934&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1528997220194880934&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 20:33:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
b8577f5c-b215-48d0-b621-e90930ccf483
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 14 May 2023 20:33:31 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1528997220194880934&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
80.255.10.199; 80.255.10.199; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7F63
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pNm9eZUIQnO6C8ba-DVkYA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
23.32.184.192 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:31 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=41003
accept-ranges
bytes
content-length
5554
expires
Mon, 15 May 2023 07:56:54 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 7F63 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A4D9BD79-9508-4273-BA0B-C6DAF8356460&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.208.98 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:31 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.3.152
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 7F63
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=761200608
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A4D9BD79-9508-4273-BA0B-C6DAF8356460
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A4D9BD79-9508-4273-BA0B-C6DAF8356460
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
34.111.131.239 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:31 GMT
via
1.1 google
last-modified
Sun, 14 May 2023 20:33:31 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A4D9BD79-9508-4273-BA0B-C6DAF8356460
date
Sun, 14 May 2023 20:33:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
match
a.audrte.com/ Frame 7F63 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 7F63
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTREOUJENzktOTUwOC00MjczLUJBMEItQzZEQUY4MzU2NDYw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 20:33:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7F63
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHNvcY1RfYzzkI3cAL5MYV8&google_cver=1
42 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHNvcY1RfYzzkI3cAL5MYV8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 20:33:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHNvcY1RfYzzkI3cAL5MYV8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 7F63 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 13 May 2023 20:33:31 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7F63
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1988152881661834265
42 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1988152881661834265
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 20:33:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1988152881661834265
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 7F63 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 14 May 2023 20:33:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 2D13
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/IHpiRPyljXgVfROH8w8C0A?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-COzWawhE2oIXY_rU6Xs.NGlIUS.LTiYF7cJ6Hg--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-COzWawhE2oIXY_rU6Xs.NGlIUS.LTiYF7cJ6Hg--~A
Protocol
HTTP/1.1
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 14 May 2023 20:33:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-COzWawhE2oIXY_rU6Xs.NGlIUS.LTiYF7cJ6Hg--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2D13
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDVhMDUxYjE1YTAzNjQ1NTA1ZjRkMjhjY2I5NTY2MTcxMWJiNGFmZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDVhMDUxYjE1YTAzNjQ1NTA1ZjRkMjhjY2I5NTY2MTcxMWJiNGFmZg
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDVhMDUxYjE1YTAzNjQ1NTA1ZjRkMjhjY2I5NTY2MTcxMWJiNGFmZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 2D13
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHNVIOVQ-1G-QEP
0
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHNVIOVQ-1G-QEP
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:33:31 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 4DF945BF2908445783AE466B02A730EA Ref B: FRAEDGE1314 Ref C: 2023-05-14T20:33:31Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX7rUBfD9ZBsn6UXoJqcg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHNVIOVQ-1G-QEP
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
s.amazon-adsystem.com/ Frame 2D13 		0
0
tap.php
pixel.rubiconproject.com/ Frame 2D13
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDn9Ejxo44MOea-v4aEix0g&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDn9Ejxo44MOea-v4aEix0g&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDn9Ejxo44MOea-v4aEix0g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 2D13 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 14 May 2023 20:33:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2D13
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
0
0
pixel
cm.g.doubleclick.net/ Frame 2D13
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhOVklPVlEtMUctUUVQ
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGKcx5ISnUZsEd8BQ2s1YxU&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhOVklPVlEtMUctUUVQ&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhOVklPVlEtMUctUUVQ&google_push=
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 20:33:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhOVklPVlEtMUctUUVQ&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame 77A7 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1684096407461&userId=vnet648faf63-4d0c-491e-9ece-7b21e8085b15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Sun, 14 May 2023 20:33:31 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
sodar
pagead2.googlesyndication.com/pagead/ Frame 77A7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305090101&jk=327531309901683&bg=!6uml6b3NAAYldGN0BXQ7ADkAdvg8WnIfyHz4kGkq9v12OpjKbjNJOqq2a4r0RrAVHfd_hByaMu72SmTLVoOzaQieA6_YYkLRqYoCAAAAZFIAAAADaAEHCgAgtltRbucyClJSYdcB1NQcg_OYiQw-AAH-XMzX47zxWPCZAr8httwPntCEwMXZbTdqpbb84SHSE-hzSzLOWvm-a0N-cTVVa5gg0kvX4neouAyKZiN1cUcgsfTXHnOM1vBx5OGvPQN_3K43iqN0YYCDN18-klbv3PKpBp6eOt1sx5KSbn5koQ6R2Bbc_gtzUFM6M-IrivIHCR59jdqE_UbXL1yVbYb0pQExaRUSLDqNBoiqqEY5B4GjtCL8_c__KnS41h1VWbWxxepyGmSt-xnHi_ZV-hxr07v82C9Wxz1qo3Adgw4HpKznWCTldnXA9QKuKUvHggXh0ofSQ1htTPl8SvP_J_LqINFIJVtJ6czFLt5mpGA-VyR5Bx2OrzndDzpR_ubq4q_aUndWnGxzeqyjfTl-ws11dxSMU5K6boUumpkjLz_WYVdstPy90ah9O1tM5DwYFdHAVoz2GLTJdqPrPq8wfjOlFuTqrOWx6_GrsD0yANpyAIGr2VvbRBkMWjmQhVjD6UzXkSHKwZ49ZxKjSIqnl7kuXOEXwK48sV6VizjKp4cu-P9JaggIVgzXGoyRHxksycQuTVz87KD_c1sB4pJStnAljFq7fHNuUIVJL_HR8jCznnMLkwjwabf0Q7y-evUa3nhz3yWAAONqrbbmZKk4QtHodalCgu0VrpxtiIvzEA7KvzDbm9gIvaDVZpS3kxGvzgYD-iSQkxK2-Iz5y4an2FrNWapV0oK_Gd0Qi3JoeBKDD8qar5goo8u-TF3wniiv8ybrDwCPRTPEgUiAiOlyluza0i8IACdSAlZWtgwl1AraWJpGGtbj3l7zpLdVsTQypQd0Tkw9XI7kNJ_ac-TWrcqv3AixUYXKYA-qCqAOm6X-B62eLDzThQ9M32UlTxhVmFQifNrU5sDKiKvL9AeO_87bwGoyfKFZr8DBkkuV04izAMZ7FxTKQ_XLFOk9P_LI_qlYIUDh0kr8QAMyKf8O
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb.emxdgt.com
URL
https://hb.emxdgt.com/?t=1500&ts=1684096407864&src=pbjs
Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
biddr.brealtime.com
URL
https://biddr.brealtime.com/check.html
Domain
a.audrte.com
URL
https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A4D9BD79-9508-4273-BA0B-C6DAF8356460
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| cloakan string| data object| xmlHttp number| data2 string| hash object| ifrm

31 Cookies

Domain/Path Name / Value
.rubiconproject.com/ Name: khaos
Value: LHNVIOVQ-1G-QEP
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/Eh9Dbgk/28U6eQFbWGgM44fR/rFJVNr6iLAwlOVW3UfWCFkTsWJQqyY8NhzLov3/0MOwzHLtYfPBBoZUFBBzTvW0A+VO7RH1E0=
.doubleclick.net/ Name: IDE
Value: AHWqTUlUlKGu6TZvA64V-PWP8iqCvODOhdX2U0R9Upjq9tHEBEuMx_HAywu9ijZIJGU
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: DSID
Value: NO_DATA
.quantserve.com/ Name: d
Value: EE4BCQH-KIEA
.quantserve.com/ Name: mc
Value: 64614599-1d6bf-dd52e-b9c35
.ctnsnet.com/ Name: gid_CAESEPlyZEJPKZ_Ldc-6lTkb2Mg
Value: 1
.ctnsnet.com/ Name: cid_6b2fa5bf386b43ef9e4b24130fa58a6b
Value: 1
.simpli.fi/ Name: suid
Value: 0A3FC6B1ADC14B71B75EEBD5EF6BE494
.mathtag.com/ Name: uuid
Value: 9c956461-459a-4000-8558-135c603e7869
.mathtag.com/ Name: mt_mop
Value: 4:1684096410
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A4D9BD79-9508-4273-BA0B-C6DAF8356460
.yahoo.com/ Name: A3
Value: d=AQABBJlFYWQCED1wQ7X2UxzR1y-vatgukZoFEgEBAQGXYmRrZAAAAAAA_eMAAA&S=AQAAArJ8kle6gVSYrCUGxlWpHQw
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 1988152881661834265
.awin1.com/ Name: awpv14702
Value: 412871|1684096409|9614b8b0-f296-11ed-9d45-2261c3620022
.360yield.com/ Name: tuuid
Value: 9f27eefc-f790-4b61-99d8-33e724601f5c
.360yield.com/ Name: tuuid_lu
Value: 1684096409
.awin1.com/ Name: awpv20044
Value: 412871|1684096409|96146a90-f296-11ed-89a2-223974343f8d
.awin1.com/ Name: AWSESS
Value: 415363:2904924
.turn.com/ Name: uid
Value: 7606806035928886599
.tribalfusion.com/ Name: ANON_ID
Value: a0nseFS3n0gryoxDnS6ZaDIJtrUyd02KNIoYsjMvV9QTufZcXqU8ZddN5ZbGLhalWltZdAADZdj9ROxtN4XEDKXDlf
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY4NDA5NjQwOXZsZWExZGUyMDIzMDUxNDIyMzMyOTg0OTMwNTEyMTQ3WDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWRZWDFIcmYxNXNwQnBIVkg5SGV0UXRSUjhjQVQxVDZtSHJvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTNfQmxhY2tGcmlkYXlQdXNoMTIwMjEx
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023051422332984930512147X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY4NDA5NjQwOXZsZWExZGUyMDIzMDUxNDIyMzMyOTg0OTMwNTEyMTQ3WDEyMDIxMVYxMjI2MTMyNzAyT
.adform.net/ Name: TPC
Value: 1684096409831
.blau.de/ Name: nscT486
Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjg0MDk2NDEwdmxlYTFkZTIwMjMwNTE0MjIzMzI5ODQ5MzA1MTIxNDVYMTE3NjYzVjEyMjUxMzExMDZNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NjYz
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023051422332984930512145X117663V1225131106MSreach_SUBIDTEST_view&wfid=117663&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjg0MDk2NDEwdmxlYTFkZTIwMjMwNTE0MjIzMzI5ODQ5MzA1MTIxNDVYMTE3NjYzVjEyMjUxMzExMDZNU

21 Console Messages

Source Level URL
Text
network error URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript error URL: https://ye-mek.net/(Line 39)
Message:
Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network error URL: https://hb.emxdgt.com/?t=1500&ts=1684096407864&src=pbjs
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684096407618&bpp=3&bdt=608&idt=272&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&nras=1&correlator=4086367792434&frm=24&ife=1&pv=2&ga_vid=234754744.1684096408&ga_sid=1684096408&ga_hid=367780358&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C44773809%2C44788441%2C44789923&oid=2&pvsid=327531309901683&tmod=134537922&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.9zho45qrkqyz&fsb=1&dtd=285
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://as.ad4m.at/ad/dr?ed=1jmwgdtkd59sjgf2d9dxp2759m4p0t1syggjy9v4vzttnxwtt363fez071n7wtg15mq139yemha4j8zfev7801846sfzawx86k42rnbhse4ke3kr6j81b0y3mfdkarb6ce3v220hrm7a3eq3n8ryzj3x4dt2xj5pv8m7wx3q5hsy4240hpzc49w3ct1zc550farp8bdt3fh55g0bzjfz6yqw4kee1arwf21g0fjqy7g5110km1k0xnn3vk5hrp0940vn39j7ymt2tw881wxtxc299hrhbt3wj7y44rnh4xzr12xtzhvc6w34caza97j9vrav6pd9fqwets58psxwba53tz8cebnpbx2y2wnq0b2eg6tjrvn7tjyjdt27n8jnmq022p8n5seznxy7kb9g27qhcfmsgbzqrc0j8bx41t9pjk59q4dsa26es7t10cmt2hfpjav42w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%26client%3Dca-pub-7983651257838282%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/dr?ed=1gh6k1j29a6g5kp3d76khcf3hqkcv9e2yyav7kq6g7bzhzt2sg9cya5cd4q39s9gh71q4dz0bc2hjqavm3kbgvq12fhqc365518f0a54ncb2fnjf6p27jz9k86mppqzdf79qmed63s9pva74b4cyb17gd8awz7b6cfd98abfb3e25bkyfmjts6cvdtwcrf43vf208z2svtfb1785x1vd3vm1bh6zxrcpttjn1q46eqd7jawtw7z6c4hhg6cs6q0wsacz5yt3bwabgj6smx9zqq8e1weaxmdspn4gte5aeqs1mhv9pvm7w0jjtxx9egvrvsm1956g05khtav10wzrktxf56wwc85tn1g2meewb6mhqpwn1v3a864pevrcg3yyxpy51kp36b6n4t2es9dpw03m3sra5b939790w5qyjn8cgn97mfvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%26client%3Dca-pub-6593523210010154%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=55426a3f08d6004a4a5bd6798cc703ca%2F2464836446579212803&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684096409356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h2behbrmcy6ysv6z122fvyeydnw89e2w5wcz6e2x014s8jyzdrak6p9ecqkmrvsfawgsd08ac8q5qm0z72w847yrac80knzh3t42qc05k3kap0y6qb384fqn75eq4vp6ky03ab8h2bwgf1njpj9p3ky0mw8qj0f1hhr2q8hedq0xw13r026feadmdbt1s0zd5bd1hev590hy6vfs9aawcexcp27q615ctx8kbm2ykd45ckmrj69r6a3hv57sse0srv6j34fs4d8p2e03c5g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-a2xmEVhZLLCLKWno9kPkKe18AqQ4YGEXLaoworwAsCNtwEQASAAYOECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArhJv7UzZ7I-qAMBqgTVAU_QDUE7Vfrnpl_ys6JDfa0YLSaHVrNlfTAcOvMxsxfz0df_ANlKKZg3DOcNTW9t41NmpaFbt_loS5w8E1mpEC_z7FUiygqpuCDZErBGaoAAX05KWCmFfco8HlmRuzW8DAdIz2qDxFTKFyjAul1nLdJyXo9aFTk7eJxz0NOTJDaz2EQNxa0ag3OUbEBlnNg_Jliy8ueLH6TCWfDneFqiaO4hlh2-CAw4QGPTBzUTCCd6b55j4-Qicafl_FhHcei3QVpyCwnaZfHiAW5_wblFMDqHLA6rf4AGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZHqaAEalaUNiH1ddYGayLd9VyTA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=ca2124d246388b52ca111b4e2a602533%2F14541388359378963250&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684096409368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jbvep5hx6abn8z1cktq1xrsaedbcgrv5z2rcgjpd103b3qmef6wdq8s40rcdkb88n60s13tgz87cpyqfgmse3ep49zrjr2yw5cq18ek3n1bzmjaafa2eky2zgtqnb4d0ka97qpz14vtt7s4r3dhpns80jfsrz0r814mnt7bfsdjphh4s652d8ztw8bhcarjfhy6zj4bbtws8sa7rkehskttdywsbys97w1w9vd9nd237gs4cp2f3qc5ge5csfg9k3e10psbf58wq0kmwfx21xb7wr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZhA2mEVhZN_NJqbA1fAPxuO-uAaQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQK4Sb-1M2eyPuACAKgDAaoEngJP0HlsloWU_Fsk_DA_iq_I2fqYxiCbwEyNGfQ7KnpMwCyA-HgKNDKoCpPYl1varhnduIk4QmIgA_C32jOQl7MZg5BBQWk_r0xKXU3kj2JrKeQeWzWg5Dlz_oiAmD1SjIBKTqyjvDzSEio70_MdVDVWnAqMwcxIXWWfQnjT3F5pPPILNfF5pANw0xXSVxPQxBc0pxtIgt3aaPiBrFpP-Z59vjlF7vE1j0U8Lfv7Huvzw5AN-I-PLDLNeXbWZ62loDW_MSBwy_EqzcixSwMLfYTPlnMCtrZF4VthDkKa_LPTi4aBx99WdVshvDaprUA-ZVDSCmPSjju7xro3SD8oIKg1jLQASqQ9C5C6q4Q3M38q9NjqwN9eCXw35v6cfTL64AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Q5f7eBoBXKc4q5Y6y6XSqnhnAKw%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A4D9BD79-9508-4273-BA0B-C6DAF8356460&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
b9794947c610b83eeace31816027e0d7.safeframe.googlesyndication.com
bidder.criteo.com
biddr.brealtime.com
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.track.production.webgains.team
cdn.ye-mek.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cpm.programattik.com
cr.frontend.weborama.fr
d5p.de17a.com
dis.criteo.com
eus.rubiconproject.com
fastlane.rubiconproject.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images.dmca.com
imasdk.googleapis.com
lh5.googleusercontent.com
m.addthis.com
match.360yield.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
ng.virgul.com
ng2.virgul.com
p.rfihub.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pcloak.blob.core.windows.net
pghub.io
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prod-rtb.ad4mat.net
px.ads.linkedin.com
r.turn.com
rek-n18.nktcdn.com
rek.izlesene.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s1.adform.net
s7.addthis.com
script.4dex.io
securepubads.g.doubleclick.net
simage2.pubmatic.com
static-de.ad4mat.net
static.criteo.net
static.virgul.com
sync.crwdcntrl.net
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track.webgains.com
um.simpli.fi
v1.addthisedge.com
www.awin1.com
www.cloakan.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
ye-mek.net
z.moatads.com
a.audrte.com
aax-eu.amazon-adsystem.com
biddr.brealtime.com
hb.emxdgt.com
s.amazon-adsystem.com
s7.addthis.com
104.102.45.165
108.138.180.50
142.250.185.230
142.250.186.130
151.139.128.10
167.233.13.224
178.250.7.11
178.250.7.13
18.133.36.104
18.66.147.120
185.29.132.245
185.64.189.110
185.64.189.112
185.64.190.78
185.7.176.218
185.7.176.221
185.7.176.222
185.7.176.223
185.89.210.90
193.0.160.130
2.19.224.115
20.60.220.36
213.155.156.165
216.52.2.6
23.201.255.110
23.32.184.192
23.32.185.123
23.35.236.188
2600:1901:0:76b9::
2600:9000:211e:6000:1b:5138:8a40:93a1
2602:803:c003:200::51
2606:4700:20::681a:61b
2606:4700:20::681a:9a9
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700::6812:18ad
2606:4700::6812:372
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:801::2004
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:813::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a02:2638:3::c
2a02:2638:d::2
2a02:2638:d::a
2a02:6ea0:c700::11
2a03:2880:f083:9:face:b00c:0:3
2a04:4e42::485
2a05:d018:d29:3605:fdf6:466d:232e:738
3.33.220.150
3.70.144.169
3.9.126.162
34.102.243.38
34.111.129.221
34.111.131.239
34.249.208.98
35.186.193.173
35.204.74.118
35.241.45.217
37.157.5.72
37.157.6.245
46.228.164.11
52.222.209.4
54.78.96.233
69.173.144.139
77.245.159.14
84.200.5.215
85.111.6.48
94.138.206.83
95.101.149.35
99.86.4.52
004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
0210c85818d68e70d5b2b7173b9c3ae65774adee772ad11018f968403f1abcc4
04768856c079a1aca293eb1fa81842cb300eacd20fc15f92126c9477ccc72209
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07849c46f2c450b07dfccf7163e986d80d942edd003d11dbe02f083bc21ac008
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08d0fcf3f85412d79222e02121ad69c48016719acdc466e011d708910aa92a64
08fd1804e4715008dfbf41498ca4524c86a05d445dd64e60e439da5f4ad200c6
09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570
0b19ae3e2cf37909f8d19610ce1ca8cdd5e74d12b15ea9f9846e23c3d1240079
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c28128d4531849e77a1f8f5e29ebd5a3f84e41521c4ec3b6c14173600e5d541
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9
0e6ca498247c97add21344e3634348168a377e18380d9d022c08039092c728be
0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852
1085a43ef71f5baf52f39ecb5f626590512066f7cd4095c05e4966785bc2a5ad
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
1223d352430065cc6ee6ecfe6c3ed6e1e4b2f5714817dcf8967ffca08f192c1a
12ecb0e55747b4449fbdaf5e5e91a9023844eb4ea6131773d457675019ac6251
151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035
17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a6d6ecc5afe8b370681181e0077b6c838310f74f8473a1f36527577d5a1fab7
1b89bd41a12f3500b5ff2b262fb271cb8be9e45249ee8089af8c8c01829974d1
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e066beb1036ff4d1c6237858048930493e92415f9d6441b956c1133c6eafeef
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
1f5a2a979149a9192bb49e10899322a37fbfda94dd47567b029823950adc0e2f
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227
22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437
2303648ecaa6cf535d8e3580af3e5cac49c2ff7786cee45e6d0e62a1431b7406
23d58172a13a810fa151cb35f5f0bee205d2294327be9d8b7172553719cf3e66
25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6
26e28bfa1324cf64a11740022305c6386651891e3394e231a740d79aa9461fff
29c7a7b63734ab3eda1d1a799c2fd0e29285bcde06749a884bc51b90632bd558
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2cab4b003712e0a49db28cbc990255645d746a7ca21ba8bc72ddbf68f5aa0851
2cf8eb2e52c4454ca8740bf3b7315ac62472554cbc8038d26fd0897da7979cf8
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e6c442a8e94cc69337e6268514e521cc2d612fd4344d7773cf0186cf9c581a7
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
3129aa523d159f576a3ab572bfc966d6f78234ff62cde1fd4537242851b9c8dc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321301bb052569db41963d7653fac7da622ecbcdc7ed84b0cbf26f1d11772508
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
34963234993f556b873f499c31e1daae21990c332b81c63044b39127c5bad2c9
35a66f46679d19468acc12d309a93f23456c28d708542940da0d24ba4f58cbea
37cf2040ce4272ef407574da2719da70b45bd32d809d498e25e073a626b24607
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
3bf48016240e2a08d327f70eed169e186b2fca957544ed5c02e9b7c6c9af7d94
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40a85f04b3bec822fd29da9a6b6d1d10610b2855e5813410a2ae808f98f59c25
42794f0d6d307576c7e114ae55d96d7582bcd5a24ba188b0d44bb968354918f1
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
42ec3e18bd83afce471d4ea71fe25a14b155410cc1b40e58d960f833068ee276
43531e83c15a96469ab4c9157633196740214b7303c1f34cd46930a3a97bfd8f
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
4648f3b7e1c7cbfd910e9f7c6cc8c1220ac2ad7b42f2467abd991d65d30d1d2d
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47224877ac01f1f0d04b0f52cdf904fdad6c612f94b5d84b272012e7bf41a21c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e454f18b44913721b60327717caa80d346f4e7a9df8af9aff86d5991ae430de
50e734ffcdc09b70990c3eeab77d174cf6eb23513ced5bbe8204a12f934f6bca
530443fa0d332e8d7d6d4ec2c7ad756144c3be42d1120125ab13016b7bb8a34e
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560daebf8176dc54a96722520cc37ee88cb66772df2dd3512e26a97722bc3696
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
59ab0f9b40cb11183f2f39b9fe250d888c1ac151f48ce87a1b125dca2030bd39
5aa2370fd272d30acd5cb39f9b191a243d55a2adab6f0d7ff1950c39f028d331
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5e023b7a2e9faa6c1dda5059645445911dedf847899509f88c1b4caca1ce62eb
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306
65db605adf7fb7fb9d1577a7c4c518603db80e055b30058808d624555451a942
671de0360e4ea49881df16cc8c57e7ff1e295c8936564f65983f2a369c264e03
68469eacba124ddb1d6a9a621ae82d3ef876787c2a0b395e3549037d6f577126
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b7e05564f91fc8ac5e933d73eb80f92bc95037220fe493bd7d617bf24d4aa00
6ce5a7846f3f99a18812ecdfb121843b024a304d20bf0d4f0c4d45175ea59927
6f2254330cb3451081f99ed9e363f2a7235d83565e0ecd0e246c5c5e06c2443a
6f47415ecce20d5c55f0e2c45493b60cd17992337e1372f7e7ff0f93633c614d
6fb0caa5ef63bcc397eda85e18e18e469502af725655d5c214edf7531ada5358
6ff45107c54f445d20e9fc4c01280ec8571a84c5290df29cb769b2c8cec40e7d
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72eb8971f8b103364e729814a416ed64b214c8423b6e61fa78ebb4663f9ee0c0
73d7b6b2ab0bdd72ebba0003a3f52ed9ea593e84542276447fecef0829490c91
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e
7592db2b5b2a2e6429132c5f0d28a821241687e785f48960dcc34ae1e036430d
75f2b3e1739c7ed8ee367a6990d7f5abdb0fd1040724273ee5a5f87489a41228
772de1eb224033fdc2d4f895698a95d01249b3e95be8f99991e8f9099c985df0
787c064218bbd65572f4e14be5b28b061dd20015172f5c36b1add53723cc8e9e
78da9db43c13878a83c2add982d64622874181fd479875d2ab4c4be7cff84fe5
7abfcc86cf7fc1bc790ab61158a85ea1029df0eebec1a25740b9d3720c74383a
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7c61fa1cf06e1231a6cbcbd22e6fd065c2934749e2e2af038318feaa79f54c93
7db39f0b9931b338e9cd0eabeef7fd618ace0e5bc5990061ce13a0a2ed8e8a0a
7e1f82670d1c8b23d344d5880a1850e04def345a4f57e21cc859f51300f3d7af
80a6bc8e05e84df98ca33712aaf3b520db8e4eb53cb97429d0a3f72fdb8bb35b
82f237a9b176d7c3ea33bb209c0f9aa39da6f1ddea311ea2a0b3f78b8a66ae9b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
879ae7bc7101bb41ed1115bdc0acddffcbab22d393dcfb0327f989ae728f0fea
886aadb9d7fd797e07b70c67dfc5e3f40f8cb9a350bee05e5cc4db9c078613c4
897ee63436f7013441dc409eb145fc53e5a3187fe2c7aaca75b3cf5c2897c840
8ac6573d1dbabe2d15ea7cdab167f404ed289a989319ea464a762fb209bafbb4
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea6b63aedd2f7858f1efd4fdb3977d31792b143f7b82e17c122d13a99d74798
94d7360c6a15a8ed0ea1752cd018e63bc369f3b5fd8103a205c0c5ac30647196
99257fad05afe423832269141e9e30a5b319b35845bf6c94af1327a99ac63a3b
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac328d6b95802686da0874e1d04597f0ff59f5177d455bfdc197e612cff7345
9c630fe75a591436c871acce5bf4b651a98f007abe8d76d17fd731667b979cc5
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9c852909ead05e82a172103904d35f33e83232903ffac1f4748d7e40ac6a343b
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9f4377ac210e15bdd8496aac6eda671c2a38edf5cf8aa57bed62e61c687b76a8
a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a1863860f40862a7df0b5316bc3805f213fa1c9fb01060bbd994d91dc140ee
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a06ed81f4d8e900894fdcfd02d310021eddd4c2a72b746d68f638a88f1f802
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a89f7bfa14110d591435cd4944c46084d2eacf435adf24032626b6caebe8738f
a9813636d064a6c030d55ade3e86f5de6475ea07aa4bb75d2197f653bd8f60d9
a9baef98a9f2b4098a8e9e4c62b30f1d89054be3b7dbca5058a7f13fe95a1887
aafaf62e42f8db8399aad239211240643821678ebb874b93cb3aa5622ff8e263
ab6d5242cf7e7b6622ce54b57e2900dd862c2c364e03bcf1c0c9a9ad222fc1cc
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
ae684e653cf5edc8bec110ff0669b6daa58f690d550735f98954697799f963da
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
afe25473c3f30eef447690efc801bcc0dd68b72e7c0d0b70ac831d4cc5df22ae
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b2cb0896f23970acb4c564844f1b1c5cbf4c7cefe75320d0f1541c9ba4c9b4b3
b2ecd92de7982ef4ffd3778b02d62aaef7341b3c9ac5f4e53e749a9bde702119
b357c8e1e2d2eceb979c0c1f6958bc449a9b3358da3beed98c3fb5a86357d048
b58f77833d598c65c51174e746bd76fa2a1a4e218ab78ac2a76ac8a8497a193d
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b8c219c355bb52839799b4dc163f122b16e7699a42300306793da4091977dbad
b973bcfa06c3c100ab181b34b6cb89b9cb658b8aedae9bb1ba1c84af345ff8f2
b9a4d474c6fc40a18927e5cd37316d5b2950ad2fb449f6057b5110a5d2334ec7
b9bc1359c4828218630d8ca36db3099a5bd105ab7cae29fe2d3cba3943148348
be2c867abb1d4a933a86c4b358663deb187252fba0e1005ad347fe5e5f5b1ca6
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96
c10d63d7b41288794e705ce2cdb67caccbd96fe9ecd46c33aa47698be28a227e
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c43a592c09224db2985a3e074e7b50afe274ddce2b680b73e8f3a9c5cda4d35b
c4b0426485c1bd14d3bf6c33a6c55ff7424e6bab4442b013f0c3484ca8b5f9d6
c7bb3478b0d96694781181456adc8e338e27432ca3e53dd805da648ec62d7fe3
c94290f0af57ee52138c25260a1061ae8a121af6b756f50d5b971b9a9004de15
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cba1bbb36c4c34f5b97aa6e79234f4daebbf0f63e1eff3fe39c5a7748c27f839
ccdf735ca4d37fd882673c2e29b8b9b6ec62153e458a1867a09b55ff21ba279e
ceb8d3343ecdc19a97fa7c373e89edb1c6a845460537296bc7535d368e9c5855
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5d15aa91ac6d6ccd06ddcf375983be7283bd8bc7a441f82113deb7b41f2743
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d0841857f9470ac6a6943119cb4dc8bde6b00f34155302022bb06e9267628377
d1f678a526f494cab9a5e5eaf5036223a78a60016572280dce05b36cc2523329
d2322d606b4d58cdc0c9a13f1a8b63990935c87b30d7ad58e852480190046679
d3b45b06882fe1aa9b47a8d88df978f19ce55a249840cc1b44eed3974a0fcd6a
d3c70a5ecb1b5c16ddff716d6a83d189efa57a07c4210acf01c978093e3a80eb
d5232d54f552f36dea15ac9afdc160e549cb4e8eb52dd9da5f048eaf9264449a
d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831
d5e0fdb2ad865d955935adf33701334ebd02983bd9c18274844cd4a9317717bf
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
d82c4906e4b728e92a7fcec80c1f8bcb5b16502d30a9de09a361dc503a70145a
d8a6c78604026709de9672bab48038c4551bfadf400c29691c015ebb596fc737
d966ecd46380ed5fdc36aadcd4b5a4bbd65ba852833ce5e834a4e37380ac9535
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
de828c1de3b057a2132f7e790523411695d4c0189b0eaeb5f0f4f3d92462a540
deb661289c8664bda5e825d4496d07dad0506173f9e7c479c28d9d413959d6d0
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
e183dfed35d6921278c39359a5d34fbb9dfaaf4f990ec6d210a7217a95e897db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e74e8c2d9726dce043907616bbab249ac8d916114b0080cdfca45c533ff359b5
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e8beffeee13257f2f5a0487655ffe800c5f6a3387b67fc3fa96ecd199a0d0504
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7872af25867f187dd1d6da75afd129c9dff792b3c917aadcee869d68a7bbe15
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2
f924b871eab4aca628e0cb7c75a4035f824d86181c9943b160db3812f6dcfc55
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
ffa86caaf522a3fea147468d0935c7ba4a285d395e0fc8ddbd8902e51f801b48