urlscan.io logo urlscan.io
SecurityTrails logo

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36  Public Scan

Go To Rescan Add Verdict Report
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Submission: On May 12 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 87 IPs in 10 countries across 59 domains to perform 510 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.
This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 20.60.220.36 8075 (MICROSOFT...)
2 77.245.159.14 42868 (NIOBEBILI...)
3 94.138.206.83 49126 (AS49126)
1 2a00:1450:400... 15169 (GOOGLE)
40 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.139.128.10 20446 (STACKPATH...)
1 104.75.88.126 16625 (AKAMAI-AS)
19 185.7.176.222 42910 (PREMIERDC...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.35.237.151 16625 (AKAMAI-AS)
29 2a00:1450:400... 15169 (GOOGLE)
80 2a00:1450:400... 15169 (GOOGLE)
3 13.224.192.181 16509 (AMAZON-02)
23 2a00:1450:400... 15169 (GOOGLE)
1 35.241.45.217 15169 (GOOGLE)
2 185.7.176.223 42910 (PREMIERDC...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 18.64.140.4 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 95.101.149.35 16625 (AKAMAI-AS)
1 185.64.189.112 62713 (AS-PUBMATIC)
5 10 37.252.173.215 29990 (ASN-APPNEX)
5 37.157.2.232 198622 (ADFORM)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
3 85.111.6.48 9121 (TTNET)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.127.4.50 16509 (AMAZON-02)
5 2602:803:c003... 26667 (RUBICONPR...)
1 216.52.2.6 32475 (SINGLEHOP...)
1 34.102.243.38 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
30 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:d::4 44788 (ASN-CRITE...)
6 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2600:9000:249... 16509 (AMAZON-02)
1 154.58.197.185 174 (COGENT-174)
1 192.229.233.53 15133 (EDGECAST)
5 2a00:1450:400... 15169 (GOOGLE)
1 35.156.145.116 16509 (AMAZON-02)
13 52.19.198.230 16509 (AMAZON-02)
2 178.250.7.9 44788 (ASN-CRITE...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
5 2a04:4e42:200... 54113 (FASTLY)
2 2 185.29.132.245 30419 (MEDIAMATH...)
15 29 142.250.186.162 15169 (GOOGLE)
1 1 151.101.2.49 54113 (FASTLY)
5 35.71.131.137 16509 (AMAZON-02)
3 3 52.58.99.4 16509 (AMAZON-02)
3 178.250.1.9 44788 (ASN-CRITE...)
1 35.186.253.211 15169 (GOOGLE)
5 9 185.80.39.216 27381 (CASALE-MEDIA)
4 2602:803:c003... 26667 (RUBICONPR...)
4 37.157.6.235 198622 (ADFORM)
1 23.215.16.120 16625 (AKAMAI-AS)
1 37.157.2.239 198622 (ADFORM)
1 2600:1901:0:7... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
8 11 69.173.144.139 26667 (RUBICONPR...)
2 34.98.64.218 396982 (GOOGLE-CL...)
1 89.207.16.201 ()
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 37.157.3.28 198622 (ADFORM)
37 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
8 142.250.184.226 ()
10 23.37.63.179 16625 (AKAMAI-AS)
18 3.5.72.17 ()
1 1 2a05:d018:d29... ()
1 2620:1ec:21::14 ()
2 3 52.46.151.131 ()
2 3 52.95.126.138 ()
2 2606:4700:20:... ()
2 104.102.45.165 ()
1 18.135.219.122 ()
2 23.32.184.192 ()
1 23.32.184.180 ()
1 2 185.64.190.78 ()
3 185.64.189.110 ()
1 1 193.0.160.130 ()
4 185.64.191.210 ()
2 2 213.155.156.169 ()
1 52.30.239.223 ()
2 2 34.111.129.221 ()
1 34.111.131.239 ()
1 35.204.74.118 ()
1 2 52.16.253.114 ()
510 87
4    20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pcloak.blob.core.windows.net
2    77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com
www.cloakan.co
3    94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)
ye-mek.net
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
40    2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.ye-mek.net
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
images.dmca.com
1    104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com
s7.addthis.com
19    185.7.176.222 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
static.virgul.com
ng.virgul.com
ng2.virgul.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
29    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
80    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net
c.amazon-adsystem.com
23    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
2    185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
c1.imgiz.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    18.64.140.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-140-4.mct50.r.cloudfront.net
aax.amazon-adsystem.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
1    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
10    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
5    37.157.2.232 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
track.adform.net
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
3    85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns2.ttidc.com.tr
cpm.programattik.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    3.127.4.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-4-50.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
5    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com
feed.pghub.io
3    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
30    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
14    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2607:f8b0:4003:c02::5e (Tulsa, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
6    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2600:9000:2491:fe00:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)
ads.w55c.net
1    154.58.197.185 (Philippines)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com
t.hspvst.com
1    192.229.233.53 (Granada Hills, United States)

ASN15133 (EDGECAST, US)
cti.w55c.net
5    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    35.156.145.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-145-116.eu-central-1.compute.amazonaws.com
i.w55c.net
13    52.19.198.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
s.h.w55c.net
2    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
2    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
5    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
29    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
1    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    52.58.99.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-99-4.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
9    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
4    2602:803:c003:200::27 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
4    37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    23.215.16.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-16-120.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
12    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
11    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    89.207.16.201 (None, )

ASN- ()
dclk-match.dotomi.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
37    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
8    142.250.184.226 (None, )

ASN- ()
googleads4.g.doubleclick.net
10    23.37.63.179 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-63-179.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
18    3.5.72.17 (None, )

ASN- ()
joyn-creative-hosting.s3-eu-west-1.amazonaws.com
1    2a05:d018:d29:3601:ce52:e49c:b504:58d (None, )

ASN- ()
pr-bh.ybp.yahoo.com
1    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
3    52.46.151.131 (None, )

ASN- ()
s.amazon-adsystem.com
3    52.95.126.138 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
2    2606:4700:20::ac43:4a81 (None, )

ASN- ()
ad4m.at
2    104.102.45.165 (None, )

ASN- ()
www.awin1.com
1    18.135.219.122 (None, )

ASN- ()
track.webgains.com
2    23.32.184.192 (None, )

ASN- ()
ads.pubmatic.com
1    23.32.184.180 (None, )

ASN- ()
acdn.adnxs.com
2    185.64.190.78 (None, )

ASN- ()
image6.pubmatic.com
3    185.64.189.110 (None, )

ASN- ()
simage2.pubmatic.com
1    193.0.160.130 (None, )

ASN- ()
p.rfihub.com
4    185.64.191.210 (None, )

ASN- ()
image2.pubmatic.com
2    213.155.156.169 (None, )

ASN- ()
d5p.de17a.com
1    52.30.239.223 (None, )

ASN- ()
sync.crwdcntrl.net
2    34.111.129.221 (None, )

ASN- ()
cr.frontend.weborama.fr
1    34.111.131.239 (None, )

ASN- ()
idsync.frontend.weborama.fr
1    35.204.74.118 (None, )

ASN- ()
um.simpli.fi
2    52.16.253.114 (None, )

ASN- ()
unilever.demdex.net
Apex Domain
Subdomains		 Transfer
115 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
1 MB
86 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
googleads4.g.doubleclick.net
426 KB
43 ye-mek.net
ye-mek.net — Cisco Umbrella Rank: 399852
cdn.ye-mek.net
629 KB
37 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 311
887 KB
31 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 948
fastlane.rubiconproject.com — Cisco Umbrella Rank: 491
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 11076
pixel.rubiconproject.com — Cisco Umbrella Rank: 352
token.rubiconproject.com — Cisco Umbrella Rank: 600
eus.rubiconproject.com — Cisco Umbrella Rank: 589
86 KB
19 virgul.com
static.virgul.com — Cisco Umbrella Rank: 63243
ng.virgul.com — Cisco Umbrella Rank: 65891
ng2.virgul.com
231 KB
18 amazonaws.com
joyn-creative-hosting.s3-eu-west-1.amazonaws.com
276 KB
16 w55c.net
ads.w55c.net — Cisco Umbrella Rank: 12668
cti.w55c.net — Cisco Umbrella Rank: 3749
i.w55c.net — Cisco Umbrella Rank: 2245
s.h.w55c.net — Cisco Umbrella Rank: 9407
107 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 31186
ad4m.at — Cisco Umbrella Rank: 11978
assets.ad4m.at
549 KB
14 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
733 KB
12 adform.net
adx.adform.net — Cisco Umbrella Rank: 4323
track.adform.net — Cisco Umbrella Rank: 3820
s1.adform.net — Cisco Umbrella Rank: 9592
cm.adform.net — Cisco Umbrella Rank: 1268
c1.adform.net — Cisco Umbrella Rank: 585
244 KB
12 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 506
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
27 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
acdn.adnxs.com
27 KB
10 google.com
adservice.google.com — Cisco Umbrella Rank: 83
www.google.com — Cisco Umbrella Rank: 2
3 KB
10 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax.amazon-adsystem.com — Cisco Umbrella Rank: 406
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
65 KB
9 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
7 KB
8 criteo.net
static.criteo.net — Cisco Umbrella Rank: 664
csm.eu.criteo.net — Cisco Umbrella Rank: 8920
845 KB
8 gstatic.com
csi.gstatic.com
fonts.gstatic.com
32 KB
7 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 733
ads.eu.criteo.com — Cisco Umbrella Rank: 8901
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 10641
dis.criteo.com — Cisco Umbrella Rank: 674
9 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
1 KB
5 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
129 KB
5 google.de
adservice.google.de — Cisco Umbrella Rank: 7680
1 KB
5 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 385
imasdk.googleapis.com — Cisco Umbrella Rank: 468
fonts.googleapis.com — Cisco Umbrella Rank: 50
285 KB
4 windows.net
pcloak.blob.core.windows.net
3 KB
3 weborama.fr
cr.frontend.weborama.fr
idsync.frontend.weborama.fr
899 B
3 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1307
us-u.openx.net — Cisco Umbrella Rank: 472
769 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 324
2 KB
3 programattik.com
cpm.programattik.com — Cisco Umbrella Rank: 59847
424 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1651
mp.4dex.io — Cisco Umbrella Rank: 2234
25 KB
2 demdex.net
unilever.demdex.net
2 KB
2 de17a.com
d5p.de17a.com
562 B
2 awin1.com
www.awin1.com
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 817
s.tribalfusion.com
1 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 153404
static-de.ad4mat.net — Cisco Umbrella Rank: 199770
4 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 505
1 KB
2 imgiz.com
c1.imgiz.com — Cisco Umbrella Rank: 124947
131 KB
2 pghub.io
pghub.io — Cisco Umbrella Rank: 1834
feed.pghub.io — Cisco Umbrella Rank: 8229
6 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
89 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 13164
6 KB
2 cloakan.co
www.cloakan.co
1 KB
1 simpli.fi
um.simpli.fi
612 B
1 crwdcntrl.net
sync.crwdcntrl.net
266 B
1 rfihub.com
p.rfihub.com
793 B
1 webgains.com
track.webgains.com
1 linkedin.com
px.ads.linkedin.com
649 B
1 yahoo.com
pr-bh.ybp.yahoo.com
621 B
1 dotomi.com
dclk-match.dotomi.com
104 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4156
400 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 682
591 B
1 hspvst.com
t.hspvst.com — Cisco Umbrella Rank: 214384
918 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 639
397 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1435
386 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 499
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
21 KB
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1865
114 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
46 KB
0 audrte.com Failed
a.audrte.com Failed
0 brealtime.com Failed
biddr.brealtime.com Failed
0 emxdgt.com Failed
hb.emxdgt.com Failed
510 59
Domain Requested by
80 pagead2.googlesyndication.com static.virgul.com
pagead2.googlesyndication.com
c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ye-mek.net
pcloak.blob.core.windows.net
tpc.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
40 cdn.ye-mek.net ye-mek.net
cdn.ye-mek.net
37 s0.2mdn.net pcloak.blob.core.windows.net
s0.2mdn.net
ye-mek.net
30 tpc.googlesyndication.com c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
ye-mek.net
s0.2mdn.net
29 cm.g.doubleclick.net 15 redirects googleads.g.doubleclick.net
ye-mek.net
29 securepubads.g.doubleclick.net static.virgul.com
securepubads.g.doubleclick.net
c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
ye-mek.net
pcloak.blob.core.windows.net
www.googletagservices.com
20 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
ye-mek.net
pcloak.blob.core.windows.net
18 joyn-creative-hosting.s3-eu-west-1.amazonaws.com s0.2mdn.net
joyn-creative-hosting.s3-eu-west-1.amazonaws.com
ye-mek.net
14 www.googletagservices.com c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
ye-mek.net
13 s.h.w55c.net cti.w55c.net
s.h.w55c.net
10 eus.rubiconproject.com ye-mek.net
eus.rubiconproject.com
static.virgul.com
10 ib.adnxs.com 5 redirects static.virgul.com
googleads.g.doubleclick.net
acdn.adnxs.com
9 ng.virgul.com static.virgul.com
ye-mek.net
8 googleads4.g.doubleclick.net pcloak.blob.core.windows.net
7 static.virgul.com ye-mek.net
static.virgul.com
pcloak.blob.core.windows.net
6 assets.ad4m.at as.ad4m.at
6 pixel.rubiconproject.com 3 redirects googleads.g.doubleclick.net
ye-mek.net
6 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
6 static.criteo.net ye-mek.net
static.virgul.com
static.criteo.net
6 csi.gstatic.com imasdk.googleapis.com
5 token.rubiconproject.com 5 redirects
5 match.adsrvr.org googleads.g.doubleclick.net
ye-mek.net
static.virgul.com
ads.pubmatic.com
5 cdn.jsdelivr.net securepubads.g.doubleclick.net
5 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
5 fastlane.rubiconproject.com static.virgul.com
5 c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 image2.pubmatic.com ads.pubmatic.com
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
4 s1.adform.net static.virgul.com
track.adform.net
s1.adform.net
ye-mek.net
4 beacon-ams3.rubiconproject.com pcloak.blob.core.windows.net
4 pcloak.blob.core.windows.net pcloak.blob.core.windows.net
3 simage2.pubmatic.com ads.pubmatic.com
3 aax-eu.amazon-adsystem.com 2 redirects ye-mek.net
3 s.amazon-adsystem.com 2 redirects ye-mek.net
3 ng2.virgul.com ye-mek.net
3 track.adform.net static.virgul.com
s1.adform.net
3 ssum-sec.casalemedia.com 3 redirects
3 dis.criteo.com googleads.g.doubleclick.net
ads.pubmatic.com
3 x.bidswitch.net 3 redirects
3 imasdk.googleapis.com c1.imgiz.com
c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
3 cpm.programattik.com static.virgul.com
3 c.amazon-adsystem.com static.virgul.com
c.amazon-adsystem.com
3 ye-mek.net www.cloakan.co
ye-mek.net
2 unilever.demdex.net 1 redirects ye-mek.net
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 ads.pubmatic.com static.virgul.com
ads.pubmatic.com
2 www.awin1.com as.ad4m.at
2 c1.adform.net 2 redirects
2 us-u.openx.net googleads.g.doubleclick.net
2 sync.mathtag.com 2 redirects
2 csm.eu.criteo.net ye-mek.net
2 cat.fr3.eu.criteo.com ye-mek.net
2 fonts.gstatic.com fonts.googleapis.com
2 adx.adform.net static.virgul.com
2 script.4dex.io static.virgul.com
script.4dex.io
2 c1.imgiz.com static.virgul.com
c1.imgiz.com
2 connect.facebook.net ye-mek.net
connect.facebook.net
2 images.dmca.com ye-mek.net
2 www.cloakan.co pcloak.blob.core.windows.net
1 um.simpli.fi ads.pubmatic.com
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 acdn.adnxs.com static.virgul.com
1 track.webgains.com as.ad4m.at
1 px.ads.linkedin.com ye-mek.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 static-de.ad4mat.net as.ad4m.at
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 prod-rtb.ad4mat.net googleads.g.doubleclick.net
1 cm.adform.net googleads.g.doubleclick.net
1 ad.yieldlab.net googleads.g.doubleclick.net
1 rtb.openx.net googleads.g.doubleclick.net
1 sync-tm.everesttech.net 1 redirects
1 i.w55c.net googleads.g.doubleclick.net
1 cti.w55c.net googleads.g.doubleclick.net
1 t.hspvst.com googleads.g.doubleclick.net
1 ads.w55c.net googleads.g.doubleclick.net
1 ads.eu.criteo.com imasdk.googleapis.com
1 fonts.googleapis.com c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
1 feed.pghub.io pghub.io
1 ap.lijit.com static.virgul.com
1 prebid-server.rubiconproject.com static.virgul.com
1 mp.4dex.io static.virgul.com
1 bidder.criteo.com static.virgul.com
1 hbopenbid.pubmatic.com static.virgul.com
1 a.teads.tv static.virgul.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 pghub.io static.virgul.com
1 z.moatads.com s7.addthis.com
1 www.google-analytics.com www.googletagmanager.com
1 s7.addthis.com ye-mek.net
1 www.googletagmanager.com ye-mek.net
1 ajax.googleapis.com ye-mek.net
0 a.audrte.com Failed ads.pubmatic.com
0 biddr.brealtime.com Failed static.virgul.com
0 hb.emxdgt.com Failed static.virgul.com
510 104

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2023-03-22 -
2024-03-22		 a year crt.sh
cpanel.cloakan.co
R3		 2023-05-03 -
2023-08-01		 3 months crt.sh
www.ye-mek.net
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-11-29 -
2023-07-07		 7 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
1099124734.rsc.cdn77.org
R3		 2023-04-04 -
2023-07-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
images.dmca.com
R3		 2023-03-14 -
2023-06-12		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
*.virgul.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-24 -
2023-09-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-19 -
2023-05-20		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-08		 a year crt.sh
*.imgiz.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-27 -
2023-09-09		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
teads.tv
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.programattik.com
GeoTrust RSA CA 2018		 2022-10-25 -
2023-10-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-31 -
2023-08-31		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-04 -
2023-06-04		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.w55c.net
Amazon RSA 2048 M02		 2023-03-01 -
2023-07-27		 5 months crt.sh
*.hspvst.com
Gandi Standard SSL CA 2		 2022-12-12 -
2023-12-09		 a year crt.sh
ads.w55c.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-06 -
2023-06-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
h.w55c.net
R3		 2023-04-04 -
2023-07-03		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2023-06-25		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-26 -
2023-06-29		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-04-09 -
2023-07-08		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon RSA 2048 M01		 2023-04-11 -
2023-12-23		 8 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-07-13		 5 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh

This page contains 63 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Frame ID: 871AA0BB3EE86AAF3B289EDFF85FA069
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: 545441E2FE2F735DC11B0D0918CD51F4
Requests: 120 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 0C5B5918B0BD321214BBCD42CE2621E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: 4EB88BC05B9F8619E07B84DC996F2FA4
Requests: 1 HTTP requests in this frame

Frame: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3B9B7917C5CE5026C02A141D67166EF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927136325&bpp=5&bdt=705&idt=372&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&nras=1&correlator=6199928146877&frm=24&ife=1&pv=2&ga_vid=1524346168.1683927136&ga_sid=1683927137&ga_hid=1084965607&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C44773809%2C31074468%2C31074562%2C44788442%2C44789923&oid=2&pvsid=1093726643794446&tmod=2084691924&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.slukqhyk4a1q&fsb=1&dtd=389
Frame ID: F08847CDFAF6E6929841F6AD6E9ECD45
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 72480CD6119E0DCD0909F65C418D32E8
Requests: 1 HTTP requests in this frame

Frame: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7A9530DA154FE6C9C64B55B2DAD84C3D
Requests: 13 HTTP requests in this frame

Frame: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 28861C35143493117A9CAC246804E9CF
Requests: 14 HTTP requests in this frame

Frame: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 914A751E7AD62B9A232C070FD6548045
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407280060&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927136996&bpp=14&bdt=118&idt=167&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&nras=1&correlator=2394414274008&frm=8&ife=1&pv=2&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.a51x4zy6i49v&fsb=1&dtd=184
Frame ID: E03C7D91D1C18E1BBF382ABAD654A7E0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Frame ID: FE403A968F4EA1ADCDBB01D3CA6EA14B
Requests: 25 HTTP requests in this frame

Frame: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 96A57EF14A5691A3B2DDE7C812A97B6D
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407281013&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137113&bpp=3&bdt=149&idt=229&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&nras=1&correlator=5576010291771&frm=8&ife=1&pv=2&ga_vid=107144191.1683927137&ga_sid=1683927137&ga_hid=1881504092&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C31074468%2C44772269%2C44782466%2C44788442%2C44789779&oid=2&pvsid=3176556897090518&tmod=126288162&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.d2u0t6bajgih&fsb=1&dtd=249
Frame ID: 9F6B6BBE530247BFC2714CAEE1972E32
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198791702&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137116&bpp=1&bdt=152&idt=250&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5576010291771&frm=8&ife=1&pv=1&ga_vid=107144191.1683927137&ga_sid=1683927137&ga_hid=1881504092&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C31074468%2C44772269%2C44782466%2C44788442%2C44789779&oid=2&pvsid=3176556897090518&tmod=126288162&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vwv13hjuz4y1&fsb=1&dtd=254
Frame ID: 2153B68F690D354A5A59E63D76CAC8E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407253290&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137263&bpp=3&bdt=119&idt=287&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&nras=1&correlator=2767395566042&frm=8&ife=1&pv=2&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.fdwhqcjc86c1&fsb=1&dtd=302
Frame ID: 2BEB5E9B8E13DD4A1A94E609E8757CF0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
Frame ID: 163B5487225894A080DCD1F88CC00056
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 09F273D31ACD48BB876622F3B84BA617
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvqmwi3TmT6_Sp5Bs4H2ec13S4behmMCJaQkFe9aRc16ZU4UKpWb08PbxcNpk3bKFu8hcIKNUFJqCDX5pl3CC-uD3xyU1vMeC9hOW6Wnou48Ngyu2R3s6HR_xjmBLaK3A2_l8dJQdhAQmUibZ1pyYqvUh01KMY4Nufrg7201X7CHeVmXRGCsTNiGV6yOZ683T6RLceFjZJOqZeMJBY-sE3T9ZiVDZ2Z3iIn3te790aDSkWGKadhc1WyOqCRFGdICzsdCOIDR7T5EJL7CmtZOOdq7jkQDO9AAWKd9Zcvl8f6RVTGRdCddTtdMS7Ws2znGK65lvnkFwPGvvBYtc&sai=AMfl-YRKSRx_Gvs3Jrn9d6TAOp85mrKFLPBI6pc3R68fwWIB7KgAriJ6QX9_6guWAURojWRvqux6PedrwIKWiYs_XgVDLrRpLTGjW-co2GxBW7LBu_5Vks2BFqZVGP8Agg&sig=Cg0ArKJSzFcGy_Pc_fBhEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3AA3CE8AEA48B349547A198411038178
Requests: 22 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBvvnw3uFJeOX_XSxHcTLsfosHQWyQwHboZYLmpsMUJAf-yeAZvu2Pkg7DYKn-55o5mX_pp1AG6AZEx0FfZ4Zp656dsjeXvXpxqyY_sen2vWgN7VcTAZxof1nLPQKvjMW2TWSBnXbp5H7ZR2l7HjWI2OI4zpfnPI5OXi7dmy4kvhQ9ak6nACqeHoZ0xb6NtHa3XPfrt8Vq9x-958wa8vxgMgtSl6I_9mD5mAsaiai-q_a59dY9bqb5Se_R9bvWNIZpdIKK-y3ROZza96tD0uVK2QmEQLmDEBm0FG5YJVnNXkjheq4ccy7pk9HYGmqI_bNTsv_kz3mS_uHDaQCbOI9YpxyBPLwYZ_Nx0dJS5hI&sai=AMfl-YTw5s3KafIh2Z0ERgZ_26oSf0luoeSmT-lNrQBsra29OjJKT12m94EGZ0TKDVK7S40au-IQ4LxUB8UytEURSPYeGGyxhO2vqXPHAIevrv7QLl-TYzPN2ElmqpCsqA&sig=Cg0ArKJSzB7qB9yy5k3EEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 32FE1459B7E1EDD1ACAFDCE3CEC21EF6
Requests: 22 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvizUDZnEMbBbkYdFPAsmYPSyvCPzb2Ay7nVqD3Uf8Rm2tGl5bWHAbY3aZbLd3QNnKBXs-BkC_Lwe-SMuF4n3Tqto3ZkzvBXbfpQgl2caAEkVXV7nRQlIkt0K1ZbOz-wnABDXtS2qqy7h97VlLycFpafy_GVTWvPj-5L_kKsuBk2IIWHi_WWAaJa41Dr20iphbBDyE0Pd-SLwtmJ9NaiEjkr8WV51cO-nebUBYBVkmqd34mB8ZTB8YEFK-2bu5y28OjtFvWZheJD4xbfNw9LGnOGP9NcIFlHFxzdAGpPGUP0Shi_d87EmKrUg3iI7JXxgtp4yQYVWU8OMHabs8j7A8mvKQfvn5zt_ECV9Hn&sai=AMfl-YRv5kFcZr1LoRaCSQME6lOcCPowyJcJAHCpnkkdGDO8_OeH5BGgKf0FgyBrZls3eiwGMJ5bolRAiFtUFKAFW3M6FWGM8ioD2ragcMtnHmQE9qDr9_69n9fnrAdaSQ&sig=Cg0ArKJSzNs6Lw9AmHHdEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AF910310F6E90CC1ECCAECD64DDDD92D
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLbSuoIv1KYJFElroLsiP42hI07kaGjomc4yQFbKPJIZ8F-YTzKWFKrnWgXkN1eEg3rmR1Jd5oS8gnNldRoSsdK5cXB8Fm-E19BN-idz8x6grEmEhidPtaHLxaE0yAdqJ_KGH-vwFXqE56rK5o3YjCJ4Zu4bUBh6WX6f-ke46C13BlyKp-xk32XjkPKQZVrrhwMCBt9UodtnOyYilhgKF958iL_m56zTndlUqr_CMrbN0fruW5CY9y35GIvGp_2coKPcHddW0KJNdI3ElnGPNqCGfjZXT5YfLTRL_RXMJuLYd5mCK5Fa7gxujd_XEtyNHJtdRIfQUwINBExFeMOdl17j-U-lqre1-vXE291k_vd2kRBXc&sai=AMfl-YRmIC-8Gii9-YNqmUrH4d_YTe0pqIdBn8w8jcx4u4Bpokot1GrL1pbksDNnBPY2Bxd_pP5_Sfq1PT3GtsriDLZbA5tq4n0MZpU_ITd3TDzMh0nHuPCciMWhF9u4lw&sig=Cg0ArKJSzBBJFSmI-VHMEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DB4EB6C64D07A074E119E2A60A720A4B
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXZ_mwIC-RsfKa19yJi76Ad64Ntyq7FdrKNCoKH_1-yCd5p51A2huNniWIvNX8FtH48l6fofBt_nOY6ljqpMy25lGNAWqoDI7lGE8ObYERXOUmXVaaSwLZpo8XX0o7EkYTbjwyTofE1lPx2Yal0l7YPkE3RTu1N77-yERce-JvC7Z1XCTzRZWXddIfA2fSqdSNXa5fzh8wzrZX1BoF7fblWT1P_oeg0VDaU8I5EwrP6uRD817REuXtuToI9Z9uf9LGn23RAnqt4WaLTlNXKaixp_AAd0VauOhUFTLZt7anBApaBp9FDVBTktKnOfzVAojZmZ4PNGjRlm8tMVV7&sai=AMfl-YRX2SIUsXHTm4H_oPdS34Ef_gsVCXRMzfDRNvpoH9clSoWtD-2dk9PGcYWC3MSHplNMRosESWuBeQxDtNVWrDvGg_xuKpyHD7I-6VJN4ChPvycdxKiS0Dou-pHqDw&sig=Cg0ArKJSzB0Mp2ep21KvEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9F57A901E1493EC4A38F367721F441B8
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARi8r7LlATAB&v=APEucNX5HGs5vaGn6LrAvBeVAsZZpLAibU3ZSYkTZiTkNj5zHBNemtRDxp0XVm5_KXmk9orqqY3aZNMNauyUIYke1M2hXrNcYWH3IDuN72DnSoeyV92SDEV4PAnEbZZJ68VlLS1ZfeBRL1Coo4MUvvKtF3iNgR5KxDbXf_jQA9nnBN6_1lc9rnY
Frame ID: 867973CFA06842383AC8F9DF7BFE41B3
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjF1rLlATAB&v=APEucNXj_RydDAZzuLa9ubqd6TuN-uwUss2IAmcNOnoSXAS-9kOTU86q8fPluzxaTOPnyAM3cLeyfek2m1WGwcRK4hkAHlxmoaSAehk1WAwqsp4XG1Rjdp0q3TAHw3McEi4SmwMK0ZlJUO6qOq3GXfcUH6ryAmFxa2zS1_t_Mje8g9ujU9dFpt0
Frame ID: 16DD540FCABF4927B81A0E7315AB2B11
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhiK2LJvMAE&v=APEucNWnVrHtpf0rTOydaC7URElXi_2v5fHgkMZekV9OTlil1kCmFqH8zy9LWx_didX8fxl1HzDVx40ay6oqH-bSX8E3vc4PSasHKsOVOR0RNqtJW1CIqkRRaDkoL2vKkQw_1LHSCyi01HJbJQOTUcsC7uqRiTrDMYNlUKgpeFYj3iapFMVCEYM
Frame ID: 9D15053E29571B2078995F876538BCEF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARi8r7LlATAB&v=APEucNW9T8qbGhKTcuEmFazFnyn4nkR66LCrooVvKGrq5nahumS_Wnhw1OapA9NHGZoIUYqMNnq43eu4PPIUZPquc-QORQDoes9HJ5ru8gX7pCMDk1RYpqJrK8LgLSnevT5bEA22vAq6NqfTJdK8js8BMCOu3z101rPcBHHGfWlovWPZWgLuctg
Frame ID: 35FE8B6CF419A84469138BEE3E7D95EC
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jxmngmb2783a63ezkk0jacse80xaj7ssjmjqn77rtm74zn9y48sczvwdp9s23qvnacr9cqf38k8x6ydne0bc792vsscr1batwxrr6ht9zgkahk7hygt7r9wx4kp8d1bkn7ann1y22zbhtn7paebyc9cpep7zxaee068xx9t79rs1b1z147hxk62ygdagtyh6ds4cc9t4ggw8txvnymktka9hnjp9m3xtay225kr781rh7nj0myh4bdr96j2jk8sn4b3bgfhqt5sh3vej6j9c7rh9me4g700qgraw7vddh125bmc92sd2v6zdhfptzhx66r290w37aeyhpvwt98tyhgageyw1ygam1eehs6f2kz0me63gdamdg7sat371wmcd7m7mvckbqg6a3wb4twp78fd580atg8aj30gqfhkry5vmevcfcx0gp42qxvefdcm8hmjay6pdm2g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%26client%3Dca-pub-6593523210010154%26adurl%3D
Frame ID: 1B9657C265B4C70D0FC46A8D646BC916
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0806CC996C08EE2EB4F89CD5B3C58A2C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C485B9CA9B8D8874687ED36FAC571379
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 56BDC045F7C973BA292B18962A150355
Requests: 2 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/219554c3-6efe-441f-8da9-3316cf3dfc37
Frame ID: E433CB2A39BF7221918D5885A00DBEC7
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C20C12637700D61E648E4CC112113110
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5CD5755035D49E3C8D16B1A70C2F30D1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2EA609EF0B8A78324219287F5E4046B3
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=T6bs7Ylaoe&t=1&renderingType=2&ev=01_250
Frame ID: CAB2A583E28FA06B2D32C9F42D19B8B5
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 82F3008B78AB9AC0D144E17FE96EB8C4
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=mE07Ia4iLt&t=1&renderingType=2&ev=01_250
Frame ID: 4FCC0E3B59DFAEB6B5930A364FC6BE4E
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 1C9CF2151590C9BF1A2246CAECBF75B1
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/594435823138097677/index.html?e=69&leftOffset=0&topOffset=0&c=LlwplwY0O9&t=1&renderingType=2&ev=01_250
Frame ID: 39766974A555CC5672B2B1A22831770E
Requests: 25 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=4K0AJYh5Rj&t=1&renderingType=2&ev=01_250
Frame ID: 59FFE311F5F79A07561830AFA692D896
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: F2BB433DDEE453F9B49E427DADD1E1E3
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: BDF675D3D4A9DE7B9A2A53AB8CDE6961
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EE64659BBAFCFE7842CB4B79B266D39A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 30ECF658553CC5F2CA97B751DB6953FE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BEE8C0E122164F277320DC4B47E06BCF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AC18F34BA3F0E41A65CE617491B63D31
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 111117130BA2F4A78DDB9C11810C82D9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C21E735D65A23961834473B3791E77E8
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d047070eebec16f628940dcc9eea0eb9%2F13436559338247333169&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683927139311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h734f169cf18q9wjg7jcf4fyycvmg28qgctm6v75adwhgvvd392tdwbwej4s5r5gbwcftp00fp8sd1zdpa5mejn4h2ztxrwnqxxqgdaaqe0sfhhvs9f8nxcngxg2y80548b1vdey33mczywrwnk63zmzwvknckf8cf3hs9bx03rsjsa2d8tbtrwna2v7jpgw9yqgwg4pnmmpmj5f8053ae172pw7t30m0bwyw4sxegatc75jnxmcvt5knqgn60w2gzv8255mfvh5gyxr3v5d0g39r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Frame ID: FF27B07003DE74E096DAC8EC3D900359
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: 294E9651E73FD334CEA8B54DE8996E74
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: F67DA53C8FD9C48B3EEACF0B66664687
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: 792171E4D287483DD9FA503AC043F384
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: 090954536043F614F4AEF504D1BF7B90
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D8F11BA97840D1F669EAB7ABAFA0CFA4
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Frame ID: C88FF1649EDDA8E9ECBB393848F0EA2D
Requests: 11 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 6046E3DC63403B224A00C6C96B068151
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E256B6F95A927DA2C18C10D9B4FBDD9E
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c703645e-b062-4200-8ee3-20aa87de887b&gdpr=0&gdpr_consent=
Frame ID: 590EC9999B7320BF8C1FA5844FC778E6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525660891978
Frame ID: B9E0CF44CB8F91ACFCBDBA8155F8C5AD
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 945C388BC2C8059185B7D6C64E2F790D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3720595351137996402
Frame ID: C7A37D61D992009538F959C14ACA4A24
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=365869802093930993&gdpr=0&gdpr_consent=
Frame ID: FF57F9587DE5FCE18122930EB3D5C748
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

510
Requests

92 %
HTTPS

38 %
IPv6

59
Domains

104
Subdomains

87
IPs

10
Countries

7336 kB
Transfer

15736 kB
Size

22
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 196
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFGXgRFKVozaZu3vUVTvh1A&google_cver=1&google_push=ATf1kGP_YLGwZNnN_IaKXqDAzrwuP00MHQltXySuCta-ZPA3-MS1SqIKA8S9hnjRRGbJQ0Hl7jKyo-KsievhbL1d9utVe_ReE8ja3I-Xl-PwCWl0iwLqYiz8KWi-L0CiPE8JHvy3GypihNDWz5HI_JBqXeQ3qk4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGP_YLGwZNnN_IaKXqDAzrwuP00MHQltXySuCta-ZPA3-MS1SqIKA8S9hnjRRGbJQ0Hl7jKyo-KsievhbL1d9utVe_ReE8ja3I-Xl-PwCWl0iwLqYiz8KWi-L0CiPE8JHvy3GypihNDWz5HI_JBqXeQ3qk4
Request Chain 197
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPEAQNtuV9V8IIM7zVXHZMg&google_cver=1&google_push=ATf1kGM_BVaUH8_X_L6wqRdjwAFg2cOEjnz1LAHv0fiHOiKFKMEl6JdhSixtuXnJuUbFif6OyrGfmrTU6rkKvHyS33baxOIxl42EV1YB_9p-slE_x9tdyWNcZn7Lf0nz8QzIPUZZ7QX9DgzLJbeFND_Mp2UUDU8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPEAQNtuV9V8IIM7zVXHZMg&google_push=ATf1kGM_BVaUH8_X_L6wqRdjwAFg2cOEjnz1LAHv0fiHOiKFKMEl6JdhSixtuXnJuUbFif6OyrGfmrTU6rkKvHyS33baxOIxl42EV1YB_9p-slE_x9tdyWNcZn7Lf0nz8QzIPUZZ7QX9DgzLJbeFND_Mp2UUDU8
Request Chain 199
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHRLSXLnYSRkiegBQTm2l2c&google_cver=1&google_push=ATf1kGPAzpzBIu4Ba7ZsrofKa7bpwn2KbdmkU6JfSWe_dOIBMAGFwoPPUBhERmobYWy23OSBtDU1oSp0REaJAYszqRcuGCvnDc2L8YpfHYY0FovDB2zYntAC67IBWYV4Sx0K_a3y5ujDCDOQDyop9aCb1afcsGk HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHRLSXLnYSRkiegBQTm2l2c&google_cver=1&google_push=ATf1kGPAzpzBIu4Ba7ZsrofKa7bpwn2KbdmkU6JfSWe_dOIBMAGFwoPPUBhERmobYWy23OSBtDU1oSp0REaJAYszqRcuGCvnDc2L8YpfHYY0FovDB2zYntAC67IBWYV4Sx0K_a3y5ujDCDOQDyop9aCb1afcsGk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPAzpzBIu4Ba7ZsrofKa7bpwn2KbdmkU6JfSWe_dOIBMAGFwoPPUBhERmobYWy23OSBtDU1oSp0REaJAYszqRcuGCvnDc2L8YpfHYY0FovDB2zYntAC67IBWYV4Sx0K_a3y5ujDCDOQDyop9aCb1afcsGk&google_hm=ZrzQ3BZwSFCnZ-MFSRR72A==
Request Chain 202
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGKYplBAxaXrr9uG9-QdTOM&google_cver=1&google_push=ATf1kGPjBYsHor0DSW2BvdGbAhhgf9Un8gr8FnUlg5u5mE25zBrL7ta2dasiPRFTpy3fTAXiWhcpPoup681lA7ZxmZYyyAVqi0ocWXxkpsOxGJa2M4THjfLvYze8MMLXAQPsMdGlNQ97P12QxfgO9bScb2pGo9g HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGKYplBAxaXrr9uG9-QdTOM&google_push=ATf1kGPjBYsHor0DSW2BvdGbAhhgf9Un8gr8FnUlg5u5mE25zBrL7ta2dasiPRFTpy3fTAXiWhcpPoup681lA7ZxmZYyyAVqi0ocWXxkpsOxGJa2M4THjfLvYze8MMLXAQPsMdGlNQ97P12QxfgO9bScb2pGo9g&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGKYplBAxaXrr9uG9-QdTOM&google_hm=ZF6wYaGuBs5V-gJa9n5H7QAADP0AAAAB&google_nid=index&google_push=ATf1kGPjBYsHor0DSW2BvdGbAhhgf9Un8gr8FnUlg5u5mE25zBrL7ta2dasiPRFTpy3fTAXiWhcpPoup681lA7ZxmZYyyAVqi0ocWXxkpsOxGJa2M4THjfLvYze8MMLXAQPsMdGlNQ97P12QxfgO9bScb2pGo9g
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEMZRKm4tW8AOJQOZUcQk2E0&google_cver=1
Request Chain 245
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEMXWy7cfsrxfmBA8Ghj__QY&google_cver=1&adform_v=1
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRLBsV_boYEM1HFHHykB7k&google_cver=1
Request Chain 249
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZF6wYaGuBs5V.gJa9n5H7QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRLBsV_boYEM1HFHHykB7k&google_cver=1&google_hm=2
Request Chain 250
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMI1BLB6WqrWSiDpXuocQFg&google_cver=1
Request Chain 251
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY1ODY5ODAyMDkzOTMwOTkz
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRLBsV_boYEM1HFHHykB7k&google_cver=1
Request Chain 255
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZF6wYaGuBs5V.gJa9n5H7QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRLBsV_boYEM1HFHHykB7k&google_cver=1&google_hm=2
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMI1BLB6WqrWSiDpXuocQFg&google_cver=1
Request Chain 257
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY1ODY5ODAyMDkzOTMwOTkz
Request Chain 262
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECo78uNyemOp-80qvLDWs0c&google_cver=1
Request Chain 263
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDg2YmY1MmNkYzhjMGUyMzA3MTI4NTFjMjk1NzMzMDUxMmM0MDdkYw
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHzxi4WzTi7dm57CdfS1QXA&google_cver=1
Request Chain 275
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELhZB0Y77bryweGmLu1oCVg&google_cver=1&google_push=ATf1kGPm7P5IVvUdGafqf7vrfYLYOJd9HG0o13tzYfLoCJDopnV9OyVpUUSQMUvdxrkkm_xY-owMEoVG-UByZRiC37aQNFQ4FjDuXFGzDuBJ_XiYdPeK5sRkEqPkZCS-k6OznIbzDZTLum-BPy-50C3KbmSubBg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPm7P5IVvUdGafqf7vrfYLYOJd9HG0o13tzYfLoCJDopnV9OyVpUUSQMUvdxrkkm_xY-owMEoVG-UByZRiC37aQNFQ4FjDuXFGzDuBJ_XiYdPeK5sRkEqPkZCS-k6OznIbzDZTLum-BPy-50C3KbmSubBg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELhZB0Y77bryweGmLu1oCVg&google_cver=1&google_push=ATf1kGPm7P5IVvUdGafqf7vrfYLYOJd9HG0o13tzYfLoCJDopnV9OyVpUUSQMUvdxrkkm_xY-owMEoVG-UByZRiC37aQNFQ4FjDuXFGzDuBJ_XiYdPeK5sRkEqPkZCS-k6OznIbzDZTLum-BPy-50C3KbmSubBg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPm7P5IVvUdGafqf7vrfYLYOJd9HG0o13tzYfLoCJDopnV9OyVpUUSQMUvdxrkkm_xY-owMEoVG-UByZRiC37aQNFQ4FjDuXFGzDuBJ_XiYdPeK5sRkEqPkZCS-k6OznIbzDZTLum-BPy-50C3KbmSubBg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 277
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHRLSXLnYSRkiegBQTm2l2c&google_cver=1&google_push=ATf1kGORqwu5YtJsUe0tgNW8eGMubZCRKnKKPHEJpJvAp-Y3qHFXUxj7OZeuE7OU8z4vTG9wFiiuNSF-7tafETEj0P0519WdvpZ3p1SRvFhK4i5i9R8jiOQVMusULpOCZXI1FpTupKbJ0EXbwiHJmD10vT6VFyo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGORqwu5YtJsUe0tgNW8eGMubZCRKnKKPHEJpJvAp-Y3qHFXUxj7OZeuE7OU8z4vTG9wFiiuNSF-7tafETEj0P0519WdvpZ3p1SRvFhK4i5i9R8jiOQVMusULpOCZXI1FpTupKbJ0EXbwiHJmD10vT6VFyo&google_hm=ZrzQ3BZwSFCnZ-MFSRR72A==
Request Chain 279
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFtQGOx0scsHLwRIbCeV7SY&google_cver=1&google_push=ATf1kGP8AHESXjIV-YAcFby8SZWBmZfLfUtuWEM_49-ZyYg-nB8AxTJGHa0_96jDEx6DYwLVp6T492h1uzyH15W_fzZP5fs8m58yjzKgAoxijgWBGiNJk0I4tqd7OYHvKpEFmXV-tZHEXIbBMuecvKQ-6_uuIU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5Nzc2MDUzMDE5MTE1NjkyMg&google_push=ATf1kGP8AHESXjIV-YAcFby8SZWBmZfLfUtuWEM_49-ZyYg-nB8AxTJGHa0_96jDEx6DYwLVp6T492h1uzyH15W_fzZP5fs8m58yjzKgAoxijgWBGiNJk0I4tqd7OYHvKpEFmXV-tZHEXIbBMuecvKQ-6_uuIU4
Request Chain 280
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGKYplBAxaXrr9uG9-QdTOM&google_cver=1&google_push=ATf1kGPs45OAtOhHjP9mQbMJYaNKmdEoLs7pUZhweVQu0J6DGcttKolOjC1ti4B14E_03e98paAOD4xjqbG2Fsop8KSxmHd0cCGn-lj2OQ2GdrJXdvQVpDc59nuxLsRG7TmAGftuW00yTQbUExVYbzpXE6T93lE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGKYplBAxaXrr9uG9-QdTOM&google_hm=ZF6wYaGuBs5V-gJa9n5H7QAADP0AAAAB&google_nid=index&google_push=ATf1kGPs45OAtOhHjP9mQbMJYaNKmdEoLs7pUZhweVQu0J6DGcttKolOjC1ti4B14E_03e98paAOD4xjqbG2Fsop8KSxmHd0cCGn-lj2OQ2GdrJXdvQVpDc59nuxLsRG7TmAGftuW00yTQbUExVYbzpXE6T93lE
Request Chain 395
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhMMlFNREotMVctNkRXTg== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMw2vPD4T1c-dA8N6iA1_BU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhMMlFNREotMVctNkRXTg==&google_push=
Request Chain 396
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDg2YmY1MmNkYzhjMGUyMzA3MTI4NTFjMjk1NzMzMDUxMmM0MDdkYw
Request Chain 397
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/CLuQ6Vu_4cms57rnHgG0D8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-plexn4lE2oIy0_JCnMzrYL_GEdoAxIuzGSvCoQ--~A
Request Chain 398
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHL2QMDJ-1W-6DWN
Request Chain 399
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECo78uNyemOp-80qvLDWs0c&google_cver=1
Request Chain 400
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=yHNGozu3QcuLneyzXv4dhw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=yHNGozu3QcuLneyzXv4dhw
Request Chain 402
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=JcL7NM1kTkiFncfBjpmGKA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=JcL7NM1kTkiFncfBjpmGKA
Request Chain 500
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c703645e-b062-4200-8ee3-20aa87de887b&gdpr=0&gdpr_consent=
Request Chain 501
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525660891978
Request Chain 503
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3720595351137996402
Request Chain 504
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=365869802093930993&gdpr=0&gdpr_consent=
Request Chain 505
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=frMHL2ugRtCWqdj-IM8_eg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 507
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3309139716 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7EB3072F-6BA0-46D0-96A9-D8FE20CF3F7A
Request Chain 509
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0VCMzA3MkYtNkJBMC00NkQwLTk2QTktRDhGRTIwQ0YzRjdB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 510
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELfEwIqzZ2ujFF6LroEoL7M&google_cver=1
Request Chain 512
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1397760530191156922
Request Chain 515
  • https://unilever.demdex.net/event?d_sid=25453995&cs=1683927140608 HTTP 302
  • https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1683927140608

510 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6x6uf5z9e3262.html
pcloak.blob.core.windows.net/web/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
1324
Content-MD5
XPHdOVCmWyxrVVstkB9xGw==
Content-Type
text/html
Date
Fri, 12 May 2023 21:32:13 GMT
ETag
0x8DB304DFD1C41BC
Last-Modified
Wed, 29 Mar 2023 12:06:12 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
3e0a67cf-a01e-006a-7119-859a25000000
x-ms-version
2009-09-19
jquery.min.js
pcloak.blob.core.windows.net/web/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-request-id
3e0a6805-a01e-006a-2119-859a25000000
Date
Fri, 12 May 2023 21:32:13 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
cloakan.js
pcloak.blob.core.windows.net/web/ 		308 B
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 12 May 2023 21:32:14 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zPiKctHo6j8i1UGOFPpInw==
ETag
0x8DA4D4A263C11C2
Content-Type
text/javascript
x-ms-request-id
3e0a688a-a01e-006a-1719-859a25000000
x-ms-version
2009-09-19
Content-Length
308
style.css
pcloak.blob.core.windows.net/web/ 		166 B
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/style.css
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 12 May 2023 21:32:13 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
9ruAIrm4XHnQO3/sM8J0AQ==
ETag
0x8DA4D4A26527CA0
Content-Type
text/css
x-ms-request-id
3e0a684f-a01e-006a-6319-859a25000000
x-ms-version
2009-09-19
Content-Length
166
px.php
www.cloakan.co/ 		743 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/px.php?id=6x6uf5z9e3262
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:13 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
404
nv.php
www.cloakan.co/ 		232 B
385 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:13 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
112
/
ye-mek.net/ Frame 5454 		77 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/
Requested by
Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
50d0c652b729f4780a4d5e8c16fb29bb2e6f96a7a7226d288a219cfe877314ed

Request headers

Referer
https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-length
78783
content-type
text/html; charset=utf-8
date
Fri, 12 May 2023 21:32:15 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 5454 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:52:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 May 2024 16:52:48 GMT
yemeknet.js
ye-mek.net/js/ Frame 5454 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/js/yemeknet.js?v=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Fri, 12 May 2023 21:32:15 GMT
content-encoding
br
last-modified
Tue, 20 Aug 2019 13:15:54 GMT
server
Microsoft-IIS/10.0
etag
"0a144655957d51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=691200
accept-ranges
bytes
content-length
2179
maincss.css
cdn.ye-mek.net/ Frame 5454 		40 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ye-mek.net/maincss.css?v=434
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
2117693
x-accel-date
1681809442
x-77-nzt
AZySIYgpbpb/PVAgAA
x-accel-expires
@1713345442
last-modified
Tue, 24 Nov 2020 00:00:32 GMT
server
CDN77-Turbo
etag
W/"5fbc4d20-9e5b"
x-77-nzt-ray
f6587a1d7b2248565fb05e64102c1835
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/ Frame 5454 		116 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-38733763-1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
640362f3e25c71c15f4fdc09de8540889def4d43dec08f83834d9f93474dd6d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46282
x-xss-protection
0
last-modified
Fri, 12 May 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 May 2023 21:32:15 GMT
WebResource.axd
ye-mek.net/ Frame 5454 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/WebResource.axd?d=YeedoL8dFzo5gymDuarFXngFaaXpLN8jYlixY-HzMyr_r8lEwXsCQefYQgi2kFzYfrVacpu_9us1eVTBWQamZuI0ynrH9LDfafZF-A5wZF41&t=637811837229275428
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Fri, 12 May 2023 21:32:15 GMT
last-modified
Wed, 23 Feb 2022 00:28:42 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/x-javascript
cache-control
public
content-length
23063
expires
Sat, 04 May 2024 23:14:43 GMT
searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame 5454 		542 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2117745
x-accel-date
1681809390
content-length
542
x-77-nzt
AZySIYihP77/cVAgAA
x-accel-expires
@1713345390
last-modified
Sat, 22 Oct 2022 20:00:57 GMT
server
CDN77-Turbo
etag
"63544bf9-21e"
x-77-nzt-ray
f6587a1d7b2248565fb05e644b6f2836
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ara.png
cdn.ye-mek.net/App_UI/Img/ Frame 5454 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2117693
x-accel-date
1681809442
content-length
1651
x-77-nzt
AZySIYhtsxT/PVAgAA
x-accel-expires
@1713345442
last-modified
Mon, 14 May 2018 22:41:08 GMT
server
CDN77-Turbo
etag
"5afa1084-673"
x-77-nzt-ray
f6587a1d7b2248565fb05e6486eda436
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
taze-bakla-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 5454 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/taze-bakla-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d3c70a5ecb1b5c16ddff716d6a83d189efa57a07c4210acf01c978093e3a80eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
86117
x-accel-date
1683841018
content-length
15403
x-77-nzt
AZySIYiHDCv/ZVABAA
x-accel-expires
@1715377018
last-modified
Thu, 11 May 2023 20:25:52 GMT
server
CDN77-Turbo
etag
"645d4f50-3c2b"
x-77-nzt-ray
f6587a1d7b2248565fb05e6436f2e136
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
zeytinyagli-bezelye-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 5454 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/zeytinyagli-bezelye-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0210c85818d68e70d5b2b7173b9c3ae65774adee772ad11018f968403f1abcc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
168356
x-accel-date
1683758779
content-length
17312
x-77-nzt
AZySIYg8+KL/pJECAA
x-accel-expires
@1715294779
last-modified
Wed, 10 May 2023 22:21:12 GMT
server
CDN77-Turbo
etag
"645c18d8-43a0"
x-77-nzt-ray
f6587a1d7b2248565fb05e649515e836
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ic-bakla-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 5454 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ic-bakla-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fcc58cc9d4be09fdd40a74ca3a453622a269f2bdd1c598a863f54d2bd07a2126

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
256013
x-accel-date
1683671122
content-length
16203
x-77-nzt
AZySIYh9+e3/DegDAA
x-accel-expires
@1715207122
last-modified
Tue, 09 May 2023 22:05:32 GMT
server
CDN77-Turbo
etag
"645ac3ac-3f4b"
x-77-nzt-ray
f6587a1d7b2248565fb05e640af5eb36
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
karnabahar-yapragi-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 5454 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/karnabahar-yapragi-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3f064267c64c1eeca604b20f9d60538c32c14e90528441d0524c2f30161f8b47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
341526
x-accel-date
1683585609
content-length
14031
x-77-nzt
AZySIYizjCH/FjYFAA
x-accel-expires
@1715121609
last-modified
Mon, 08 May 2023 22:19:39 GMT
server
CDN77-Turbo
etag
"6459757b-36cf"
x-77-nzt-ray
f6587a1d7b2248565fb05e6455afee36
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavuk-kroket-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/05/ Frame 5454 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/05/tavuk-kroket-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
05c72250b7b0da8e896799e32f88440d53848a083665b797629e25bad1bde6fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2116843
x-accel-date
1681810292
content-length
14613
x-77-nzt
AZySIYiNq+j/60wgAA
x-accel-expires
@1713346292
last-modified
Thu, 26 May 2022 23:00:23 GMT
server
CDN77-Turbo
etag
"62900687-3915"
x-77-nzt-ray
f6587a1d7b2248565fb05e64ee9bf036
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-sebzeli-tavuk-sote-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/11/ Frame 5454 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2019/11/firinda-sebzeli-tavuk-sote-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b2ecd92de7982ef4ffd3778b02d62aaef7341b3c9ac5f4e53e749a9bde702119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2116107
x-accel-date
1681811028
content-length
13621
x-77-nzt
AZySIYhfe9v/C0ogAA
x-accel-expires
@1713347028
last-modified
Sat, 16 Nov 2019 21:54:33 GMT
server
CDN77-Turbo
etag
"5dd07019-3535"
x-77-nzt-ray
f6587a1d7b2248565fb05e640aaef236
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
katikli-dolma-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 5454 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/katikli-dolma-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4db3292f4d48701915b46f5de3cc365ad20985486373d51af771c1e3d9ce7baa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2117270
x-accel-date
1681809865
content-length
14462
x-77-nzt
AZySIYj2Imz/lk4gAA
x-accel-expires
@1713345865
last-modified
Fri, 08 May 2020 02:12:32 GMT
server
CDN77-Turbo
etag
"5eb4c010-387e"
x-77-nzt-ray
f6587a1d7b2248565fb05e64e65ef436
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-kofteli-patates-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/06/ Frame 5454 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/06/firinda-kofteli-patates-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fcc8d02d1890db4b4310e06955eb7c309069e9672717fe97e043d6114cd105ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2115523
x-accel-date
1681811612
content-length
12649
x-77-nzt
AZySIYiO6Hj/w0cgAA
x-accel-expires
@1713347612
last-modified
Wed, 01 May 2019 23:19:29 GMT
server
CDN77-Turbo
etag
"5cca2981-3169"
x-77-nzt-ray
f6587a1d7b2248565fb05e64010ff636
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
yufkadan-findik-lahmacun-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/01/ Frame 5454 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/01/yufkadan-findik-lahmacun-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d82c4906e4b728e92a7fcec80c1f8bcb5b16502d30a9de09a361dc503a70145a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2117584
x-accel-date
1681809551
content-length
16684
x-77-nzt
AZySIYjKLq7/0E8gAA
x-accel-expires
@1713345551
last-modified
Wed, 01 May 2019 22:52:17 GMT
server
CDN77-Turbo
etag
"5cca2321-412c"
x-77-nzt-ray
f6587a1d7b2248565fb05e6462d3f736
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
pirasa-diblesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/01/ Frame 5454 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/01/pirasa-diblesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7d9fcac1fb7114def5ff3d03c471a461834e48dd9bdeb94f803a76bfe01a3a37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
201868
x-accel-date
1683725267
content-length
13230
x-77-nzt
AZySIYj0EbX/jBQDAA
x-accel-expires
@1715261267
last-modified
Sun, 01 Jan 2023 20:33:18 GMT
server
CDN77-Turbo
etag
"63b1ee0e-33ae"
x-77-nzt-ray
f6587a1d7b2248565fb05e6493adf936
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
hatay-usulu-acuka-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/02/ Frame 5454 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/02/hatay-usulu-acuka-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d36dfe6d6d9da7b8fca74c7e5587a057a719eed2d2d1eae4fcd7af0e2d12f21f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2117307
x-accel-date
1681809828
content-length
13255
x-77-nzt
AZySIYixrFr/u04gAA
x-accel-expires
@1713345828
last-modified
Thu, 03 Feb 2022 00:09:16 GMT
server
CDN77-Turbo
etag
"61fb1d2c-33c7"
x-77-nzt-ray
f6587a1d7b2248565fb05e648b6dfb36
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
gendime-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/05/ Frame 5454 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2019/05/gendime-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9133b1a03fbaae9ea9cc0430b15c8f9a20dbff26288ab9eef75a9959d775c6ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2117494
x-accel-date
1681809641
content-length
9686
x-77-nzt
AZySIYjGpSz/dk8gAA
x-accel-expires
@1713345641
last-modified
Wed, 15 May 2019 23:07:19 GMT
server
CDN77-Turbo
etag
"5cdc9ba7-25d6"
x-77-nzt-ray
f6587a1d7b2248565fb05e64a428fd36
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
karbonatli-kofte-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/06/ Frame 5454 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/06/karbonatli-kofte-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f22e44016410fdcef01a56b89401973c22cc1d5fc740e615ed904add45ad7ffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2117012
x-accel-date
1681810123
content-length
13173
x-77-nzt
AZySIYiHM+//lE0gAA
x-accel-expires
@1713346123
last-modified
Wed, 01 May 2019 23:00:46 GMT
server
CDN77-Turbo
etag
"5cca251e-3375"
x-77-nzt-ray
f6587a1d7b2248565fb05e64e2d6fe36
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ev-usulu-firinda-urfa-kebap-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/10/ Frame 5454 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2015/10/ev-usulu-firinda-urfa-kebap-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fb9ee137734c9d4933d908d02325dc37c4dd86dd58614a2c7d9d5a01890aefd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2115530
x-accel-date
1681811605
content-length
12802
x-77-nzt
AZySIYgrPFL/ykcgAA
x-accel-expires
@1713347605
last-modified
Wed, 01 May 2019 22:49:22 GMT
server
CDN77-Turbo
etag
"5cca2272-3202"
x-77-nzt-ray
f6587a1d7b2248565fb05e6415270137
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tas-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/10/ Frame 5454 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/10/tas-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8c47b44c2eb52f803ff7faa3cc7043d75a2814f83cf9c1dd66a1c669184e68f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2116178
x-accel-date
1681810957
content-length
10807
x-77-nzt
AZySIYjB8o7/UkogAA
x-accel-expires
@1713346957
last-modified
Wed, 01 May 2019 23:24:41 GMT
server
CDN77-Turbo
etag
"5cca2ab9-2a37"
x-77-nzt-ray
f6587a1d7b2248565fb05e6431f00237
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kislik-kavurma-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/03/ Frame 5454 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/03/kislik-kavurma-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
34036b7ceed88b75d9cf9fcc6b414372042896bcc28954b304766f6f1bf8e8bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2117307
x-accel-date
1681809828
content-length
11517
x-77-nzt
AZySIYgccBX/u04gAA
x-accel-expires
@1713345828
last-modified
Tue, 17 Mar 2020 20:22:46 GMT
server
CDN77-Turbo
etag
"5e713196-2cfd"
x-77-nzt-ray
f6587a1d7b2248565fb05e64636c0437
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavuk-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/11/ Frame 5454 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/11/tavuk-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5d867d8101d7d263052fd7656e7e10f585b485c3c38cb96e2c7bca172f579491

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2114753
x-accel-date
1681812382
content-length
12499
x-77-nzt
AZySIYgQlS7/wUQgAA
x-accel-expires
@1713348382
last-modified
Wed, 01 May 2019 23:26:22 GMT
server
CDN77-Turbo
etag
"5cca2b1e-30d3"
x-77-nzt-ray
f6587a1d7b2248565fb05e64e2650637
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-etimekli-besamel-soslu-tavuk-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/12/ Frame 5454 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/12/firinda-etimekli-besamel-soslu-tavuk-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e041f359812b31ffb3d561c106435550a58d86540a0262a93e6e462624fada6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2116371
x-accel-date
1681810764
content-length
12566
x-77-nzt
AZySIYhlfZf/E0sgAA
x-accel-expires
@1713346764
last-modified
Wed, 01 May 2019 23:10:13 GMT
server
CDN77-Turbo
etag
"5cca2755-3116"
x-77-nzt-ray
f6587a1d7b2248565fb05e6403ee0737
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavuk-sote-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/12/ Frame 5454 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/12/tavuk-sote-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6bfe09f0e69c4c09277d895b1146f4217b705d6bee219c661b36031742c24dd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2116211
x-accel-date
1681810924
content-length
12346
x-77-nzt
AZySIYhFMA7/c0ogAA
x-accel-expires
@1713346924
last-modified
Wed, 01 May 2019 23:27:27 GMT
server
CDN77-Turbo
etag
"5cca2b5f-303a"
x-77-nzt-ray
f6587a1d7b2248565fb05e64751f0a37
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
patates-puresinde-tavuk-sote-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/04/ Frame 5454 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/04/patates-puresinde-tavuk-sote-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3bc501087c297a6f3d740843828eabab1f7f9de9787718f2ec63952faedbec0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2117681
x-accel-date
1681809454
content-length
16839
x-77-nzt
AZySIYjUSRr/MVAgAA
x-accel-expires
@1713345454
last-modified
Tue, 04 Apr 2023 21:50:39 GMT
server
CDN77-Turbo
etag
"642c9baf-41c7"
x-77-nzt-ray
f6587a1d7b2248565fb05e640da60b37
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sebzeli-yesil-mercimek-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/10/ Frame 5454 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/10/sebzeli-yesil-mercimek-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9b1ec654e529d91133a96b94592f569bdef2932fa03d52c6fdb164a5195d7b9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2115447
x-accel-date
1681811688
content-length
15088
x-77-nzt
AZySIYjfP5n/d0cgAA
x-accel-expires
@1713347688
last-modified
Sun, 03 Oct 2021 22:06:06 GMT
server
CDN77-Turbo
etag
"615a294e-3af0"
x-77-nzt-ray
f6587a1d7b2248565fb05e6452ec0c37
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ispanak-borani-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/04/ Frame 5454 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/04/ispanak-borani-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d8b4887a05128d173df033ad7b0ecf00bba347394d67b8800b831a90dfeff00c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2116286
x-accel-date
1681810849
content-length
13451
x-77-nzt
AZySIYgcmRX/vkogAA
x-accel-expires
@1713346849
last-modified
Wed, 01 May 2019 22:57:37 GMT
server
CDN77-Turbo
etag
"5cca2461-348b"
x-77-nzt-ray
f6587a1d7b2248565fb05e64b8780e37
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sogan-kavurmasi-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/02/ Frame 5454 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/02/sogan-kavurmasi-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
204be8afb130957abf83d87a592dfb6de645dcfc7035fafefec72e676dfe05e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
607948
x-accel-date
1683319187
content-length
12265
x-77-nzt
AZySIYj0T5//zEYJAA
x-accel-expires
@1714855187
last-modified
Thu, 06 Feb 2020 21:07:27 GMT
server
CDN77-Turbo
etag
"5e3c800f-2fe9"
x-77-nzt-ray
f6587a1d7b2248565fb05e64215a7537
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
taze-fasulye-borani-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/07/ Frame 5454 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/07/taze-fasulye-borani-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e333cb1305d380d1fea95d56af2665209ad86d60e8df0d3d0b1d6aba56d5836f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2115710
x-accel-date
1681811425
content-length
14550
x-77-nzt
AZySIYhbTWH/fkggAA
x-accel-expires
@1713347425
last-modified
Wed, 01 Jul 2020 23:09:11 GMT
server
CDN77-Turbo
etag
"5efd1797-38d6"
x-77-nzt-ray
f6587a1d7b2248565fb05e640bad7737
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
yogurtlu-kuskus-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/10/ Frame 5454 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/10/yogurtlu-kuskus-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8ef632787197eed4d48c94b8bf69add99b244a562f4927b491f8ec1f4d27e8e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2117607
x-accel-date
1681809528
content-length
12366
x-77-nzt
AZySIYgsk0n/508gAA
x-accel-expires
@1713345528
last-modified
Wed, 01 May 2019 23:05:42 GMT
server
CDN77-Turbo
etag
"5cca2646-304e"
x-77-nzt-ray
f6587a1d7b2248565fb05e64a6dc7937
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
havuclu-brokoli-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/01/ Frame 5454 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/01/havuclu-brokoli-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
08ea981d8e95685d3e51862b19b49ffad381b140f8389b86658b47b5eed2b0e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2117484
x-accel-date
1681809651
content-length
10112
x-77-nzt
AZySIYinNZT/bE8gAA
x-accel-expires
@1713345651
last-modified
Sat, 29 Jan 2022 23:43:27 GMT
server
CDN77-Turbo
etag
"61f5d11f-2780"
x-77-nzt-ray
f6587a1d7b2248565fb05e6492f47b37
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
eristeli-domates-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/06/ Frame 5454 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2015/06/eristeli-domates-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
840f32948f13a31acb240f2481999e70efe9eabea0d423581bb2e4f9e53aafb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2117664
x-accel-date
1681809471
content-length
13963
x-77-nzt
AZySIYg8fVT/IFAgAA
x-accel-expires
@1713345471
last-modified
Wed, 01 May 2019 22:44:10 GMT
server
CDN77-Turbo
etag
"5cca213a-368b"
x-77-nzt-ray
f6587a1d7b2248565fb05e644aac7d37
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
bulgurlu-tarhana-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/02/ Frame 5454 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/02/bulgurlu-tarhana-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
436484b452f8f1c015d37c79077fd81dcfbb053f58e6f0b586692ef9de9fc2d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2115866
x-accel-date
1681811269
content-length
13869
x-77-nzt
AZySIYjr1Qb/GkkgAA
x-accel-expires
@1713347269
last-modified
Mon, 27 Feb 2023 19:03:03 GMT
server
CDN77-Turbo
etag
"63fcfe67-362d"
x-77-nzt-ray
f6587a1d7b2248565fb05e6408b77f37
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
zencefilli-kek-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/11/ Frame 5454 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/11/zencefilli-kek-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
55ddcabedf2600fc561ab8ea1d690461ad399c9b8f77f82214d905b21310c71e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1172720
x-accel-date
1682754415
content-length
13622
x-77-nzt
AZySIYjI9Zb/8OQRAA
x-accel-expires
@1714290415
last-modified
Tue, 03 Nov 2020 22:45:55 GMT
server
CDN77-Turbo
etag
"5fa1dda3-3536"
x-77-nzt-ray
f6587a1d7b2248565fb05e644f9f8137
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cevizli-irmik-helvasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/02/ Frame 5454 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/02/cevizli-irmik-helvasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
81fa8db261275be7531fb128593cece26d5e679e6e7a633f28f77add13a0d217

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2116519
x-accel-date
1681810616
content-length
12673
x-77-nzt
AZySIYhhs5j/p0sgAA
x-accel-expires
@1713346616
last-modified
Fri, 10 Feb 2023 21:46:02 GMT
server
CDN77-Turbo
etag
"63e6bb1a-3181"
x-77-nzt-ray
f6587a1d7b2248565fb05e643dc68437
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sodali-kakaolu-kek-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/07/ Frame 5454 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/07/sodali-kakaolu-kek-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ea68e20514296ce314c3ca1eb5ff2cd1c1a1fc396b303b41c2364ffbd31e1550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1656540
x-accel-date
1682270595
content-length
15276
x-77-nzt
AZySIYho1MD/3EYZAA
x-accel-expires
@1713806595
last-modified
Thu, 16 Jul 2020 23:19:56 GMT
server
CDN77-Turbo
etag
"5f10e09c-3bac"
x-77-nzt-ray
f6587a1d7b2248565fb05e646aa78637
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
helvaci-ali-irmik-helvasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/12/ Frame 5454 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/12/helvaci-ali-irmik-helvasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0f7226a27d44ba3b13a34640b036b2d2666f057b039861b781576c4bf8308642

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2117153
x-accel-date
1681809982
content-length
12238
x-77-nzt
AZySIYhQl/L/IU4gAA
x-accel-expires
@1713345982
last-modified
Wed, 15 Dec 2021 12:29:16 GMT
server
CDN77-Turbo
etag
"61b9df9c-2fce"
x-77-nzt-ray
f6587a1d7b2248565fb05e648d3f8837
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavada-pisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/12/ Frame 5454 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2019/12/tavada-pisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7fb65548f1070a02531030355eb69c1dbdaa000acc7997f5c2af52e01bc29aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2115779
x-accel-date
1681811356
content-length
11084
x-77-nzt
AZySIYjRnnz/w0ggAA
x-accel-expires
@1713347356
last-modified
Mon, 16 Dec 2019 21:44:06 GMT
server
CDN77-Turbo
etag
"5df7faa6-2b4c"
x-77-nzt-ray
f6587a1d7b2248565fb05e6416d68937
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
pirasali-yumurta-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ Frame 5454 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/12/pirasali-yumurta-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a09a0a0b27c17ceedfae9a0c2db6819018ce22c4630ae3b4f8b0a75bbb0a86ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2116596
x-accel-date
1681810539
content-length
15820
x-77-nzt
AZySIYiKrOX/9EsgAA
x-accel-expires
@1713346539
last-modified
Thu, 10 Dec 2020 23:23:37 GMT
server
CDN77-Turbo
etag
"5fd2adf9-3dcc"
x-77-nzt-ray
f6587a1d7b2248565fb05e645e938c37
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sebzeli-misir-ekmegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/11/ Frame 5454 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/11/sebzeli-misir-ekmegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
886aadb9d7fd797e07b70c67dfc5e3f40f8cb9a350bee05e5cc4db9c078613c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
975198
x-accel-date
1682951937
content-length
12450
x-77-nzt
AZySIYi9XDT/XuEOAA
x-accel-expires
@1714487937
last-modified
Sun, 08 Nov 2020 23:21:47 GMT
server
CDN77-Turbo
etag
"5fa87d8b-30a2"
x-77-nzt-ray
f6587a1d7b2248565fb05e64ab918e37
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
peynirli-pankek-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/01/ Frame 5454 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/01/peynirli-pankek-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
65fb4798ce5d6c245da63cc949a4909180b95d36906efdbd49e5a3789d262266

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2114806
x-accel-date
1681812329
content-length
16270
x-77-nzt
AZySIYjaa6f/9kQgAA
x-accel-expires
@1713348329
last-modified
Fri, 28 Jan 2022 23:17:09 GMT
server
CDN77-Turbo
etag
"61f47975-3f8e"
x-77-nzt-ray
f6587a1d7b2248565fb05e64d0329037
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
_dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame 5454 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:15 GMT
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
Microsoft-IIS/10.0
etag
"8ae3cdbd420cc1:0"
x-powered-by
ASP.NET
x-hw
1683927135.cds101.lo4.hn,1683927135.cds041.lo4.c
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length
5605
addthis_widget.js
s7.addthis.com/js/300/ Frame 5454 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Fri, 12 May 2023 21:32:15 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
x-host
s7.addthis.com
content-length
116356
DMCABadgeHelper.min.js
images.dmca.com/Badges/ Frame 5454 		465 B
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:15 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
Microsoft-IIS/10.0
etag
"26b181f16d28d51:0"
x-powered-by
ASP.NET
x-hw
1683927135.cds101.lo4.hn,1683927135.cds281.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length
395
outside.js
static.virgul.com/theme/mockups/adcode/ Frame 5454 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
3bf48016240e2a08d327f70eed169e186b2fca957544ed5c02e9b7c6c9af7d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
last-modified
Tue, 18 Apr 2023 08:37:30 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
sdk.js
connect.facebook.net/tr_TR/ Frame 5454 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
11d6662d3ec87142f2ed1ed445fbec4b43557708224e35222b3116d42ba796a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 12 May 2023 21:32:15 GMT
content-md5
6XD9iJssvbTLa1lsE2aGfA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
9ycQezfk7ckhIJ2sF2EYsm0xjNv5LhvM3hE9BnAYVTKVnHsMT1JidxxWkZhz8oBn9nJIbRCgqb4SJw+ezuVN2g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
4299b9abc49eeae255eff83d54832b15
cross-origin-opener-policy
same-origin-allow-popups
etag
"6ba83a19d17a2becd4d0d6f69a755d49"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=()
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 12 May 2023 21:37:38 GMT
sprite_3.png
cdn.ye-mek.net/grafik/ Frame 5454 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by
Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ye-mek.net/maincss.css?v=434
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 21:32:15 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2117693
x-accel-date
1681809442
content-length
21525
x-77-nzt
AZySIYjw94P/PVAgAA
x-accel-expires
@1713345442
last-modified
Mon, 14 May 2018 20:55:05 GMT
server
CDN77-Turbo
etag
"5af9f7a9-5415"
x-77-nzt-ray
f6587a1d7b2248565fb05e64b0f99137
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sdk.js
connect.facebook.net/tr_TR/ Frame 5454 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js?hash=8cb6d86df9729fdcd9d3187d9bf79413
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3b56bf5f41b5d3c92b8ba3a6c48f9e33779a5470e4eba1c67825325af94b1cb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 12 May 2023 21:32:15 GMT
content-md5
nzVa0drd5MXbtVZMzEaSWg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88732
x-fb-rlafr
0
x-fb-debug
gF6lroD/oN1+6AZ4W6xNmzAZjMOEY/7BfM97sLvjNfNU78fXI7a1tlE3vpGxXsrGqKViwIs8I5cKFd+ic+HfsA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
91c3d8f9896a0ecc2e5f8c28371e9533
cross-origin-opener-policy
same-origin-allow-popups
etag
"5f2c2e1638e4435a9333a4ea98d0d472"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 11 May 2024 21:06:15 GMT
analytics.js
www.google-analytics.com/ Frame 5454 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 12 May 2023 21:05:00 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
1636
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 12 May 2023 23:05:00 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ Frame 5454 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=39433
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5454 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff6d05f1898cc5facda5693a0b147ca6a3ba2b23ba04146b8b37e630c96b7e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25444
x-xss-protection
0
server
cafe
etag
194 / 19489 / 31074557 / config-hash: 12149282487307251612
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:16 GMT
ads.js
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame 5454 		120 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
last-modified
Wed, 21 Dec 2022 18:47:42 GMT
server
openresty/1.15.8.3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
120
str.html
static.virgul.com/theme/mockups/outside/ Frame 0C5B 		891 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=5184000
content-length
891
content-type
text/html
date
Fri, 12 May 2023 21:32:16 GMT
last-modified
Wed, 28 Sep 2022 10:07:57 GMT
server
openresty/1.15.8.3
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 5454 		137 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4787417aa489e159270669c86324631a61aea491cf5ce290a6f723bb2d7a52d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47432
x-xss-protection
0
server
cafe
etag
15367500193618318770
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:16 GMT
prebid7.38.0.js
static.virgul.com/theme/mockups/outside/ Frame 5454 		489 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
last-modified
Mon, 27 Mar 2023 14:56:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
apstag.js
c.amazon-adsystem.com/aax2/ Frame 5454 		230 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:22:56 GMT
content-encoding
gzip
via
1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront), 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:07 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1, FRA2-C1
age
561
x-amz-server-side-encryption
AES256
etag
W/"e6af4658ab1a6fdde1f0066b27d5372e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
7hArCThJdtB5R4Yi1QaqEP8yrqKOMYtSORSlnJZlzkONjhdmwv0MXg==
pageview
ng.virgul.com/ Frame 5454 		34 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/pageview?c=site_geneli&mt=1683927136214&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.7008730903354985
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
65f265907f909e5c25aa72142f1eaa840276d02fdfa62cbd8433a58b2e1c75ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://ye-mek.net
content-type
application/javascript
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
yemek_net.js
static.virgul.com/theme/mockups/fallback/ Frame 5454 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19489
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
07849c46f2c450b07dfccf7163e986d80d942edd003d11dbe02f083bc21ac008

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
last-modified
Thu, 11 May 2023 21:52:45 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
hb
ng.virgul.com/ Frame 5454 		49 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=467757
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
3f71870dae7ba7c0cd4f214f25c19ecd336beb6f4c3a5947607159b0806084fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://ye-mek.net
content-type
application/javascript
cache-control
max-age=3600
access-control-allow-credentials
true
empowerwebplayer3.js
static.virgul.com/theme/mockups/outside/ Frame 5454 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 09:38:48 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/ Frame 5454 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31074562
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06e1e26a165f2cb3c31ff0a987d9ce256eb75bf7f14dee8a632af5a9044c848b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122590
x-xss-protection
0
server
cafe
etag
12657316384252448663
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:16 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame 4EB8 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
45450
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 08:54:46 GMT
etag
15057649708203361565
expires
Fri, 26 May 2023 08:54:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/ Frame 5454 		403 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98a3ab26574717a95d200c12658c4dbbb28109a057cc52f8a100e6da2b645963
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 12:12:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
33599
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127561
x-xss-protection
0
server
cafe
etag
1000764176958695900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 11 May 2024 12:12:17 GMT
yemek_net.js
static.virgul.com/theme/mockups/sites/ Frame 5454 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=467757
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 09:08:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
pandg-sdk.js
pghub.io/js/ Frame 5454 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 20:34:47 GMT
content-encoding
gzip
age
3449
x-guploader-uploadid
ADPycdt-Sv7qh1khj7XNzaukRNmeeoZSgvAmYl6VWYDalfMj9oIhMD_B4-tD5OytnnQieCrb3F51WLlpoq7iJbZ_Wr-g1wYR6BBv
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4955
last-modified
Fri, 20 Jan 2023 18:31:19 GMT
server
UploadServer
etag
"b3517e216253857ea8c4209cb84004df"
vary
Accept-Encoding
x-goog-generation
1674239479122517
x-goog-hash
crc32c=rClt4g==, md5=s1F+IWJThX6oxCCcuEAE3w==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
4955
accept-ranges
bytes
content-type
application/javascript
zoneview
ng.virgul.com/ Frame 5454 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1683927136398&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.6819508669665642
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 21:32:16 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
NoktaNpmPlayerApi.js
c1.imgiz.com/player_others/html5/ Frame 5454 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19489
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 11:58:21 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Fri, 19 May 2023 21:32:16 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 5454 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 16:00:48 GMT
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
19887
x-cache
Hit from cloudfront
access-control-allow-origin
https://ye-mek.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
X2xOcoMKQOtkOHqEgWe8fDrt-AdMtjBBU4Csik7y41cZM4M_ZNnp-g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5454 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
date
Fri, 12 May 2023 21:16:53 GMT
x-amz-cf-pop
FRA2-C1
age
925
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
gzzqjmDT0K2d9bxxKbIXyiJMX9H_0ZXVqYCoMHJsaDs42doWVhF6Mg==
localstore.js
script.4dex.io/ Frame 5454 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:16 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
698246
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCuMusva34GErMB%2BFi%2BD6GQlV5rioLZSTW0D7Gn26GG4rDm0wLqw0vKnTlUx%2BfG09%2BYHMV%2FNgzSPLwti1LLCN3EqPhTe7dn1y9WsA4Iq%2BqkI1p8jcKfTGxUny38QKEH6xLMvymCqXz%2Bq6oUo"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7c65c5fb7ce3361f-FRA
bid
aax.amazon-adsystem.com/e/dtb/ Frame 5454 		23 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=QQoJ7XbsJUwUQ&cb=0&ws=1600x1200&v=23.505.1627&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.140.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-140-4.mct50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
via
1.1 2724381ae43103ea5aed566fa7fa0f08.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MCT50-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
1HCVaEmDNY1fyeYDnAQunYKMNsssP1Mt5Zu9X6mb9GAsuQlF64YDnw==
integrator.js
adservice.google.de/adsid/ Frame 5454 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5454 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5454 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093726643794446&correlator=1480058394703938&eid=31074543%2C31074557&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683927136214%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetdb2e3a66accf46ccab60e7ce75756ab1&sc=1&cdm=ye-mek.net&abxe=1&dt=1683927136536&lmt=1683927136&dlt=1683927135620&idt=854&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=6l2b459rh8es&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1524346168.1683927136&ga_sid=1683927137&ga_hid=1084965607&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8d0978ea5d4c12a8a9fc1376a848092e7a20eb96bdc727302275f4217e14911
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10420
x-xss-protection
0
google-lineitem-id
6241543851
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425583957
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3B9B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:16 GMT
expires
Sat, 11 May 2024 21:32:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zoneview
ng.virgul.com/ Frame 5454 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1683927136584&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.07183850900444666
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 21:32:16 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
bid-request
a.teads.tv/hb/ Frame 5454 		16 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 12 May 2023 21:32:16 GMT
translator
hbopenbid.pubmatic.com/ Frame 5454 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 21:32:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 5454 		19 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 21:32:16 GMT
AN-X-Request-Uuid
1e459265-11cf-47f4-8569-39f50528b779
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ye-mek.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 5454 		0
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame 5454 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.38.0&cb=76658659450&lsavail=0
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://ye-mek.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
hb
cpm.programattik.com/ Frame 5454 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=45&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Fri, 12 May 2023 21:32:16 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
hb
cpm.programattik.com/ Frame 5454 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=44&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Fri, 12 May 2023 21:32:16 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
hb
cpm.programattik.com/ Frame 5454 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=80&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Fri, 12 May 2023 21:32:16 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
prebid
mp.4dex.io/ Frame 5454 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:16 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7c65c5fc3b319253-FRA
expires
0
openrtb
adx.adform.net/adx/ Frame 5454 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0b0aa71ad86560c9cea5f70f15b3066175bbf24fdb8287a9cdd61bf097fed137
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://ye-mek.net
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
hb.emxdgt.com/ Frame 5454 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 5454 		19 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 21:32:16 GMT
AN-X-Request-Uuid
c66171c2-a187-4782-bb28-58063d70c7a1
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ye-mek.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 5454 		173 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.4.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-4-50.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0365ed3385b6b8bf3e1048ac4261d1a0bff4545474f89bbc53fa76909d4608cd

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
x-prebid
pbs-java/1.118.0
content-type
application/json
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5454 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862172&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=d25a18a6-d67a-46c7-b859-4f8bedfbea19%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&tk_flint=pbjs_lite_v7.38.0&x_source.tid=66aef3b2-b889-46a6-acc4-bc86b6bca06a&l_pb_bid_id=461aa903b7f0992&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3449279998850585
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
434674e8d2fbd9c8d26e6a6fee05e6bd6ed1b7806ad3fb0cfe24c3908672bd28

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5454 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862174&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=d25a18a6-d67a-46c7-b859-4f8bedfbea19%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&tk_flint=pbjs_lite_v7.38.0&x_source.tid=8e59cea9-c1ce-434c-a895-5b3898e2f183&l_pb_bid_id=47374ac3199f491&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8143140431577354
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5e84bfba85c4f1f092da6f39501512eeb72da8c1000ec942581cfff0f69e843f

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5454 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746730&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=d25a18a6-d67a-46c7-b859-4f8bedfbea19%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=e74da0a4-7a6a-4763-8802-5d2282977396&l_pb_bid_id=48715932b975c9d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.21282288350649203
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5ede07b1b6be956f651771b663aef8dd28afb1a12156780871f4adeb16f5be6e

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5454 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746580&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=d25a18a6-d67a-46c7-b859-4f8bedfbea19%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=652940f4-4640-4c76-88e2-ed8671898876&l_pb_bid_id=49aefa59d1d316c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3463071280467287
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bdfe396bfc96412ac7f226699051811824a1b47c132532f9587364cefcf15fee

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5454 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862158&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=d25a18a6-d67a-46c7-b859-4f8bedfbea19%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&tk_flint=pbjs_lite_v7.38.0&x_source.tid=15617ad1-5153-4673-b541-6864f659f99e&l_pb_bid_id=5152ec50c6ef2af&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3126116091652662
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e5c767ed3f738518c17c23fe8f6adecc7256a65b1153db4ded6a85a03cce51fd

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 5454 		24 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.38.0
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
48455726dd22d4565cec25526db3492e9a2b35a24de1a37790655faffd8142ed

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 12 May 2023 21:32:16 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ye-mek.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
ads
securepubads.g.doubleclick.net/gampad/ Frame 5454 		61 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093726643794446&correlator=3273228152474693&eid=31074543%2C31074557&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=3&adks=2090934222&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683927136214%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D0%26amznp%3D0&ppid=vnetdb2e3a66accf46ccab60e7ce75756ab1&sc=1&cdm=ye-mek.net&abxe=1&dt=1683927136670&lmt=1683927136&dlt=1683927135620&idt=854&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=fgubudj2x2ve&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=1524346168.1683927136&ga_sid=1683927137&ga_hid=1084965607&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8d67ef7bffe4c32d736235ba01919cfb4b6bcad3953a3f18c228fecffbce75b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14357
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 5454 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093726643794446&correlator=3273228152474693&eid=31074543%2C31074557&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=4&adks=615407983&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683927136214%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D0%26amznp%3D0&ppid=vnetdb2e3a66accf46ccab60e7ce75756ab1&sc=1&cdm=ye-mek.net&abxe=1&dt=1683927136675&lmt=1683927136&dlt=1683927135620&idt=854&adxs=349&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=dcuv1hu7vixg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=1524346168.1683927136&ga_sid=1683927137&ga_hid=1084965607&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac7712f91fa061ed44fcfa0af261cf6c1defd3639eb5bc771c4e49557a673abb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10502
x-xss-protection
0
google-lineitem-id
6241543851
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425583966
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 5454 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093726643794446&correlator=3273228152474693&eid=31074543%2C31074557&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=5&adks=1699457317&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683927136214%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D0%26amznp%3D0&ppid=vnetdb2e3a66accf46ccab60e7ce75756ab1&sc=1&cdm=ye-mek.net&abxe=1&dt=1683927136679&lmt=1683927136&dlt=1683927135620&idt=854&adxs=985&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ygbnmqqjfewm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=1524346168.1683927136&ga_sid=1683927137&ga_hid=1084965607&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b039a23952a82e4198c633b4243309a51ed0048f299a292994987846054fdc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10506
x-xss-protection
0
google-lineitem-id
6241543851
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138426216898
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F088 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927136325&bpp=5&bdt=705&idt=372&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&nras=1&correlator=6199928146877&frm=24&ife=1&pv=2&ga_vid=1524346168.1683927136&ga_sid=1683927137&ga_hid=1084965607&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C44773809%2C31074468%2C31074562%2C44788442%2C44789923&oid=2&pvsid=1093726643794446&tmod=2084691924&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.slukqhyk4a1q&fsb=1&dtd=389
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31074562
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
tag
feed.pghub.io/ Frame 7248 		13 B
257 B 		Document
General
Check archive.org
Download Go to
Full URL
https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Fri, 12 May 2023 21:32:16 GMT
strict-transport-security
max-age=31536000
via
1.1 google
adagio.js
script.4dex.io/ Frame 5454 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:16 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1435398
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63kHAi3V%2Bn%2FBjZvZG%2B%2BNB1TLmvzhr3JJnDAAVQLGyzT9Us2nykK5yJhNRZWroz42%2Fujeu4VQTIcJcey%2F%2BOkoUktiO3rU65Rf6yp6S1LHIJHb8gFTRbtv9h3MesjvExUvLy%2F307HnNmC0EayJ"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7c65c5fcbc72373c-FRA
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5454 		360 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122883
x-xss-protection
0
expires
Fri, 12 May 2023 21:32:16 GMT
NoktaPlayer.js
c1.imgiz.com/player_others/html5/ Frame 5454 		399 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=5/12/2023
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e183dfed35d6921278c39359a5d34fbb9dfaaf4f990ec6d210a7217a95e897db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
last-modified
Mon, 06 Mar 2023 16:42:16 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Fri, 19 May 2023 21:32:16 GMT
container.html
c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7A95 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:16 GMT
expires
Sat, 11 May 2024 21:32:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7A95 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 09:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
562327
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 05 May 2024 09:20:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 7A95 		136 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5faea593d5e188325e41c31f3dbc3ec368fd6a05ad98d3ca3ebfd16ba525bfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
Origin
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47509
x-xss-protection
0
server
cafe
etag
15916872145074470111
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7A95 		169 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:16 GMT
container.html
c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2886 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:16 GMT
expires
Sat, 11 May 2024 21:32:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 7A95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFvJGuS-8JfIORTibmGKiUjQj4b8RnuLsLnePF7007eCkTD5wlD-cFwnPXSoj6Xvy8QoLdmnqNPciKajoEcQ809HdQpkFMzX_TyApZgaMkYeO04lOJlsXi90SPtiMe1KyOo9j_nPI1jNJEUSiXfmhnVj-jrn2xZUUmFj7XjcG5jKLnf7iWMwGckXsGNTKqlFtk0UsrvkqyekMHS4KRagQSAVaLGIFghXF-93SWDxHAyFJsjeUGkVmCxQELUKkuW2wkt7BvZ8KaE1Qa_WucMTttMA8Ru2E9n_1m3530gcD3md-xEOGQ7TlzZd3dnwWhfEtaCBKsTAq8Bkqe_j71eXhaQgV8Voj8cm2HFifP_3wWVtPC&sai=AMfl-YSGxdw-2zMQ6IkSeBAb3SX3Znc4uTAygw_ta1SBWaf3qda1waOOz3FwSh0r_6rQUjSfvNxSOr5UIdxx1QW1B_0yUZX1Z4y--zLDoXxcan4&sig=Cg0ArKJSzCKSckoMFfRGEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 21:32:16 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2886 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 09:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
562327
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 05 May 2024 09:20:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2886 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
698e0676947b790fd6a59bc2d68ac8e64293d4d25ac749818b2d51e9bb90f12b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
Origin
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47507
x-xss-protection
0
server
cafe
etag
1217230080367449729
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2886 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:16 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ Frame 7A95 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com&bust=31074511
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1a500def9fe345fb289e7426d31a3711e0ee2247a09040f8115329e301728e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122681
x-xss-protection
0
server
cafe
etag
17520283869702756859
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:17 GMT
truncated
/ Frame 7A95 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4650f4174f493f55872212df25cf7141eb2d10de0f59ab7ebffda0f85399311

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2886 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgIpqTa6t0SuqfZPs_-8VH0TOOTnrfdApqUqeM-sO0Uj94zocDuBRy5ArWOm3QjcjMfuEshaQFBFdHwELtZsogo2ICEoVSJmneG2n3cTZlt1kjBXssBmXgR6NNWpDmz0TUGupx7q78A0WA39NmVDLPKPv-9m_OMEFRqwZV7evD-2s6Jp-6VE1QS_D3mh0fsBWXbG1SjhWSdQhvTCPru0WEAjyIKQ73ZQNbAU3cFFqzeGh98etqWntWwR_NKDWGWDW26OM8SnagpUCX1nWnoPwb-vErtm6mqmxIhjOufr8Ya3_wtlCC1OCFZ-T5E6Z64wmY6pkvyzginXpNncrDP0csmXsFSwo&sai=AMfl-YSdWJeq_SD5MLoR_rSoKExnFVzKUgjMcth23S9CnyTVaJ4cREQMjL8oBlKFW4KhGEIiWbQxm1_U9mkIYhThJVeF20JpmbFpPVrOveYlrgMCKYOui1_64TZPpcapEv4ejJvVsDk9HKvcG-bczabB1SJypxngz2ZTAEgo71luSIccRDWgfG4GuVXm3cU88uz8&sig=Cg0ArKJSzFFxrRdbcORaEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 2886 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
220e94de118d5d4c0cb30081674c488bdd146fc4e9f1a00e42fdbc0121e8e82c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ Frame 2886 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc1039874612c4c9fc5eb0beb43562fc7f2614837bb1a621b239a2ed2e904b6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122686
x-xss-protection
0
server
cafe
etag
13905016785211392050
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:17 GMT
container.html
c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 914A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:16 GMT
expires
Sat, 11 May 2024 21:32:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 914A 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 09:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
562328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 05 May 2024 09:20:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 914A 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fea49d6f04f43be15c142cc2967d18e3010d0cc27e6f65264103ec863b687320
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
Origin
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47287
x-xss-protection
0
server
cafe
etag
12308399612160674031
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 914A 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:17 GMT
integrator.js
adservice.google.de/adsid/ Frame 7A95 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com&bust=31074511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7A95 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com&bust=31074511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E03C 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407280060&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927136996&bpp=14&bdt=118&idt=167&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&nras=1&correlator=2394414274008&frm=8&ife=1&pv=2&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.a51x4zy6i49v&fsb=1&dtd=184
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com&bust=31074511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FE40 		30 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com&bust=31074511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd1f03c58166c87f8eb9e10f3ad92eb4aeaffda13f9ec679bb48e534804620f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
13511
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 914A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnGmSI4HG5wSjOz6-MTYviyB7mf41RsmPvh9CZw1BIqz--Yk6MDO39O-7dy09Sd3dfUwEqaZHQmYuQNfbubk_IuNP55PmMfn_Y7MhCan8NkJDVFqz4Iv3vIK1G7zFEXE1CwPtBhC4BeQbnvvcN2JjsPxetrsjhTHGsnlh26ch29m4LC0Rmv8cH8G6Lyc4sEiCcYv9V0hjiQawOiq1l58zua5pLFsDymqa_Y_ZCoCSgryHMWbYJBSmt2X2eVEpsuGzBLU9Gg2VtW-pRs_m8Bb_5wJP9exdgcpVLf8yKbkQq-xi6NiaeqhM335xnCWTSpzpio03OPGWtb265yEOuvfBHBT2uuYE&sai=AMfl-YQ_sXMALH69HUlyQbWc7Hp05hzUphtvv5ugJ8VimY4kUOmUsymKyXRLurrFqM-4YzP7LmeNbDIEypCNLyYA2ch9QycVbRS9JXLSgmDo4v00CA8UYsQ1pdRlWbAlA8CKpo8UKeHaJc664Q-VvwAJbog4Ya88oBZoq2QlMCUwgB4y5MN2rtlJ5ItgVIPyavwW&sig=Cg0ArKJSzKuu-jfxGW8aEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 914A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2bbc86f05cfc3ef4655b07248c8836f0feda3315adde1f8d07508a6ad130309d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/ Frame 914A 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com&bust=31074562
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0c23f0b835ed029a7df3d30c691d6cc6296436c24041543cf66c46f58facdd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122585
x-xss-protection
0
server
cafe
etag
3267286368745440456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:17 GMT
container.html
c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 96A5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:16 GMT
expires
Sat, 11 May 2024 21:32:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 96A5 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 May 2023 20:31:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 May 2023 21:32:17 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230510_RC00/ Frame 96A5 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230510_RC00/outstream.min.css
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 23:09:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166971
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2883
x-xss-protection
0
last-modified
Wed, 10 May 2023 21:47:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 May 2024 23:09:26 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230510_RC00/ Frame 96A5 		372 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230510_RC00/outstream.min.js
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6bc16609b7f55319669da5605340e40fb23b3b59783c46fa5de3d5565eab17f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 23:09:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166971
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130483
x-xss-protection
0
last-modified
Wed, 10 May 2023 21:47:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 May 2024 23:09:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 96A5 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
12496
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:01 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 96A5 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 09:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
562328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 05 May 2024 09:20:09 GMT
6363a944e4b0125bde9e6739
ng.virgul.com/tck/imp/ Frame 5454 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/imp/6363a944e4b0125bde9e6739?g=1&t=cpc_annotation&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1683927136214&userId=vnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 21:32:17 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
integrator.js
adservice.google.de/adsid/ Frame 2886 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2886 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9F6B 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407281013&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137113&bpp=3&bdt=149&idt=229&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&nras=1&correlator=5576010291771&frm=8&ife=1&pv=2&ga_vid=107144191.1683927137&ga_sid=1683927137&ga_hid=1881504092&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C31074468%2C44772269%2C44782466%2C44788442%2C44789779&oid=2&pvsid=3176556897090518&tmod=126288162&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.d2u0t6bajgih&fsb=1&dtd=249
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2153 		436 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198791702&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137116&bpp=1&bdt=152&idt=250&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5576010291771&frm=8&ife=1&pv=1&ga_vid=107144191.1683927137&ga_sid=1683927137&ga_hid=1881504092&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C31074468%2C44772269%2C44782466%2C44788442%2C44789779&oid=2&pvsid=3176556897090518&tmod=126288162&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vwv13hjuz4y1&fsb=1&dtd=254
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c26ab5213fe4f14868147548fe5247901109fc9722a26c30d9ebeb46404fa3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 96A5 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lhl2qmw3&c=2042079243000&slotId=1021039621500&qqid=CKuI17bd8P4CFQzAuwgdQCgOnQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318475489%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230510_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4003:c02::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 96A5 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:04:15 GMT
x-content-type-options
nosniff
age
534482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 17:04:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 96A5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 02:06:17 GMT
x-content-type-options
nosniff
age
69960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 May 2024 02:06:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96A5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C6wI_YbBeZOvTBoyA7_UPwNC46AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQWpArhJv7UzZ7I-4AIAqAMByAMCqgSbAk_Qv4axTZBa8emo07SJYb27BExgLx85EjNZBYnqd96N_5NR5mJALqXveGDQ6sBR3P8p-oy-4KD3qj8Y8-HZ7N2LmURlSgL3A9UmVhCQhKoab2cihYYLI0ooN8nQrJPlxbpKqF7VJrcRnXFU9TsHgKVe1u-n8u_Y85k7WneHlXrziOfI63bVoihdox7kCZ554ZICWRtMyNiGaVELZvjBTXPdCbKbOPsSi8oIFAW4_4Aj_sj4lbgFr-D29mS8dPOwOib5F2bl6Pr8FgiODTEK3K06Z7OLihwyjclcb9wG8EYhd8RKGHgETdHmAcBwLn7Mfg2Ab4JSeGTBfWMZb119yc-gkdTQBx6epKaZEaN8YFzcUg0536YB-hAtxUDgBAGABoTOlvna197NB6AGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ&eventType=clickstring&clientTime=1683927137386&ai=C6wI_YbBeZOvTBoyA7_UPwNC46AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQWpArhJv7UzZ7I-4AIAqAMByAMCqgSbAk_Qv4axTZBa8emo07SJYb27BExgLx85EjNZBYnqd96N_5NR5mJALqXveGDQ6sBR3P8p-oy-4KD3qj8Y8-HZ7N2LmURlSgL3A9UmVhCQhKoab2cihYYLI0ooN8nQrJPlxbpKqF7VJrcRnXFU9TsHgKVe1u-n8u_Y85k7WneHlXrziOfI63bVoihdox7kCZ554ZICWRtMyNiGaVELZvjBTXPdCbKbOPsSi8oIFAW4_4Aj_sj4lbgFr-D29mS8dPOwOib5F2bl6Pr8FgiODTEK3K06Z7OLihwyjclcb9wG8EYhd8RKGHgETdHmAcBwLn7Mfg2Ab4JSeGTBfWMZb119yc-gkdTQBx6epKaZEaN8YFzcUg0536YB-hAtxUDgBAGABoTOlvna197NB6AGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 96A5 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lhl2qmwc&c=2042079243000&slotId=1021039621500&qqid=CKuI17bd8P4CFQzAuwgdQCgOnQ&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230510_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4003:c02::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast.php
ads.eu.criteo.com/delivery/r/0.1/ Frame 96A5 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/0.1/vast.php?z=ZF6wYQABqesIu8AMAA4oQPn07-ShMK47NhXmVg&u=%7CJmOw2P%2BpvWV2xe4sSG%2BoW9vEe5tsATvZRU6rJa1MTG8%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5jSfwMInGQwVgkAr581akMSiH_fr7BMm_BzTo8qWaUW82kg8KaPIh8jYEyIPyzacRNRojsRKGMNEhZT4jrQq4-myvSt3BO-Nz6KjAko-qQwvuoWpBxN9uXfpIFRYuZhCsLT1RwfxL_qSx0IhC6iPnj4g4yiL5-OvygYxlzm49Fg7hl-peb8mBxLW0qgfdBiTXgHQkALIe3Ri0gA9haRdwzRyVUljAsVud77oHSWSyFYahRl_tgEWnX3TrltbkWAhKAsLEiWQc69kx649MYJ-XgF9WXrZFwbSuDpkDawm-72uAQ2RnzAzTtRMBZy-m8JpSym3kZiYov5YKziB7oItItLK6ldXiucUp_WfJbeNb--vaQNrzCl0WvZ-eWwXSiRiF2VJsWfRWJB8WNFwmdO__MKecA_-exbpCWgVzvIDc8bVd5cCys2HLG6h5ZfhFvDowbtlBHMbpNYPwNENXYFex7tpXG5UhF0X4fWo8gYA8RIGd3IcwEKd7gHLF9hWsaduKCEMXfD2rEpJjIaeFX5SjQyafdzHXZ58h9qhLzVLIAWJiq3V6iRxdiZaSJyNdshg_bvqH3wC534aXpjw2H_ynJs&ct0=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6wI_YbBeZOvTBoyA7_UPwNC46AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQWpArhJv7UzZ7I-4AIAqAMByAMCqgSbAk_Qv4axTZBa8emo07SJYb27BExgLx85EjNZBYnqd96N_5NR5mJALqXveGDQ6sBR3P8p-oy-4KD3qj8Y8-HZ7N2LmURlSgL3A9UmVhCQhKoab2cihYYLI0ooN8nQrJPlxbpKqF7VJrcRnXFU9TsHgKVe1u-n8u_Y85k7WneHlXrziOfI63bVoihdox7kCZ554ZICWRtMyNiGaVELZvjBTXPdCbKbOPsSi8oIFAW4_4Aj_sj4lbgFr-D29mS8dPOwOib5F2bl6Pr8FgiODTEK3K06Z7OLihwyjclcb9wG8EYhd8RKGHgETdHmAcBwLn7Mfg2Ab4JSeGTBfWMZb119yc-gkdTQBx6epKaZEaN8YFzcUg0536YB-hAtxUDgBAGABoTOlvna197NB6AGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3pPTCRGx6cf6ql-9cdAmbqVzSSkA%26client%3Dca-pub-7983651257838282%26adurl%3D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230510_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
18f556f2b0c04f80c3cafbaff04148564bc3f7e530087c204f4b6b09e41a2308
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3585910
pragma
no-cache
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/xml
access-control-allow-origin
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 96A5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CCYvFYbBeZOvTBoyA7_UPwNC46AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQWpArhJv7UzZ7I-4AIAqAMBqgSYAk_Qv4axTZBa8emo07SJYb27BExgLx85EjNZBYnqd96N_5NR5mJALqXveGDQ6sBR3P8p-oy-4KD3qj8Y8-HZ7N2LmURlSgL3A9UmVhCQhKoab2cihYYLI0ooN8nQrJPlxbpKqF7VJrcRnXFU9TsHgKVe1u-n8u_Y85k7WneHlXrziOfI63bVoihdox7kCZ554ZICWRtMyNiGaVELZvjBTXPdCbKbOPsSi8oIFAW4_4Aj_sj4lbgFr-D29mS8dPOwOib5F2bl6Pr8FgiODTEK3K06Z7OLihwyjclcb9wG8EYhd8RKGHgETdHmAcBwLn7Mfg2ALYBz6uNO4XCm80neGfIGad3EDaiUir4bpWtBxq5jTCEhWgyF6a_gBAGABoTOlvna197NB6AGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzk4MzY1MTI1NzgzODI4MhjqwW0&sigh=U4VKoPBxjSA&uach_m=[UACH]&cid=CAQSbQBygQiDI8JqHyNozjNJbQRveGWXtitFK2jFOjsDqzs8egL00x-xrz6AsogvFl124CXEsexjUUrYV52tWmfb8gAQu1IL7gMO6l4iG7rjWwqgUFQbPXzBTNmRokNlcE7FTV_ibxTaH5FvH7hOq8MYAQ&vt=10
Requested by
Host: c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
URL: https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
truncated
/ Frame 96A5 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13ff6af5172fc402fe5174317b50cb5b008fa4ce409b2222118d8d704829b301

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ Frame 5454 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5454 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5454 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093726643794446&correlator=4192769576268816&eid=31074543%2C31074557&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=6&adks=3299242717&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D2.55%26hb_adid%3D613fa190804734c%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D160x600%26hb_pb_rubicon%3D2.55%26hb_adid_rubicon%3D613fa190804734c%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D2.55&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683927136214%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D0%26amznp%3D0&ppid=vnetdb2e3a66accf46ccab60e7ce75756ab1&sc=1&cdm=ye-mek.net&abxe=1&dt=1683927137515&lmt=1683927137&dlt=1683927135620&idt=854&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=2vfqjvkw6v9j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCvh_AMmA-vx7Xqk8d5h1ZjjWi0UFM3CTb6znYIAm4QOKXSihISl_zYMle7G5Mga6KGIKyVvHqrLJfAGnrESumA%2CABHeCviAHqOvuBIr-_xqaCbKAC7Wl3qq_5aL85tQI6dF8OZAjFYJ4ojXhAkCiLfS-2AuvvTgaT45_GDIdtl9snKwqQ%2CABHeCvhJlYT2mvYiFRrOlnpinnmayICmgzKPj7vrlznlnLwXmlk4bXTGSwgR229zPnSRJLZ-HDw4J6wVgFonwIlf6g&ga_vid=1524346168.1683927136&ga_sid=1683927137&ga_hid=1084965607&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e92bdd7f1df11f8e39e89ac9cfe47e4a256e0d3e8915ed6359f27c9b4b17939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10729
x-xss-protection
0
google-lineitem-id
5615616180
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339352911
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 5454 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093726643794446&correlator=3612820597745135&eid=31074543%2C31074557&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=7&adks=345722362&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D2.38%26hb_adid%3D56c9ef35ba0fa24%26hb_bidder%3Dadformpbs%26hb_format_adformpbs%3Dbanner%26hb_size_adformpbs%3D728x90%26hb_pb_adformpbs%3D2.38%26hb_adid_adformpbs%3D56c9ef35ba0fa24%26hb_bidder_adformpbs%3Dadformpbs%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.63%26hb_adid_rubicon%3D59dc794b724da61%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D2.38&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683927136214%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D0%26amznp%3D0&ppid=vnetdb2e3a66accf46ccab60e7ce75756ab1&sc=1&cdm=ye-mek.net&abxe=1&dt=1683927137520&lmt=1683927137&dlt=1683927135620&idt=854&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=rxrjoo7hbjx6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvh_AMmA-vx7Xqk8d5h1ZjjWi0UFM3CTb6znYIAm4QOKXSihISl_zYMle7G5Mga6KGIKyVvHqrLJfAGnrESumA%2CABHeCviAHqOvuBIr-_xqaCbKAC7Wl3qq_5aL85tQI6dF8OZAjFYJ4ojXhAkCiLfS-2AuvvTgaT45_GDIdtl9snKwqQ%2CABHeCvhJlYT2mvYiFRrOlnpinnmayICmgzKPj7vrlznlnLwXmlk4bXTGSwgR229zPnSRJLZ-HDw4J6wVgFonwIlf6g&ga_vid=1524346168.1683927136&ga_sid=1683927137&ga_hid=1084965607&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27ba12f0d35d6395e3ff5d7e6776c677ac49d3f64bfb95511d4810dd1b71f3aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10844
x-xss-protection
0
google-lineitem-id
5617221359
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339352911
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 5454 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093726643794446&correlator=1442915438138144&eid=31074543%2C31074557&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=8&adks=3203893797&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D2.55%26hb_adid%3D60a3fb7e7a68bda%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D160x600%26hb_pb_rubicon%3D2.55%26hb_adid_rubicon%3D60a3fb7e7a68bda%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D2.55&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683927136214%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D0%26amznp%3D0&ppid=vnetdb2e3a66accf46ccab60e7ce75756ab1&sc=1&cdm=ye-mek.net&abxe=1&dt=1683927137524&lmt=1683927137&dlt=1683927135620&idt=854&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=o41oc24zedsf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCvh_AMmA-vx7Xqk8d5h1ZjjWi0UFM3CTb6znYIAm4QOKXSihISl_zYMle7G5Mga6KGIKyVvHqrLJfAGnrESumA%2CABHeCviAHqOvuBIr-_xqaCbKAC7Wl3qq_5aL85tQI6dF8OZAjFYJ4ojXhAkCiLfS-2AuvvTgaT45_GDIdtl9snKwqQ%2CABHeCvhJlYT2mvYiFRrOlnpinnmayICmgzKPj7vrlznlnLwXmlk4bXTGSwgR229zPnSRJLZ-HDw4J6wVgFonwIlf6g&ga_vid=1524346168.1683927136&ga_sid=1683927137&ga_hid=1084965607&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c680cf4488e4a436f34c10a174ed9038be5d8e12b09baf2095933e71b0c1e53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10694
x-xss-protection
0
google-lineitem-id
5615616180
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339352911
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 5454 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093726643794446&correlator=3550422011817102&eid=31074543%2C31074557&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=9&adks=456810305&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D1.59%26hb_adid%3D572057ae66c75cb%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D1.59%26hb_adid_rubicon%3D572057ae66c75cb%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D1.59&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683927136214%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D0%26amznp%3D0&ppid=vnetdb2e3a66accf46ccab60e7ce75756ab1&sc=1&cdm=ye-mek.net&abxe=1&dt=1683927137526&lmt=1683927137&dlt=1683927135620&idt=854&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=g87wexyxgl7f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvh_AMmA-vx7Xqk8d5h1ZjjWi0UFM3CTb6znYIAm4QOKXSihISl_zYMle7G5Mga6KGIKyVvHqrLJfAGnrESumA%2CABHeCviAHqOvuBIr-_xqaCbKAC7Wl3qq_5aL85tQI6dF8OZAjFYJ4ojXhAkCiLfS-2AuvvTgaT45_GDIdtl9snKwqQ%2CABHeCvhJlYT2mvYiFRrOlnpinnmayICmgzKPj7vrlznlnLwXmlk4bXTGSwgR229zPnSRJLZ-HDw4J6wVgFonwIlf6g&ga_vid=1524346168.1683927136&ga_sid=1683927137&ga_hid=1084965607&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1714c80136358042cd6b64593726896ea3ae1f489337adb950155d114e72a2fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10766
x-xss-protection
0
google-lineitem-id
5616789736
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339352911
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 5454 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093726643794446&correlator=224757029164759&eid=31074543%2C31074557&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=10&adks=2157304621&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.63%26hb_adid%3D5821c16790f3113%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.63%26hb_adid_rubicon%3D5821c16790f3113%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D0.63&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683927136214%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D0%26amznp%3D0&ppid=vnetdb2e3a66accf46ccab60e7ce75756ab1&sc=1&cdm=ye-mek.net&abxe=1&dt=1683927137531&lmt=1683927137&dlt=1683927135620&idt=854&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=nmdurqsmgfhg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvh_AMmA-vx7Xqk8d5h1ZjjWi0UFM3CTb6znYIAm4QOKXSihISl_zYMle7G5Mga6KGIKyVvHqrLJfAGnrESumA%2CABHeCviAHqOvuBIr-_xqaCbKAC7Wl3qq_5aL85tQI6dF8OZAjFYJ4ojXhAkCiLfS-2AuvvTgaT45_GDIdtl9snKwqQ%2CABHeCvhJlYT2mvYiFRrOlnpinnmayICmgzKPj7vrlznlnLwXmlk4bXTGSwgR229zPnSRJLZ-HDw4J6wVgFonwIlf6g&ga_vid=1524346168.1683927136&ga_sid=1683927137&ga_hid=1084965607&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
337194a31426946824f6404cdc5729c4a81e0da32fe7086329243592074a10ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10832
x-xss-protection
0
google-lineitem-id
5616784702
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339352911
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 914A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com&bust=31074562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 914A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com&bust=31074562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2BEB 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407253290&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137263&bpp=3&bdt=119&idt=287&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&nras=1&correlator=2767395566042&frm=8&ife=1&pv=2&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.fdwhqcjc86c1&fsb=1&dtd=302
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com&bust=31074562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 163B 		28 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com&bust=31074562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
adbdcb6833ef9afddb1d2c03243acadf048a911782b0ccc8787b4723e0db16ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
13126
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 96A5 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lhl2qmwt&c=2042079243000&slotId=1021039621500&qqid=CKuI17bd8P4CFQzAuwgdQCgOnQ&fb=outstream-lima&vast_v=3.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=15x19&vmfc=1&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230510_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4003:c02::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 96A5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 06 May 2024 21:32:17 GMT
csi
csi.gstatic.com/ Frame 96A5 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lhl2qn28&c=2042079243000&slotId=1021039621500&qqid=CKuI17bd8P4CFQzAuwgdQCgOnQ&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=1000&mt=video%2Fmp4&vs=720x406&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4&hvmf=false&vms=1&bit=0&umsem=0&ape=1&met.4=videopreviewvisible.qf
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230510_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4003:c02::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
XassetrGVaWW53.png
ads.w55c.net/t/d/ Frame FE40 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.w55c.net/t/d/XassetrGVaWW53.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=RjRBOTc3NTYyNkJERTA4NjBBNDE5QzI5NjgxNDBDQjJ8R0ZYeWpKOEFQTXwxNjgzOTI3MTM3NDIyfDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDkxMzY4NTU1Nl9FWHwzNjUxMHx8fHwuMFB8VVNE&ei=GOOGLE_CONTENTNETWORK&ac=WFMwUE56aXZTMTpYU2YwU29uZW43fDB8MHxFVVI7&js=0&ob=0&ccw=SUFCOCMwLjc4Mjk1NDM0fElBQjgtOCMwLjU3OTYxNDJ8SUFCOC03IzAuMTQ4NDA2MDk&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fye-mek.net&ts=1683927137425&c=DE&r=G-HE&epid=R0N5ZS1tZWsubmV0&mi=d2Vi&wp_exchange=NWP
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:fe00:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96e22a33f827f042ac4b239c21f468a17c87545df3f6b90e100d3a91b253a1e7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
77muH8mujF9NEC9ipS.55iMMWqUaEtvK
date
Fri, 12 May 2023 07:10:01 GMT
via
1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
strict-transport-security
max-age=2592000; includeSubDomains
x-amz-cf-pop
FRA56-P7
age
51737
x-amz-server-side-encryption
AES256
x-amz-meta-width
728
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-filesize
44534
x-amz-meta-height
90
content-length
44534
last-modified
Wed, 03 May 2023 17:26:36 GMT
server
AmazonS3
etag
"ccf751b21647e448aa5dadd8c05f5ac6"
vary
Accept-Encoding
content-type
image/png
cache-control
must-revalidate
accept-ranges
bytes
x-amz-cf-id
JXyIPyg1Pjcuwjsjud9uEObxYhyYBoh1WpR7XY4uqdqQOq77ujiL-Q==
pixel.php
t.hspvst.com/ Frame FE40 		95 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.hspvst.com/pixel.php?id=2677&t=P&cb=2317335511994377
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.58.197.185 , Philippines, ASN174 (COGENT-174, US),
Reverse DNS
staticip-hv4m185.hispavista.com
Software
Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:16 GMT
Server
Apache
X-Powered-By
PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding
chunked
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
image/png
Cache-Control
max-age=315360000
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=3, max=1000
Expires
Mon, 09 May 2033 21:32:16 GMT
creative_add_on.js
cti.w55c.net/ct/ Frame FE40 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE_CONTENTNETWORK&ob=0&ai=0DaDXCcU00&epid=R0N5ZS1tZWsubmV0&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRzobPsLhV&btid=RjRBOTc3NTYyNkJERTA4NjBBNDE5QzI5NjgxNDBDQjJ8R0ZYeWpKOEFQTXwxNjgzOTI3MTM3NDIyfDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDkxMzY4NTU1Nl9FWHwzNjUxMHx8fHwuMFB8VVNE&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEIB8yJmw0m4m3K8mfRgbROE&spidu=GOOGLE_CONTENTNETWORK&pidu=ye-mek.net&hmpvu=fcccac35-f187-44e5-b531-4f97a2630e94&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.53 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7B) /
Resource Hash
6a88e0d82ba2998038cc86adc47bfb48d21e6114e18d97f0ecd05f5df519a95f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000; includeSubDomains
last-modified
Wed, 23 Feb 2022 16:57:18 GMT
server
ECS (amb/6B7B)
age
189132
etag
"3321997696"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
no-cache, must-revalidate
accept-ranges
bytes
content-length
2391
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame FE40 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 20:10:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
4909
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 20:10:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame FE40 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
12496
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:01 GMT
l
www.google.com/ads/measurement/ Frame FE40 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCg7ar7UACmC0Gq_OzGRO3ua52deZwlkAyPxpNBSLPIt6tR0E3brEuiCmwouvFAeuAGKEzK-339l5f-7ryhn-8J4vl4g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FE40 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:17 GMT
613ae61b24cb45b8b3c3af3cb9e42cfc_20s-20millionen-20--20nur-20fu-cc-88r-20kampagnen.mp4
static.criteo.net/design/dt/37056/220314/ Frame 96A5 		47 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/37056/220314/613ae61b24cb45b8b3c3af3cb9e42cfc_20s-20millionen-20--20nur-20fu-cc-88r-20kampagnen.mp4
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 14 Mar 2022 11:04:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"622f212d-c1f04"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-794371/794372
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
794372
expires
Mon, 06 May 2024 21:32:17 GMT
csi
csi.gstatic.com/ Frame 96A5 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lhl2qn2t&c=2042079243000&slotId=1021039621500&qqid=CKuI17bd8P4CFQzAuwgdQCgOnQ&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=1000&mt=video%2Fmp4&vs=720x406&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fads.eu.criteo.com%252Fdelivery%252Fr%252F0.1%252Fvast.php%253Fz%253DZF6wYQABqesIu8AMAA4oQPn07-ShMK47NhXmVg%2526u%253D%25257CJmOw2P%25252BpvWV2xe4sSG%25252BoW9vEe5tsATvZRU6rJa1MTG8%25253D%25257C%2526c1%253D0n2XosTo5clc2Y5hvSIf5jSfwMInGQwVgkAr581akMSiH_fr7BMm_BzTo8qWaUW82kg8KaPIh8jYEyIPyzacRNRojsRKGMNEhZT4jrQq4-myvSt3BO-Nz6KjAko-qQwvuoWpBxN9uXfpIFRYuZhCsLT1RwfxL_qSx0IhC6iPnj4g4yiL5-OvygYxlzm49Fg7hl-peb8mBxLW0qgfdBiTXgHQkALIe3Ri0gA9haRdwzRyVUljAsVud77oHSWSyFYahRl_tgEWnX3TrltbkWAhKAsLEiWQc69kx649MYJ-XgF9WXrZFwbSuDpkDawm-72uAQ2RnzAzTtRMBZy-m8JpSym3kZiYov5YKziB7oItItLK6ldXiucUp_WfJbeNb--vaQNrzCl0WvZ-eWwXSiRiF2VJsWfRWJB8WNFwmdO__MKecA_-exbpCWgVzvIDc8bVd5cCys2HLG6h5ZfhFvDowbtlBHMbpNYPwNENXYFex7tpXG5UhF0X4fWo8gYA8RIGd3IcwEKd7gHLF9hWsaduKCEMXfD2rEpJjIaeFX5SjQyafdzHXZ58h9qhLzVLIAWJiq3V6iRxdiZaSJyNdshg_bvqH3wC534aXpjw2H_ynJs%2526ct0%253Dhttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Faclk%25253Fsa%25253DL%252526ai%25253DC6wI_YbBeZOvTBoyA7_UPwNC46AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQWpArhJv7UzZ7I-4AIAqAMByAMCqgSbAk_Qv4axTZBa8emo07SJYb27BExgLx85EjNZBYnqd96N_5NR5mJALqXveGDQ6sBR3P8p-oy-4KD3qj8Y8-HZ7N2LmURlSgL3A9UmVhCQhKoab2cihYYLI0ooN8nQrJPlxbpKqF7VJrcRnXFU9TsHgKVe1u-n8u_Y85k7WneHlXrziOfI63bVoihdox7kCZ554ZICWRtMyNiGaVELZvjBTXPdCbKbOPsSi8oIFAW4_4Aj_sj4lbgFr-D29mS8dPOwOib5F2bl6Pr8FgiODTEK3K06Z7OLihwyjclcb9wG8EYhd8RKGHgETdHmAcBwLn7Mfg2Ab4JSeGTBfWMZb119yc-gkdTQBx6epKaZEaN8YFzcUg0536YB-hAtxUDgBAGABoTOlvna197NB6AGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3pPTCRGx6cf6ql-9cdAmbqVzSSkA%252526client%25253Dca-pub-7983651257838282%252526adurl%25253D&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230510_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4003:c02::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame FE40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CU60iYbBeZKWtEfmItOUPiqWIoA26iLSPXJzX7u6pCMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqAMBqgTSAU_QTWnR_RCa0BnqRoBYzlCXc9Qx9ktzWopTcmnL872PgmMh1arKf016CAp3hdYhZY4kFxFVDAk9ylAyhwCtWpDLAyEhil_HL8lM6gKhlbIX3hexduZumVoSE3_gXc1lqddmdtU3rjg-x9nqh2cYSGNLYqg6BsuZigcGnM_d6V3gZuViQCuxCMUdT96481axymv2pnF0QN4XhOVj5UeYb7JJoH0KYJxEx8vds-t7kj6hZOA7laK_GEMGKGh_hGHpkYlXxiI7aUbcvpFem-kAZZjwIYAG0cmll-ullpXrAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjU5MzUyMzIxMDAxMDE1NBgA&sigh=7kcvJnFvnKw&uach_m=[UACH]&cid=CAQSKQBygQiDvC18Yu4NL4e4STQWxBURS5_FaJ2z66jQ6Ok5Gwn5gOiuHZLvGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
a.gif
i.w55c.net/ Frame FE40 		42 B
582 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=RjRBOTc3NTYyNkJERTA4NjBBNDE5QzI5NjgxNDBDQjJ8R0ZYeWpKOEFQTXwxNjgzOTI3MTM3NDIyfDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDkxMzY4NTU1Nl9FWHwzNjUxMHx8fHwuMFB8VVNE&ei=GOOGLE_CONTENTNETWORK&wp_exchange=ZF6wYQAEVqUGrQR5AAISivkfUQqH6xVwNg0xsA&ac=WFMwUE56aXZTMTpYU2YwU29uZW43fDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCOCMwLjc4Mjk1NDM0fElBQjgtOCMwLjU3OTYxNDJ8SUFCOC03IzAuMTQ4NDA2MDk&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=ye-mek.net&s=https%3A%2F%2Fye-mek.net&ts=1683927137425&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-HE&rnd=2317335511994377&epid=R0N5ZS1tZWsubmV0&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1jYU9UR0ZnRw&l=dHJ8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=2&euid=Q0FFU0VJQjh5Sm13MG00bTNLOG1mUmdiUk9F&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=Dkx7rj7dRrfwWBOxOpmHYw&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEIB8yJmw0m4m3K8mfRgbROE&spidu=GOOGLE_CONTENTNETWORK&pidu=ye-mek.net&hmpvu=fcccac35-f187-44e5-b531-4f97a2630e94&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.145.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-145-116.eu-central-1.compute.amazonaws.com
Software
PixelTracking/v2.0.30-777-g304ac51#rel-ec2-master i-085c90e762a864cb4@eu-central-1a@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 21:32:17 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PixelTracking/v2.0.30-777-g304ac51#rel-ec2-master i-085c90e762a864cb4@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
613ae61b24cb45b8b3c3af3cb9e42cfc_20s-20millionen-20--20nur-20fu-cc-88r-20kampagnen.mp4
static.criteo.net/design/dt/37056/220314/ Frame 96A5 		40 KB
40 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/37056/220314/613ae61b24cb45b8b3c3af3cb9e42cfc_20s-20millionen-20--20nur-20fu-cc-88r-20kampagnen.mp4
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
37021096af63c545493abb4b12a7f1dd605299af2066e52a4a78c1f1d2261a0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=753664-

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 14 Mar 2022 11:04:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"622f212d-c1f04"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 753664-794371/794372
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
40708
expires
Mon, 06 May 2024 21:32:17 GMT
613ae61b24cb45b8b3c3af3cb9e42cfc_20s-20millionen-20--20nur-20fu-cc-88r-20kampagnen.mp4
static.criteo.net/design/dt/37056/220314/ Frame 96A5 		744 KB
745 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/37056/220314/613ae61b24cb45b8b3c3af3cb9e42cfc_20s-20millionen-20--20nur-20fu-cc-88r-20kampagnen.mp4
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f0271b293b9164564f695b1c4f49061b4a147adef9f300e76aa419f93b9c82f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=32768-

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 14 Mar 2022 11:04:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"622f212d-c1f04"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 32768-794371/794372
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
761604
expires
Mon, 06 May 2024 21:32:17 GMT
analytics.js
s.h.w55c.net/2/948461/ Frame FE40 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE_CONTENTNETWORK&pp=ye-mek.net&ti=&pv=fcccac35-f187-44e5-b531-4f97a2630e94&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE_CONTENTNETWORK&ob=0&ai=0DaDXCcU00&epid=R0N5ZS1tZWsubmV0&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRzobPsLhV&btid=RjRBOTc3NTYyNkJERTA4NjBBNDE5QzI5NjgxNDBDQjJ8R0ZYeWpKOEFQTXwxNjgzOTI3MTM3NDIyfDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDkxMzY4NTU1Nl9FWHwzNjUxMHx8fHwuMFB8VVNE&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEIB8yJmw0m4m3K8mfRgbROE&spidu=GOOGLE_CONTENTNETWORK&pidu=ye-mek.net&hmpvu=fcccac35-f187-44e5-b531-4f97a2630e94&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
783bd0388c09ad3e51dfca406cd42bb187386610b5cfad4780d317f50fc9beeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 21:32:17 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
2892
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 09F2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 07:18:46 GMT
etag
48472445140208031
expires
Sat, 13 May 2023 07:18:46 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FE40 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2dae277ef2883a33f9ef4a86f97076e910c4ed3c3dc68afd4a3be18bccc20bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
vt.php
cat.fr3.eu.criteo.com/delivery/ Frame 96A5 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/vt.php?cppv=3&cpp=1E7QqhGbRLqW9KJafL72nS0ZDW57NvYo-D6JHVWNBcxyu6WwS7SzOVtpVbA-5w_YM1_P3m0_x9VySNMWMxXdHd1fPQrM9g-RSS6-uCRbqI8jJ57PrfhurLbcK-fjO82Y6cAsdUJvQmRW7oyuPWNrkxnReQ7AO1CHvs2kx0AZ8fm9q1i4L36JaVooFFQ0qUvn9NFWroWqzfEz3uExqYPBgD7w92Eyy3eAUlGzrptEYT4wWl--gsJhYgUb73M&err=[ERRORCODE]
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
120155
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 96A5 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C6wI_YbBeZOvTBoyA7_UPwNC46AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQWpArhJv7UzZ7I-4AIAqAMByAMCqgSbAk_Qv4axTZBa8emo07SJYb27BExgLx85EjNZBYnqd96N_5NR5mJALqXveGDQ6sBR3P8p-oy-4KD3qj8Y8-HZ7N2LmURlSgL3A9UmVhCQhKoab2cihYYLI0ooN8nQrJPlxbpKqF7VJrcRnXFU9TsHgKVe1u-n8u_Y85k7WneHlXrziOfI63bVoihdox7kCZ554ZICWRtMyNiGaVELZvjBTXPdCbKbOPsSi8oIFAW4_4Aj_sj4lbgFr-D29mS8dPOwOib5F2bl6Pr8FgiODTEK3K06Z7OLihwyjclcb9wG8EYhd8RKGHgETdHmAcBwLn7Mfg2Ab4JSeGTBfWMZb119yc-gkdTQBx6epKaZEaN8YFzcUg0536YB-hAtxUDgBAGABoTOlvna197NB6AGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ&sigh=MW6G1-kkEGk&label=part2viewed&ad_mt=12&acvw=sv%3D951%26v%3D20230510%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20000%26vmtime%3D11%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D516314257%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A1,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1683927137774
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 96A5 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=jgzuZAzC-fYmNQ8YwfljUEq68D-iSgRwPgmAagzNIukX2m1XDMkzSdYL_nf8U-Qsam2Bv5l_pJHGDB52PxhA7PWqGA0PpegqZrPYyMXVYEp5toIEgRBjPT6NEjccvJNoVM7k5ifk2DPPbtKi_pOKlGmXKNILDLKH3uZvQb_HNGjlScvlU8N-hvjSGSru2HpF89NnHydEwYdB_3De1uB-RN9FMzdlj6gYxaiKfLBlsUUhQdfRYzRdlcOl7xmymWK29yKn6T5zxmz1UE1qUt1bB772RbYkbc5k3st930q1EGJdr5oikJoKG8pQqNFtpU1fjTpbOfrQU9gS-uNAFLgMxImrJFQWPw_nA8zCQ9E0Jgy-1HiLSXtbk6E8vAp3uckpGhJ31nEin1Qc80JcW5EhSi8aF3F-sUfh00bh_wYNQrK8Jyrw5xHb-iRwmfqFXBUczKhkvA
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1720220
expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 96A5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C90t0YbBeZOvTBoyA7_UPwNC46AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQWpArhJv7UzZ7I-4AIAqAMByAMCqgSYAk_Qv4axTZBa8emo07SJYb27BExgLx85EjNZBYnqd96N_5NR5mJALqXveGDQ6sBR3P8p-oy-4KD3qj8Y8-HZ7N2LmURlSgL3A9UmVhCQhKoab2cihYYLI0ooN8nQrJPlxbpKqF7VJrcRnXFU9TsHgKVe1u-n8u_Y85k7WneHlXrziOfI63bVoihdox7kCZ554ZICWRtMyNiGaVELZvjBTXPdCbKbOPsSi8oIFAW4_4Aj_sj4lbgFr-D29mS8dPOwOib5F2bl6Pr8FgiODTEK3K06Z7OLihwyjclcb9wG8EYhd8RKGHgETdHmAcBwLn7Mfg2ALYBz6uNO4XCm80neGfIGad3EDaiUir4bpWtBxq5jTCEhWgyF6a_gBAGABoTOlvna197NB6AGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzk4MzY1MTI1NzgzODI4MhjqwW0&sigh=IDjONXnHEi8&uach_m=[UACH]&cid=CAQSbQBygQiDI8JqHyNozjNJbQRveGWXtitFK2jFOjsDqzs8egL00x-xrz6AsogvFl124CXEsexjUUrYV52tWmfb8gAQu1IL7gMO6l4iG7rjWwqgUFQbPXzBTNmRokNlcE7FTV_ibxTaH5FvH7hOq8MYAQ
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
google-vast-measurability
csm.eu.criteo.net/ Frame 96A5 		43 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csm.eu.criteo.net/google-vast-measurability?cppv=3&cpp=HoDPtNyxVrEO2vWVV5nRPrL2-FmAN6s2_9NaAOaQMt_Ulgi0jaenM8myNDUnDCoK2MUNUF0UvHDeH5b5nV6E_2vILmsvUyDH5gob21q54dkqc07ex9Cp1_2OiAWvg7msLQXbIuiBVofI2PAlAh1J4utx-2a-QepnYTaW3K6HLkrNsnC6R_xW8yGGvi_P7LefvgwBy3phD548onzd7mYxpmBwctsTkO-JkOKcGk1i9pmsNOZfTuj00nxLe7A
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 96A5 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviJgjiEFLkrW01oH5QK6d6Q-UiXPHB7Y43u7ASef0gxhffN1vYHJFNtsj_Q05bjRDebuJawr_Nnw4gyxTMoHyVj7k&sig=Cg0ArKJSzFftK9NLoNhtEAE&id=lidarv&acvw=sv%3D951%26v%3D20230510%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20000%26vmtime%3D11%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D516314257%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A1,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1683927137774&avm=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 96A5 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C6wI_YbBeZOvTBoyA7_UPwNC46AnJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQWpArhJv7UzZ7I-4AIAqAMByAMCqgSbAk_Qv4axTZBa8emo07SJYb27BExgLx85EjNZBYnqd96N_5NR5mJALqXveGDQ6sBR3P8p-oy-4KD3qj8Y8-HZ7N2LmURlSgL3A9UmVhCQhKoab2cihYYLI0ooN8nQrJPlxbpKqF7VJrcRnXFU9TsHgKVe1u-n8u_Y85k7WneHlXrziOfI63bVoihdox7kCZ554ZICWRtMyNiGaVELZvjBTXPdCbKbOPsSi8oIFAW4_4Aj_sj4lbgFr-D29mS8dPOwOib5F2bl6Pr8FgiODTEK3K06Z7OLihwyjclcb9wG8EYhd8RKGHgETdHmAcBwLn7Mfg2Ab4JSeGTBfWMZb119yc-gkdTQBx6epKaZEaN8YFzcUg0536YB-hAtxUDgBAGABoTOlvna197NB6AGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ&sigh=MW6G1-kkEGk&label=vast_creativeview&ad_mt=12&acvw=sv%3D951%26v%3D20230510%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20000%26vmtime%3D11%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D516314257%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A1,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1683927137774
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 96A5 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lhl2qn39&c=2042079243000&slotId=1021039621500&qqid=CKuI17bd8P4CFQzAuwgdQCgOnQ&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=1000&mt=video%2Fmp4&vs=720x406&dm=20000&event_name=first_play&asset_bytes=149927&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=6&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.uy~videopreviewstarted.uz
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230510_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4003:c02::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3AA3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvqmwi3TmT6_Sp5Bs4H2ec13S4behmMCJaQkFe9aRc16ZU4UKpWb08PbxcNpk3bKFu8hcIKNUFJqCDX5pl3CC-uD3xyU1vMeC9hOW6Wnou48Ngyu2R3s6HR_xjmBLaK3A2_l8dJQdhAQmUibZ1pyYqvUh01KMY4Nufrg7201X7CHeVmXRGCsTNiGV6yOZ683T6RLceFjZJOqZeMJBY-sE3T9ZiVDZ2Z3iIn3te790aDSkWGKadhc1WyOqCRFGdICzsdCOIDR7T5EJL7CmtZOOdq7jkQDO9AAWKd9Zcvl8f6RVTGRdCddTtdMS7Ws2znGK65lvnkFwPGvvBYtc&sai=AMfl-YRKSRx_Gvs3Jrn9d6TAOp85mrKFLPBI6pc3R68fwWIB7KgAriJ6QX9_6guWAURojWRvqux6PedrwIKWiYs_XgVDLrRpLTGjW-co2GxBW7LBu_5Vks2BFqZVGP8Agg&sig=Cg0ArKJSzFcGy_Pc_fBhEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 3AA3 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
age
30643
x-jsd-version
1.15.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26200
x-served-by
cache-fra-eddf8230139-FRA
x-jsd-version-type
version
etag
W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3AA3 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:17 GMT
pixel
cm.g.doubleclick.net/ Frame 09F2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFGXgRFKVozaZu3vUVTvh1A&google_cver=1&google_push=ATf1kGP_YLGwZNnN_IaKXqDAzrwuP00MHQltXySuCta-ZPA3-MS1SqIKA8S9hnjRRGbJQ0Hl7jKyo-KsievhbL1d...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGP_YLGwZNnN_IaKXqDAzrwuP00MHQltXySuCta-ZPA3-MS1SqIKA8S9hnjRRGbJQ0Hl7jKyo-KsievhbL1d9utVe_ReE8ja3I-Xl-PwCWl0iwLqYi...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGP_YLGwZNnN_IaKXqDAzrwuP00MHQltXySuCta-ZPA3-MS1SqIKA8S9hnjRRGbJQ0Hl7jKyo-KsievhbL1d9utVe_ReE8ja3I-Xl-PwCWl0iwLqYiz8KWi-L0CiPE8JHvy3GypihNDWz5HI_JBqXeQ3qk4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 12 May 2023 21:32:17 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x24 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGP_YLGwZNnN_IaKXqDAzrwuP00MHQltXySuCta-ZPA3-MS1SqIKA8S9hnjRRGbJQ0Hl7jKyo-KsievhbL1d9utVe_ReE8ja3I-Xl-PwCWl0iwLqYiz8KWi-L0CiPE8JHvy3GypihNDWz5HI_JBqXeQ3qk4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 May 2023 21:32:16 GMT
pixel
cm.g.doubleclick.net/ Frame 09F2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPEAQNtuV9V8IIM7zVXHZMg&google_push=ATf1kGM_BVaUH8_X_L6wqRdjwAFg2cOEjnz1LAHv0fiHOiKFKMEl6JdhSi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPEAQNtuV9V8IIM7zVXHZMg&google_push=ATf1kGM_BVaUH8_X_L6wqRdjwAFg2cOEjnz1LAHv0fiHOiKFKMEl6JdhSixtuXnJuUbFif6OyrGfmrTU6rkKvHyS33baxOIxl42EV1YB_9p-slE_x9tdyWNcZn7Lf0nz8QzIPUZZ7QX9DgzLJbeFND_Mp2UUDU8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230120-FRA
pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1683927138.886164,VS0,VE95
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPEAQNtuV9V8IIM7zVXHZMg&google_push=ATf1kGM_BVaUH8_X_L6wqRdjwAFg2cOEjnz1LAHv0fiHOiKFKMEl6JdhSixtuXnJuUbFif6OyrGfmrTU6rkKvHyS33baxOIxl42EV1YB_9p-slE_x9tdyWNcZn7Lf0nz8QzIPUZZ7QX9DgzLJbeFND_Mp2UUDU8
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame 09F2 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPyzktuo6JqWB-J2p1VISwA&google_cver=1&google_push=ATf1kGPvyyMfvdVVhRSFZXG71oRJzOZ3YnP5wuPDWVwujbCnBhtI6P_58ejYO7BOCjP4rDbuTm_tSdjq2ajx7GGk_jkvzDOckpe2YDkqlURmQxpCmCNmqQQ-Hnhgj68RSDE_PxA_NGPlmOfyErja8MdKgOSYZA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 09F2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHRLSXLnYSRkiegBQTm2l2c&google_cver=1&google_push=ATf1kGPAzpzBIu4Ba7ZsrofKa7bpwn2KbdmkU6JfSWe_dOIBMAGFwoPPUBhERmobYWy23OSBtDU1oSp0REaJAYszqRcu...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHRLSXLnYSRkiegBQTm2l2c&google_cver=1&google_push=ATf1kGPAzpzBIu4Ba7ZsrofKa7bpwn2KbdmkU6JfSWe_dOIBMAGFwoPPUBhERmobYWy23OSBtDU1oSp0REaJAY...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPAzpzBIu4Ba7ZsrofKa7bpwn2KbdmkU6JfSWe_dOIBMAGFwoPPUBhERmobYWy23OSBtDU1oSp0REaJAYszqRcuGCvnDc2L8YpfHYY0FovDB2zYntAC67IBWYV4Sx0K_a...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPAzpzBIu4Ba7ZsrofKa7bpwn2KbdmkU6JfSWe_dOIBMAGFwoPPUBhERmobYWy23OSBtDU1oSp0REaJAYszqRcuGCvnDc2L8YpfHYY0FovDB2zYntAC67IBWYV4Sx0K_a3y5ujDCDOQDyop9aCb1afcsGk&google_hm=ZrzQ3BZwSFCnZ-MFSRR72A==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPAzpzBIu4Ba7ZsrofKa7bpwn2KbdmkU6JfSWe_dOIBMAGFwoPPUBhERmobYWy23OSBtDU1oSp0REaJAYszqRcuGCvnDc2L8YpfHYY0FovDB2zYntAC67IBWYV4Sx0K_a3y5ujDCDOQDyop9aCb1afcsGk&google_hm=ZrzQ3BZwSFCnZ-MFSRR72A==
date
Fri, 12 May 2023 21:32:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 09F2 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESELL9oOXkEooSqxqmIhUTxQA&google_cver=1&google_push=ATf1kGPcuoLGxD1xbPLUXwN0eneyXJp_NAdccvIWj82e30gMMUiCEbxbCrrOvSSxjr0m8K4DFhjO-2Ppgjj73PYFxa7ebwncYtlZKR_yav_6ja6dzkFH05XH_TGdOqkp21wlPJNnlnEUzb4KOP-4Sg0Dizuv7jY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
257722
expires
Fri, 12 May 2023 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 09F2 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEMNEfdQxMJYljwQ3LLntJCA&google_cver=1&google_push=ATf1kGNXj5TUEg6HToC6rH56vNybn5FLrvXmMbqJ4jTsSseUohhyEvWQNF_jf_3Icwyw_4fhAncV72HWjZnH17WoETpcs0qILh2RxSDp-eX1pqErJVngGZoFpM9kiatWZzxOAuZLi2NWOYB2evnwcAINcZSdZLs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
v9v843g4p1m96iht5br4p5f2pgap9fu5
pixel
cm.g.doubleclick.net/ Frame 09F2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGKYplBAxaXrr9uG9-QdTOM&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGKYplBAxaXrr9uG9-QdTOM&google_push=AT...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGKYplBAxaXrr9uG9-QdTOM&google_hm=ZF6wYaGuBs5V-gJa9n5H7QAADP0AAAAB&google_nid=index&google_push=ATf1kGPjBYsHor0DSW2BvdGbAhhgf9Un8gr8F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGKYplBAxaXrr9uG9-QdTOM&google_hm=ZF6wYaGuBs5V-gJa9n5H7QAADP0AAAAB&google_nid=index&google_push=ATf1kGPjBYsHor0DSW2BvdGbAhhgf9Un8gr8FnUlg5u5mE25zBrL7ta2dasiPRFTpy3fTAXiWhcpPoup681lA7ZxmZYyyAVqi0ocWXxkpsOxGJa2M4THjfLvYze8MMLXAQPsMdGlNQ97P12QxfgO9bScb2pGo9g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 May 2023 21:32:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGKYplBAxaXrr9uG9-QdTOM&google_hm=ZF6wYaGuBs5V-gJa9n5H7QAADP0AAAAB&google_nid=index&google_push=ATf1kGPjBYsHor0DSW2BvdGbAhhgf9Un8gr8FnUlg5u5mE25zBrL7ta2dasiPRFTpy3fTAXiWhcpPoup681lA7ZxmZYyyAVqi0ocWXxkpsOxGJa2M4THjfLvYze8MMLXAQPsMdGlNQ97P12QxfgO9bScb2pGo9g
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 09F2 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jw8Pfx6bpqDfnTZSBvXfe3X61bA-eQNBmwjigztrGQ0Bn4X6sJvkcEM9kVP3e8yaXs_Buk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137010&bpp=3&bdt=132&idt=174&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2394414274008&frm=8&ife=1&pv=1&ga_vid=1016138835.1683927137&ga_sid=1683927137&ga_hid=888017223&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2296659911&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759837%2C44759927%2C44759876%2C31071755%2C31074511%2C44782467%2C44788441%2C44792088&oid=2&pvsid=4087476141590835&tmod=861656551&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n278sy5zxxk&fsb=1&dtd=178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame 32FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBvvnw3uFJeOX_XSxHcTLsfosHQWyQwHboZYLmpsMUJAf-yeAZvu2Pkg7DYKn-55o5mX_pp1AG6AZEx0FfZ4Zp656dsjeXvXpxqyY_sen2vWgN7VcTAZxof1nLPQKvjMW2TWSBnXbp5H7ZR2l7HjWI2OI4zpfnPI5OXi7dmy4kvhQ9ak6nACqeHoZ0xb6NtHa3XPfrt8Vq9x-958wa8vxgMgtSl6I_9mD5mAsaiai-q_a59dY9bqb5Se_R9bvWNIZpdIKK-y3ROZza96tD0uVK2QmEQLmDEBm0FG5YJVnNXkjheq4ccy7pk9HYGmqI_bNTsv_kz3mS_uHDaQCbOI9YpxyBPLwYZ_Nx0dJS5hI&sai=AMfl-YTw5s3KafIh2Z0ERgZ_26oSf0luoeSmT-lNrQBsra29OjJKT12m94EGZ0TKDVK7S40au-IQ4LxUB8UytEURSPYeGGyxhO2vqXPHAIevrv7QLl-TYzPN2ElmqpCsqA&sig=Cg0ArKJSzB7qB9yy5k3EEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 32FE 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
age
30643
x-jsd-version
1.15.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26200
x-served-by
cache-fra-eddf8230139-FRA
x-jsd-version-type
version
etag
W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 32FE 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AF91 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvizUDZnEMbBbkYdFPAsmYPSyvCPzb2Ay7nVqD3Uf8Rm2tGl5bWHAbY3aZbLd3QNnKBXs-BkC_Lwe-SMuF4n3Tqto3ZkzvBXbfpQgl2caAEkVXV7nRQlIkt0K1ZbOz-wnABDXtS2qqy7h97VlLycFpafy_GVTWvPj-5L_kKsuBk2IIWHi_WWAaJa41Dr20iphbBDyE0Pd-SLwtmJ9NaiEjkr8WV51cO-nebUBYBVkmqd34mB8ZTB8YEFK-2bu5y28OjtFvWZheJD4xbfNw9LGnOGP9NcIFlHFxzdAGpPGUP0Shi_d87EmKrUg3iI7JXxgtp4yQYVWU8OMHabs8j7A8mvKQfvn5zt_ECV9Hn&sai=AMfl-YRv5kFcZr1LoRaCSQME6lOcCPowyJcJAHCpnkkdGDO8_OeH5BGgKf0FgyBrZls3eiwGMJ5bolRAiFtUFKAFW3M6FWGM8ioD2ragcMtnHmQE9qDr9_69n9fnrAdaSQ&sig=Cg0ArKJSzNs6Lw9AmHHdEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame AF91 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
age
30642
x-jsd-version
1.15.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26200
x-served-by
cache-fra-eddf8230117-FRA
x-jsd-version-type
version
etag
W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AF91 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DB4E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLbSuoIv1KYJFElroLsiP42hI07kaGjomc4yQFbKPJIZ8F-YTzKWFKrnWgXkN1eEg3rmR1Jd5oS8gnNldRoSsdK5cXB8Fm-E19BN-idz8x6grEmEhidPtaHLxaE0yAdqJ_KGH-vwFXqE56rK5o3YjCJ4Zu4bUBh6WX6f-ke46C13BlyKp-xk32XjkPKQZVrrhwMCBt9UodtnOyYilhgKF958iL_m56zTndlUqr_CMrbN0fruW5CY9y35GIvGp_2coKPcHddW0KJNdI3ElnGPNqCGfjZXT5YfLTRL_RXMJuLYd5mCK5Fa7gxujd_XEtyNHJtdRIfQUwINBExFeMOdl17j-U-lqre1-vXE291k_vd2kRBXc&sai=AMfl-YRmIC-8Gii9-YNqmUrH4d_YTe0pqIdBn8w8jcx4u4Bpokot1GrL1pbksDNnBPY2Bxd_pP5_Sfq1PT3GtsriDLZbA5tq4n0MZpU_ITd3TDzMh0nHuPCciMWhF9u4lw&sig=Cg0ArKJSzBBJFSmI-VHMEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame DB4E 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
age
30642
x-jsd-version
1.15.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26200
x-served-by
cache-fra-eddf8230117-FRA
x-jsd-version-type
version
etag
W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DB4E 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9F57 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXZ_mwIC-RsfKa19yJi76Ad64Ntyq7FdrKNCoKH_1-yCd5p51A2huNniWIvNX8FtH48l6fofBt_nOY6ljqpMy25lGNAWqoDI7lGE8ObYERXOUmXVaaSwLZpo8XX0o7EkYTbjwyTofE1lPx2Yal0l7YPkE3RTu1N77-yERce-JvC7Z1XCTzRZWXddIfA2fSqdSNXa5fzh8wzrZX1BoF7fblWT1P_oeg0VDaU8I5EwrP6uRD817REuXtuToI9Z9uf9LGn23RAnqt4WaLTlNXKaixp_AAd0VauOhUFTLZt7anBApaBp9FDVBTktKnOfzVAojZmZ4PNGjRlm8tMVV7&sai=AMfl-YRX2SIUsXHTm4H_oPdS34Ef_gsVCXRMzfDRNvpoH9clSoWtD-2dk9PGcYWC3MSHplNMRosESWuBeQxDtNVWrDvGg_xuKpyHD7I-6VJN4ChPvycdxKiS0Dou-pHqDw&sig=Cg0ArKJSzB0Mp2ep21KvEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 9F57 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
age
30642
x-jsd-version
1.15.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26200
x-served-by
cache-fra-eddf8230117-FRA
x-jsd-version-type
version
etag
W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9F57 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:17 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8679 		261 B
125 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARi8r7LlATAB&v=APEucNX5HGs5vaGn6LrAvBeVAsZZpLAibU3ZSYkTZiTkNj5zHBNemtRDxp0XVm5_KXmk9orqqY3aZNMNauyUIYke1M2hXrNcYWH3IDuN72DnSoeyV92SDEV4PAnEbZZJ68VlLS1ZfeBRL1Coo4MUvvKtF3iNgR5KxDbXf_jQA9nnBN6_1lc9rnY
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:17 GMT
expires
Fri, 12 May 2023 21:32:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3AA3 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AA3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BoEqsBFXEz2okDaKY4-PBX8w2Sh9Fd4gf62DJosc39UxROZX64eZlpchUdLclXPLLRFDrW_iBT13bb0at3OC6vYzUkE8WPTj2g2CwWvJ5OXo_QT9w
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AA3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9347737207684750986&x=8&ct=76
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
016de9d6-073a-49b6-afa1-ea765851e29d
beacon-ams3.rubiconproject.com/beacon/d/ Frame 3AA3 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/016de9d6-073a-49b6-afa1-ea765851e29d?oo=0&accountId=13760&siteId=333016&zoneId=1746580&sizeId=9&e=6A1E40E384DA563B6B42478EC88A8E28E5B1396B4FDC9D4D2C4F06FB0A257906F30A17EE01DF304E1C6C079A642729E79F0BE1F8337FD75D981417DE9BFD19D574B02586523DF9858DB70DA02D1440A5CB5A5D32FE84685C53697E965EB26CEA548BB6572F14BB0994551C3FD194B5D55C51DE74810D01C15F644FA661C81F324E6FC96756E5E5711DE5545B27FDB061E9F7CA69B50FD1BFBF5F2340C344EA810E8523C858D19E70BFE7F73017A9830F90DB4B65251458D3CDA10306204D320B
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 16DD 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjF1rLlATAB&v=APEucNXj_RydDAZzuLa9ubqd6TuN-uwUss2IAmcNOnoSXAS-9kOTU86q8fPluzxaTOPnyAM3cLeyfek2m1WGwcRK4hkAHlxmoaSAehk1WAwqsp4XG1Rjdp0q3TAHw3McEi4SmwMK0ZlJUO6qOq3GXfcUH6ryAmFxa2zS1_t_Mje8g9ujU9dFpt0
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:17 GMT
expires
Fri, 12 May 2023 21:32:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 32FE 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 32FE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CLROlZHzai7YKrbjT05AH6B5ooU_7Qj3WZ4j_UXZIvSnSRuaGdq-z4YMnIkg1NnGyaWNg_KCyCJfZainI-j6TcgwSzWwMWBPzmvSmu6MrEzq4lP8s
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 32FE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13795935488843485372&x=8&ct=76
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fc51bbf2-7111-4093-af19-7cb06891b4d0
beacon-ams3.rubiconproject.com/beacon/d/ Frame 32FE 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/fc51bbf2-7111-4093-af19-7cb06891b4d0?oo=0&accountId=13760&siteId=333016&zoneId=2862174&sizeId=2&e=6A1E40E384DA563B363F4B1E4B5F722F50A915CE47797B6553BA727A620AE127E99878D111C4FA7BA5E7F70E6033E1299F0BE1F8337FD75D773AA23C9E34AA8174B02586523DF9858DB70DA02D1440A5CB5A5D32FE84685C03B741C07D73CD07B86CCC7EC5A200C36A11AFD1C27DA52B31E1BF8D51AC5410B7965D17AD80BDE92605645952F601784240C7CA452AA282C02E5E9EC230141190765F850D895BA5A180B0EA967D46530EC1189A10F881218BA4096A98A7BFF1E82A954C1004678A
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2886 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstE1vd-hQ2RcyKjAtmJLlhk7Yv_1M-YXcpp_pngqdrmjhyTJoHjaJsjG_rowTADaIiW6F8HjX-zm2EkMwl2TWwlfTIjnBi1nZDqBTenYoCRU5yig-9nJ8K98TNJQfdM_n1sTt6PyUVpKIJ4M2tJEZqA7_CbXIJ-16Hy4SDMbsdYDdP3seXOdocMhrHYDEcboAZmkjNCmLbtAiLXXVzVJgJV_gqg8HcD7mhGt9Az3OnVzU3pEfQOe-Q_fuSU9Js3Us4amq9DxZzDNcuHXg12LJcUQSoXlzucloS0TS6MBJEGZHokNN8SsLOlbmOJSGtCzLYxHBKWHPPg3Cxd9wzFFMq2hyT4fdX-iA&sai=AMfl-YQJRx3sAHFi4ohwmxkj6iMyL1q3A6mPX3Y33NQPAyANkqh27VYVhA2NAyQ97zPUqHkDO73CoNeXzOCmIasqjzo7hoD80CivhQufhacGz1AlBljwz1bMarzfSUVFv1ijRfZKTRcf8vVLFrGApS_uRZ5HCcJpZiRTgpTNR2_mdcuWbc9gRMN8Djb5_ij8L4yF&sig=Cg0ArKJSzBf-unbytz7IEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 21:32:17 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2886 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5bf8085d36b337460ed4dce5f001470776da989847194b004ba9db02b6520de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11137
x-xss-protection
0
/
track.adform.net/adfscript/ Frame AF91 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=60438885;rtbwp=rGKUilYEClmPTxDbgz98DFufdAsConXk0;rtbdata=VANDA8Yqj_nC8e8u9tKbw6KrZr3XNHffLg5SOlkolbxVJF79xTzxQj6vA65VtnBKrIYkmaJqzhRSoSe7umV079eqG_HjjGFGmfugpVQTO9BnPQA1x2pdIjXP0jLZrhDzRyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3rk33aIeAiVMRRyXkJLY3L4-8EpnHnma2vag7eQU4_cLkieEVEy6IiUY52abEbv1GSr0-BLFScaRPAeJipM4gaECdK6igMCpH7UyjjUDcbNf5MbPNWhEg6zqkU9UthoCIHS6jD5OjMB5omN1-c6UvUo1;csid=81917;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=eLrgTpMHZDAqHMLsI0XOHXm2P5s325Tq__On96DV3Hcxaw5CBI7iIeB87rUVMTESeJ85jxc6rtQnOcY0qM2DfVureViwBw8w9CxkJgTdrU542pRfRjNEj_yNRr-NBBdUrIYkmaJqzhRSoSe7umV079eqG_HjjGFGYnImA87gmua51UgOK64twZnRD5ODD6kOs5EUglKH5ho0zWzgB8dW-rWOu7PpRIpV0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEfmTnJZbLN2mCWFK_xLIH6asgRAbT0Sftdaf2_5TG1ADPJz5IsgHtE96vWmW1dlSa0;
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e8156fc1dd9f893c1ffe18d1775221cccbbe1132c5344b680808660ceaad5d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1285
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame AF91 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9D15 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhiK2LJvMAE&v=APEucNWnVrHtpf0rTOydaC7URElXi_2v5fHgkMZekV9OTlil1kCmFqH8zy9LWx_didX8fxl1HzDVx40ay6oqH-bSX8E3vc4PSasHKsOVOR0RNqtJW1CIqkRRaDkoL2vKkQw_1LHSCyi01HJbJQOTUcsC7uqRiTrDMYNlUKgpeFYj3iapFMVCEYM
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:17 GMT
expires
Fri, 12 May 2023 21:32:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame DB4E 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DB4E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aio8yu-GrScap4HV0pb_vhM_NKcnxdnMzJYZiSPP9iCBq_zpI2GTgDPb8TxkafQGNR6CCgR6uoGJOcD4ciEMBhJBjUClckW2Q832r87yuztaxCgkY
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DB4E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1720882970395660849&x=8&ct=76
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
d4337462-933f-4126-84fa-cdee7fb370b3
beacon-ams3.rubiconproject.com/beacon/d/ Frame DB4E 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/d4337462-933f-4126-84fa-cdee7fb370b3?oo=0&accountId=13760&siteId=333016&zoneId=2862172&sizeId=2&e=6A1E40E384DA563BD00175652B3613BAC5B9082AD9540D6C3E81028812213AAC5DA71BBE8540A0A15FD549CED1B0583E9F0BE1F8337FD75DD90F71485386B69074B02586523DF9858DB70DA02D1440A50E493E48E3522B6422AA9F476103117BC3721FD80EBD434FC40136C190EEAC2F94C81C1EF6D204BD9A5F57E64AC9B24C4E6FC96756E5E5713706CA81813957FE8F39EE7098F5425A8F2BFBBE95AD8D6290F595471A73A53B4E1C8B09C4AE960A876F73166F157A68CDA10306204D320B
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 35FE 		552 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARi8r7LlATAB&v=APEucNW9T8qbGhKTcuEmFazFnyn4nkR66LCrooVvKGrq5nahumS_Wnhw1OapA9NHGZoIUYqMNnq43eu4PPIUZPquc-QORQDoes9HJ5ru8gX7pCMDk1RYpqJrK8LgLSnevT5bEA22vAq6NqfTJdK8js8BMCOu3z101rPcBHHGfWlovWPZWgLuctg
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3dad89bd01783443195a892365b91096da2f6ebb36b2169ab32af37344c82f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 9F57 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F57 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B2z-jqgBcpaC6do4U4QTFtUH0zEr1LBaSjWHF3hWPbqL4EEqUI-kxwfo9C3E4zx9rRrs7_cKUsQH9EN_Z-t_9WmnyQdxEcsSnB10Lr1zFOSDuoXM4
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F57 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10256688904244488412&x=8&ct=76
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
eca5210d-da88-46fb-8878-803982896ce9
beacon-ams3.rubiconproject.com/beacon/d/ Frame 9F57 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/eca5210d-da88-46fb-8878-803982896ce9?oo=0&accountId=13760&siteId=333016&zoneId=1746730&sizeId=9&e=6A1E40E384DA563BE2D67678A5D18E289B3B9F68E7A6D891F79BC8C38B8CDE592EE1A6A3D01DBE6E4529FBDFCDA4F2EC9F0BE1F8337FD75D514BC6F31DA381D274B02586523DF9858DB70DA02D1440A5CB5A5D32FE84685C53697E965EB26CEA548BB6572F14BB0994551C3FD194B5D5A392779A4F9AF27A2412F35C37FFF2554E6FC96756E5E5714CCB6D3D75DD1A471007AA8B9B10B3C749EE219D24D06BE75CC5F42A4337A93587DBE41B9C7B8CA23DC97588D2CB3B49CDA10306204D320B
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 163B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 20:10:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
4910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 20:10:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 163B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
12497
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:04:01 GMT
l
www.google.com/ads/measurement/ Frame 163B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0HZudwKAx7nBxISknTZS5gyYqNP7Gv7e_D3V-qk9WrLlnmCBxax5DFp-5ywRtwBOD9VdWfU-iOeirFf9nuQF8k19TEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 163B 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:18 GMT
m
ad.yieldlab.net/ Frame 8679
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEMZRKm4tW8AOJQOZUcQk2E0&google_cver=1
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEMZRKm4tW8AOJQOZUcQk2E0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARi8r7LlATAB&v=APEucNX5HGs5vaGn6LrAvBeVAsZZpLAibU3ZSYkTZiTkNj5zHBNemtRDxp0XVm5_KXmk9orqqY3aZNMNauyUIYke1M2hXrNcYWH3IDuN72DnSoeyV92SDEV4PAnEbZZJ68VlLS1ZfeBRL1Coo4MUvvKtF3iNgR5KxDbXf_jQA9nnBN6_1lc9rnY
Protocol
HTTP/1.1
Server
23.215.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-16-120.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 21:32:18 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Thu, 11 May 2023 21:32:18 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEMZRKm4tW8AOJQOZUcQk2E0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame 8679
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEMXWy7cfsrxfmBA8Ghj__QY&google_cver=1&adform_v=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEMXWy7cfsrxfmBA8Ghj__QY&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARi8r7LlATAB&v=APEucNX5HGs5vaGn6LrAvBeVAsZZpLAibU3ZSYkTZiTkNj5zHBNemtRDxp0XVm5_KXmk9orqqY3aZNMNauyUIYke1M2hXrNcYWH3IDuN72DnSoeyV92SDEV4PAnEbZZJ68VlLS1ZfeBRL1Coo4MUvvKtF3iNgR5KxDbXf_jQA9nnBN6_1lc9rnY
Protocol
H2
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
last-modified
Thu, 29 Nov 2018 08:06:42 GMT
server
nginx
accept-ranges
bytes
etag
"5bff9e12-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEMXWy7cfsrxfmBA8Ghj__QY&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/ Frame FE40 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/postback?oz_pl=1&to=3&pv=fcccac35-f187-44e5-b531-4f97a2630e94&si=&dm=728x90&pi=XRzobPsLhV&ac=Xmwo1n97Q8&pd=avt&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ti=&gt=DE&ci=948461&ui=&sr=GOOGLE_CONTENTNETWORK&de=2&md=1&dt=9484611597092707615000&ap=&psv=2.92.0&_x=1
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE_CONTENTNETWORK&pp=ye-mek.net&ti=&pv=fcccac35-f187-44e5-b531-4f97a2630e94&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 21:32:18 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.h.w55c.net/2/2.92.0/ Frame FE40 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/main.js
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE_CONTENTNETWORK&pp=ye-mek.net&ti=&pv=fcccac35-f187-44e5-b531-4f97a2630e94&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0310d06b42963760d784418ad04a7ccd0de2c3e325f289edea62ef95c696a661
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:17 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
55694
Expires
Mon, 18 Jan 2055 17:28:16 GMT
rum
dsum-sec.casalemedia.com/ Frame 16DD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRLBsV_boYEM1HFHHykB7k&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRLBsV_boYEM1HFHHykB7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjF1rLlATAB&v=APEucNXj_RydDAZzuLa9ubqd6TuN-uwUss2IAmcNOnoSXAS-9kOTU86q8fPluzxaTOPnyAM3cLeyfek2m1WGwcRK4hkAHlxmoaSAehk1WAwqsp4XG1Rjdp0q3TAHw3McEi4SmwMK0ZlJUO6qOq3GXfcUH6ryAmFxa2zS1_t_Mje8g9ujU9dFpt0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 21:32:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRLBsV_boYEM1HFHHykB7k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 16DD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZF6wYaGuBs5V.gJa9n5H7QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRLBsV_boYEM1HFHHykB7k&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRLBsV_boYEM1HFHHykB7k&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjF1rLlATAB&v=APEucNXj_RydDAZzuLa9ubqd6TuN-uwUss2IAmcNOnoSXAS-9kOTU86q8fPluzxaTOPnyAM3cLeyfek2m1WGwcRK4hkAHlxmoaSAehk1WAwqsp4XG1Rjdp0q3TAHw3McEi4SmwMK0ZlJUO6qOq3GXfcUH6ryAmFxa2zS1_t_Mje8g9ujU9dFpt0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 21:32:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRLBsV_boYEM1HFHHykB7k&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 16DD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMI1BLB6WqrWSiDpXuocQFg&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMI1BLB6WqrWSiDpXuocQFg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjF1rLlATAB&v=APEucNXj_RydDAZzuLa9ubqd6TuN-uwUss2IAmcNOnoSXAS-9kOTU86q8fPluzxaTOPnyAM3cLeyfek2m1WGwcRK4hkAHlxmoaSAehk1WAwqsp4XG1Rjdp0q3TAHw3McEi4SmwMK0ZlJUO6qOq3GXfcUH6ryAmFxa2zS1_t_Mje8g9ujU9dFpt0
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 21:32:18 GMT
AN-X-Request-Uuid
cfc526f2-4f9a-4237-92ba-c5113000d112
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMI1BLB6WqrWSiDpXuocQFg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 16DD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY1ODY5ODAyMDkzOTMwOTkz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY1ODY5ODAyMDkzOTMwOTkz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjF1rLlATAB&v=APEucNXj_RydDAZzuLa9ubqd6TuN-uwUss2IAmcNOnoSXAS-9kOTU86q8fPluzxaTOPnyAM3cLeyfek2m1WGwcRK4hkAHlxmoaSAehk1WAwqsp4XG1Rjdp0q3TAHw3McEi4SmwMK0ZlJUO6qOq3GXfcUH6ryAmFxa2zS1_t_Mje8g9ujU9dFpt0
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 12 May 2023 21:32:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
aaa8badc-5ac4-47b5-a0a5-6f6bab090350
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY1ODY5ODAyMDkzOTMwOTkz
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame AF91 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60438885;rtbwp=rGKUilYEClmPTxDbgz98DFufdAsConXk0;rtbdata=VANDA8Yqj_nC8e8u9tKbw6KrZr3XNHffLg5SOlkolbxVJF79xTzxQj6vA65VtnBKrIYkmaJqzhRSoSe7umV079eqG_HjjGFGmfugpVQTO9BnPQA1x2pdIjXP0jLZrhDzRyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3rk33aIeAiVMRRyXkJLY3L4-8EpnHnma2vag7eQU4_cLkieEVEy6IiUY52abEbv1GSr0-BLFScaRPAeJipM4gaECdK6igMCpH7UyjjUDcbNf5MbPNWhEg6zqkU9UthoCIHS6jD5OjMB5omN1-c6UvUo1;csid=81917;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=eLrgTpMHZDAqHMLsI0XOHXm2P5s325Tq__On96DV3Hcxaw5CBI7iIeB87rUVMTESeJ85jxc6rtQnOcY0qM2DfVureViwBw8w9CxkJgTdrU542pRfRjNEj_yNRr-NBBdUrIYkmaJqzhRSoSe7umV079eqG_HjjGFGYnImA87gmua51UgOK64twZnRD5ODD6kOs5EUglKH5ho0zWzgB8dW-rWOu7PpRIpV0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEfmTnJZbLN2mCWFK_xLIH6asgRAbT0Sftdaf2_5TG1ADPJz5IsgHtE96vWmW1dlSa0;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ae684e653cf5edc8bec110ff0669b6daa58f690d550735f98954697799f963da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
last-modified
Tue, 18 Apr 2023 08:19:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 19 Apr 2023 13:55:16 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2886 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 May 2023 21:32:18 GMT
rum
dsum-sec.casalemedia.com/ Frame 9D15
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRLBsV_boYEM1HFHHykB7k&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRLBsV_boYEM1HFHHykB7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhiK2LJvMAE&v=APEucNWnVrHtpf0rTOydaC7URElXi_2v5fHgkMZekV9OTlil1kCmFqH8zy9LWx_didX8fxl1HzDVx40ay6oqH-bSX8E3vc4PSasHKsOVOR0RNqtJW1CIqkRRaDkoL2vKkQw_1LHSCyi01HJbJQOTUcsC7uqRiTrDMYNlUKgpeFYj3iapFMVCEYM
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 21:32:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRLBsV_boYEM1HFHHykB7k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9D15
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZF6wYaGuBs5V.gJa9n5H7QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRLBsV_boYEM1HFHHykB7k&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRLBsV_boYEM1HFHHykB7k&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhiK2LJvMAE&v=APEucNWnVrHtpf0rTOydaC7URElXi_2v5fHgkMZekV9OTlil1kCmFqH8zy9LWx_didX8fxl1HzDVx40ay6oqH-bSX8E3vc4PSasHKsOVOR0RNqtJW1CIqkRRaDkoL2vKkQw_1LHSCyi01HJbJQOTUcsC7uqRiTrDMYNlUKgpeFYj3iapFMVCEYM
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 21:32:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRLBsV_boYEM1HFHHykB7k&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9D15
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMI1BLB6WqrWSiDpXuocQFg&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMI1BLB6WqrWSiDpXuocQFg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhiK2LJvMAE&v=APEucNWnVrHtpf0rTOydaC7URElXi_2v5fHgkMZekV9OTlil1kCmFqH8zy9LWx_didX8fxl1HzDVx40ay6oqH-bSX8E3vc4PSasHKsOVOR0RNqtJW1CIqkRRaDkoL2vKkQw_1LHSCyi01HJbJQOTUcsC7uqRiTrDMYNlUKgpeFYj3iapFMVCEYM
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 21:32:18 GMT
AN-X-Request-Uuid
a8553b20-9ad3-4abe-a9a3-86ebd8e85f1c
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMI1BLB6WqrWSiDpXuocQFg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9D15
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY1ODY5ODAyMDkzOTMwOTkz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY1ODY5ODAyMDkzOTMwOTkz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhiK2LJvMAE&v=APEucNWnVrHtpf0rTOydaC7URElXi_2v5fHgkMZekV9OTlil1kCmFqH8zy9LWx_didX8fxl1HzDVx40ay6oqH-bSX8E3vc4PSasHKsOVOR0RNqtJW1CIqkRRaDkoL2vKkQw_1LHSCyi01HJbJQOTUcsC7uqRiTrDMYNlUKgpeFYj3iapFMVCEYM
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 12 May 2023 21:32:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ec042b0f-3865-4aa1-8f99-51777c8d6e0c
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY1ODY5ODAyMDkzOTMwOTkz
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 163B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CVlKhYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE0wFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDagkWw8VucFb6JfTaPKuxrbz1Vdl4b_ZTw1MDRIZW123RPyeQ9vyYvgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY1OTM1MjMyMTAwMTAxNTQYAA&sigh=XtVa4xK5Aw4&uach_m=[UACH]&cid=CAQSKQBygQiDmrLRprDCIzKPcdS6j6JlM4mGHC57t92Ko2UutIy9OmZEDgTlGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 163B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gfdnfj02eta67hm1pw2m6fp2p9mn50vb0z7gy7ekw7jpvvsrhdyzeh6z4rj7wxvs12kz7s4pv0her9fqjmr74g26gpsf9gr3p425hjb41efa720yq7apyx98b78g9v6eanpfxr9nqfc350gx4qam2bsx02jmcdke7hj2hq7na1tm9f7zeymjxd42spt0cznqfp844s4jc6as4nnsddh8zze5hb98j7yty6eyay2s19ksshynn3fx845cmvk1rwydarcczfn73zgv4737g44zx09q63ev29dkf6sr85xwxf3xhn50bf11exrmvbqfd2bqg8q3a6j0gheg667mk639eg61zz7k4t7xqbf1fx0whgqkesg5w5mwvh67eyvq2qv8etaefqt2gmggyvf&b=ZF6wYQAKIDsA-QkxAAdTpMvmPlH9jnZyrfpqMA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 12 May 2023 21:32:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 1B96 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jxmngmb2783a63ezkk0jacse80xaj7ssjmjqn77rtm74zn9y48sczvwdp9s23qvnacr9cqf38k8x6ydne0bc792vsscr1batwxrr6ht9zgkahk7hygt7r9wx4kp8d1bkn7ann1y22zbhtn7paebyc9cpep7zxaee068xx9t79rs1b1z147hxk62ygdagtyh6ds4cc9t4ggw8txvnymktka9hnjp9m3xtay225kr781rh7nj0myh4bdr96j2jk8sn4b3bgfhqt5sh3vej6j9c7rh9me4g700qgraw7vddh125bmc92sd2v6zdhfptzhx66r290w37aeyhpvwt98tyhgageyw1ygam1eehs6f2kz0me63gdamdg7sat371wmcd7m7mvckbqg6a3wb4twp78fd580atg8aj30gqfhkry5vmevcfcx0gp42qxvefdcm8hmjay6pdm2g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%26client%3Dca-pub-6593523210010154%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2d00fbfa476c2f186585f88af777e8893d3c1670694fd842d17c4d149f793a6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c65c60509c49b49-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:18 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0806 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51212
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 07:18:46 GMT
etag
48472445140208031
expires
Sat, 13 May 2023 07:18:46 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tap.php
pixel.rubiconproject.com/ Frame 35FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECo78uNyemOp-80qvLDWs0c&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECo78uNyemOp-80qvLDWs0c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARi8r7LlATAB&v=APEucNW9T8qbGhKTcuEmFazFnyn4nkR66LCrooVvKGrq5nahumS_Wnhw1OapA9NHGZoIUYqMNnq43eu4PPIUZPquc-QORQDoes9HJ5ru8gX7pCMDk1RYpqJrK8LgLSnevT5bEA22vAq6NqfTJdK8js8BMCOu3z101rPcBHHGfWlovWPZWgLuctg
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECo78uNyemOp-80qvLDWs0c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 35FE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDg2YmY1MmNkYzhjMGUyMzA3MTI4NTFjMjk1NzMzMDUxMmM0MDdkYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDg2YmY1MmNkYzhjMGUyMzA3MTI4NTFjMjk1NzMzMDUxMmM0MDdkYw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARi8r7LlATAB&v=APEucNW9T8qbGhKTcuEmFazFnyn4nkR66LCrooVvKGrq5nahumS_Wnhw1OapA9NHGZoIUYqMNnq43eu4PPIUZPquc-QORQDoes9HJ5ru8gX7pCMDk1RYpqJrK8LgLSnevT5bEA22vAq6NqfTJdK8js8BMCOu3z101rPcBHHGfWlovWPZWgLuctg
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDg2YmY1MmNkYzhjMGUyMzA3MTI4NTFjMjk1NzMzMDUxMmM0MDdkYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame 35FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHzxi4WzTi7dm57CdfS1QXA&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHzxi4WzTi7dm57CdfS1QXA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARi8r7LlATAB&v=APEucNW9T8qbGhKTcuEmFazFnyn4nkR66LCrooVvKGrq5nahumS_Wnhw1OapA9NHGZoIUYqMNnq43eu4PPIUZPquc-QORQDoes9HJ5ru8gX7pCMDk1RYpqJrK8LgLSnevT5bEA22vAq6NqfTJdK8js8BMCOu3z101rPcBHHGfWlovWPZWgLuctg
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHzxi4WzTi7dm57CdfS1QXA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 35FE 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARi8r7LlATAB&v=APEucNW9T8qbGhKTcuEmFazFnyn4nkR66LCrooVvKGrq5nahumS_Wnhw1OapA9NHGZoIUYqMNnq43eu4PPIUZPquc-QORQDoes9HJ5ru8gX7pCMDk1RYpqJrK8LgLSnevT5bEA22vAq6NqfTJdK8js8BMCOu3z101rPcBHHGfWlovWPZWgLuctg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AA3 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5387312497132&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AA3 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5387312497132&version=m202301230201&ct=76&x=8&cor=9347737207684751000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3AA3 		86 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9LpIJWuAYK7gk8y4ONXw3zKrykC88LrZVE6bBHDMotGMiwON-Y8qVKH2xdsLjgu8iHMWsmYV-cbJM0kf0-ecM_OioRav8Hs8FScqijpGm6zpDfI6l12ebFMfdcpXWw1DNb7zZfRbLrvgKiYaug2mLFWFP_vuPRdORUA094WPShpto1Ro&dbm_d=AKAmf-Dqmci2DOhzLRH2YptCr_ACdLuF_1amp1MBVYzFXwXjDO8F1X2I0KlYVSAtudhSoszrLYx5ru-twMRTLW-Qjk-Sinr_VBGuUYl1_h0oWtLpCbHg0pZUSf8M4_Qp2l2PgpwFItKXLve-4f-kqejB3QniPqKCh1nWbp_Sx2d_PB6xZmpRZjFfzBD0n6KmurcM1AO9AGZwIC8b65OGiSRkowoicsz_RIgxspKscUfB4LQ6fhHewX3-Y5rIS2IFFoY175FLcEpGd-kitiOZKUF6-olJyCA938JlTp6KZ5l4jz69Sw_9KsmLoEhRa0uJu1o5Ic41_3wa6iObAuSB-WeDWqdxRdRuFnKmcz-jPZAnP1AT2uOLihr3Qnv0Ed8_1YQn4BKAxc_Qge2oRN58MT_fgIVYA8vSLIcWPKX1Mg_ibvMaZawZp8CPr6wnzmT2-OKPua6IO8yPNiJ45parwAYiiFyajkYjDY6WbNdK6vuXr5E08zNkSfTvuOV1vgzlssWTJxK67I9FC4nQLk2zbvx7hc2zH6JQ-y4J4q5nj4GAfbnrlBhdoAlfOCZWoTlATTkLGDeTKBwz2SmHJ9g9-1j-WccsAGxPH_x1MtlZvaTmY_L2Wme5wYJzgwMO92o-a_HcEWLqrmFass3VTLpeg0IyK4Rbh53dbVt_BQOhgZIm-PvZXmtKZ-5BZIWBQ-XvQYcYnCisO1W0hDGLxAhvsUw5KvqO9agA5zyUSVGD13Or1MSN_3TDV_mD8F0xIN4AxP2zhPxJ8mLYq7dzoAs5RT9k3Vjgl4MEbtU1NH2lSQsXm9Fbea__FDiq-1hwYzzDU7joQBSCsOAto-jocbh2YqEDmnLZTo5GHKgMfxbESmrotpKciHsuUyqyi5VeZk7do1uR6AU6JhzX9whQ-kw7sORovs3eFZDket6-vScelid45pONIBt9pgru8y_Z9HRAM5AWPAnyA0PD_IogyLA0PJo-DxCrHxElgFynoRg7fjEh012hLr805h1yVOVsETKUpobNE2fMiuto23EOo8dLqJCW-MoAVfXS5Lturss2Ht7983ou-9MBn9BKGsjbRYrh0dhR0bebxVO4MXR_tpxg0tiybp0gaDL56E12L_YEpchGVK0w0w3BPuuALLQ9nuFHPoie5a0bdZtxyXExTRHZPOYQZjPgxTWWiwiF3pPRgEp7DoqmjkNrPkO2uNMrm0jP170-gpEudg_5kz4iGS-zweMVl-54kwVGu4CNEmL_tQLEQhPaysf_LRE3eJ1K0YijXm5w-vi92wBzjsSFibGqX286TuV8XiAXXK2bc9tmrQq2iUt46NZdL4uPoH5CqMdfrU99PzFL8sP1QlkeW2w5b2GfM6_zLaqS2_xGjHFSNKZd-HcYi9kqjV_wC-63OD-C8ARZpU9H30cEwmcKBkDqLv76cwG0UMBxCnpi1yISSSZzahiZG5xFyFx6ybL-WSdlDGs8OuvY0Kp0O54Mx56GjSZmFIZ9fh_9PHQtfI_ZEj3JBbXKQsNh8iCgs2KZOMCthxJ_Lf6FTARdAzMpYpqyNQeABFI5joZA2l_LYS1O6cf-AagDWu-65dYIPzVxwZ5kt2ln3AgOxmoT_leqxl6ZYVR-JnMBpd8BzmF-1uaww8_7JuRnzOD8Lul3S63aK1wkLe4hoENdSkMgLiEEw8J_2vbCsfbrvIr376FoAnEPJua63t9qF5t_0xfmxDaCXrasOJM0o0Y81rE7U-Svlz1DiE12HrSTpi_vSFD-wRVvW_zInONVJ4pLO9qua6_i6eejwFS6h3SCwws0mPkZVjAKtBSYht4RFITcPEj8EaRp94sH0wkbp1D6SSTs7aNpN7_aIS8Um2lJpmOeV9yRNVXFiE8Pl6D-8pp0xoTKY6VFgjqID87k8HAS26A4_xN9oIq8morCYxBlIChUMRq6gJmq4yektvYlnvHxPB0zZBF8p0o8tOmZU96NwlxOqRA9Ft956p3PrIh4LtP_Kh0uim0PVWCm1umElVQj7Mrnsdr5sso5XRHCGar8uRhxuSWAX7siDO7XlTQziZ41bwrAOnkD1sJqcuu1Lv1e4seunVUuTSsR8tvD2A3NFPlMcyNIfNt2Gp3zdwrBK1NpBIE7ErQncmrmfUIYBGXyZ3AnjlVbZKzWVmH8BV035UyLhf611ZnaCWwaaK6E9aCBh6BtV25amQ9W5hApi3uStJxUOZSGNg8uE76i5-jLTesWRkF7aVsnTEMxlRPp8J37Joixxo1XcEzVGJ2-akmjuTK8mxxYVhrO1y0fuHMDl4MzieCKPZYQcz8m-rnFqEVNjE1SHTJ9BLBqsk4k_nmpDVTgF5jWyJTcrXJ5ATdRjLZ_D3Ei1WvSgFssJZT5BLNuTPB7xkxQvrI_2t8EZlOwqXM3ZHuQ0cswqa5vVUjw4vF8eLoNs1KU7c0H2d18PxnDrIxdrnszffuPUus9tHstYRxW9DkFueIxCvPiB-RCney9UecH0805j2QSbGKvIcnJdGDR0D2anPW11w8j5NaplIJi7nYRJi_uJbNyAoYJJPGb9urE37y0j9VB4glTek8dPWTIXZAgkVVrxvU67enbPLf4cw99M4QwZvrNXA3tlGKahSAjfSuRjUriJ_RJv1xMdGuY9L4dGQdRwgQy9Xpv3TP2AT3lyaZBNKXy7pU4O1Haub1Utr3qNIe1vqp9pRMV0E96Jiuz3QcZ22dLX0uwtcsV3qsaF1LFjU2Ld9pwrL35VctvI1lSKuKqG1YwUTn5kAOck00aprbTUv81y0FbQoJxiV-pkpb7D4Bqo6EiIkFUj91FrzlUcClmK0PDi7YF18Jmj097FyNb2A9tOssRZ5YJOJ1TgQOY9v4kBfisnkeLrj5Ty07b5xe9tfCk-Or87Hg0IO2UwLnpokfDB07k09icv_g8_eTIY2B0SgMRgnXuKIm_EWHLdTRnmzYErm9qMFAVo4ge6hZW3gpbjk4XbqZNWKwYIHf5J7fJw-NzeAu9xUiXDIdprVMyaiVKKreIKV6uttD9jEFddv77tXt17p4ivsW_TtEyaHMk5ZjOyCOb2_r8E0MeEOysyrJCdFB6_9tSVFOz7mULRy8HEP9ZoiPvsfiJqjIlM35amDTIpHTtzgEtow7rrZ4pqIueU-suUHuv9Kz1jp7SJmZwxf8tO4dD6DAYMS3fnkl6wgBM-7RMzpJE63Am6MyATWR1Oke_tfv3QWFJ3FzCOOU1tJ6AjBWM5w12rCiYp_sxrDhKsZm2uhVd_eZkHqRqRhE5jmZcd6tlJ8JT_vQzsS2HR0L9ybazTMZXPk271fTuz5Y7kSk&pr=8%3A2A3E876FBD0DCA8F&cid=CAQSMgBygQiDNv0fn6thh3dVCA90lLGK3IXmv2JBaQvWTgG9aYBHoRh8RAoJ57Nruv2ikOdMGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=9347737207684751000&adk=2943776909&idt=86&cac=0&dtd=51
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a31116435468733dfeaff049d37258b318eccb81a30ac7d64899d1689a84b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36680
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 1B96 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jxmngmb2783a63ezkk0jacse80xaj7ssjmjqn77rtm74zn9y48sczvwdp9s23qvnacr9cqf38k8x6ydne0bc792vsscr1batwxrr6ht9zgkahk7hygt7r9wx4kp8d1bkn7ann1y22zbhtn7paebyc9cpep7zxaee068xx9t79rs1b1z147hxk62ygdagtyh6ds4cc9t4ggw8txvnymktka9hnjp9m3xtay225kr781rh7nj0myh4bdr96j2jk8sn4b3bgfhqt5sh3vej6j9c7rh9me4g700qgraw7vddh125bmc92sd2v6zdhfptzhx66r290w37aeyhpvwt98tyhgageyw1ygam1eehs6f2kz0me63gdamdg7sat371wmcd7m7mvckbqg6a3wb4twp78fd580atg8aj30gqfhkry5vmevcfcx0gp42qxvefdcm8hmjay6pdm2g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jxmngmb2783a63ezkk0jacse80xaj7ssjmjqn77rtm74zn9y48sczvwdp9s23qvnacr9cqf38k8x6ydne0bc792vsscr1batwxrr6ht9zgkahk7hygt7r9wx4kp8d1bkn7ann1y22zbhtn7paebyc9cpep7zxaee068xx9t79rs1b1z147hxk62ygdagtyh6ds4cc9t4ggw8txvnymktka9hnjp9m3xtay225kr781rh7nj0myh4bdr96j2jk8sn4b3bgfhqt5sh3vej6j9c7rh9me4g700qgraw7vddh125bmc92sd2v6zdhfptzhx66r290w37aeyhpvwt98tyhgageyw1ygam1eehs6f2kz0me63gdamdg7sat371wmcd7m7mvckbqg6a3wb4twp78fd580atg8aj30gqfhkry5vmevcfcx0gp42qxvefdcm8hmjay6pdm2g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%26client%3Dca-pub-6593523210010154%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
366782
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prh6CYcciBotR%2Bb%2B3S%2BjGq0%2FqB5FIHGVoKs8%2FiMHxDIxAZzM9jcoyvGsbXaONcH9ejcuOzqXCp2fOTZvOAbwHUHSI9spKIbdWpV1I%2FPW8P1MIyEMbvutMdtSAJXJeTZiOuRuSeKtTVg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7c65c6057a1c9b49-FRA
expires
Fri, 12 May 2023 22:32:18 GMT
r62eglto.js
ad4m.at/ Frame 1B96 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jxmngmb2783a63ezkk0jacse80xaj7ssjmjqn77rtm74zn9y48sczvwdp9s23qvnacr9cqf38k8x6ydne0bc792vsscr1batwxrr6ht9zgkahk7hygt7r9wx4kp8d1bkn7ann1y22zbhtn7paebyc9cpep7zxaee068xx9t79rs1b1z147hxk62ygdagtyh6ds4cc9t4ggw8txvnymktka9hnjp9m3xtay225kr781rh7nj0myh4bdr96j2jk8sn4b3bgfhqt5sh3vej6j9c7rh9me4g700qgraw7vddh125bmc92sd2v6zdhfptzhx66r290w37aeyhpvwt98tyhgageyw1ygam1eehs6f2kz0me63gdamdg7sat371wmcd7m7mvckbqg6a3wb4twp78fd580atg8aj30gqfhkry5vmevcfcx0gp42qxvefdcm8hmjay6pdm2g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
287186
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xk3RxBHKNxbmfKqQvAZ84DtCPkjKmc6Sl86iJQMAD8PmqFeCXTjef2iuL7UdqyuRXyGTwReTLK1f0gUVkW%2BM5AM8AIc0%2FU0OCAmkecZTeWDh8SajxnhUSi7TzVCrcPleM8DGX30%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7c65c6058a319b49-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 02 May 2023 13:46:04 GMT
postback
s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/ Frame FE40 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/postback?oz_pl=1&to=3&pv=fcccac35-f187-44e5-b531-4f97a2630e94&si=&dm=728x90&pi=XRzobPsLhV&ac=Xmwo1n97Q8&pd=avt&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ti=&gt=DE&ci=948461&ui=&sr=GOOGLE_CONTENTNETWORK&de=2&md=1&dt=9484611597092707615000&ap=&psv=2.92.0&_x=1
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE_CONTENTNETWORK&pp=ye-mek.net&ti=&pv=fcccac35-f187-44e5-b531-4f97a2630e94&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 21:32:18 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
truncated
/ Frame 163B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
969a8143f8f335c9f56e63ab37a5b66306128576b048866705cf560d4ded55f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.135.js
static.criteo.net/js/ld/ Frame 5454 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 13 May 2023 21:32:18 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 0806 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHSQz5iOStvVpKzaz16the0&google_cver=1&google_push=ATf1kGOAzf0jw1Rh-ZvPM-sMyytwY8a9EcgK4ONTvJUxdOQfbBHL5ZQsX_m0ZVpAsqVAz1vPjjPCVSjpewnrqzKZSFa_tSRPHD_vEtbpcsqVHmeHejVF0SrLSpKbctxLhTV8RfGwI6-bH7yan5kKwMtgjPNa78U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.207.16.201 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame 0806
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELhZB0Y77bryweGmLu1oCVg&google_cver=1&google_push=ATf1kGPm7P5IVvUdGafqf7vrfYLYOJd9HG0o13tzYfLoCJDopnV9OyVpUUSQMUvdxrkkm_xY-owMEoVG-UByZRiC37aQNFQ4FjDuX...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELhZB0Y77bryweGmLu1oCVg&google_cver=1&google_push=ATf1kGPm7P5IVvUdGafqf7vrfYLYOJd9HG0o13tzYfLoCJDopnV9OyVpUUSQMUvdxrkkm_xY-owMEoVG-UByZRiC37aQNFQ4FjD...
43 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELhZB0Y77bryweGmLu1oCVg&google_cver=1&google_push=ATf1kGPm7P5IVvUdGafqf7vrfYLYOJd9HG0o13tzYfLoCJDopnV9OyVpUUSQMUvdxrkkm_xY-owMEoVG-UByZRiC37aQNFQ4FjDuXFGzDuBJ_XiYdPeK5sRkEqPkZCS-k6OznIbzDZTLum-BPy-50C3KbmSubBg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPm7P5IVvUdGafqf7vrfYLYOJd9HG0o13tzYfLoCJDopnV9OyVpUUSQMUvdxrkkm_xY-owMEoVG-UByZRiC37aQNFQ4FjDuXFGzDuBJ_XiYdPeK5sRkEqPkZCS-k6OznIbzDZTLum-BPy-50C3KbmSubBg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c65c6079c97696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
255
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELhZB0Y77bryweGmLu1oCVg&google_cver=1&google_push=ATf1kGPm7P5IVvUdGafqf7vrfYLYOJd9HG0o13tzYfLoCJDopnV9OyVpUUSQMUvdxrkkm_xY-owMEoVG-UByZRiC37aQNFQ4FjDuXFGzDuBJ_XiYdPeK5sRkEqPkZCS-k6OznIbzDZTLum-BPy-50C3KbmSubBg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPm7P5IVvUdGafqf7vrfYLYOJd9HG0o13tzYfLoCJDopnV9OyVpUUSQMUvdxrkkm_xY-owMEoVG-UByZRiC37aQNFQ4FjDuXFGzDuBJ_XiYdPeK5sRkEqPkZCS-k6OznIbzDZTLum-BPy-50C3KbmSubBg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c65c6061b7c696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 0806 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPyzktuo6JqWB-J2p1VISwA&google_cver=1&google_push=ATf1kGP-znCOZchLpf74UiyZaL8uNb1yVLndSB0hSxDUw9ILx6mojWAGXEoaf35UZMx3yeQj8j_tOvimFAeDMSEkz8XIhXrwnPZH2U1u9WXT3LgvMrdROnfTxuUDjpIirlt4cMU_PopMBiMaQH6fyWXjg3Wzj_o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 0806
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHRLSXLnYSRkiegBQTm2l2c&google_cver=1&google_push=ATf1kGORqwu5YtJsUe0tgNW8eGMubZCRKnKKPHEJpJvAp-Y3qHFXUxj7OZeuE7OU8z4vTG9wFiiuNSF-7tafETEj0P05...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGORqwu5YtJsUe0tgNW8eGMubZCRKnKKPHEJpJvAp-Y3qHFXUxj7OZeuE7OU8z4vTG9wFiiuNSF-7tafETEj0P0519WdvpZ3p1SRvFhK4i5i9R8jiOQVMusULpOCZXI1Fp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGORqwu5YtJsUe0tgNW8eGMubZCRKnKKPHEJpJvAp-Y3qHFXUxj7OZeuE7OU8z4vTG9wFiiuNSF-7tafETEj0P0519WdvpZ3p1SRvFhK4i5i9R8jiOQVMusULpOCZXI1FpTupKbJ0EXbwiHJmD10vT6VFyo&google_hm=ZrzQ3BZwSFCnZ-MFSRR72A==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGORqwu5YtJsUe0tgNW8eGMubZCRKnKKPHEJpJvAp-Y3qHFXUxj7OZeuE7OU8z4vTG9wFiiuNSF-7tafETEj0P0519WdvpZ3p1SRvFhK4i5i9R8jiOQVMusULpOCZXI1FpTupKbJ0EXbwiHJmD10vT6VFyo&google_hm=ZrzQ3BZwSFCnZ-MFSRR72A==
date
Fri, 12 May 2023 21:32:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 0806 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESELL9oOXkEooSqxqmIhUTxQA&google_cver=1&google_push=ATf1kGP13Zh-nHTNl892D0hW4EqpGmmoTEwRJP-y-W_e-hEukFNmtPmE6PSNaYUyUJ0yhlAMhJPvrpGIwYXCZFgyBZAyaQ8fh5YMS21MtKcHSeD1wApiCzvr-Jq5oxLw9csRqyQ2nPkR0apYBDdY4mK8cLnswk0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:17 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
243807
expires
Fri, 12 May 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0806
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFtQGOx0scsHLwRIbCeV7SY&google_cver=1&google_push=ATf1kGP8AHESXjIV-YAcFby8SZWBmZfLfUtuWEM_49-ZyYg-nB8AxTJGHa0_96jDEx6DYwLVp6T492h1...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5Nzc2MDUzMDE5MTE1NjkyMg&google_push=ATf1kGP8AHESXjIV-YAcFby8SZWBmZfLfUtuWEM_49-ZyYg-nB8AxTJGHa0_96jDEx6DYwLVp6T492...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5Nzc2MDUzMDE5MTE1NjkyMg&google_push=ATf1kGP8AHESXjIV-YAcFby8SZWBmZfLfUtuWEM_49-ZyYg-nB8AxTJGHa0_96jDEx6DYwLVp6T492h1uzyH15W_fzZP5fs8m58yjzKgAoxijgWBGiNJk0I4tqd7OYHvKpEFmXV-tZHEXIbBMuecvKQ-6_uuIU4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5Nzc2MDUzMDE5MTE1NjkyMg&google_push=ATf1kGP8AHESXjIV-YAcFby8SZWBmZfLfUtuWEM_49-ZyYg-nB8AxTJGHa0_96jDEx6DYwLVp6T492h1uzyH15W_fzZP5fs8m58yjzKgAoxijgWBGiNJk0I4tqd7OYHvKpEFmXV-tZHEXIbBMuecvKQ-6_uuIU4
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0806
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGKYplBAxaXrr9uG9-QdTOM&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGKYplBAxaXrr9uG9-QdTOM&google_hm=ZF6wYaGuBs5V-gJa9n5H7QAADP0AAAAB&google_nid=index&google_push=ATf1kGPs45OAtOhHjP9mQbMJYaNKmdEoLs7pU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGKYplBAxaXrr9uG9-QdTOM&google_hm=ZF6wYaGuBs5V-gJa9n5H7QAADP0AAAAB&google_nid=index&google_push=ATf1kGPs45OAtOhHjP9mQbMJYaNKmdEoLs7pUZhweVQu0J6DGcttKolOjC1ti4B14E_03e98paAOD4xjqbG2Fsop8KSxmHd0cCGn-lj2OQ2GdrJXdvQVpDc59nuxLsRG7TmAGftuW00yTQbUExVYbzpXE6T93lE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 May 2023 21:32:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGKYplBAxaXrr9uG9-QdTOM&google_hm=ZF6wYaGuBs5V-gJa9n5H7QAADP0AAAAB&google_nid=index&google_push=ATf1kGPs45OAtOhHjP9mQbMJYaNKmdEoLs7pUZhweVQu0J6DGcttKolOjC1ti4B14E_03e98paAOD4xjqbG2Fsop8KSxmHd0cCGn-lj2OQ2GdrJXdvQVpDc59nuxLsRG7TmAGftuW00yTQbUExVYbzpXE6T93lE
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
0
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 0806 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JoIPDu2IrAAG8llv6DFJ3ZnJgFT4O9DJJQJB90Dl_X93RNRIVo213529Ib6SuaAEy6YEis
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=250&slotname=1234190425&adk=1935728605&adf=4198793183&pi=t.ma~as.1234190425&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927137266&bpp=1&bdt=122&idt=301&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2767395566042&frm=8&ife=1&pv=1&ga_vid=746988758.1683927138&ga_sid=1683927138&ga_hid=813130875&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1542598319&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C44773810%2C31071756%2C31074562%2C42531706%2C44782467%2C44788442%2C44792088%2C21065725&oid=2&pvsid=1475720954006208&tmod=1471447691&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.vd2poj9i1f8o&fsb=1&dtd=307
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C485 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2252
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 20:54:46 GMT
expires
Sat, 11 May 2024 20:54:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 56BD 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a63f82fa1fbabcf61b201f88bf70466f61130178b8b456f48a060b8b7d5e4650
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eTJhDmwQf3pKh4UvtTpZyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-eTJhDmwQf3pKh4UvtTpZyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:18 GMT
expires
Fri, 12 May 2023 21:32:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
track.adform.net/adfserve/ Frame AF91 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=60438885;rtbwp=rGKUilYEClmPTxDbgz98DFufdAsConXk0;rtbdata=VANDA8Yqj_nC8e8u9tKbw6KrZr3XNHffLg5SOlkolbxVJF79xTzxQj6vA65VtnBKrIYkmaJqzhRSoSe7umV079eqG_HjjGFGmfugpVQTO9BnPQA1x2pdIjXP0jLZrhDzRyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3rk33aIeAiVMRRyXkJLY3L4-8EpnHnma2vag7eQU4_cLkieEVEy6IiUY52abEbv1GSr0-BLFScaRPAeJipM4gaECdK6igMCpH7UyjjUDcbNf5MbPNWhEg6zqkU9UthoCIHS6jD5OjMB5omN1-c6UvUo1;csid=81917;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=eLrgTpMHZDAqHMLsI0XOHXm2P5s325Tq__On96DV3Hcxaw5CBI7iIeB87rUVMTESeJ85jxc6rtQnOcY0qM2DfVureViwBw8w9CxkJgTdrU542pRfRjNEj_yNRr-NBBdUrIYkmaJqzhRSoSe7umV079eqG_HjjGFGYnImA87gmua51UgOK64twZnRD5ODD6kOs5EUglKH5ho0zWzgB8dW-rWOu7PpRIpV0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEfmTnJZbLN2mCWFK_xLIH6asgRAbT0Sftdaf2_5TG1ADPJz5IsgHtE96vWmW1dlSa0;;js=1;adfxid=1x;9283;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fpcloak.blob.core.windows.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
52af61b670174152ab2383bb37c9d5ab86242ff0a7171fbef4d06390edaf919d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3429
expires
-1
gen_204
pagead2.googlesyndication.com/pagead/ Frame DB4E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9781938760697&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DB4E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9781938760697&version=m202301230201&ct=76&x=8&cor=1720882970395660800
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame DB4E 		89 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWpHIBC9ldAPQT1VF7Qqa8GnxGtl8mn_vjj1XQSU7VDwVw2QWIWddoB4FFk2AB8ixHltZqfV_i9KVvr0QFuisDJXLAGaUNc3grE6d8Jin_D3TQtP0K-RPxUE58GAXUK2teQZweW1aUzKQCJPr0lpAzol7poorD3bwBoDiv1CpGt0oGdAI&dbm_d=AKAmf-B62VDDrdO1SxukubQjGA9isTLSUDk1xUmZO2KopIUMcpuIFzooyofCXpYr5Wa6hZZShEeUxokd5LhHmGPSVJ9p_nvxNCHeZRu21rsxgix2FxCjnnpyBypcvzQqIaBFnXtXk-6gZiTTnKH3mNA7m6MaTYnGssU1IO0YhiLX-_cckJHaVOZ-aXVgEZ00y6z5QxDW6j4xJvqXmKu80xNEOGuv4VnjvWEHwStKP5ay4bxUAiuvjZaXtiMqbWXyjL44PsahY5xNA7ml80A6VlXUjZKBtzqirIglxz4g9sL-lJ1-aATCe4D3SQZRcB8Jl6ReKVI-rIE_SS2OvT_6r1RRW0RGXDGkCBKQUFBH2eMYeBbW6HjegM_iwmPxKx_wAYewqj03xnaXKqnwz0Twk1wCeVSSy1Uep8-1f2w-kQJRrv3LN74VHbz4iKWNUpHeMYE6E8jJKc_kWwfygWTz4p9rbKOzDNXl37z6dml9DXN4YDPWXtxhpTmJoGuBhy8aMrEiroGF4pjXCvyYsILz1nowNBmtT29upv8XKbXHb69OhOxI_K8mcuNMViig0SgJ0K0vjJ4R_CV85Vj0X4FyQuz5HjMUAPBceCPvUsbTVMpyhRZQt1hO_0PlR7NdnD9IQHpqAojX4hXltnO047C3cbF5EwngdivlbPOdjdlYivzF3GlPNjuZDCrdeeqspwQMQMnMjj49X5UHWZawEaSsTUwXZVAmRYFHUUKtl1VU8P0WlVDit1UrR9Rdd5Gn6J2qTJihEPrpvE-qXllmahzOyA51uYG5N1My-Q0lUaWClISW9vO9zJSQGozyAQ8xPVhngHInYTIeu4eiOjeG1YUNzvkMzpXxXjq2OcYavehgQd8iUaeWu7oH7FMz3jglWu7jNxBzZ-csZ9q_8SJNQetOj2DrO7PjlOoDghVLMTBZhJR9jNKzpMk6H-MKSMzuLYZFtUMeOIg95lbJf4OJqxjaRqoLs2Q5RNrfwQuQaFsel5owMDN-yn0xiqq781zWyavc45jUhAVF-yT4gS1x4yOzDs9q0p3pJrXCVEbaRQHHP-QD7hvC5g7qhg1hrHvN8XfPWaYlpfto45d_v2OXPqJV2XKOobd_7q0ED9kkgY2blV1PbU4LPGL5P-VrxcYRqtO53iTJb0HfolK_OKtPdVKkHqb50_Laq3bsxJXqJdaib7Y0-ITrDJuiFZQ4C41pdp9b3dNmm8KS2bSX5-hJ-_wQE5yUc96I5GmyA9k3MDMwvJg1OTwXQHe_9QeDYvsrH7Ijm-lc-rHj4FM1K5EYTQLfECMe55G_Cr0GM6gZQFPxMMVes4XOdO6gRR8zodlXqdztbQtVoPXtj9JkT-3YjoxPDmuSTufzT9DBGwmSHncboiGcfhrNDvKoJQswNOHCkMbqsj38iZkLyJOQZyTuXukWP-uL_TaiP9vCrtkkuxfVa-id_sWXjVJoFZNth1eO7EwxvR2x3gGj_DkLGt9JfHN6KgSO3dlmGT-ENQVxF-9rGI9_IqyCKdhPN1rRKovbPROY4F3FkXmyET3FfpGHTXm_6yguQ8d9TRHiCxG0jq6ADSaukofkBzHGE8XQJchVTMkx6gT7X1ZdVQ0EPd1nxSx0i1veiA6Lwpfo_pL68saCr6oVOejynNhS0voFr8JVr2duEOY2b7JgHIOl2i-7iWGI_oqNOLRQHc7Dx31aBKSJZ5yLmq95IZ1X4tr8QGQE0kVZANJhCreKw2H4Z09neMZoRIh50tqV3uV1AUce5eck2Eg8aFg9kebjMorE0JrlLEsel7GLj0IsXa5ApsXH9nW4VtMcmfBxsOxY36aumPHpDePnmpKMyT2w2Hd9RQW_mzI7Q4HLjtcEeLTqSV7O0i2m0HXuWkzGu1DwmTss3spCFruGeYTJHBYLlEiPZHTsQirUVWPQZY96cXNNuZytnvkGgME1vsyqpCYbSXx9CIuGAY3BGp18DaljCYowd3rf0BKkizyW_tr5D0C6L9duJ9RIA59CT29fzz3-858ugFNTA0cnOldBttam1tdQkrJmCDeQUTnlcMxTK-bAhlzrLnC-JncHHseSZ-3ah2hUKzcFG6B1D6apBBQ6PvZZ8WNM5pcVXn88WNvHjFJfpblQBl6F3brDrXTP21c3P7hcvkpD8DjG9ECThrQlyQaP50Qpw3f0btcz6Mnkd7l520iyJew_h0k_Zg0AfU90z3ZQUfzit-Ow4mefNKXSp48ZOaAyjV7EdsGcKST4iPdb-dAD62WieAJ43Qq4hlW2tdTFTWgvcMHIAFgwjcF5r8olIvQEH8KCn93s9IyFo0jkHAUg7jx5SyB_q6M1aqp3ivSeDtixzr5_UOiD1cHSTMyJn-8HBM4_CoSFkD_rtCvprzJ8Gyqutcz-sqK3TGQ7_TtY8iZJqgQDZhwPM1UrlsGIpc-TOM4SkIuvQ8Z5WFVpSMWzO2RwPQl6ABMQ7TqSzbi0asD0HJFR_vluMmMoEwD-iIBPvuRWAS0_4Lh4AlgbW5SJlqBuVzwNjiz14myU9zN84s2ahitWXEHPNAKkM63tOXBG-qh1AbmNnaJRrOCCb3noMZDmMfkg9kIKvWpfqWNyiFwwvoBl-bF_KVQvUMPfu6q57o7W-buSrBTShftm5saf-oGU0OdY6BblAT0Si5qzLWiUI4lpWz5Qcm7V3bxJJQnX7qEVb9NPtfuM4sdmYNBJ6_uhv3LhoiiPyctv_d4miJZT0qsOgtNHJqP00FuhufPLI9wGpBXq-DE5ns732wjMNAi57HOOPduksvi1EybdpwKx5ePFMJbWDUxUKa6poiGOsUxuJy_LtAmXc9X6RZpWeVdJOleXhT1M0UYPfeeuIjTAc5JclwMEd31TBfV-O3zYTH51r6FYaKr-oc3smYoD0NqAVN124ylWxF8UY-o31Z7eu9BOOcVbeBPSrJf9GtcHAdj218eOMfUEhxI1j79t6l-9NLR4TPqQdWrvpoQ-NtiH06thFfac4Yan-hxJrQZSNcpbYFctg7hMikwU27HnWndz4Xgwzgq-Y8Y7MaQhzy3JeAuWOBTKdVEkVRNS6FtBju188gCuwXNkmCmy_IpXf0dUMxsjwDU5kdyePO9NGW5XXsRWcE5wJ6wqJtJtiqChKbTwD27hxRcmq7AgKgCF5TPZp4i4cdtEWIgGo7Mtu1zjDXpZkMeLBpZZz_X_RcDPoIxwbF4FutteW8JtRjW-qIb_-WMTDVuL1_XCTOzwzLSnpZmxEVN9jBnzLy84abL87NE963j6ScVmvzqeM2jp5kXPRqkYsFPG2GXH0Q&pr=8%3A1931C67B02E439CE&cid=CAQSMgBygQiDh9ymFtVW5G6t2SojI-upFBAoeU-ZJrHMO_lSTmhgXAZSW4Fi3SLOcDQHbFdPGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=1720882970395660800&adk=3753878679&idt=160&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c225e4ccd3c913dae6294135a8ea50faa4124cb928bee49a2cd863aac5eca39f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37201
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F57 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1846534580662&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F57 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1846534580662&version=m202301230201&ct=76&x=8&cor=10256688904244488000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9F57 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1hg4qzjiZGEEfLs9Nqa9ogDkIlcygCoCQyPIKFyOie_cozbKWZwQlMnOsRoYMAjsozBHrLQ-aebo0m6NJcYQ2twYCcqdLFV-MqX-BF5AqtQvw085IEByJ7c7-huLaCEbn1nQ2E5p67ukQDGVMIXg5SjpsoD9G3l_UGPP9V38-4koe-0U&dbm_d=AKAmf-BOAHUO6Gjcdc_becOC1khVFkn3P0B-HDCf-aNygZ1f73JRBbXt9k3E3rMdekYyInqbGJKN4Mj40Pz5xEzZTBhVFAZF5-L0bquS0H4aqpGF2zWNfPRv4PePexRco9XjX8UkuXumVMB9secpuNFfkKEh-NMntqctofPOkhuYaBFh8-CfVNmEaO8GdZlVt-ti8XtsxfYnejfwdCHJwKib1wDJ53uwKP8lLk6qgUs0_i4_Kslv5Y8lMK1Z-ZaPSrL66m6bgLz5kgfXdQmjlll18qqh9bllNW8q7sXMO4DmQsUV-rbmoCImXWbNhsV2b_4mN2QGQXXp1PCeZ_nLa6VtsCQFnVQm3eXaarXLKEUGRQDxPxvV3AouMTh4k2rxRCWaygkER__0u8jL9PYYg9ybemK6qP5cC3njIt7q73BgCp9bnBlA4nvYtocjhg7btMQMV8zGDNVldQFyKjtSyt6jlJoUuMEKBJvNFFXovBt671Vyyg0pdTyrBpf2jDktzppJ9FO1uzisEMJLLMmzSQp-3lRoT7rMYcoYa05vlEBxRIWFxT-ul1QaQ3I_WnmdYaGC43AkiiRn3FynFjlnjAitWFKYzNJ_1aEf0eXBLjU2gJHnbcLC925JFmTcX7jE-PpMFDkIX86IP8ikUv56h_3i0Izn7x1lAI8Gy1_8xY5XYQLsccddZB1mPXXMDjIlcEx08WUTiEM7MGr8JPOjvy-PEiiZU5axbJhSr6CFBh9Ky2WyvsthmkNPFOcWjAeGCs-Zxuy9pkM7BqLYxe3Y1TmEfjBVUFHfEjxV-cvm7FWDEMB4Z1MxYrjriG5pIZZN4Yjbe03EETuqU19gQP4u2lwV5_x-YW5MzodFBShLlDnk9qXGCeVRabSQHaAYL3tTvyWUZioxJA4QGYRdoRU-TmzYAa_l8Fh2XHWGpQlOMIJ3du8jrbFWZbCAfZ4SXlqa6OPv0184wqKbfRM_fR7Nfbk9lGdjcmMlE0vO5NW1T-7O7HUzd7TM1z1zVoN9myvbnpdE33ZOz7t6n2JTEa6Y6c6ZpKRU7bW8WEPhwzEGkwU8yOc_rAFvYNZ1a8rBNK_0SZL_-ZiyElG9mf2cX6Jhjw9eegxkJP51cBo1iRq4ik_1YauHhsS0CdPI9iDoWdCXncadw2yJ3jO68XXz5qZWG22n-hZmdH_islVspS0MGWHZDNhlZyOzdZtEaa9bW5bnLPBGrwzfhnz6oekqk_Y0rehKlbd0ewB5NKctR7GYJFUKi7nz3LMrvi6O5gz2gIJ5fFjK41i82kWXOYpuDzrcsr2wegdEFsspKlovWrvyPeVYneCS_SNZj02xa_qQvAbnrAaFPMr-o3QYqK9sMUFWDWyy86bDB-bjjqyPSDtesmEJOnh_aJNuC6shaM9OuMW7iJDYYNX2N5x5MOcYL9A0Ly9I6Dx2JSn__i5Pov1OInJM186ACyqc8cOU6FfCzQzL4RYJ2G7qujo5Ck89kunPCDNs60-W6fGT0vh-5G2HfeoeGalvshvJgThami_0QvcA2bFGo9qHd96lQkuAZ43rtucFJJhqnVbYRt-_0vZ0MQYlOoeLSmhxVG8Sjg49JbUqoPNHloRux-qFjih5TO-sB0i8uNAb5FoSsHWfQRaIonHbJOzVFLKFv_dRCjUDs13deKenZdrNEhCwP9A44af8eu5bCCQIExyyfs6Yx4Yd2kruoqQZW8mOfOf6xx9d4Ca7dNqL6id3aJO4I-jvi52xvj1CoSZrsV6EsaVhAZhJ_9hJHKxqItNNZWPJzzm-w4wQ2_B8qdnVbWKGmzkum08ffFxzN1FINuuj_z_HdCxaqTIzYxndMy2wCYKmW_oG09Ob6K7Nj_mPCMc7wmUtH4kzHe1GKHotrSwaBQj0aC2iTi0W5MsZ-zmG9OproxdPzy1gwuqgL_kfH0Heyyj7jzA4JbdyERGmBmE0-rk0f0BfdLpmtG6htdqK_7IzbXnTv16WM5CKoOpBBCS8LPhiEnKMgRin2JLJbmTRLvbolQZUp2ec5jZxescvmtAufOO7-yixZbBe5R4m79NcvQ0_BiebMBBLJn4_ZLcjQKDOHVeOEzzM9KLa4OkYqB-pLvPEXFZ5durtnmp9COBIhEmN034OfSDC-WCSW9cRHWtmCqqERq0pqKfF7WL8TX-jC2vJugnq72uJL0Q_c62khv8OpxBHFeiMT9TsWD_O2GbiATL93cLOGKxYU3hso1JXGO_pjGbNjJ8dX9mwgPDcGcPB7nNch03eK9boU8liR_X5_1ar_FRsu0RvCDlcmzpPzhRRIbefY8LUM7UhQA71l6wve-MBlJCDtnti6VLdeh5BBA341_LstE-bGYGlQ8HoPr4wBn2cm1z_ADE9EGe30eCABXw6rfXj3ogSCSLHe87XerreB8nnxZ8AXohwKE7VOZ3BgLBwctm7QrFYpiT6t6FP2CPoUsIocz5w9zcTUOH4mwRJoE-YWAe0b-f8RLWZXpcNplgmpfEl4E7F1qUoxb_80FPsQSzWBLBmO_qshudfuRoWjRCWjGoHEZFZGcx-eVgn8bpYjGthX2_Fxnzs4WRe6Gg-2XkrnIjKiV6cZBtWam4Vpqcabx3d9vHCpaCjkhQU_3tlS4ywQ1PhSSgFmQiq_1_MsfptHjEJL2-ZiF3aV85TP87p8RHuYtpmxzQIq7eAT9AlNAT8ObRVfOcN6ZVW4s-JmdYsQCW_Zle4KvyBnCZD2peXZZ1GSkoszxMMvM-Fd-lf0j_hQXlIw9GTOrRKA4sfpjW_TGiRFnzeKoOuPjkqnkvVbg4REf-lEWWK301N8BozBcdwvz7eOGPvdNBXDDdpVSzH6M9D6Fg2iMjkipr3ZaTDajN-AX6qefiNdmH_AKz9zDWRKRJKO_uVZCujJ9Kx1IR7oqZw_TUE_-r09g3YGwe2CSdKQPQYorq_xhI-ntNqHycjjWoWJUbHr7ogmSDARZ5ECD4QuGYT2q_ata-srjyrh3niEiW6XDdrwo6pcv2Wgqfd2hYm7o9xuGZu9tM6POUSCE-bqXgMrvy_OZmRGVTg9G-Ql11st9lqcSjp4fD_-WbB9xKLyDJvSE1BF2nV-oxxKa4qVTecUkSxfOaO4Ti4HibEwYR7nuAVQ7t1_HP0fjsUHklEk0p4BN6_G0tAR3y0Yb6mxeRwt3tss2v21pV3RGZTLIu0RHmv3rvudMhPPQy8WL8VhXyrxsbCjnIVLT6CQdbyphukkI2vM7vbtCJh_WptQ-2xpgT9ygsmAWtOFIsoha2zLtcNmiQxKLBO4AACm_FR9jYCreqNxSEUz1S6Sc_9AXJQL-k&pr=8%3A2A3E876FBD0DCA8F&cid=CAQSMgBygQiDYnCMAkpHjdOLTG1HiBL6WuPBhy_pWh0rl47gRpot7g2YJblh6zWJ2fb_HdEjGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=10256688904244488000&adk=3181836810&idt=139&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d097640899d5463bb80ef510e59d68ccae6e71994991e6cccfdbb57b700b1545
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36433
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 32FE 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8640127889263&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 32FE 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8640127889263&version=m202301230201&ct=76&x=8&cor=13795935488843485000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 32FE 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AS1rUUMREpf-tpO-WBinEq9P56dAS3stKXWhKhQa8fTi2kz8X4LbCgeQgtUElY6KgxeANN5vjcRD2hb22jqIbyfgP0qMWoxNsVBugy3HsTdS7HcgdftJXNJGDxQCw3MNpPqgOQ7zHhaUcOqrC35ht8qaIbhnNmhVp3aMzvO-YcUR_jOcM&dbm_d=AKAmf-BMkpB6SiTJv85ZU64yINl1a3I7eL9GCEe84DmC6YqCoN1_gXVfbz1aGkY0qzf9DxIAPc5KkGZk5HakpO9FUf4_eSnV8gHaiyU2lrw7tliq8s6jqWFivaRZ_3CNP-2XWB0IF1dAlClh3rqxvsfH45Eq0cQug7GJc7lPYkZnB_5AnPSutjApTZ4VUMBKo8bEC0mD7qZH-3T-m1k73MQSJTyNM1BphXpPirp_PwEI6dH_QCM9-aswxDghzdlRh0nxsg8lYuNP0bhXAXzBaTPwsu-0XLkt75Jejh-68LvGxWx6Cpe5KlslbU31Q3Wff169hc_9uGtwTuAJ8wSPmrjO5lMeZeW1w4kn8ReAQuIPUne_mb1gZ8W8oot-3Av-xnnruG_6cEphe4f72PtBbN2ikeeJLwUGdcLLIpI2ogafDuvElQhaq6Zqu8bNURpopSPNva7LE6B03x2bpm6in9xPQT3B3ONLEq3Y3kl3jPp9iqsIDKXDZZZpt584NMo-FmKtOyDFQAgvIVlDsc6_-laPbpVxHThHNOdj0I5DG5Rf_f_aDUbiyh6MaAa-k-WTOWFVumC_7GjCuF4O5axqEmvzkjLKqOLoPpwH3dhjCcngsUeS3eURiE9Um7JggbDLeCB8euPWkf9o-XH0bE81LvAy9L1uUlDkW76NMjBrO_BI3_Xx9jbaFT3vW7My6iroqF-hG1eOlI2Rf8MnkkXkcizJ2RaiBHw3cW_6QjUaCCK0GVdhFidX9St0LogDsDhYNbIV5Vi41KRbIugg59jaRRsOAhOyrHwndIBGNJL_utoIfRjkzm6t7lJBW0GC_w_6G4E0n6dFv8VMZHNnBUiWgndg5OcNgY5jaIgOk6qsE-1OavIE-g1F9W52Rig1La5gSk-UFneopoX4hU1SVtKvQzBPLKuIxM2O3_7l8nj31Xt2vnkWQK7xyxPq8JrRDnY9VBwk6_8iW5lQskJx_rtByVeH2W2RZvWvuzzmtFRi17-H-gapta9eOuuWKw5krSWPsSN6B9L9_1g1E1PHXoS_2_A4s3nBtxCAWYkDcFQomQ2HHFI5sFD0DgpJ_52puvg2i5ZDFZtQr_V9vgMOJTEcjC5Z1lI1VLmL6WaCQzTWQH7zjPrbEIoznZ-86ycCFXDW_FsIEKurjk8wEIiQEY5LeZRKwwMEyuJnMtxIrDio7tAWZZSUOOUNjFQygJj2pl-NkVcLUSyEMpf_NiU5eNR8jlHoSQkgNjDH4uOp0QH6BffSw3DIcpK5ZZpbw9hIrhza41RdKs-yxRSsQ4gT_CmvQk9EUwTVmK5IPBS6AxoK1CCppu6LtbLcd_foFeP9nV_UzgXf-t1EzOpTYohekZeB196AIsJFNB8H_UEA1gAj-BPN5L6ycSSZuOoDp1w2vWg-ZyLWM7boivsrFYVYQ5G38XCwhCL3IvCN4SmvuPylQ6qHoOv-YhYuJm2veKbuL98ZNWS64byejeUavF-MDRnECl6803KkO1ot8z2HuleZgA2FbCPrqLAdUDivNWy2kYXMJ1QfoK9VuLnc3tfhbkrD7cOvRURJT-QdPYqH8GSHyLfkNJBIV1Yv8NBUJlCS86c209rmF9loRtmEG-8zMoWJ6Pxv7jjWnKxlV1xl-znJAAkS1ldbgpgailYYcff7TNmr8C6EL4Vp4_-qJ5TvFQE5N7G87N57Ki5VWBO-lWkD1bBBZJzIyGR-Azbt8-585CTRVmbhe-ZLnTg6GXM6y62FY4acLNZdRX6PM5KU-mJTvcUiIjKAeDa__2HCjF6dwqfDy0lkgd-LpX8fNXQXaZk5wM84LoTAjQQLBTFT9nGX67E0VRGvgyMO3EL0F6RlBZOSBOsT3VJ768rYKpEVdiT5SZN7gCDsrGmmc6bU0p8fGnhxVzuZc63QDT1-Md-qihRCUmHMxgE3m3aCRH4DVpHnFTr8rOLF0oIS93cEVEphVcyEn1DE38vp16B3LBq5_p0uAM-BNdcQ1Bs0wTH0O0geiVs99lQKS0IydQ8XipFwa4aQ24PtFO8_szGwWkhOFjfXAxXsk_xEVrgf6oBxYf-HE7vyCYAKlOcCvAX95oElVupm_qq9HSBdxD1s27rV-hgG63xiZcPHEJH-kwVJ6yT4vTJtgvaw1RhVXRahrbRIVe6ftV4y2ku1IvWrY-AZc4CvVoc3Z8H_SgwAfbYyP_GW0FV-BB5RTWYDXh4cxkv8eWSOn_Y6fA8gOIljfngQ5J-KSmHqSqmLOk7pr6LSs2Q8rEtkW2naFdLOJSoktyHkl2_2OGZKdAIhfpyWF5uwt8c_Jc25j-JX7eoemJpaBtV1NYjkPR15Ho9jVUhrp-VkIBDLROxlj__5Nr6ofUPZNO29St-TuS-3xgqkZz2Mu2Fc6TmRZ5SYYoOMZN5qaAXUTzOi7DJ2IJol-oNY_Jts-xe942qnEuTsPOMuQS29SkZ6HijfR2QCS4fuKkIxQDIr_AkHNQwFp0IpDDP_S17q0-2rLSRwCLg7t_oXAIJBHETnSJMJTq2jrzb_LZEB7rO07HuuLc-cLbAYbILjOuUBbxaOf56rkVf8QFkCIIn7AbEmLb8K-IcbFQ1bodL1t-4wkD4OQ5qXfC_VQo8w1swNj8-h_PwQ10Sj6svC2ybIL7584b6TQFUiGwkTTRH4cT_W-wlr86eBuC2sD_7dQ7c1ENFchpvCpL4cae_bqn8z-LmAIeh5iCLOBDhHlqKctqAepjDSizdc9EOZ6XcxpGWk-2FHhhrnXsx5YKpbdwMOI4MKqzGUus4Or24f6Yv0JTfhTrsvZcdBslOs_rINCQwhiZxzcLT-hfZQDwLYYbuxh88RDJ6XaNtXEePdIym6vBCUxD7txmgPpPhhV8wY1kyHyJeRP3bu_LdHeN5G1SHyCzNkIjJZ6ka0N1pBIm5NZ9MX7LQxlaYZsEPCK5OkxZMi8JgxcnS8oLBiyJLkFBnV7ZwHc5VIlFzCX80Pk7Wjco3LjJ1bXeq5MdiUv07Q2kpVuvTFHeeg3inobhI7YkmPsG56ru4YGPYivKzsta6Y5VhASWVfRkJGkOzhPqvoWq2qgYo7EN5ekFxytdmoRrgod_xljelJMnIjkOZCS-8j6cVi_-KbGPFdOO3LXpGxpVgBH1U4R9I6W_mjpuqjQ25OUBzMesHf2oGiNRR17tUvmk3oAiiTYuOt9SBUhBgJHD7xiep7CFXqvoL7nkm3McDB3YCbqTDHUq6RFq3L6Zkyd8jr2XdZJhSb-1FVGJvsBEDnULz6WQHgJPW09iarTLWqgaEaN2cBIKuhv1b01RQKqqdKcOj8BM90WFtrfjs&pr=8%3A13F69368AE07CA60&cid=CAQSMgBygQiD-NzwOohFuRsgKHdpIWItqXtETUTE73V989QRTxxVrvmWHZcdgUSEKgnXk6JzGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=13795935488843485000&adk=4214740833&idt=180&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c640c42b4a2a1496c51c7cb9b08d64690cd4bac5189186c9d8f90e5674e3e2f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36435
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7A95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttACkPC5QVXRsAgCH2LflRCCxgtx9mp5PWnqbrgK1HRretLcu1miPPFM9qX6qdm8omLtOeZZ7CTCyM9bR1ntAgruwfp5zs-94d_57DjHqRIucUzZANPRZzrC1YyG1nQ3UJqj5CE5kwtkZI-MnuLOx_boGYZeVluWWJSxiE-DzL7ihy0tOtvCdKFw62M90mEsHM0e3rCurSTkvFyu2XUYLWp0f5JEENO33XRhM1MA8KraFU6L6du8h3e8w5HycK8TCCkRcghaCcTcErMt_1ybnyEeKZ_XynGA-0Yd-I9QFvEKhMBKgV11qLycIhObVaTmw4WhZVeSGRyRZ4dT9tqAHBlbkT9wzdVEuANLahMQowwsJ6BNc&sai=AMfl-YStRCG20HtQPMrf_MpGJWQIhPpgTcw3Pvsthwr-V59xSD0wZKXfFmCC5tdTaykIqijkK3IkGFyRliorYToMI8DW85VJWYx_SawvikjZk5U&sig=Cg0ArKJSzKw7iMrogNCDEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 21:32:18 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7A95 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com&bust=31074511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c032f38ebd0c3e38bdd3cd1073b852daf7cd44ab29c38750ad66d6418636826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11266
x-xss-protection
0
5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame 5454 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1683927136214&userId=vnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 21:32:18 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
postback
s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/ Frame FE40 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/postback?to=3&pv=fcccac35-f187-44e5-b531-4f97a2630e94&si=&dm=728x90&pi=XRzobPsLhV&ac=Xmwo1n97Q8&pd=avt&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ti=&gt=DE&ci=948461&ui=&sr=GOOGLE_CONTENTNETWORK&de=2&md=1&dt=9484611597092707615000&ap=&sid=Af7PukAEEPNXAkGF&oz_sc=57d2d9c2eaed052b132640db&oz_df=1683927138192&oz_l=1225&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 21:32:18 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 3AA3 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 13:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27535
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 May 2023 13:53:23 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/ Frame 3AA3 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9LpIJWuAYK7gk8y4ONXw3zKrykC88LrZVE6bBHDMotGMiwON-Y8qVKH2xdsLjgu8iHMWsmYV-cbJM0kf0-ecM_OioRav8Hs8FScqijpGm6zpDfI6l12ebFMfdcpXWw1DNb7zZfRbLrvgKiYaug2mLFWFP_vuPRdORUA094WPShpto1Ro&dbm_d=AKAmf-Dqmci2DOhzLRH2YptCr_ACdLuF_1amp1MBVYzFXwXjDO8F1X2I0KlYVSAtudhSoszrLYx5ru-twMRTLW-Qjk-Sinr_VBGuUYl1_h0oWtLpCbHg0pZUSf8M4_Qp2l2PgpwFItKXLve-4f-kqejB3QniPqKCh1nWbp_Sx2d_PB6xZmpRZjFfzBD0n6KmurcM1AO9AGZwIC8b65OGiSRkowoicsz_RIgxspKscUfB4LQ6fhHewX3-Y5rIS2IFFoY175FLcEpGd-kitiOZKUF6-olJyCA938JlTp6KZ5l4jz69Sw_9KsmLoEhRa0uJu1o5Ic41_3wa6iObAuSB-WeDWqdxRdRuFnKmcz-jPZAnP1AT2uOLihr3Qnv0Ed8_1YQn4BKAxc_Qge2oRN58MT_fgIVYA8vSLIcWPKX1Mg_ibvMaZawZp8CPr6wnzmT2-OKPua6IO8yPNiJ45parwAYiiFyajkYjDY6WbNdK6vuXr5E08zNkSfTvuOV1vgzlssWTJxK67I9FC4nQLk2zbvx7hc2zH6JQ-y4J4q5nj4GAfbnrlBhdoAlfOCZWoTlATTkLGDeTKBwz2SmHJ9g9-1j-WccsAGxPH_x1MtlZvaTmY_L2Wme5wYJzgwMO92o-a_HcEWLqrmFass3VTLpeg0IyK4Rbh53dbVt_BQOhgZIm-PvZXmtKZ-5BZIWBQ-XvQYcYnCisO1W0hDGLxAhvsUw5KvqO9agA5zyUSVGD13Or1MSN_3TDV_mD8F0xIN4AxP2zhPxJ8mLYq7dzoAs5RT9k3Vjgl4MEbtU1NH2lSQsXm9Fbea__FDiq-1hwYzzDU7joQBSCsOAto-jocbh2YqEDmnLZTo5GHKgMfxbESmrotpKciHsuUyqyi5VeZk7do1uR6AU6JhzX9whQ-kw7sORovs3eFZDket6-vScelid45pONIBt9pgru8y_Z9HRAM5AWPAnyA0PD_IogyLA0PJo-DxCrHxElgFynoRg7fjEh012hLr805h1yVOVsETKUpobNE2fMiuto23EOo8dLqJCW-MoAVfXS5Lturss2Ht7983ou-9MBn9BKGsjbRYrh0dhR0bebxVO4MXR_tpxg0tiybp0gaDL56E12L_YEpchGVK0w0w3BPuuALLQ9nuFHPoie5a0bdZtxyXExTRHZPOYQZjPgxTWWiwiF3pPRgEp7DoqmjkNrPkO2uNMrm0jP170-gpEudg_5kz4iGS-zweMVl-54kwVGu4CNEmL_tQLEQhPaysf_LRE3eJ1K0YijXm5w-vi92wBzjsSFibGqX286TuV8XiAXXK2bc9tmrQq2iUt46NZdL4uPoH5CqMdfrU99PzFL8sP1QlkeW2w5b2GfM6_zLaqS2_xGjHFSNKZd-HcYi9kqjV_wC-63OD-C8ARZpU9H30cEwmcKBkDqLv76cwG0UMBxCnpi1yISSSZzahiZG5xFyFx6ybL-WSdlDGs8OuvY0Kp0O54Mx56GjSZmFIZ9fh_9PHQtfI_ZEj3JBbXKQsNh8iCgs2KZOMCthxJ_Lf6FTARdAzMpYpqyNQeABFI5joZA2l_LYS1O6cf-AagDWu-65dYIPzVxwZ5kt2ln3AgOxmoT_leqxl6ZYVR-JnMBpd8BzmF-1uaww8_7JuRnzOD8Lul3S63aK1wkLe4hoENdSkMgLiEEw8J_2vbCsfbrvIr376FoAnEPJua63t9qF5t_0xfmxDaCXrasOJM0o0Y81rE7U-Svlz1DiE12HrSTpi_vSFD-wRVvW_zInONVJ4pLO9qua6_i6eejwFS6h3SCwws0mPkZVjAKtBSYht4RFITcPEj8EaRp94sH0wkbp1D6SSTs7aNpN7_aIS8Um2lJpmOeV9yRNVXFiE8Pl6D-8pp0xoTKY6VFgjqID87k8HAS26A4_xN9oIq8morCYxBlIChUMRq6gJmq4yektvYlnvHxPB0zZBF8p0o8tOmZU96NwlxOqRA9Ft956p3PrIh4LtP_Kh0uim0PVWCm1umElVQj7Mrnsdr5sso5XRHCGar8uRhxuSWAX7siDO7XlTQziZ41bwrAOnkD1sJqcuu1Lv1e4seunVUuTSsR8tvD2A3NFPlMcyNIfNt2Gp3zdwrBK1NpBIE7ErQncmrmfUIYBGXyZ3AnjlVbZKzWVmH8BV035UyLhf611ZnaCWwaaK6E9aCBh6BtV25amQ9W5hApi3uStJxUOZSGNg8uE76i5-jLTesWRkF7aVsnTEMxlRPp8J37Joixxo1XcEzVGJ2-akmjuTK8mxxYVhrO1y0fuHMDl4MzieCKPZYQcz8m-rnFqEVNjE1SHTJ9BLBqsk4k_nmpDVTgF5jWyJTcrXJ5ATdRjLZ_D3Ei1WvSgFssJZT5BLNuTPB7xkxQvrI_2t8EZlOwqXM3ZHuQ0cswqa5vVUjw4vF8eLoNs1KU7c0H2d18PxnDrIxdrnszffuPUus9tHstYRxW9DkFueIxCvPiB-RCney9UecH0805j2QSbGKvIcnJdGDR0D2anPW11w8j5NaplIJi7nYRJi_uJbNyAoYJJPGb9urE37y0j9VB4glTek8dPWTIXZAgkVVrxvU67enbPLf4cw99M4QwZvrNXA3tlGKahSAjfSuRjUriJ_RJv1xMdGuY9L4dGQdRwgQy9Xpv3TP2AT3lyaZBNKXy7pU4O1Haub1Utr3qNIe1vqp9pRMV0E96Jiuz3QcZ22dLX0uwtcsV3qsaF1LFjU2Ld9pwrL35VctvI1lSKuKqG1YwUTn5kAOck00aprbTUv81y0FbQoJxiV-pkpb7D4Bqo6EiIkFUj91FrzlUcClmK0PDi7YF18Jmj097FyNb2A9tOssRZ5YJOJ1TgQOY9v4kBfisnkeLrj5Ty07b5xe9tfCk-Or87Hg0IO2UwLnpokfDB07k09icv_g8_eTIY2B0SgMRgnXuKIm_EWHLdTRnmzYErm9qMFAVo4ge6hZW3gpbjk4XbqZNWKwYIHf5J7fJw-NzeAu9xUiXDIdprVMyaiVKKreIKV6uttD9jEFddv77tXt17p4ivsW_TtEyaHMk5ZjOyCOb2_r8E0MeEOysyrJCdFB6_9tSVFOz7mULRy8HEP9ZoiPvsfiJqjIlM35amDTIpHTtzgEtow7rrZ4pqIueU-suUHuv9Kz1jp7SJmZwxf8tO4dD6DAYMS3fnkl6wgBM-7RMzpJE63Am6MyATWR1Oke_tfv3QWFJ3FzCOOU1tJ6AjBWM5w12rCiYp_sxrDhKsZm2uhVd_eZkHqRqRhE5jmZcd6tlJ8JT_vQzsS2HR0L9ybazTMZXPk271fTuz5Y7kSk&pr=8%3A2A3E876FBD0DCA8F&cid=CAQSMgBygQiDNv0fn6thh3dVCA90lLGK3IXmv2JBaQvWTgG9aYBHoRh8RAoJ57Nruv2ikOdMGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=9347737207684751000&adk=2943776909&idt=86&cac=0&dtd=51
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:07:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
12291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:07:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 3AA3 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9LpIJWuAYK7gk8y4ONXw3zKrykC88LrZVE6bBHDMotGMiwON-Y8qVKH2xdsLjgu8iHMWsmYV-cbJM0kf0-ecM_OioRav8Hs8FScqijpGm6zpDfI6l12ebFMfdcpXWw1DNb7zZfRbLrvgKiYaug2mLFWFP_vuPRdORUA094WPShpto1Ro&dbm_d=AKAmf-Dqmci2DOhzLRH2YptCr_ACdLuF_1amp1MBVYzFXwXjDO8F1X2I0KlYVSAtudhSoszrLYx5ru-twMRTLW-Qjk-Sinr_VBGuUYl1_h0oWtLpCbHg0pZUSf8M4_Qp2l2PgpwFItKXLve-4f-kqejB3QniPqKCh1nWbp_Sx2d_PB6xZmpRZjFfzBD0n6KmurcM1AO9AGZwIC8b65OGiSRkowoicsz_RIgxspKscUfB4LQ6fhHewX3-Y5rIS2IFFoY175FLcEpGd-kitiOZKUF6-olJyCA938JlTp6KZ5l4jz69Sw_9KsmLoEhRa0uJu1o5Ic41_3wa6iObAuSB-WeDWqdxRdRuFnKmcz-jPZAnP1AT2uOLihr3Qnv0Ed8_1YQn4BKAxc_Qge2oRN58MT_fgIVYA8vSLIcWPKX1Mg_ibvMaZawZp8CPr6wnzmT2-OKPua6IO8yPNiJ45parwAYiiFyajkYjDY6WbNdK6vuXr5E08zNkSfTvuOV1vgzlssWTJxK67I9FC4nQLk2zbvx7hc2zH6JQ-y4J4q5nj4GAfbnrlBhdoAlfOCZWoTlATTkLGDeTKBwz2SmHJ9g9-1j-WccsAGxPH_x1MtlZvaTmY_L2Wme5wYJzgwMO92o-a_HcEWLqrmFass3VTLpeg0IyK4Rbh53dbVt_BQOhgZIm-PvZXmtKZ-5BZIWBQ-XvQYcYnCisO1W0hDGLxAhvsUw5KvqO9agA5zyUSVGD13Or1MSN_3TDV_mD8F0xIN4AxP2zhPxJ8mLYq7dzoAs5RT9k3Vjgl4MEbtU1NH2lSQsXm9Fbea__FDiq-1hwYzzDU7joQBSCsOAto-jocbh2YqEDmnLZTo5GHKgMfxbESmrotpKciHsuUyqyi5VeZk7do1uR6AU6JhzX9whQ-kw7sORovs3eFZDket6-vScelid45pONIBt9pgru8y_Z9HRAM5AWPAnyA0PD_IogyLA0PJo-DxCrHxElgFynoRg7fjEh012hLr805h1yVOVsETKUpobNE2fMiuto23EOo8dLqJCW-MoAVfXS5Lturss2Ht7983ou-9MBn9BKGsjbRYrh0dhR0bebxVO4MXR_tpxg0tiybp0gaDL56E12L_YEpchGVK0w0w3BPuuALLQ9nuFHPoie5a0bdZtxyXExTRHZPOYQZjPgxTWWiwiF3pPRgEp7DoqmjkNrPkO2uNMrm0jP170-gpEudg_5kz4iGS-zweMVl-54kwVGu4CNEmL_tQLEQhPaysf_LRE3eJ1K0YijXm5w-vi92wBzjsSFibGqX286TuV8XiAXXK2bc9tmrQq2iUt46NZdL4uPoH5CqMdfrU99PzFL8sP1QlkeW2w5b2GfM6_zLaqS2_xGjHFSNKZd-HcYi9kqjV_wC-63OD-C8ARZpU9H30cEwmcKBkDqLv76cwG0UMBxCnpi1yISSSZzahiZG5xFyFx6ybL-WSdlDGs8OuvY0Kp0O54Mx56GjSZmFIZ9fh_9PHQtfI_ZEj3JBbXKQsNh8iCgs2KZOMCthxJ_Lf6FTARdAzMpYpqyNQeABFI5joZA2l_LYS1O6cf-AagDWu-65dYIPzVxwZ5kt2ln3AgOxmoT_leqxl6ZYVR-JnMBpd8BzmF-1uaww8_7JuRnzOD8Lul3S63aK1wkLe4hoENdSkMgLiEEw8J_2vbCsfbrvIr376FoAnEPJua63t9qF5t_0xfmxDaCXrasOJM0o0Y81rE7U-Svlz1DiE12HrSTpi_vSFD-wRVvW_zInONVJ4pLO9qua6_i6eejwFS6h3SCwws0mPkZVjAKtBSYht4RFITcPEj8EaRp94sH0wkbp1D6SSTs7aNpN7_aIS8Um2lJpmOeV9yRNVXFiE8Pl6D-8pp0xoTKY6VFgjqID87k8HAS26A4_xN9oIq8morCYxBlIChUMRq6gJmq4yektvYlnvHxPB0zZBF8p0o8tOmZU96NwlxOqRA9Ft956p3PrIh4LtP_Kh0uim0PVWCm1umElVQj7Mrnsdr5sso5XRHCGar8uRhxuSWAX7siDO7XlTQziZ41bwrAOnkD1sJqcuu1Lv1e4seunVUuTSsR8tvD2A3NFPlMcyNIfNt2Gp3zdwrBK1NpBIE7ErQncmrmfUIYBGXyZ3AnjlVbZKzWVmH8BV035UyLhf611ZnaCWwaaK6E9aCBh6BtV25amQ9W5hApi3uStJxUOZSGNg8uE76i5-jLTesWRkF7aVsnTEMxlRPp8J37Joixxo1XcEzVGJ2-akmjuTK8mxxYVhrO1y0fuHMDl4MzieCKPZYQcz8m-rnFqEVNjE1SHTJ9BLBqsk4k_nmpDVTgF5jWyJTcrXJ5ATdRjLZ_D3Ei1WvSgFssJZT5BLNuTPB7xkxQvrI_2t8EZlOwqXM3ZHuQ0cswqa5vVUjw4vF8eLoNs1KU7c0H2d18PxnDrIxdrnszffuPUus9tHstYRxW9DkFueIxCvPiB-RCney9UecH0805j2QSbGKvIcnJdGDR0D2anPW11w8j5NaplIJi7nYRJi_uJbNyAoYJJPGb9urE37y0j9VB4glTek8dPWTIXZAgkVVrxvU67enbPLf4cw99M4QwZvrNXA3tlGKahSAjfSuRjUriJ_RJv1xMdGuY9L4dGQdRwgQy9Xpv3TP2AT3lyaZBNKXy7pU4O1Haub1Utr3qNIe1vqp9pRMV0E96Jiuz3QcZ22dLX0uwtcsV3qsaF1LFjU2Ld9pwrL35VctvI1lSKuKqG1YwUTn5kAOck00aprbTUv81y0FbQoJxiV-pkpb7D4Bqo6EiIkFUj91FrzlUcClmK0PDi7YF18Jmj097FyNb2A9tOssRZ5YJOJ1TgQOY9v4kBfisnkeLrj5Ty07b5xe9tfCk-Or87Hg0IO2UwLnpokfDB07k09icv_g8_eTIY2B0SgMRgnXuKIm_EWHLdTRnmzYErm9qMFAVo4ge6hZW3gpbjk4XbqZNWKwYIHf5J7fJw-NzeAu9xUiXDIdprVMyaiVKKreIKV6uttD9jEFddv77tXt17p4ivsW_TtEyaHMk5ZjOyCOb2_r8E0MeEOysyrJCdFB6_9tSVFOz7mULRy8HEP9ZoiPvsfiJqjIlM35amDTIpHTtzgEtow7rrZ4pqIueU-suUHuv9Kz1jp7SJmZwxf8tO4dD6DAYMS3fnkl6wgBM-7RMzpJE63Am6MyATWR1Oke_tfv3QWFJ3FzCOOU1tJ6AjBWM5w12rCiYp_sxrDhKsZm2uhVd_eZkHqRqRhE5jmZcd6tlJ8JT_vQzsS2HR0L9ybazTMZXPk271fTuz5Y7kSk&pr=8%3A2A3E876FBD0DCA8F&cid=CAQSMgBygQiDNv0fn6thh3dVCA90lLGK3IXmv2JBaQvWTgG9aYBHoRh8RAoJ57Nruv2ikOdMGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=9347737207684751000&adk=2943776909&idt=86&cac=0&dtd=51
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce7aa9a76e1ef06e22d13a5c8678b9b7440f5b1f854ecb62b447ad383927abb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:07:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
12291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10883
x-xss-protection
0
server
cafe
etag
6886435266232968791
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:07:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7A95 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com&bust=31074511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 May 2023 21:32:18 GMT
truncated
/ Frame AF91 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa72e70ff9c5d62ba812ca4b4b5de46d4afac0fe5582aa7ec197470db3a002b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame AF91 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2lLI549EPZJDIz_-0zJoDJgbKduCt2C260EUPt-_SXG2LLeYmMHoPUknc88973JooQJLGShIcw3dmh4F1Oiva0FyQG83ucE9GXplO_hqNzUa3wlhJ2IxuCcJgyBGC_KSX0HGNAteujafVBHkQh6zDZBlqSe9Pjg72pvRA-f1MMXMcg_x6CloVCuLKXAa54EOBpPaKTncqFNsTSfH0bxls7WRi4xLzLg0xaHbguZtdcOVXHKV4PYHnj-fSCZK8PHVm-r7WaheL5Bh8P3hCA-fE5aFGTRBLwBOYh2ouqEi3y6i6xLcjRs-Y2AiO3NyBF_A0UJhGUSYZfYg6rJNES2JcOCASrynjpJb7k4FpGB0&sai=AMfl-YRKN8IPBpCf6e__KDL3aG9j-v6N1N0ft5jGl653b3Vu8V8hH5-FxtheITzZaHb9zCBEYJB07z5S0WxR9Z3ASrDdzemKbrE9bIrIAnjwRqmMva9a1PYZrAD_NOXaBg&sig=Cg0ArKJSzBeg1z21Bi1bEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 21:32:18 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1B96 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
726
x-guploader-uploadid
ADPycdu_bETbAO3L7E3ZwmLe8QxiVBASGCjfRAxwlm_tkXJYko3jNEaJxZb3LISJ1TPqVw-ds5Su5eyQQRqdQCYhbG3a5A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5udhb2IF7%2FnoIvJja8er6YD%2BuDmQMXN8AOIRH3OOvwW7FJNmSgWhc52GLhRNMZMQ4Ruge%2B3TzNVEuOmvp2A0qE5%2FXzmUC5ma2boqMAL9sb7rUgKvaXOoXAQdQMF6eEy5z%2Fg1tDSpVKVkRPMB9C%2FiMPPE"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7c65c6073bc23738-FRA
expires
Fri, 12 May 2023 21:28:41 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.228/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame AF91 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.228/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
last-modified
Tue, 18 Apr 2023 08:19:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 19 Apr 2023 13:55:16 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 5454 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 13 May 2023 21:32:18 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 9F57 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 13:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27535
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 May 2023 13:53:23 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/ Frame 9F57 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1hg4qzjiZGEEfLs9Nqa9ogDkIlcygCoCQyPIKFyOie_cozbKWZwQlMnOsRoYMAjsozBHrLQ-aebo0m6NJcYQ2twYCcqdLFV-MqX-BF5AqtQvw085IEByJ7c7-huLaCEbn1nQ2E5p67ukQDGVMIXg5SjpsoD9G3l_UGPP9V38-4koe-0U&dbm_d=AKAmf-BOAHUO6Gjcdc_becOC1khVFkn3P0B-HDCf-aNygZ1f73JRBbXt9k3E3rMdekYyInqbGJKN4Mj40Pz5xEzZTBhVFAZF5-L0bquS0H4aqpGF2zWNfPRv4PePexRco9XjX8UkuXumVMB9secpuNFfkKEh-NMntqctofPOkhuYaBFh8-CfVNmEaO8GdZlVt-ti8XtsxfYnejfwdCHJwKib1wDJ53uwKP8lLk6qgUs0_i4_Kslv5Y8lMK1Z-ZaPSrL66m6bgLz5kgfXdQmjlll18qqh9bllNW8q7sXMO4DmQsUV-rbmoCImXWbNhsV2b_4mN2QGQXXp1PCeZ_nLa6VtsCQFnVQm3eXaarXLKEUGRQDxPxvV3AouMTh4k2rxRCWaygkER__0u8jL9PYYg9ybemK6qP5cC3njIt7q73BgCp9bnBlA4nvYtocjhg7btMQMV8zGDNVldQFyKjtSyt6jlJoUuMEKBJvNFFXovBt671Vyyg0pdTyrBpf2jDktzppJ9FO1uzisEMJLLMmzSQp-3lRoT7rMYcoYa05vlEBxRIWFxT-ul1QaQ3I_WnmdYaGC43AkiiRn3FynFjlnjAitWFKYzNJ_1aEf0eXBLjU2gJHnbcLC925JFmTcX7jE-PpMFDkIX86IP8ikUv56h_3i0Izn7x1lAI8Gy1_8xY5XYQLsccddZB1mPXXMDjIlcEx08WUTiEM7MGr8JPOjvy-PEiiZU5axbJhSr6CFBh9Ky2WyvsthmkNPFOcWjAeGCs-Zxuy9pkM7BqLYxe3Y1TmEfjBVUFHfEjxV-cvm7FWDEMB4Z1MxYrjriG5pIZZN4Yjbe03EETuqU19gQP4u2lwV5_x-YW5MzodFBShLlDnk9qXGCeVRabSQHaAYL3tTvyWUZioxJA4QGYRdoRU-TmzYAa_l8Fh2XHWGpQlOMIJ3du8jrbFWZbCAfZ4SXlqa6OPv0184wqKbfRM_fR7Nfbk9lGdjcmMlE0vO5NW1T-7O7HUzd7TM1z1zVoN9myvbnpdE33ZOz7t6n2JTEa6Y6c6ZpKRU7bW8WEPhwzEGkwU8yOc_rAFvYNZ1a8rBNK_0SZL_-ZiyElG9mf2cX6Jhjw9eegxkJP51cBo1iRq4ik_1YauHhsS0CdPI9iDoWdCXncadw2yJ3jO68XXz5qZWG22n-hZmdH_islVspS0MGWHZDNhlZyOzdZtEaa9bW5bnLPBGrwzfhnz6oekqk_Y0rehKlbd0ewB5NKctR7GYJFUKi7nz3LMrvi6O5gz2gIJ5fFjK41i82kWXOYpuDzrcsr2wegdEFsspKlovWrvyPeVYneCS_SNZj02xa_qQvAbnrAaFPMr-o3QYqK9sMUFWDWyy86bDB-bjjqyPSDtesmEJOnh_aJNuC6shaM9OuMW7iJDYYNX2N5x5MOcYL9A0Ly9I6Dx2JSn__i5Pov1OInJM186ACyqc8cOU6FfCzQzL4RYJ2G7qujo5Ck89kunPCDNs60-W6fGT0vh-5G2HfeoeGalvshvJgThami_0QvcA2bFGo9qHd96lQkuAZ43rtucFJJhqnVbYRt-_0vZ0MQYlOoeLSmhxVG8Sjg49JbUqoPNHloRux-qFjih5TO-sB0i8uNAb5FoSsHWfQRaIonHbJOzVFLKFv_dRCjUDs13deKenZdrNEhCwP9A44af8eu5bCCQIExyyfs6Yx4Yd2kruoqQZW8mOfOf6xx9d4Ca7dNqL6id3aJO4I-jvi52xvj1CoSZrsV6EsaVhAZhJ_9hJHKxqItNNZWPJzzm-w4wQ2_B8qdnVbWKGmzkum08ffFxzN1FINuuj_z_HdCxaqTIzYxndMy2wCYKmW_oG09Ob6K7Nj_mPCMc7wmUtH4kzHe1GKHotrSwaBQj0aC2iTi0W5MsZ-zmG9OproxdPzy1gwuqgL_kfH0Heyyj7jzA4JbdyERGmBmE0-rk0f0BfdLpmtG6htdqK_7IzbXnTv16WM5CKoOpBBCS8LPhiEnKMgRin2JLJbmTRLvbolQZUp2ec5jZxescvmtAufOO7-yixZbBe5R4m79NcvQ0_BiebMBBLJn4_ZLcjQKDOHVeOEzzM9KLa4OkYqB-pLvPEXFZ5durtnmp9COBIhEmN034OfSDC-WCSW9cRHWtmCqqERq0pqKfF7WL8TX-jC2vJugnq72uJL0Q_c62khv8OpxBHFeiMT9TsWD_O2GbiATL93cLOGKxYU3hso1JXGO_pjGbNjJ8dX9mwgPDcGcPB7nNch03eK9boU8liR_X5_1ar_FRsu0RvCDlcmzpPzhRRIbefY8LUM7UhQA71l6wve-MBlJCDtnti6VLdeh5BBA341_LstE-bGYGlQ8HoPr4wBn2cm1z_ADE9EGe30eCABXw6rfXj3ogSCSLHe87XerreB8nnxZ8AXohwKE7VOZ3BgLBwctm7QrFYpiT6t6FP2CPoUsIocz5w9zcTUOH4mwRJoE-YWAe0b-f8RLWZXpcNplgmpfEl4E7F1qUoxb_80FPsQSzWBLBmO_qshudfuRoWjRCWjGoHEZFZGcx-eVgn8bpYjGthX2_Fxnzs4WRe6Gg-2XkrnIjKiV6cZBtWam4Vpqcabx3d9vHCpaCjkhQU_3tlS4ywQ1PhSSgFmQiq_1_MsfptHjEJL2-ZiF3aV85TP87p8RHuYtpmxzQIq7eAT9AlNAT8ObRVfOcN6ZVW4s-JmdYsQCW_Zle4KvyBnCZD2peXZZ1GSkoszxMMvM-Fd-lf0j_hQXlIw9GTOrRKA4sfpjW_TGiRFnzeKoOuPjkqnkvVbg4REf-lEWWK301N8BozBcdwvz7eOGPvdNBXDDdpVSzH6M9D6Fg2iMjkipr3ZaTDajN-AX6qefiNdmH_AKz9zDWRKRJKO_uVZCujJ9Kx1IR7oqZw_TUE_-r09g3YGwe2CSdKQPQYorq_xhI-ntNqHycjjWoWJUbHr7ogmSDARZ5ECD4QuGYT2q_ata-srjyrh3niEiW6XDdrwo6pcv2Wgqfd2hYm7o9xuGZu9tM6POUSCE-bqXgMrvy_OZmRGVTg9G-Ql11st9lqcSjp4fD_-WbB9xKLyDJvSE1BF2nV-oxxKa4qVTecUkSxfOaO4Ti4HibEwYR7nuAVQ7t1_HP0fjsUHklEk0p4BN6_G0tAR3y0Yb6mxeRwt3tss2v21pV3RGZTLIu0RHmv3rvudMhPPQy8WL8VhXyrxsbCjnIVLT6CQdbyphukkI2vM7vbtCJh_WptQ-2xpgT9ygsmAWtOFIsoha2zLtcNmiQxKLBO4AACm_FR9jYCreqNxSEUz1S6Sc_9AXJQL-k&pr=8%3A2A3E876FBD0DCA8F&cid=CAQSMgBygQiDYnCMAkpHjdOLTG1HiBL6WuPBhy_pWh0rl47gRpot7g2YJblh6zWJ2fb_HdEjGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=10256688904244488000&adk=3181836810&idt=139&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:07:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
12291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:07:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 9F57 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1hg4qzjiZGEEfLs9Nqa9ogDkIlcygCoCQyPIKFyOie_cozbKWZwQlMnOsRoYMAjsozBHrLQ-aebo0m6NJcYQ2twYCcqdLFV-MqX-BF5AqtQvw085IEByJ7c7-huLaCEbn1nQ2E5p67ukQDGVMIXg5SjpsoD9G3l_UGPP9V38-4koe-0U&dbm_d=AKAmf-BOAHUO6Gjcdc_becOC1khVFkn3P0B-HDCf-aNygZ1f73JRBbXt9k3E3rMdekYyInqbGJKN4Mj40Pz5xEzZTBhVFAZF5-L0bquS0H4aqpGF2zWNfPRv4PePexRco9XjX8UkuXumVMB9secpuNFfkKEh-NMntqctofPOkhuYaBFh8-CfVNmEaO8GdZlVt-ti8XtsxfYnejfwdCHJwKib1wDJ53uwKP8lLk6qgUs0_i4_Kslv5Y8lMK1Z-ZaPSrL66m6bgLz5kgfXdQmjlll18qqh9bllNW8q7sXMO4DmQsUV-rbmoCImXWbNhsV2b_4mN2QGQXXp1PCeZ_nLa6VtsCQFnVQm3eXaarXLKEUGRQDxPxvV3AouMTh4k2rxRCWaygkER__0u8jL9PYYg9ybemK6qP5cC3njIt7q73BgCp9bnBlA4nvYtocjhg7btMQMV8zGDNVldQFyKjtSyt6jlJoUuMEKBJvNFFXovBt671Vyyg0pdTyrBpf2jDktzppJ9FO1uzisEMJLLMmzSQp-3lRoT7rMYcoYa05vlEBxRIWFxT-ul1QaQ3I_WnmdYaGC43AkiiRn3FynFjlnjAitWFKYzNJ_1aEf0eXBLjU2gJHnbcLC925JFmTcX7jE-PpMFDkIX86IP8ikUv56h_3i0Izn7x1lAI8Gy1_8xY5XYQLsccddZB1mPXXMDjIlcEx08WUTiEM7MGr8JPOjvy-PEiiZU5axbJhSr6CFBh9Ky2WyvsthmkNPFOcWjAeGCs-Zxuy9pkM7BqLYxe3Y1TmEfjBVUFHfEjxV-cvm7FWDEMB4Z1MxYrjriG5pIZZN4Yjbe03EETuqU19gQP4u2lwV5_x-YW5MzodFBShLlDnk9qXGCeVRabSQHaAYL3tTvyWUZioxJA4QGYRdoRU-TmzYAa_l8Fh2XHWGpQlOMIJ3du8jrbFWZbCAfZ4SXlqa6OPv0184wqKbfRM_fR7Nfbk9lGdjcmMlE0vO5NW1T-7O7HUzd7TM1z1zVoN9myvbnpdE33ZOz7t6n2JTEa6Y6c6ZpKRU7bW8WEPhwzEGkwU8yOc_rAFvYNZ1a8rBNK_0SZL_-ZiyElG9mf2cX6Jhjw9eegxkJP51cBo1iRq4ik_1YauHhsS0CdPI9iDoWdCXncadw2yJ3jO68XXz5qZWG22n-hZmdH_islVspS0MGWHZDNhlZyOzdZtEaa9bW5bnLPBGrwzfhnz6oekqk_Y0rehKlbd0ewB5NKctR7GYJFUKi7nz3LMrvi6O5gz2gIJ5fFjK41i82kWXOYpuDzrcsr2wegdEFsspKlovWrvyPeVYneCS_SNZj02xa_qQvAbnrAaFPMr-o3QYqK9sMUFWDWyy86bDB-bjjqyPSDtesmEJOnh_aJNuC6shaM9OuMW7iJDYYNX2N5x5MOcYL9A0Ly9I6Dx2JSn__i5Pov1OInJM186ACyqc8cOU6FfCzQzL4RYJ2G7qujo5Ck89kunPCDNs60-W6fGT0vh-5G2HfeoeGalvshvJgThami_0QvcA2bFGo9qHd96lQkuAZ43rtucFJJhqnVbYRt-_0vZ0MQYlOoeLSmhxVG8Sjg49JbUqoPNHloRux-qFjih5TO-sB0i8uNAb5FoSsHWfQRaIonHbJOzVFLKFv_dRCjUDs13deKenZdrNEhCwP9A44af8eu5bCCQIExyyfs6Yx4Yd2kruoqQZW8mOfOf6xx9d4Ca7dNqL6id3aJO4I-jvi52xvj1CoSZrsV6EsaVhAZhJ_9hJHKxqItNNZWPJzzm-w4wQ2_B8qdnVbWKGmzkum08ffFxzN1FINuuj_z_HdCxaqTIzYxndMy2wCYKmW_oG09Ob6K7Nj_mPCMc7wmUtH4kzHe1GKHotrSwaBQj0aC2iTi0W5MsZ-zmG9OproxdPzy1gwuqgL_kfH0Heyyj7jzA4JbdyERGmBmE0-rk0f0BfdLpmtG6htdqK_7IzbXnTv16WM5CKoOpBBCS8LPhiEnKMgRin2JLJbmTRLvbolQZUp2ec5jZxescvmtAufOO7-yixZbBe5R4m79NcvQ0_BiebMBBLJn4_ZLcjQKDOHVeOEzzM9KLa4OkYqB-pLvPEXFZ5durtnmp9COBIhEmN034OfSDC-WCSW9cRHWtmCqqERq0pqKfF7WL8TX-jC2vJugnq72uJL0Q_c62khv8OpxBHFeiMT9TsWD_O2GbiATL93cLOGKxYU3hso1JXGO_pjGbNjJ8dX9mwgPDcGcPB7nNch03eK9boU8liR_X5_1ar_FRsu0RvCDlcmzpPzhRRIbefY8LUM7UhQA71l6wve-MBlJCDtnti6VLdeh5BBA341_LstE-bGYGlQ8HoPr4wBn2cm1z_ADE9EGe30eCABXw6rfXj3ogSCSLHe87XerreB8nnxZ8AXohwKE7VOZ3BgLBwctm7QrFYpiT6t6FP2CPoUsIocz5w9zcTUOH4mwRJoE-YWAe0b-f8RLWZXpcNplgmpfEl4E7F1qUoxb_80FPsQSzWBLBmO_qshudfuRoWjRCWjGoHEZFZGcx-eVgn8bpYjGthX2_Fxnzs4WRe6Gg-2XkrnIjKiV6cZBtWam4Vpqcabx3d9vHCpaCjkhQU_3tlS4ywQ1PhSSgFmQiq_1_MsfptHjEJL2-ZiF3aV85TP87p8RHuYtpmxzQIq7eAT9AlNAT8ObRVfOcN6ZVW4s-JmdYsQCW_Zle4KvyBnCZD2peXZZ1GSkoszxMMvM-Fd-lf0j_hQXlIw9GTOrRKA4sfpjW_TGiRFnzeKoOuPjkqnkvVbg4REf-lEWWK301N8BozBcdwvz7eOGPvdNBXDDdpVSzH6M9D6Fg2iMjkipr3ZaTDajN-AX6qefiNdmH_AKz9zDWRKRJKO_uVZCujJ9Kx1IR7oqZw_TUE_-r09g3YGwe2CSdKQPQYorq_xhI-ntNqHycjjWoWJUbHr7ogmSDARZ5ECD4QuGYT2q_ata-srjyrh3niEiW6XDdrwo6pcv2Wgqfd2hYm7o9xuGZu9tM6POUSCE-bqXgMrvy_OZmRGVTg9G-Ql11st9lqcSjp4fD_-WbB9xKLyDJvSE1BF2nV-oxxKa4qVTecUkSxfOaO4Ti4HibEwYR7nuAVQ7t1_HP0fjsUHklEk0p4BN6_G0tAR3y0Yb6mxeRwt3tss2v21pV3RGZTLIu0RHmv3rvudMhPPQy8WL8VhXyrxsbCjnIVLT6CQdbyphukkI2vM7vbtCJh_WptQ-2xpgT9ygsmAWtOFIsoha2zLtcNmiQxKLBO4AACm_FR9jYCreqNxSEUz1S6Sc_9AXJQL-k&pr=8%3A2A3E876FBD0DCA8F&cid=CAQSMgBygQiDYnCMAkpHjdOLTG1HiBL6WuPBhy_pWh0rl47gRpot7g2YJblh6zWJ2fb_HdEjGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=10256688904244488000&adk=3181836810&idt=139&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce7aa9a76e1ef06e22d13a5c8678b9b7440f5b1f854ecb62b447ad383927abb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:07:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
12291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10883
x-xss-protection
0
server
cafe
etag
6886435266232968791
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:07:27 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame DB4E 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 13:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27535
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 May 2023 13:53:23 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/ Frame DB4E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWpHIBC9ldAPQT1VF7Qqa8GnxGtl8mn_vjj1XQSU7VDwVw2QWIWddoB4FFk2AB8ixHltZqfV_i9KVvr0QFuisDJXLAGaUNc3grE6d8Jin_D3TQtP0K-RPxUE58GAXUK2teQZweW1aUzKQCJPr0lpAzol7poorD3bwBoDiv1CpGt0oGdAI&dbm_d=AKAmf-B62VDDrdO1SxukubQjGA9isTLSUDk1xUmZO2KopIUMcpuIFzooyofCXpYr5Wa6hZZShEeUxokd5LhHmGPSVJ9p_nvxNCHeZRu21rsxgix2FxCjnnpyBypcvzQqIaBFnXtXk-6gZiTTnKH3mNA7m6MaTYnGssU1IO0YhiLX-_cckJHaVOZ-aXVgEZ00y6z5QxDW6j4xJvqXmKu80xNEOGuv4VnjvWEHwStKP5ay4bxUAiuvjZaXtiMqbWXyjL44PsahY5xNA7ml80A6VlXUjZKBtzqirIglxz4g9sL-lJ1-aATCe4D3SQZRcB8Jl6ReKVI-rIE_SS2OvT_6r1RRW0RGXDGkCBKQUFBH2eMYeBbW6HjegM_iwmPxKx_wAYewqj03xnaXKqnwz0Twk1wCeVSSy1Uep8-1f2w-kQJRrv3LN74VHbz4iKWNUpHeMYE6E8jJKc_kWwfygWTz4p9rbKOzDNXl37z6dml9DXN4YDPWXtxhpTmJoGuBhy8aMrEiroGF4pjXCvyYsILz1nowNBmtT29upv8XKbXHb69OhOxI_K8mcuNMViig0SgJ0K0vjJ4R_CV85Vj0X4FyQuz5HjMUAPBceCPvUsbTVMpyhRZQt1hO_0PlR7NdnD9IQHpqAojX4hXltnO047C3cbF5EwngdivlbPOdjdlYivzF3GlPNjuZDCrdeeqspwQMQMnMjj49X5UHWZawEaSsTUwXZVAmRYFHUUKtl1VU8P0WlVDit1UrR9Rdd5Gn6J2qTJihEPrpvE-qXllmahzOyA51uYG5N1My-Q0lUaWClISW9vO9zJSQGozyAQ8xPVhngHInYTIeu4eiOjeG1YUNzvkMzpXxXjq2OcYavehgQd8iUaeWu7oH7FMz3jglWu7jNxBzZ-csZ9q_8SJNQetOj2DrO7PjlOoDghVLMTBZhJR9jNKzpMk6H-MKSMzuLYZFtUMeOIg95lbJf4OJqxjaRqoLs2Q5RNrfwQuQaFsel5owMDN-yn0xiqq781zWyavc45jUhAVF-yT4gS1x4yOzDs9q0p3pJrXCVEbaRQHHP-QD7hvC5g7qhg1hrHvN8XfPWaYlpfto45d_v2OXPqJV2XKOobd_7q0ED9kkgY2blV1PbU4LPGL5P-VrxcYRqtO53iTJb0HfolK_OKtPdVKkHqb50_Laq3bsxJXqJdaib7Y0-ITrDJuiFZQ4C41pdp9b3dNmm8KS2bSX5-hJ-_wQE5yUc96I5GmyA9k3MDMwvJg1OTwXQHe_9QeDYvsrH7Ijm-lc-rHj4FM1K5EYTQLfECMe55G_Cr0GM6gZQFPxMMVes4XOdO6gRR8zodlXqdztbQtVoPXtj9JkT-3YjoxPDmuSTufzT9DBGwmSHncboiGcfhrNDvKoJQswNOHCkMbqsj38iZkLyJOQZyTuXukWP-uL_TaiP9vCrtkkuxfVa-id_sWXjVJoFZNth1eO7EwxvR2x3gGj_DkLGt9JfHN6KgSO3dlmGT-ENQVxF-9rGI9_IqyCKdhPN1rRKovbPROY4F3FkXmyET3FfpGHTXm_6yguQ8d9TRHiCxG0jq6ADSaukofkBzHGE8XQJchVTMkx6gT7X1ZdVQ0EPd1nxSx0i1veiA6Lwpfo_pL68saCr6oVOejynNhS0voFr8JVr2duEOY2b7JgHIOl2i-7iWGI_oqNOLRQHc7Dx31aBKSJZ5yLmq95IZ1X4tr8QGQE0kVZANJhCreKw2H4Z09neMZoRIh50tqV3uV1AUce5eck2Eg8aFg9kebjMorE0JrlLEsel7GLj0IsXa5ApsXH9nW4VtMcmfBxsOxY36aumPHpDePnmpKMyT2w2Hd9RQW_mzI7Q4HLjtcEeLTqSV7O0i2m0HXuWkzGu1DwmTss3spCFruGeYTJHBYLlEiPZHTsQirUVWPQZY96cXNNuZytnvkGgME1vsyqpCYbSXx9CIuGAY3BGp18DaljCYowd3rf0BKkizyW_tr5D0C6L9duJ9RIA59CT29fzz3-858ugFNTA0cnOldBttam1tdQkrJmCDeQUTnlcMxTK-bAhlzrLnC-JncHHseSZ-3ah2hUKzcFG6B1D6apBBQ6PvZZ8WNM5pcVXn88WNvHjFJfpblQBl6F3brDrXTP21c3P7hcvkpD8DjG9ECThrQlyQaP50Qpw3f0btcz6Mnkd7l520iyJew_h0k_Zg0AfU90z3ZQUfzit-Ow4mefNKXSp48ZOaAyjV7EdsGcKST4iPdb-dAD62WieAJ43Qq4hlW2tdTFTWgvcMHIAFgwjcF5r8olIvQEH8KCn93s9IyFo0jkHAUg7jx5SyB_q6M1aqp3ivSeDtixzr5_UOiD1cHSTMyJn-8HBM4_CoSFkD_rtCvprzJ8Gyqutcz-sqK3TGQ7_TtY8iZJqgQDZhwPM1UrlsGIpc-TOM4SkIuvQ8Z5WFVpSMWzO2RwPQl6ABMQ7TqSzbi0asD0HJFR_vluMmMoEwD-iIBPvuRWAS0_4Lh4AlgbW5SJlqBuVzwNjiz14myU9zN84s2ahitWXEHPNAKkM63tOXBG-qh1AbmNnaJRrOCCb3noMZDmMfkg9kIKvWpfqWNyiFwwvoBl-bF_KVQvUMPfu6q57o7W-buSrBTShftm5saf-oGU0OdY6BblAT0Si5qzLWiUI4lpWz5Qcm7V3bxJJQnX7qEVb9NPtfuM4sdmYNBJ6_uhv3LhoiiPyctv_d4miJZT0qsOgtNHJqP00FuhufPLI9wGpBXq-DE5ns732wjMNAi57HOOPduksvi1EybdpwKx5ePFMJbWDUxUKa6poiGOsUxuJy_LtAmXc9X6RZpWeVdJOleXhT1M0UYPfeeuIjTAc5JclwMEd31TBfV-O3zYTH51r6FYaKr-oc3smYoD0NqAVN124ylWxF8UY-o31Z7eu9BOOcVbeBPSrJf9GtcHAdj218eOMfUEhxI1j79t6l-9NLR4TPqQdWrvpoQ-NtiH06thFfac4Yan-hxJrQZSNcpbYFctg7hMikwU27HnWndz4Xgwzgq-Y8Y7MaQhzy3JeAuWOBTKdVEkVRNS6FtBju188gCuwXNkmCmy_IpXf0dUMxsjwDU5kdyePO9NGW5XXsRWcE5wJ6wqJtJtiqChKbTwD27hxRcmq7AgKgCF5TPZp4i4cdtEWIgGo7Mtu1zjDXpZkMeLBpZZz_X_RcDPoIxwbF4FutteW8JtRjW-qIb_-WMTDVuL1_XCTOzwzLSnpZmxEVN9jBnzLy84abL87NE963j6ScVmvzqeM2jp5kXPRqkYsFPG2GXH0Q&pr=8%3A1931C67B02E439CE&cid=CAQSMgBygQiDh9ymFtVW5G6t2SojI-upFBAoeU-ZJrHMO_lSTmhgXAZSW4Fi3SLOcDQHbFdPGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=1720882970395660800&adk=3753878679&idt=160&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:07:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
12291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:07:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame DB4E 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWpHIBC9ldAPQT1VF7Qqa8GnxGtl8mn_vjj1XQSU7VDwVw2QWIWddoB4FFk2AB8ixHltZqfV_i9KVvr0QFuisDJXLAGaUNc3grE6d8Jin_D3TQtP0K-RPxUE58GAXUK2teQZweW1aUzKQCJPr0lpAzol7poorD3bwBoDiv1CpGt0oGdAI&dbm_d=AKAmf-B62VDDrdO1SxukubQjGA9isTLSUDk1xUmZO2KopIUMcpuIFzooyofCXpYr5Wa6hZZShEeUxokd5LhHmGPSVJ9p_nvxNCHeZRu21rsxgix2FxCjnnpyBypcvzQqIaBFnXtXk-6gZiTTnKH3mNA7m6MaTYnGssU1IO0YhiLX-_cckJHaVOZ-aXVgEZ00y6z5QxDW6j4xJvqXmKu80xNEOGuv4VnjvWEHwStKP5ay4bxUAiuvjZaXtiMqbWXyjL44PsahY5xNA7ml80A6VlXUjZKBtzqirIglxz4g9sL-lJ1-aATCe4D3SQZRcB8Jl6ReKVI-rIE_SS2OvT_6r1RRW0RGXDGkCBKQUFBH2eMYeBbW6HjegM_iwmPxKx_wAYewqj03xnaXKqnwz0Twk1wCeVSSy1Uep8-1f2w-kQJRrv3LN74VHbz4iKWNUpHeMYE6E8jJKc_kWwfygWTz4p9rbKOzDNXl37z6dml9DXN4YDPWXtxhpTmJoGuBhy8aMrEiroGF4pjXCvyYsILz1nowNBmtT29upv8XKbXHb69OhOxI_K8mcuNMViig0SgJ0K0vjJ4R_CV85Vj0X4FyQuz5HjMUAPBceCPvUsbTVMpyhRZQt1hO_0PlR7NdnD9IQHpqAojX4hXltnO047C3cbF5EwngdivlbPOdjdlYivzF3GlPNjuZDCrdeeqspwQMQMnMjj49X5UHWZawEaSsTUwXZVAmRYFHUUKtl1VU8P0WlVDit1UrR9Rdd5Gn6J2qTJihEPrpvE-qXllmahzOyA51uYG5N1My-Q0lUaWClISW9vO9zJSQGozyAQ8xPVhngHInYTIeu4eiOjeG1YUNzvkMzpXxXjq2OcYavehgQd8iUaeWu7oH7FMz3jglWu7jNxBzZ-csZ9q_8SJNQetOj2DrO7PjlOoDghVLMTBZhJR9jNKzpMk6H-MKSMzuLYZFtUMeOIg95lbJf4OJqxjaRqoLs2Q5RNrfwQuQaFsel5owMDN-yn0xiqq781zWyavc45jUhAVF-yT4gS1x4yOzDs9q0p3pJrXCVEbaRQHHP-QD7hvC5g7qhg1hrHvN8XfPWaYlpfto45d_v2OXPqJV2XKOobd_7q0ED9kkgY2blV1PbU4LPGL5P-VrxcYRqtO53iTJb0HfolK_OKtPdVKkHqb50_Laq3bsxJXqJdaib7Y0-ITrDJuiFZQ4C41pdp9b3dNmm8KS2bSX5-hJ-_wQE5yUc96I5GmyA9k3MDMwvJg1OTwXQHe_9QeDYvsrH7Ijm-lc-rHj4FM1K5EYTQLfECMe55G_Cr0GM6gZQFPxMMVes4XOdO6gRR8zodlXqdztbQtVoPXtj9JkT-3YjoxPDmuSTufzT9DBGwmSHncboiGcfhrNDvKoJQswNOHCkMbqsj38iZkLyJOQZyTuXukWP-uL_TaiP9vCrtkkuxfVa-id_sWXjVJoFZNth1eO7EwxvR2x3gGj_DkLGt9JfHN6KgSO3dlmGT-ENQVxF-9rGI9_IqyCKdhPN1rRKovbPROY4F3FkXmyET3FfpGHTXm_6yguQ8d9TRHiCxG0jq6ADSaukofkBzHGE8XQJchVTMkx6gT7X1ZdVQ0EPd1nxSx0i1veiA6Lwpfo_pL68saCr6oVOejynNhS0voFr8JVr2duEOY2b7JgHIOl2i-7iWGI_oqNOLRQHc7Dx31aBKSJZ5yLmq95IZ1X4tr8QGQE0kVZANJhCreKw2H4Z09neMZoRIh50tqV3uV1AUce5eck2Eg8aFg9kebjMorE0JrlLEsel7GLj0IsXa5ApsXH9nW4VtMcmfBxsOxY36aumPHpDePnmpKMyT2w2Hd9RQW_mzI7Q4HLjtcEeLTqSV7O0i2m0HXuWkzGu1DwmTss3spCFruGeYTJHBYLlEiPZHTsQirUVWPQZY96cXNNuZytnvkGgME1vsyqpCYbSXx9CIuGAY3BGp18DaljCYowd3rf0BKkizyW_tr5D0C6L9duJ9RIA59CT29fzz3-858ugFNTA0cnOldBttam1tdQkrJmCDeQUTnlcMxTK-bAhlzrLnC-JncHHseSZ-3ah2hUKzcFG6B1D6apBBQ6PvZZ8WNM5pcVXn88WNvHjFJfpblQBl6F3brDrXTP21c3P7hcvkpD8DjG9ECThrQlyQaP50Qpw3f0btcz6Mnkd7l520iyJew_h0k_Zg0AfU90z3ZQUfzit-Ow4mefNKXSp48ZOaAyjV7EdsGcKST4iPdb-dAD62WieAJ43Qq4hlW2tdTFTWgvcMHIAFgwjcF5r8olIvQEH8KCn93s9IyFo0jkHAUg7jx5SyB_q6M1aqp3ivSeDtixzr5_UOiD1cHSTMyJn-8HBM4_CoSFkD_rtCvprzJ8Gyqutcz-sqK3TGQ7_TtY8iZJqgQDZhwPM1UrlsGIpc-TOM4SkIuvQ8Z5WFVpSMWzO2RwPQl6ABMQ7TqSzbi0asD0HJFR_vluMmMoEwD-iIBPvuRWAS0_4Lh4AlgbW5SJlqBuVzwNjiz14myU9zN84s2ahitWXEHPNAKkM63tOXBG-qh1AbmNnaJRrOCCb3noMZDmMfkg9kIKvWpfqWNyiFwwvoBl-bF_KVQvUMPfu6q57o7W-buSrBTShftm5saf-oGU0OdY6BblAT0Si5qzLWiUI4lpWz5Qcm7V3bxJJQnX7qEVb9NPtfuM4sdmYNBJ6_uhv3LhoiiPyctv_d4miJZT0qsOgtNHJqP00FuhufPLI9wGpBXq-DE5ns732wjMNAi57HOOPduksvi1EybdpwKx5ePFMJbWDUxUKa6poiGOsUxuJy_LtAmXc9X6RZpWeVdJOleXhT1M0UYPfeeuIjTAc5JclwMEd31TBfV-O3zYTH51r6FYaKr-oc3smYoD0NqAVN124ylWxF8UY-o31Z7eu9BOOcVbeBPSrJf9GtcHAdj218eOMfUEhxI1j79t6l-9NLR4TPqQdWrvpoQ-NtiH06thFfac4Yan-hxJrQZSNcpbYFctg7hMikwU27HnWndz4Xgwzgq-Y8Y7MaQhzy3JeAuWOBTKdVEkVRNS6FtBju188gCuwXNkmCmy_IpXf0dUMxsjwDU5kdyePO9NGW5XXsRWcE5wJ6wqJtJtiqChKbTwD27hxRcmq7AgKgCF5TPZp4i4cdtEWIgGo7Mtu1zjDXpZkMeLBpZZz_X_RcDPoIxwbF4FutteW8JtRjW-qIb_-WMTDVuL1_XCTOzwzLSnpZmxEVN9jBnzLy84abL87NE963j6ScVmvzqeM2jp5kXPRqkYsFPG2GXH0Q&pr=8%3A1931C67B02E439CE&cid=CAQSMgBygQiDh9ymFtVW5G6t2SojI-upFBAoeU-ZJrHMO_lSTmhgXAZSW4Fi3SLOcDQHbFdPGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=1720882970395660800&adk=3753878679&idt=160&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce7aa9a76e1ef06e22d13a5c8678b9b7440f5b1f854ecb62b447ad383927abb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:07:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
12291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10883
x-xss-protection
0
server
cafe
etag
6886435266232968791
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:07:27 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 32FE 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 13:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27535
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 May 2023 13:53:23 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/ Frame 32FE 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AS1rUUMREpf-tpO-WBinEq9P56dAS3stKXWhKhQa8fTi2kz8X4LbCgeQgtUElY6KgxeANN5vjcRD2hb22jqIbyfgP0qMWoxNsVBugy3HsTdS7HcgdftJXNJGDxQCw3MNpPqgOQ7zHhaUcOqrC35ht8qaIbhnNmhVp3aMzvO-YcUR_jOcM&dbm_d=AKAmf-BMkpB6SiTJv85ZU64yINl1a3I7eL9GCEe84DmC6YqCoN1_gXVfbz1aGkY0qzf9DxIAPc5KkGZk5HakpO9FUf4_eSnV8gHaiyU2lrw7tliq8s6jqWFivaRZ_3CNP-2XWB0IF1dAlClh3rqxvsfH45Eq0cQug7GJc7lPYkZnB_5AnPSutjApTZ4VUMBKo8bEC0mD7qZH-3T-m1k73MQSJTyNM1BphXpPirp_PwEI6dH_QCM9-aswxDghzdlRh0nxsg8lYuNP0bhXAXzBaTPwsu-0XLkt75Jejh-68LvGxWx6Cpe5KlslbU31Q3Wff169hc_9uGtwTuAJ8wSPmrjO5lMeZeW1w4kn8ReAQuIPUne_mb1gZ8W8oot-3Av-xnnruG_6cEphe4f72PtBbN2ikeeJLwUGdcLLIpI2ogafDuvElQhaq6Zqu8bNURpopSPNva7LE6B03x2bpm6in9xPQT3B3ONLEq3Y3kl3jPp9iqsIDKXDZZZpt584NMo-FmKtOyDFQAgvIVlDsc6_-laPbpVxHThHNOdj0I5DG5Rf_f_aDUbiyh6MaAa-k-WTOWFVumC_7GjCuF4O5axqEmvzkjLKqOLoPpwH3dhjCcngsUeS3eURiE9Um7JggbDLeCB8euPWkf9o-XH0bE81LvAy9L1uUlDkW76NMjBrO_BI3_Xx9jbaFT3vW7My6iroqF-hG1eOlI2Rf8MnkkXkcizJ2RaiBHw3cW_6QjUaCCK0GVdhFidX9St0LogDsDhYNbIV5Vi41KRbIugg59jaRRsOAhOyrHwndIBGNJL_utoIfRjkzm6t7lJBW0GC_w_6G4E0n6dFv8VMZHNnBUiWgndg5OcNgY5jaIgOk6qsE-1OavIE-g1F9W52Rig1La5gSk-UFneopoX4hU1SVtKvQzBPLKuIxM2O3_7l8nj31Xt2vnkWQK7xyxPq8JrRDnY9VBwk6_8iW5lQskJx_rtByVeH2W2RZvWvuzzmtFRi17-H-gapta9eOuuWKw5krSWPsSN6B9L9_1g1E1PHXoS_2_A4s3nBtxCAWYkDcFQomQ2HHFI5sFD0DgpJ_52puvg2i5ZDFZtQr_V9vgMOJTEcjC5Z1lI1VLmL6WaCQzTWQH7zjPrbEIoznZ-86ycCFXDW_FsIEKurjk8wEIiQEY5LeZRKwwMEyuJnMtxIrDio7tAWZZSUOOUNjFQygJj2pl-NkVcLUSyEMpf_NiU5eNR8jlHoSQkgNjDH4uOp0QH6BffSw3DIcpK5ZZpbw9hIrhza41RdKs-yxRSsQ4gT_CmvQk9EUwTVmK5IPBS6AxoK1CCppu6LtbLcd_foFeP9nV_UzgXf-t1EzOpTYohekZeB196AIsJFNB8H_UEA1gAj-BPN5L6ycSSZuOoDp1w2vWg-ZyLWM7boivsrFYVYQ5G38XCwhCL3IvCN4SmvuPylQ6qHoOv-YhYuJm2veKbuL98ZNWS64byejeUavF-MDRnECl6803KkO1ot8z2HuleZgA2FbCPrqLAdUDivNWy2kYXMJ1QfoK9VuLnc3tfhbkrD7cOvRURJT-QdPYqH8GSHyLfkNJBIV1Yv8NBUJlCS86c209rmF9loRtmEG-8zMoWJ6Pxv7jjWnKxlV1xl-znJAAkS1ldbgpgailYYcff7TNmr8C6EL4Vp4_-qJ5TvFQE5N7G87N57Ki5VWBO-lWkD1bBBZJzIyGR-Azbt8-585CTRVmbhe-ZLnTg6GXM6y62FY4acLNZdRX6PM5KU-mJTvcUiIjKAeDa__2HCjF6dwqfDy0lkgd-LpX8fNXQXaZk5wM84LoTAjQQLBTFT9nGX67E0VRGvgyMO3EL0F6RlBZOSBOsT3VJ768rYKpEVdiT5SZN7gCDsrGmmc6bU0p8fGnhxVzuZc63QDT1-Md-qihRCUmHMxgE3m3aCRH4DVpHnFTr8rOLF0oIS93cEVEphVcyEn1DE38vp16B3LBq5_p0uAM-BNdcQ1Bs0wTH0O0geiVs99lQKS0IydQ8XipFwa4aQ24PtFO8_szGwWkhOFjfXAxXsk_xEVrgf6oBxYf-HE7vyCYAKlOcCvAX95oElVupm_qq9HSBdxD1s27rV-hgG63xiZcPHEJH-kwVJ6yT4vTJtgvaw1RhVXRahrbRIVe6ftV4y2ku1IvWrY-AZc4CvVoc3Z8H_SgwAfbYyP_GW0FV-BB5RTWYDXh4cxkv8eWSOn_Y6fA8gOIljfngQ5J-KSmHqSqmLOk7pr6LSs2Q8rEtkW2naFdLOJSoktyHkl2_2OGZKdAIhfpyWF5uwt8c_Jc25j-JX7eoemJpaBtV1NYjkPR15Ho9jVUhrp-VkIBDLROxlj__5Nr6ofUPZNO29St-TuS-3xgqkZz2Mu2Fc6TmRZ5SYYoOMZN5qaAXUTzOi7DJ2IJol-oNY_Jts-xe942qnEuTsPOMuQS29SkZ6HijfR2QCS4fuKkIxQDIr_AkHNQwFp0IpDDP_S17q0-2rLSRwCLg7t_oXAIJBHETnSJMJTq2jrzb_LZEB7rO07HuuLc-cLbAYbILjOuUBbxaOf56rkVf8QFkCIIn7AbEmLb8K-IcbFQ1bodL1t-4wkD4OQ5qXfC_VQo8w1swNj8-h_PwQ10Sj6svC2ybIL7584b6TQFUiGwkTTRH4cT_W-wlr86eBuC2sD_7dQ7c1ENFchpvCpL4cae_bqn8z-LmAIeh5iCLOBDhHlqKctqAepjDSizdc9EOZ6XcxpGWk-2FHhhrnXsx5YKpbdwMOI4MKqzGUus4Or24f6Yv0JTfhTrsvZcdBslOs_rINCQwhiZxzcLT-hfZQDwLYYbuxh88RDJ6XaNtXEePdIym6vBCUxD7txmgPpPhhV8wY1kyHyJeRP3bu_LdHeN5G1SHyCzNkIjJZ6ka0N1pBIm5NZ9MX7LQxlaYZsEPCK5OkxZMi8JgxcnS8oLBiyJLkFBnV7ZwHc5VIlFzCX80Pk7Wjco3LjJ1bXeq5MdiUv07Q2kpVuvTFHeeg3inobhI7YkmPsG56ru4YGPYivKzsta6Y5VhASWVfRkJGkOzhPqvoWq2qgYo7EN5ekFxytdmoRrgod_xljelJMnIjkOZCS-8j6cVi_-KbGPFdOO3LXpGxpVgBH1U4R9I6W_mjpuqjQ25OUBzMesHf2oGiNRR17tUvmk3oAiiTYuOt9SBUhBgJHD7xiep7CFXqvoL7nkm3McDB3YCbqTDHUq6RFq3L6Zkyd8jr2XdZJhSb-1FVGJvsBEDnULz6WQHgJPW09iarTLWqgaEaN2cBIKuhv1b01RQKqqdKcOj8BM90WFtrfjs&pr=8%3A13F69368AE07CA60&cid=CAQSMgBygQiD-NzwOohFuRsgKHdpIWItqXtETUTE73V989QRTxxVrvmWHZcdgUSEKgnXk6JzGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=13795935488843485000&adk=4214740833&idt=180&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:07:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
12291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:07:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 32FE 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AS1rUUMREpf-tpO-WBinEq9P56dAS3stKXWhKhQa8fTi2kz8X4LbCgeQgtUElY6KgxeANN5vjcRD2hb22jqIbyfgP0qMWoxNsVBugy3HsTdS7HcgdftJXNJGDxQCw3MNpPqgOQ7zHhaUcOqrC35ht8qaIbhnNmhVp3aMzvO-YcUR_jOcM&dbm_d=AKAmf-BMkpB6SiTJv85ZU64yINl1a3I7eL9GCEe84DmC6YqCoN1_gXVfbz1aGkY0qzf9DxIAPc5KkGZk5HakpO9FUf4_eSnV8gHaiyU2lrw7tliq8s6jqWFivaRZ_3CNP-2XWB0IF1dAlClh3rqxvsfH45Eq0cQug7GJc7lPYkZnB_5AnPSutjApTZ4VUMBKo8bEC0mD7qZH-3T-m1k73MQSJTyNM1BphXpPirp_PwEI6dH_QCM9-aswxDghzdlRh0nxsg8lYuNP0bhXAXzBaTPwsu-0XLkt75Jejh-68LvGxWx6Cpe5KlslbU31Q3Wff169hc_9uGtwTuAJ8wSPmrjO5lMeZeW1w4kn8ReAQuIPUne_mb1gZ8W8oot-3Av-xnnruG_6cEphe4f72PtBbN2ikeeJLwUGdcLLIpI2ogafDuvElQhaq6Zqu8bNURpopSPNva7LE6B03x2bpm6in9xPQT3B3ONLEq3Y3kl3jPp9iqsIDKXDZZZpt584NMo-FmKtOyDFQAgvIVlDsc6_-laPbpVxHThHNOdj0I5DG5Rf_f_aDUbiyh6MaAa-k-WTOWFVumC_7GjCuF4O5axqEmvzkjLKqOLoPpwH3dhjCcngsUeS3eURiE9Um7JggbDLeCB8euPWkf9o-XH0bE81LvAy9L1uUlDkW76NMjBrO_BI3_Xx9jbaFT3vW7My6iroqF-hG1eOlI2Rf8MnkkXkcizJ2RaiBHw3cW_6QjUaCCK0GVdhFidX9St0LogDsDhYNbIV5Vi41KRbIugg59jaRRsOAhOyrHwndIBGNJL_utoIfRjkzm6t7lJBW0GC_w_6G4E0n6dFv8VMZHNnBUiWgndg5OcNgY5jaIgOk6qsE-1OavIE-g1F9W52Rig1La5gSk-UFneopoX4hU1SVtKvQzBPLKuIxM2O3_7l8nj31Xt2vnkWQK7xyxPq8JrRDnY9VBwk6_8iW5lQskJx_rtByVeH2W2RZvWvuzzmtFRi17-H-gapta9eOuuWKw5krSWPsSN6B9L9_1g1E1PHXoS_2_A4s3nBtxCAWYkDcFQomQ2HHFI5sFD0DgpJ_52puvg2i5ZDFZtQr_V9vgMOJTEcjC5Z1lI1VLmL6WaCQzTWQH7zjPrbEIoznZ-86ycCFXDW_FsIEKurjk8wEIiQEY5LeZRKwwMEyuJnMtxIrDio7tAWZZSUOOUNjFQygJj2pl-NkVcLUSyEMpf_NiU5eNR8jlHoSQkgNjDH4uOp0QH6BffSw3DIcpK5ZZpbw9hIrhza41RdKs-yxRSsQ4gT_CmvQk9EUwTVmK5IPBS6AxoK1CCppu6LtbLcd_foFeP9nV_UzgXf-t1EzOpTYohekZeB196AIsJFNB8H_UEA1gAj-BPN5L6ycSSZuOoDp1w2vWg-ZyLWM7boivsrFYVYQ5G38XCwhCL3IvCN4SmvuPylQ6qHoOv-YhYuJm2veKbuL98ZNWS64byejeUavF-MDRnECl6803KkO1ot8z2HuleZgA2FbCPrqLAdUDivNWy2kYXMJ1QfoK9VuLnc3tfhbkrD7cOvRURJT-QdPYqH8GSHyLfkNJBIV1Yv8NBUJlCS86c209rmF9loRtmEG-8zMoWJ6Pxv7jjWnKxlV1xl-znJAAkS1ldbgpgailYYcff7TNmr8C6EL4Vp4_-qJ5TvFQE5N7G87N57Ki5VWBO-lWkD1bBBZJzIyGR-Azbt8-585CTRVmbhe-ZLnTg6GXM6y62FY4acLNZdRX6PM5KU-mJTvcUiIjKAeDa__2HCjF6dwqfDy0lkgd-LpX8fNXQXaZk5wM84LoTAjQQLBTFT9nGX67E0VRGvgyMO3EL0F6RlBZOSBOsT3VJ768rYKpEVdiT5SZN7gCDsrGmmc6bU0p8fGnhxVzuZc63QDT1-Md-qihRCUmHMxgE3m3aCRH4DVpHnFTr8rOLF0oIS93cEVEphVcyEn1DE38vp16B3LBq5_p0uAM-BNdcQ1Bs0wTH0O0geiVs99lQKS0IydQ8XipFwa4aQ24PtFO8_szGwWkhOFjfXAxXsk_xEVrgf6oBxYf-HE7vyCYAKlOcCvAX95oElVupm_qq9HSBdxD1s27rV-hgG63xiZcPHEJH-kwVJ6yT4vTJtgvaw1RhVXRahrbRIVe6ftV4y2ku1IvWrY-AZc4CvVoc3Z8H_SgwAfbYyP_GW0FV-BB5RTWYDXh4cxkv8eWSOn_Y6fA8gOIljfngQ5J-KSmHqSqmLOk7pr6LSs2Q8rEtkW2naFdLOJSoktyHkl2_2OGZKdAIhfpyWF5uwt8c_Jc25j-JX7eoemJpaBtV1NYjkPR15Ho9jVUhrp-VkIBDLROxlj__5Nr6ofUPZNO29St-TuS-3xgqkZz2Mu2Fc6TmRZ5SYYoOMZN5qaAXUTzOi7DJ2IJol-oNY_Jts-xe942qnEuTsPOMuQS29SkZ6HijfR2QCS4fuKkIxQDIr_AkHNQwFp0IpDDP_S17q0-2rLSRwCLg7t_oXAIJBHETnSJMJTq2jrzb_LZEB7rO07HuuLc-cLbAYbILjOuUBbxaOf56rkVf8QFkCIIn7AbEmLb8K-IcbFQ1bodL1t-4wkD4OQ5qXfC_VQo8w1swNj8-h_PwQ10Sj6svC2ybIL7584b6TQFUiGwkTTRH4cT_W-wlr86eBuC2sD_7dQ7c1ENFchpvCpL4cae_bqn8z-LmAIeh5iCLOBDhHlqKctqAepjDSizdc9EOZ6XcxpGWk-2FHhhrnXsx5YKpbdwMOI4MKqzGUus4Or24f6Yv0JTfhTrsvZcdBslOs_rINCQwhiZxzcLT-hfZQDwLYYbuxh88RDJ6XaNtXEePdIym6vBCUxD7txmgPpPhhV8wY1kyHyJeRP3bu_LdHeN5G1SHyCzNkIjJZ6ka0N1pBIm5NZ9MX7LQxlaYZsEPCK5OkxZMi8JgxcnS8oLBiyJLkFBnV7ZwHc5VIlFzCX80Pk7Wjco3LjJ1bXeq5MdiUv07Q2kpVuvTFHeeg3inobhI7YkmPsG56ru4YGPYivKzsta6Y5VhASWVfRkJGkOzhPqvoWq2qgYo7EN5ekFxytdmoRrgod_xljelJMnIjkOZCS-8j6cVi_-KbGPFdOO3LXpGxpVgBH1U4R9I6W_mjpuqjQ25OUBzMesHf2oGiNRR17tUvmk3oAiiTYuOt9SBUhBgJHD7xiep7CFXqvoL7nkm3McDB3YCbqTDHUq6RFq3L6Zkyd8jr2XdZJhSb-1FVGJvsBEDnULz6WQHgJPW09iarTLWqgaEaN2cBIKuhv1b01RQKqqdKcOj8BM90WFtrfjs&pr=8%3A13F69368AE07CA60&cid=CAQSMgBygQiD-NzwOohFuRsgKHdpIWItqXtETUTE73V989QRTxxVrvmWHZcdgUSEKgnXk6JzGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=13795935488843485000&adk=4214740833&idt=180&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce7aa9a76e1ef06e22d13a5c8678b9b7440f5b1f854ecb62b447ad383927abb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 18:07:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
12291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10883
x-xss-protection
0
server
cafe
etag
6886435266232968791
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 18:07:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 56BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=3176556897090518&rc=
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
219554c3-6efe-441f-8da9-3316cf3dfc37
https://googleads.g.doubleclick.net/ Frame E433 		185 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://googleads.g.doubleclick.net/219554c3-6efe-441f-8da9-3316cf3dfc37
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
frame.html
ad4m.at/ Frame C20C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1938388
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7c65c6077fe39b63-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 12 May 2023 21:32:18 GMT
expires
Thu, 30 Mar 2023 21:56:13 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yiN5cAT3bShL428diqeTbT7ETqacHGPqntbFVshPAzyDiNKSFkyLi7qvbJjKn1YeVOojJ35OP753qN91PE3Uv2oeNGBZddREmBvrenRWM%2F3%2FS58Niplkfm2AgycBt8hl4%2FI4mo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
postback
s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/ Frame FE40 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/postback?to=3&pv=fcccac35-f187-44e5-b531-4f97a2630e94&si=&dm=728x90&pi=XRzobPsLhV&ac=Xmwo1n97Q8&pd=avt&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ti=&gt=DE&ci=948461&ui=&sr=GOOGLE_CONTENTNETWORK&de=2&md=1&dt=9484611597092707615000&ap=&sid=Af7PukAEEPNXAkGF&oz_sc=57d2d9c2eaed052b132640db&oz_df=1683927138447&oz_l=5259&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 21:32:18 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5CD5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2252
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 20:54:46 GMT
expires
Sat, 11 May 2024 20:54:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2EA6 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
79b2d73340afc2c8c63c4ce6a08472edfff6e9677d3428faab3de9e4d69509b5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XpLk7SX4bWLR5IUqND-zyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-XpLk7SX4bWLR5IUqND-zyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:18 GMT
expires
Fri, 12 May 2023 21:32:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
index.html
s0.2mdn.net/sadbundle/7493198391404092334/ Frame CAB2 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=T6bs7Ylaoe&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c6d900511c502a6d0b97a298ecab07040eb48a8756ec785beddb35006825f0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2701
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:18 GMT
expires
Sat, 11 May 2024 21:32:18 GMT
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3AA3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0BMJbkJP7XlbvYfwAX0wwZx--HmxJyILk7Tmwaksu_WegvKVrhUYW37zM0DCCyCXk_tY11Qrt5Bjs3o5gFoXjI7MSMaJDxbLtgFp5M_lx2SGTBt0y1SIpd2ChbFNr-kUZ2muZEZvfhGV8BpYjeQFujBcHiogjd-vvmXxQqGCA7MYAbkwHzJHs54FiXLZCah-TVN7wLyLH9gRxdGWgdBnD78votl6-Bk-25Vu0DVu4UQB7vqZwboME-pfPC_M-I-x9bE0dsovK2pGLnlAjgKICdEqK0Oqm276uSew5urjhbQL04dT5JvF4TQuK-XWUtfOGwCpu4hQlYb8rZ4YHChcK_0MwgzikwGkaMts9-CZ2VlyQ3tj3D8WJEGyuCLxW7WrhKQguwxIKYbc8pbYarYVh6kco64ulZm8gBzzXf07MpL0ENRo_Pn3WIxIW-TUH8KDZaO1c3QxQj2RmbyHGNJFnuqVo3pGU-HRuX3c1EOtzpa6DF6tOx2nXQx4mqWDKTQWBT3Qi3tyRT9M5qGWyK7-_TUWCm3TQiWBm9bwxp-WdSfRLHz04r2TU9oOHDSJb96I8hS-EcyQ-YbOLeOjcwiztlpKES8901ti8B6rQOk9OpM2B_NgrmdFuOMUkwxazY3ELnC-Ng0Czd97rT1QLM2W66R9zctobUz1P_aATayudL3HttYA4WzzAUB0TFP7oSjXDavyjFGBPG9BhLfiNh_HUny3KIaFhraqkh7J4sHJIv5ESS1EbPC5dv8tgTbDKbKNzkKHvTqlMOn9CLGoVVjTYvry3j7HpK-45gmt5lIsBXvJA_O9DpHXnv9n2t4gFRRRCt9KreKrbtp5FOH6TUUZSow8ebFUNdwfBvlYfKHn_3GS8vHQy12NKdw5n-NpP2iH7BmK1F1Ny0ywTKcTP0g-_8rzt_WdRvJBvsRj2VP28MXi5b0bbY9aLfvGuBu6LOH1aAHclTQjWI0heoSFVZCTMK7eyaHQd0VgVp3F2duaGpWZ8x62Aa-dC5u5PuznLX8glYGWOrMxbZALoBcxKAwjpMeaP1oqMul6isz2kIWqAufy3RVPza4piTZ7h3HedGcfMpqs08OU7aHZ0g2Q0Q6JcDFiDxVcvGcnomfaeQneNHX0f_PXvzRQBEjeyVn5VS5k-CIBgxLOhjGfFHTCDGRB72BlFoMXGdy8-5cFxkiCs4kSaRRMm-BIF&sai=AMfl-YSDdkprI_WVSYeow1AzuNsITeHkJ-oprNvJg_cTmaOe1PuH0YiUM-boF3AXYNa29Ajzr4T1f6PV6_7guRt9PNCSri4klguijiFnNKbLUbb0patS4tJ9rFBCTBQft0P7o8FYMBUmgqzKQhf_hQlHk4oN8T4RVoApUYGPov91uj5_d6N6G8S-joZM1UiBbJQxVM58qCvL6XCbKXk5_lpUnUdpMaCo40GObjKqBI5WJlfiCZi-tqjOMfWLC4IGPigamaYtOkC2wEbsjCtFMs6k&sig=Cg0ArKJSzKg67ewN9PvyEAE&uach_m=[UACH]&pr=8:2A3E876FBD0DCA8F&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=164&cbvp=1&cstd=152&cisv=r20230510.76735&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:18 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3AA3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 19:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 May 2024 19:31:46 GMT
usync.html
eus.rubiconproject.com/ Frame 82F3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 May 2023 21:32:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3AA3 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:18 GMT
08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
pagead2.googlesyndication.com/bg/ Frame C485 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 14:52:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14732
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 14:52:20 GMT
index.html
s0.2mdn.net/sadbundle/7493198391404092334/ Frame 4FCC 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=mE07Ia4iLt&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c6d900511c502a6d0b97a298ecab07040eb48a8756ec785beddb35006825f0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2701
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:18 GMT
expires
Sat, 11 May 2024 21:32:18 GMT
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9F57 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv02F8SiqRKEG7_qSmWht_pwyWyX2c613-ADZR1wnY2pNqZpdyIutkUwq8NNAf151ptJwTHrsgRmw-ocMcUjE4tigeQ4NwC0DGJ-UQsmMFqzHNfaAifdA4JW1UCzfBP9Fyu1ZPthSugPue4UmW78yKqZqYdSWV2WqEsjaA_blqX9vdxi1tzrZWSHyA06o3DR3b5Nl86gUobclEn8S_I7VCfsRlYYMznHqJUm_zzI7jbSqvCxfPqyX24n7kwv0uEM7TpbjpJyNY-I9zVKwy24cblZI1smnRmFmuEN3OX-n4bcEWPkvGaIQn6zsjVOw5PeWAsb5tGU9JErzbkl9MsCE8rGEdqGtmSwuGPaqQSDaMB_KSdO1HOi_peNWNZ8yE4I91FwgawczNnTY7Hijk3CJwzePWnw6zvvEI1myyPG6rkD_V8TB4DhoKN7eFWlF8YGqtXjsz2I1aY-v7afsDwiVEdc6Kg7mbmTNh5xy1sE-fyMdG5jesLLUZ4rRaO47ScLpoe-EHCmhyjVeyqRjG-Kd4OZ4eOMxBnAn-wZ754Wjon2JXyvheufraDk0IGxBYzyvB1VsDsBqSgt3Px_9iRvfJEjRpoGsluVgPZ6jqMWU4yVtxtGspsqi_bfz8BC8HuJtsaEcX6TmXuDm83JXW6BNGnyoXIxz6CdQlCWO9GDiKoMswpm8UKkxJd2Tiw37UJjmbtsFdQfupeufkgrDpBjl9Gp84DliGfmce1lzsL-bm6Tmjyymi6D9iTBOTPP0nQ0yCMkW0HBMhQ8QcO5vcPxfFNosLzyFy129_Sd2LKTvZOz1flGrliMCYgtg0QcOcQiI_fxVQLGWDoxOmUOEMjBZZOqTEImnDLMpR2Ag92hiLOQrrMGPMFVlUM7YqdXcg5seB2Rc3nRlSrz48n3u54O6D0Ntlnn8EcazXa-83GZRuoKazK9-b6oukNL124c90aReAmv29S_lmtt1TaAR72YQisVR9fQMHip1YFPDy0xOSpdkPO5CxdG0E7INdjx7Z2MNSt8pszvtBIyUxGNxgEuUMklnDjkmSWls2DJigOA7-1Lh0_jHAdX04tCDtsqqxbBzT_dIdCAckqGbIu0rV9thMtFbbl6L2ywahnEpg8vQE4fcJw8us0nBztBJrVuG1OCGlolQ4TYlFOQwY1Bzh-gjTaPbxaXOc2iHhFlbFr5-DvSr8muaBdKpVv&sai=AMfl-YQlm6Lp1c69VwhMWONWqjnDUofdknH_naN3nnkjpAoKdM0IfZhQg73avvtKpR25xTT3fAQ7ncZUTmWt7EZQrpPI0pLh4ITXF6nVFGtDljqcWUPqxWRpgQiHeaeA1ixjrn8N_SZaK6DbfFo_h3sK3otqxAuXr5y1fwUZzJvo5BJ3lH-DB-P7vGSmTqYHyh3mG4ajO-7G1DcEASpj4MfQkBCSrjnBF6rkTFD55jZJ__uTaQ4TarFNhlrujkzSKC7dQCuEeMJ7MMVbyhRt8xiU&sig=Cg0ArKJSzF9eaNTyAKHWEAE&uach_m=[UACH]&pr=8:2A3E876FBD0DCA8F&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=126&cbvp=1&cstd=115&cisv=r20230510.67887&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3AA3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv__8qPXH4NpHfV59vYSbE82U62_EX6D6UIJuN_6cz-GZv2xHZwfxnJopfj4B2-HtjxKTgNe5s_pigsL60xyNRTJLwOGCds07SLZm2wVsBujeHyj8NbOXTbSO-L9OZcIZ2QpK5TgNSHCUYJfvcCKTAf06vA3Fy-eJNtyLcVWIkRWixBTxcaAm5TmWhtY1PgS07F8cepKpoiAM7W_A4fnbhWXjDMcmw6Sf13JJJA1Xpwh-iW0bTEUPHfHD4PHLCdAnUQAHbGqWwsimALAnDZhmaVzAYHqEOMdd9L6SrmSSI_bCLi03OWXJzvB7IxgGzcZK0urnd3Upv0vf1ovWT5Ww&sai=AMfl-YQI9RcfpYUQSQP1MkE5_FdDVg3T5lp4IazUR1946qYzDVHkCcUO15NmNWjzWNki7vFItLNJUav0aGJidDPc1mAsxFY4TiKhMvuVdoWtUGDBeGythrN7nDPOL6JmDQ&sig=Cg0ArKJSzK4Lnn9nlqjtEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 21:32:18 GMT
/
track.adform.net/csimpr/ Frame AF91 		35 B
588 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=60438885&csi=MOlqc4jcN5AOCg0Wtud4D2zIom4OMMcaQGQYY4CDl23rygPkIxxfk-40ccYNw3nsTVOfiemIK56aFfHt8K4tbOLSFeXTyO4ccUAcIpDuM4R-ZOcllss3aYJYUr_EsgfpqyBEBtPRJ-11p_b_lMbUAM8nPkiyAe0TB1kfYxY3LdxnLhZxlb_NKQO8_7rsP1jj0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
56816588.gif
s1.adform.net/Banners/56816588/ Frame AF91 		156 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/56816588/56816588.gif?bv=2
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3129aa523d159f576a3ab572bfc966d6f78234ff62cde1fd4537242851b9c8dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
last-modified
Wed, 21 Dec 2022 16:44:52 GMT
server
nginx
x-amz-request-id
tx000001271e31e1c24553d-0063b0befa-3293aae9-default
etag
"0b8648136ea2b4c46facc933526b05c0"
x-cache-status
STALE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
160023
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9F57 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 19:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 May 2024 19:31:46 GMT
usync.html
eus.rubiconproject.com/ Frame 1C9C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 May 2023 21:32:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9F57 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:18 GMT
index.html
s0.2mdn.net/sadbundle/594435823138097677/ Frame 3976 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/594435823138097677/index.html?e=69&leftOffset=0&topOffset=0&c=LlwplwY0O9&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8e6f1e3e44d7c3d7e421052751096b93056c82c001c659d83f680ae54abed88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1413
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:18 GMT
expires
Sat, 11 May 2024 21:32:18 GMT
last-modified
Fri, 30 Apr 2021 15:15:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame DB4E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssW85QVPnzRKSwvmS0D6Wtvn7PbNyGR8Et4m_2QfC_l_8vPaTmii7KFbCu4mjIRVMYR-hY55n57be7R1noZbAD7zLuSIF20Y9wbNiAoM_ZhNn4FK6egWgqdj78qjMdtVfGwqKQEmf-o7XG6Ydz4V5wbk_-S1vKEaYFk9WraIYWcnvBjdq9ncy7M_fCnaz4-ks9tWOqzL6Hz_CsO-bVOKTxVaT8rHfL2PZtKrFSKJXR6SVz2CFZ3cW18yCgU1mLwL2WUsOoICVOWaWvx4JbuKyZym6sIsjKsbdM-3O6DhCXTeqq45Gfpen2gBNQ4nWZMD7hWOA2CErm7iwc5t79TvpBIDvwqUEFTfxDGkN0uew7brOEjHfjoT26c_E08IJw1CaHsJwkdCgM-JV0J4PzSx7NlYg4LDdxj-AlOZ0kbmJnD-YdKkW3iUrXIAt0q3766fU0PnTCa2PE-niUZog6ukBmChqEY4NmOTC2yJA_mth6ZnsP_eLP_Qgohc4RllfZi5UmFIsx3poLGpGcyZZWTNeny0HZtspmg7HqNAA8TcMnb98iI3tJVpPKctrBM_8RdhzXP9MxCpfpRhH0guLv1B9WfcyLnxUN48u2zDADn-tQqgxU_SqhuRwcBIJDZx95mlcL8CzhUmUMEsb3X1OQOeZnx8mGtO42l2N6QO3N6h5W_L8LcFiuJZyQD7ZVvbdhrlJQ5REDESAE2RrUvlXOQfgCrlTcuEV5DnQEci3lC5M7Ie948DLq7DN1TFCOfDUVi4t2aYmnqB7LJEUqHC3mzZKlZ3IZPCxRQ_duW7O9VIUw8f6AmVt5rIaunwxTjEQR2Ho-T3T5mF_5143Uz0C8cyyoIxjQOQWUBkbhnmMq_UGs8RsUAwqgw4inIlSywGZYbfkSeTZtd9u7AqkpGjBJa15Q9Y0vLqROORfeW7FHtRd0Oo2VTcB5Fst30-NoWfJroAWrXp7Ojw5XN_rANhZzX1kc7JCc1Xi60ev2OZbSTQyi0gmKdiw1ptlt0HMzrMtYkDAn3vCQSyxf7NWP8Q_ozliJBBFPNdnRRTEN5XSg_1jCBAz9op44P14y4sfDp2baev5gENVm860ZPWuw-sFUiKvACOqP98h4ng8OvC_Pqq9NE15DxHMNJAgcaQunzxdrh7F6zTlPeA6QbeTR-BYLsPPr5sEJ7ZDtzJmRnYZfk66Y97lrEEKqHkOPILYRqflISNmbECWrnQhM&sai=AMfl-YRNUtPsHV_A_HO-dg_IePI3TKVSvuDbfT1uT6Hn1h78E5S1fBDl0-W_YNgFZILN6hvr1Ew0pIch9ym16OCAXRe3vM_3b5bQ5qK78o-sTT3eHUMYBA868XNWBGoB3EZCWbTgmjjnkvCRs-vJ3ujFua-5bH2eEXDOubz2k0vO20CNMyNEEJ_CWiBdQV5yeSEdfqoU9SXmdxkfC_FGNnsfoU8ZL5CUkizXt7ZRPX9gA5U1Y32gf_N9uI1VAySWE4cPkhBUWhYkX3LhvrUhMGQ9&sig=Cg0ArKJSzGoaNPUw0PsoEAE&uach_m=[UACH]&pr=8:1931C67B02E439CE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=219&cbvp=1&cstd=203&cisv=r20230510.14292&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9F57 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTbT8oS62q3C_aIS7OrmEhFX0c_4xy3obuGq7ZqwYaJfOz6RNsIP-OFth9fml9E6pSNADNGpxG_3v8i8-UYQjLi4ar46mdJg9etXUYmuEL6ZpMS72DEuxvodoxBu_RTpDhNX7f3Emr2fdGYqMBErG1B1CF8dHA3uNax35FOawT3mlVmh_hpOHL6YE7N3jlWXrm9t8PwGKVBimYTDULtd7Itehka5BFLGB-rzrUqAIwl7GDfkNx_aDPHGzGnCO2jU2gde8XPXclUXXUq9gztFfSaNvgpQ_fxSDblEBAdMn3Q9kWFAVC9JDXHUIxJxrOEaMLPItpYGI-RMojJhIZ03M&sai=AMfl-YT6I46_JjprjXPM8b7R3NrHpUodvlOlcHo4uF3eWqMTxLenW8Pkjt1IqVOjsDcwBokyQzrZ2THyqBIaS6X4gVFnPtfNUNCebZ9TKTngwbIsbaFTPh33ctu59uGPlg&sig=Cg0ArKJSzLYb9hnNcGfqEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 21:32:18 GMT
styles.css
s0.2mdn.net/sadbundle/7493198391404092334/css/ Frame CAB2 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=T6bs7Ylaoe&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac2429c9dd60bbe0eeab4fb4322667db2a3566125b4a1d772c488381de05b9e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=T6bs7Ylaoe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 05 May 2023 23:59:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
595981
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1446
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 May 2024 23:59:17 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame CAB2 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=T6bs7Ylaoe&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=T6bs7Ylaoe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 23:21:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79862
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 23:21:16 GMT
overlay.png
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame CAB2 		95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/img/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=T6bs7Ylaoe&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=T6bs7Ylaoe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:47:47 GMT
x-content-type-options
nosniff
age
531871
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 17:47:47 GMT
logo.svg
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame CAB2 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/img/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=T6bs7Ylaoe&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=T6bs7Ylaoe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 11:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
556331
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2563
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 11:00:08 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame CAB2 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=T6bs7Ylaoe&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=T6bs7Ylaoe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 21:32:18 GMT
index.html
s0.2mdn.net/sadbundle/9170381621892120779/ Frame 59FF 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=4K0AJYh5Rj&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691257cf7d510da3434f5eedca2b2e0137949c698e3750c7705526a1ee75684c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2744
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:18 GMT
expires
Sat, 11 May 2024 21:32:18 GMT
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 32FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNpCDVG2pLdO8sje_LquBhiCU9hcDusNtim98OYvaA_-SMliMu_yDTWEU4WoSZHmSwzuf4mw3_ASE_IFuS1XH958mviQehwXOPQA8pXu1Iy4Fi1ViFGSv_rHbUNJ_OP0HsY42Cg6k4tsi057lAdAsLVZrYlD1KQOf2AhE9Y9qm_Uct35KkxLW3LiNHa4GNYD4LskZ6zyta4O0fNPLLLEmFsHkMUdvgXGM-rJtq0z7uNr_-wsgLwhslF7jUgaFJfaQ7YfzpKSbY-UUX7JymMA3vjRk7Xsm8bem-CX5M4gxCCTP6ZzjmHdRDbqj6jiP8cJIhFCPVEa1Xk0MXB-VNMk6e4lPxj_7AxH1gzgpnRXxMWmDm5GY9Gh-WdWVXaRJ1DzGu2zaJHs9xXfzUrj2ImetzUsU7TVLTPcgUrUrC61cAGy4izrEgDUd54WTisG4aerQ_kiT08OuS_vwPmsmO287MFlzLwHPAd6kqhraCj55PbF5UlFpf7iQCD8_HoJ3zlLe_45IBD-QlSfs26H_JYgbAPUnAM1vRiitx-vgwVH6-q0B6LzOYtFuQlSOducE0wTzmaKaw1rWRwhLCEJyDuNCOXadTKgp_-uTEwsSMlXdCa1qLmN4wvKDV6Zn3aywxo-cQGpN4e5ri2SHEZUbjEkYeSnmynVEP4SEvjhnPEBkLND1Vah6Lhnw3nbmfwzz13bO0IWv8qLPvqypGwgw2znkrlXrNWj8sydXI44sWXP990YOCPKa-ijQMv433-nxewIVeFO2NOGhHs0Fq3pqZefPdtnXXajnAZ-tjBQNOgFMJ9gvtxs7_54MU2SWVmVR8a-xyTwl2eKZS-8sJuxSZNc9U_Tz8V6cnDgoTLHpy2Dq5XHYwazsyJCnGUpVQB_pZXbYOMHwsqW_dmuGilw4WA6GoIEDi5bfGcCjDEEI1JDnBpjTVvgRyZxzF0mjrXpXYQM2NL5KkDqdNwfvgPvB_CakqPrdmRm7BxC-Uz9YKfVIfTyFMwNuy9PweymxU504CmMEPylQIVkGJOdP-7Gj-hvmpliUkV7ejmp6RWRdHDnAQWTj8ikysr6eYGKrJ4cR6J5sdCZU8iHRspDo57xLiPIANSW9GaFM4cgGrqDVAVCaM2MgdqigoNEBOWIYrYDKzwRxt7J34kduqzgOtKZjpL9W9R1mUlBDLpwzSK1m4t0Q5oQIj8PdjuCK3&sai=AMfl-YRWFx0bvTwVaFt0N-6ShWMp3DjSZ6BxKZz4_DqZV-NqOBpv6AMUV7nhvtR1vDFXfm3HY2NxI4rNhvuaPxy1FVDcZHdAOvHuU1iLcrLC77DcClxwL8I6wsx1i89pf1WUuUuzas5YMs21cN-ud82Z_nBbL-wSgfwjc2D9UVip45xW1vwe-Hn0ZrmtUpI3omCcirc5J3YPPaFaw-M6sqTgS2W9SsI9Xl-xLEzg_cFiNHO_FkeWuLAVjMdG_7ZjwyoyIr41b676jOglA-ptYygl&sig=Cg0ArKJSzJjhQrkxc7y9EAE&uach_m=[UACH]&pr=8:13F69368AE07CA60&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=254&cbvp=1&cstd=246&cisv=r20230510.97469&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:18 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DB4E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 19:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 May 2024 19:31:46 GMT
usync.html
eus.rubiconproject.com/ Frame F2BB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 May 2023 21:32:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DB4E 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:18 GMT
styles.css
s0.2mdn.net/sadbundle/7493198391404092334/css/ Frame 4FCC 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=mE07Ia4iLt&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac2429c9dd60bbe0eeab4fb4322667db2a3566125b4a1d772c488381de05b9e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=mE07Ia4iLt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 05 May 2023 23:59:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
595981
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1446
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 May 2024 23:59:17 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 4FCC 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=mE07Ia4iLt&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=mE07Ia4iLt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 23:21:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79862
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 23:21:16 GMT
overlay.png
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame 4FCC 		95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/img/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=mE07Ia4iLt&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=mE07Ia4iLt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:47:47 GMT
x-content-type-options
nosniff
age
531871
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 17:47:47 GMT
logo.svg
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame 4FCC 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/img/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=mE07Ia4iLt&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=mE07Ia4iLt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 11:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
556331
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2563
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 11:00:08 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 4FCC 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=mE07Ia4iLt&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=mE07Ia4iLt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 21:32:18 GMT
usync.js
eus.rubiconproject.com/ Frame 82F3 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8fcb56caf9cbe84a2f9bf49ffdad370f4d26f2988d7565a10be0bb2f40cc826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 May 2023 11:59:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52055
Connection
keep-alive
Content-Length
10021
Expires
Sat, 13 May 2023 11:59:53 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 32FE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 19:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 May 2024 19:31:46 GMT
usync.html
eus.rubiconproject.com/ Frame BDF6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 May 2023 21:32:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 32FE 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 21:32:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DB4E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvy__HcV_bzKmKxqNR623wmWGzvuIRvWt-_V21G-ofGO434CcZFntu7i7WEiTsmmaXzkZyWsPUpQ3wL9LALztPzOY1mmmoSHWrssXIqNF2yAZbauGtNF3o7-t49YvGluFxhLf7OvBC3HKa9aEjv0_e3K8wbHSaDoYi_dBf-4rWatptWb7KkNiq2D1_XP6JJWVoJPoOKd2NP9nJ9yL79hvWQoPUc5WpVZHXEyvIiBNp2nTxLW1Vw7TeY6s2ct8_u3g6oTJWi4U3Zp6orBrgbkYQYJmW9kIn_Uzz0WpsjvktzhTcpusWYBgJhgSNxn8DcpD6Z8pV7Ynmcyi1z3b0T1dikL5gL9g-KRT51CkvZF0ZXTEjTUY9Cyg&sai=AMfl-YRYqjYcn5fuiNo4vHKucLN0FIWUWAdPnyU4aPbkgZoI9sQ597Sv9bgGrcxRD3FBE76pm3qSxD4n7nlAzd_FNmFkQHb0ZYwdQen0tnq6Umggz_gwsbOoyHCyiXaA6A&sig=Cg0ArKJSzGPX2wEs6HCWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 21:32:18 GMT
usync.js
eus.rubiconproject.com/ Frame 1C9C 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8fcb56caf9cbe84a2f9bf49ffdad370f4d26f2988d7565a10be0bb2f40cc826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 May 2023 11:59:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52055
Connection
keep-alive
Content-Length
10021
Expires
Sat, 13 May 2023 11:59:53 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3976 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/594435823138097677/index.html?e=69&leftOffset=0&topOffset=0&c=LlwplwY0O9&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/594435823138097677/index.html?e=69&leftOffset=0&topOffset=0&c=LlwplwY0O9&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 21:32:18 GMT
Enabler_01_245.js
s0.2mdn.net/879366/ Frame 3976 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/594435823138097677/index.html?e=69&leftOffset=0&topOffset=0&c=LlwplwY0O9&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/594435823138097677/index.html?e=69&leftOffset=0&topOffset=0&c=LlwplwY0O9&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 23:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78538
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 23:43:20 GMT
polite.js
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/ Frame 3976 		85 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/polite.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/594435823138097677/index.html?e=69&leftOffset=0&topOffset=0&c=LlwplwY0O9&t=1&renderingType=2&ev=01_250
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.72.17 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2dc8641cae7c9da5e18a7136802a48be4d9aa19368eeb606e01f6158e9577b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:19 GMT
Last-Modified
Wed, 23 Nov 2022 14:43:22 GMT
Server
AmazonS3
x-amz-request-id
527CPHJKEN5PMHFB
ETag
"435dc186bf88171b2fb4446a3eef3a74"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
87538
x-amz-id-2
SjPtPcpf8eeAWBBCZv9Hwu2X+YzOo7qAD3gezhpTegTuXJdsraYqOkCEcHjpOyoYLv67RhhF/Z6rnnRiRAN7dA==
view
securepubads.g.doubleclick.net/pcs/ Frame 32FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUfOgokF2zNAIUN6afF_WysTLcFukssPqqvgdZpk1hX9Rsd5bo35JMYQeM9KBnaJquj_MNitfQR4KYKanogN9Pw5rQ0cSq8dY7jsQDrLAtAo78rgtH_nDQ2_ENMwY6-aH0km7P72JrAH6NQPKRCLYxwm6uP-tN2e79cqu0akFO4FjUFf1hVZJMHR-aWgyXUUIr9xAYzJlZJmwr6z2iNmF4XA-ETRw9IqqB9APhPWYOyqx7c3GFdpUrqZGsu7kqh3uQIH0AJLvn9u_yWju6wiL-1uYq7RTXFMSFSphewimD9qC5JqUEYifcB0j_8kUNDJhm0Wnj5g2FZGAcpJgKaNmwBvoFMuYhLaG9EkY99pSFww&sai=AMfl-YTdRy2atYC5sRS8YP04kI35bhCuwEs4u0FqpXZOYYjWuk3SHIBXniywj5m4HB4gsBFl8NsBx1xuQFLYqO74gbDU9k5Et9kud-jfB-JFX9S8rf9XHyq9YGz3UEfzgw&sig=Cg0ArKJSzD_QMheR6f5SEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 21:32:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 914A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0sdQPr-MylZfrY4LntjO--Bg8ZFOsYI2M8HGDSg_DNMLRp6LY5Lj08CRjO7G9gwOhj_17xjVnJjWggPH7NzCnMpIB_9DE9qERthcRkiUHEF3kd2Tz1PFnAdCIUVFq2OsMi38vuwH-Jn9Z1YGHVH2Tk4_N2AIXYB71yVgVUSEEBpYaiBk9-cDoLtYzbBypMfBpbY94IOcnJfwVkXv02aSQ7MFKtPw60lU_xSMhIX09xom_2XnUfuZnNp7OC0uQb_E2y5nChXfrytWRWG9d7s6YgKfZTAWjj6Efu-EBYITe8XH49H9b_P-kXU2Fk1HKqm2cryqzYjfycpoifdBZaUgXO7LMNEaiqA&sai=AMfl-YSWvxKTEDTRRP2aPqPe1hw2laC_pe1Arjpy_EYcWzCEi4ma3lY7M7BJw0gByVAk4k45HfzjGUgFR_SdSjOWKar7Xc3A8zFlDBsk7I-WFwyrJ530gAO-w11fujEOnDRMjCUtKXjr_J3MUfKpzIgF11a4B1fB0aBfKPb5z_L_DQZjPGximHz_qv0HoMTa0t-a&sig=Cg0ArKJSzGZbCfx6BTWDEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 21:32:18 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 914A 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com&bust=31074562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27b94fc57baeeee41299fbbf43e3bc948d14cbd48086299bef055149e7fe8b75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11191
x-xss-protection
0
styles.css
s0.2mdn.net/sadbundle/9170381621892120779/css/ Frame 59FF 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=4K0AJYh5Rj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
101470fcde40e5ad29c691a0cc4276b7e311972a8e02a684f19db29fd4698645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=4K0AJYh5Rj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 17:38:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14057
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1483
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 May 2024 17:38:01 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 59FF 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=4K0AJYh5Rj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=4K0AJYh5Rj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 23:21:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79862
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 23:21:16 GMT
overlay.png
s0.2mdn.net/sadbundle/9170381621892120779/img/ Frame 59FF 		95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/img/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=4K0AJYh5Rj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=4K0AJYh5Rj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 11:53:40 GMT
x-content-type-options
nosniff
age
553119
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 11:53:40 GMT
logo.svg
s0.2mdn.net/sadbundle/9170381621892120779/img/ Frame 59FF 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/img/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=4K0AJYh5Rj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=4K0AJYh5Rj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 00:39:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
593548
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2563
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 00:39:51 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 59FF 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=4K0AJYh5Rj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=4K0AJYh5Rj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 21:32:18 GMT
usync.js
eus.rubiconproject.com/ Frame F2BB 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8fcb56caf9cbe84a2f9bf49ffdad370f4d26f2988d7565a10be0bb2f40cc826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 May 2023 11:59:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52055
Connection
keep-alive
Content-Length
10021
Expires
Sat, 13 May 2023 11:59:53 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EE64 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
224012
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 07:18:46 GMT
expires
Thu, 09 May 2024 07:18:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame BDF6 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8fcb56caf9cbe84a2f9bf49ffdad370f4d26f2988d7565a10be0bb2f40cc826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 May 2023 11:59:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52055
Connection
keep-alive
Content-Length
10021
Expires
Sat, 13 May 2023 11:59:53 GMT
postback
s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/ Frame FE40 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/postback?to=3&pv=fcccac35-f187-44e5-b531-4f97a2630e94&si=&dm=728x90&pi=XRzobPsLhV&ac=Xmwo1n97Q8&pd=avt&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ti=&gt=DE&ci=948461&ui=&sr=GOOGLE_CONTENTNETWORK&de=2&md=1&dt=9484611597092707615000&ap=&sid=Af7PukAEEPNXAkGF&oz_sc=57d2d9c2eaed052b132640db&oz_df=1683927138759&oz_l=492&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 21:32:18 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sodar
pagead2.googlesyndication.com/pagead/ Frame 2EA6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=4087476141590835&rc=
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
truncated
/ Frame 3AA3 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f95b937f65fa89aceb57f80b2547b8b16c4e20aee0f2fd464b7dc187d6154d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 30EC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
224012
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 07:18:46 GMT
expires
Thu, 09 May 2024 07:18:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 914A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com&bust=31074562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 May 2023 21:32:18 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BEE8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
224013
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 07:18:46 GMT
expires
Thu, 09 May 2024 07:18:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9F57 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3667232496fffa270cd921dd76b1b8fd0e9465df050df9d9e04aa45d13bac4c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AC18 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
224013
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 07:18:46 GMT
expires
Thu, 09 May 2024 07:18:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 2886 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5PlUT_lUEm1eA1b0BTniJVl_oCJ04z0IczTvCUX6z08YdHd3MKNGM9JHxfTZUT423elQwsXP6m5TPDiHpXtiYiqq4UZyPl2F5f8oATQUHNbBWhNSS&sig=Cg0ArKJSzIiO97mA_xlTEAE&id=lidar2&mcvt=1071&p=0,0,250,300&mtos=1071,1071,1071,1071,1071&tos=1071,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1699457317&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683927136924&rpt=1030&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame CAB2 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaCondMedium.subline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:35:05 GMT
x-content-type-options
nosniff
age
115034
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13336
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 May 2024 13:35:05 GMT
FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame CAB2 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaBlack.headline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 08:50:37 GMT
x-content-type-options
nosniff
age
564102
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11876
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 08:50:37 GMT
FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame CAB2 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaRegular.legal.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 17:38:11 GMT
x-content-type-options
nosniff
age
14048
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14468
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 May 2024 17:38:11 GMT
FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame 4FCC 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaCondMedium.subline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 13:35:05 GMT
x-content-type-options
nosniff
age
115034
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13336
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 May 2024 13:35:05 GMT
FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame 4FCC 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaBlack.headline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 08:50:37 GMT
x-content-type-options
nosniff
age
564102
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11876
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 08:50:37 GMT
FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame 4FCC 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaRegular.legal.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 17:38:11 GMT
x-content-type-options
nosniff
age
14048
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14468
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 May 2024 17:38:11 GMT
08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
pagead2.googlesyndication.com/bg/ Frame 5CD5 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 14:52:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14732
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 14:52:20 GMT
truncated
/ Frame DB4E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51b106ac892d7b8b05073208aa4b373a8aa4f4a1677b8f650c1acc221b0d1e7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 32FE 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
606d06739d2baff1ed51573ba13ece0ecd2f7484e55570f5b71634d82e1a9dea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/9170381621892120779/fonts/ Frame 59FF 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/fonts/FordAntennaCondMedium.subline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 05:37:26 GMT
x-content-type-options
nosniff
age
143693
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13336
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 May 2024 05:37:26 GMT
FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/9170381621892120779/fonts/ Frame 59FF 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/fonts/FordAntennaBlack.headline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 09:45:39 GMT
x-content-type-options
nosniff
age
560800
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11876
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 09:45:39 GMT
FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/9170381621892120779/fonts/ Frame 59FF 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/fonts/FordAntennaRegular.legal.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 19:03:53 GMT
x-content-type-options
nosniff
age
8906
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14468
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 May 2024 19:03:53 GMT
pixel
cm.g.doubleclick.net/ Frame 82F3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhMMlFNREotMVctNkRXTg==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMw2vPD4T1c-dA8N6iA1_BU&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhMMlFNREotMVctNkRXTg==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhMMlFNREotMVctNkRXTg==&google_push=
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhMMlFNREotMVctNkRXTg==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
pixel
cm.g.doubleclick.net/ Frame 82F3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDg2YmY1MmNkYzhjMGUyMzA3MTI4NTFjMjk1NzMzMDUxMmM0MDdkYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDg2YmY1MmNkYzhjMGUyMzA3MTI4NTFjMjk1NzMzMDUxMmM0MDdkYw
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDg2YmY1MmNkYzhjMGUyMzA3MTI4NTFjMjk1NzMzMDUxMmM0MDdkYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 82F3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/CLuQ6Vu_4cms57rnHgG0D8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-plexn4lE2oIy0_JCnMzrYL_GEdoAxIuzGSvCoQ--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-plexn4lE2oIy0_JCnMzrYL_GEdoAxIuzGSvCoQ--~A
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 12 May 2023 21:32:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-plexn4lE2oIy0_JCnMzrYL_GEdoAxIuzGSvCoQ--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 82F3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHL2QMDJ-1W-6DWN
0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHL2QMDJ-1W-6DWN
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: BDFDB6F45426439CA61F10F8C57A465F Ref B: FRAEDGE1309 Ref C: 2023-05-12T21:32:19Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX7hdb34c8D1+N5LwXIHw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHL2QMDJ-1W-6DWN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 82F3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECo78uNyemOp-80qvLDWs0c&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECo78uNyemOp-80qvLDWs0c&google_cver=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECo78uNyemOp-80qvLDWs0c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 82F3
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=yHNGozu3QcuLneyzXv4dhw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=yHNGozu3QcuLneyzXv4dhw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=yHNGozu3QcuLneyzXv4dhw
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Server
52.46.151.131 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 21:32:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VGETG59TCKGXXNDXVW8P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=yHNGozu3QcuLneyzXv4dhw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 82F3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 12 May 2023 21:32:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 82F3
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=JcL7NM1kTkiFncfBjpmGKA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=JcL7NM1kTkiFncfBjpmGKA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=JcL7NM1kTkiFncfBjpmGKA
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Server
52.95.126.138 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 21:32:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YSGSE19MYNGZXS4RB09G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=JcL7NM1kTkiFncfBjpmGKA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
view
googleads4.g.doubleclick.net/pcs/ Frame 3AA3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0BMJbkJP7XlbvYfwAX0wwZx--HmxJyILk7Tmwaksu_WegvKVrhUYW37zM0DCCyCXk_tY11Qrt5Bjs3o5gFoXjI7MSMaJDxbLtgFp5M_lx2SGTBt0y1SIpd2ChbFNr-kUZ2muZEZvfhGV8BpYjeQFujBcHiogjd-vvmXxQqGCA7MYAbkwHzJHs54FiXLZCah-TVN7wLyLH9gRxdGWgdBnD78votl6-Bk-25Vu0DVu4UQB7vqZwboME-pfPC_M-I-x9bE0dsovK2pGLnlAjgKICdEqK0Oqm276uSew5urjhbQL04dT5JvF4TQuK-XWUtfOGwCpu4hQlYb8rZ4YHChcK_0MwgzikwGkaMts9-CZ2VlyQ3tj3D8WJEGyuCLxW7WrhKQguwxIKYbc8pbYarYVh6kco64ulZm8gBzzXf07MpL0ENRo_Pn3WIxIW-TUH8KDZaO1c3QxQj2RmbyHGNJFnuqVo3pGU-HRuX3c1EOtzpa6DF6tOx2nXQx4mqWDKTQWBT3Qi3tyRT9M5qGWyK7-_TUWCm3TQiWBm9bwxp-WdSfRLHz04r2TU9oOHDSJb96I8hS-EcyQ-YbOLeOjcwiztlpKES8901ti8B6rQOk9OpM2B_NgrmdFuOMUkwxazY3ELnC-Ng0Czd97rT1QLM2W66R9zctobUz1P_aATayudL3HttYA4WzzAUB0TFP7oSjXDavyjFGBPG9BhLfiNh_HUny3KIaFhraqkh7J4sHJIv5ESS1EbPC5dv8tgTbDKbKNzkKHvTqlMOn9CLGoVVjTYvry3j7HpK-45gmt5lIsBXvJA_O9DpHXnv9n2t4gFRRRCt9KreKrbtp5FOH6TUUZSow8ebFUNdwfBvlYfKHn_3GS8vHQy12NKdw5n-NpP2iH7BmK1F1Ny0ywTKcTP0g-_8rzt_WdRvJBvsRj2VP28MXi5b0bbY9aLfvGuBu6LOH1aAHclTQjWI0heoSFVZCTMK7eyaHQd0VgVp3F2duaGpWZ8x62Aa-dC5u5PuznLX8glYGWOrMxbZALoBcxKAwjpMeaP1oqMul6isz2kIWqAufy3RVPza4piTZ7h3HedGcfMpqs08OU7aHZ0g2Q0Q6JcDFiDxVcvGcnomfaeQneNHX0f_PXvzRQBEjeyVn5VS5k-CIBgxLOhjGfFHTCDGRB72BlFoMXGdy8-5cFxkiCs4kSaRRMm-BIF&sai=AMfl-YSDdkprI_WVSYeow1AzuNsITeHkJ-oprNvJg_cTmaOe1PuH0YiUM-boF3AXYNa29Ajzr4T1f6PV6_7guRt9PNCSri4klguijiFnNKbLUbb0patS4tJ9rFBCTBQft0P7o8FYMBUmgqzKQhf_hQlHk4oN8T4RVoApUYGPov91uj5_d6N6G8S-joZM1UiBbJQxVM58qCvL6XCbKXk5_lpUnUdpMaCo40GObjKqBI5WJlfiCZi-tqjOMfWLC4IGPigamaYtOkC2wEbsjCtFMs6k&sig=Cg0ArKJSzKg67ewN9PvyEAE&uach_m=[UACH]&pr=8:2A3E876FBD0DCA8F&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=774&vt=11&dtpt=610&dett=3&cstd=152&cisv=r20230510.76735&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 21:32:19 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9F57 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv02F8SiqRKEG7_qSmWht_pwyWyX2c613-ADZR1wnY2pNqZpdyIutkUwq8NNAf151ptJwTHrsgRmw-ocMcUjE4tigeQ4NwC0DGJ-UQsmMFqzHNfaAifdA4JW1UCzfBP9Fyu1ZPthSugPue4UmW78yKqZqYdSWV2WqEsjaA_blqX9vdxi1tzrZWSHyA06o3DR3b5Nl86gUobclEn8S_I7VCfsRlYYMznHqJUm_zzI7jbSqvCxfPqyX24n7kwv0uEM7TpbjpJyNY-I9zVKwy24cblZI1smnRmFmuEN3OX-n4bcEWPkvGaIQn6zsjVOw5PeWAsb5tGU9JErzbkl9MsCE8rGEdqGtmSwuGPaqQSDaMB_KSdO1HOi_peNWNZ8yE4I91FwgawczNnTY7Hijk3CJwzePWnw6zvvEI1myyPG6rkD_V8TB4DhoKN7eFWlF8YGqtXjsz2I1aY-v7afsDwiVEdc6Kg7mbmTNh5xy1sE-fyMdG5jesLLUZ4rRaO47ScLpoe-EHCmhyjVeyqRjG-Kd4OZ4eOMxBnAn-wZ754Wjon2JXyvheufraDk0IGxBYzyvB1VsDsBqSgt3Px_9iRvfJEjRpoGsluVgPZ6jqMWU4yVtxtGspsqi_bfz8BC8HuJtsaEcX6TmXuDm83JXW6BNGnyoXIxz6CdQlCWO9GDiKoMswpm8UKkxJd2Tiw37UJjmbtsFdQfupeufkgrDpBjl9Gp84DliGfmce1lzsL-bm6Tmjyymi6D9iTBOTPP0nQ0yCMkW0HBMhQ8QcO5vcPxfFNosLzyFy129_Sd2LKTvZOz1flGrliMCYgtg0QcOcQiI_fxVQLGWDoxOmUOEMjBZZOqTEImnDLMpR2Ag92hiLOQrrMGPMFVlUM7YqdXcg5seB2Rc3nRlSrz48n3u54O6D0Ntlnn8EcazXa-83GZRuoKazK9-b6oukNL124c90aReAmv29S_lmtt1TaAR72YQisVR9fQMHip1YFPDy0xOSpdkPO5CxdG0E7INdjx7Z2MNSt8pszvtBIyUxGNxgEuUMklnDjkmSWls2DJigOA7-1Lh0_jHAdX04tCDtsqqxbBzT_dIdCAckqGbIu0rV9thMtFbbl6L2ywahnEpg8vQE4fcJw8us0nBztBJrVuG1OCGlolQ4TYlFOQwY1Bzh-gjTaPbxaXOc2iHhFlbFr5-DvSr8muaBdKpVv&sai=AMfl-YQlm6Lp1c69VwhMWONWqjnDUofdknH_naN3nnkjpAoKdM0IfZhQg73avvtKpR25xTT3fAQ7ncZUTmWt7EZQrpPI0pLh4ITXF6nVFGtDljqcWUPqxWRpgQiHeaeA1ixjrn8N_SZaK6DbfFo_h3sK3otqxAuXr5y1fwUZzJvo5BJ3lH-DB-P7vGSmTqYHyh3mG4ajO-7G1DcEASpj4MfQkBCSrjnBF6rkTFD55jZJ__uTaQ4TarFNhlrujkzSKC7dQCuEeMJ7MMVbyhRt8xiU&sig=Cg0ArKJSzF9eaNTyAKHWEAE&uach_m=[UACH]&pr=8:2A3E876FBD0DCA8F&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=710&vt=11&dtpt=584&dett=3&cstd=115&cisv=r20230510.67887&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 21:32:19 GMT
08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
pagead2.googlesyndication.com/bg/ Frame EE64 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 14:52:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14732
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 14:52:20 GMT
5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame 5454 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1683927136214&userId=vnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 21:32:19 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1111 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2253
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 20:54:46 GMT
expires
Sat, 11 May 2024 20:54:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C21E 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dae7109f24f6327fbc591a47975348c4852484c8c3ef12ecee070c7f1f70c366
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JbJleS0CMbpSly7xkxscxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-JbJleS0CMbpSly7xkxscxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:19 GMT
expires
Fri, 12 May 2023 21:32:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ Frame CAB2 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efcf59fdf3ac3d28311311d161305bb088af0d82599ac41722bfdcbf53aa6872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5704
x-xss-protection
0
visual.jpg
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame CAB2 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/img/visual.jpg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b438fcb0b6409866bcf245a57397590528a9db351cceb09953f27f9105069895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=T6bs7Ylaoe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 05 May 2023 23:03:50 GMT
x-content-type-options
nosniff
age
599309
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86025
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 May 2024 23:03:50 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4FCC 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
219cc2a32fb9f3ff83294f971ec5970c3a73944a497a603848643c759d4f8dee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5627
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 32FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNpCDVG2pLdO8sje_LquBhiCU9hcDusNtim98OYvaA_-SMliMu_yDTWEU4WoSZHmSwzuf4mw3_ASE_IFuS1XH958mviQehwXOPQA8pXu1Iy4Fi1ViFGSv_rHbUNJ_OP0HsY42Cg6k4tsi057lAdAsLVZrYlD1KQOf2AhE9Y9qm_Uct35KkxLW3LiNHa4GNYD4LskZ6zyta4O0fNPLLLEmFsHkMUdvgXGM-rJtq0z7uNr_-wsgLwhslF7jUgaFJfaQ7YfzpKSbY-UUX7JymMA3vjRk7Xsm8bem-CX5M4gxCCTP6ZzjmHdRDbqj6jiP8cJIhFCPVEa1Xk0MXB-VNMk6e4lPxj_7AxH1gzgpnRXxMWmDm5GY9Gh-WdWVXaRJ1DzGu2zaJHs9xXfzUrj2ImetzUsU7TVLTPcgUrUrC61cAGy4izrEgDUd54WTisG4aerQ_kiT08OuS_vwPmsmO287MFlzLwHPAd6kqhraCj55PbF5UlFpf7iQCD8_HoJ3zlLe_45IBD-QlSfs26H_JYgbAPUnAM1vRiitx-vgwVH6-q0B6LzOYtFuQlSOducE0wTzmaKaw1rWRwhLCEJyDuNCOXadTKgp_-uTEwsSMlXdCa1qLmN4wvKDV6Zn3aywxo-cQGpN4e5ri2SHEZUbjEkYeSnmynVEP4SEvjhnPEBkLND1Vah6Lhnw3nbmfwzz13bO0IWv8qLPvqypGwgw2znkrlXrNWj8sydXI44sWXP990YOCPKa-ijQMv433-nxewIVeFO2NOGhHs0Fq3pqZefPdtnXXajnAZ-tjBQNOgFMJ9gvtxs7_54MU2SWVmVR8a-xyTwl2eKZS-8sJuxSZNc9U_Tz8V6cnDgoTLHpy2Dq5XHYwazsyJCnGUpVQB_pZXbYOMHwsqW_dmuGilw4WA6GoIEDi5bfGcCjDEEI1JDnBpjTVvgRyZxzF0mjrXpXYQM2NL5KkDqdNwfvgPvB_CakqPrdmRm7BxC-Uz9YKfVIfTyFMwNuy9PweymxU504CmMEPylQIVkGJOdP-7Gj-hvmpliUkV7ejmp6RWRdHDnAQWTj8ikysr6eYGKrJ4cR6J5sdCZU8iHRspDo57xLiPIANSW9GaFM4cgGrqDVAVCaM2MgdqigoNEBOWIYrYDKzwRxt7J34kduqzgOtKZjpL9W9R1mUlBDLpwzSK1m4t0Q5oQIj8PdjuCK3&sai=AMfl-YRWFx0bvTwVaFt0N-6ShWMp3DjSZ6BxKZz4_DqZV-NqOBpv6AMUV7nhvtR1vDFXfm3HY2NxI4rNhvuaPxy1FVDcZHdAOvHuU1iLcrLC77DcClxwL8I6wsx1i89pf1WUuUuzas5YMs21cN-ud82Z_nBbL-wSgfwjc2D9UVip45xW1vwe-Hn0ZrmtUpI3omCcirc5J3YPPaFaw-M6sqTgS2W9SsI9Xl-xLEzg_cFiNHO_FkeWuLAVjMdG_7ZjwyoyIr41b676jOglA-ptYygl&sig=Cg0ArKJSzJjhQrkxc7y9EAE&uach_m=[UACH]&pr=8:13F69368AE07CA60&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=704&vt=11&dtpt=450&dett=3&cstd=246&cisv=r20230510.97469&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 21:32:19 GMT
08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
pagead2.googlesyndication.com/bg/ Frame 30EC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 14:52:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14732
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 14:52:20 GMT
visual.jpg
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame 4FCC 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/img/visual.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=mE07Ia4iLt&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b438fcb0b6409866bcf245a57397590528a9db351cceb09953f27f9105069895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=mE07Ia4iLt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 05 May 2023 23:03:50 GMT
x-content-type-options
nosniff
age
599309
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86025
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 May 2024 23:03:50 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame DB4E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssW85QVPnzRKSwvmS0D6Wtvn7PbNyGR8Et4m_2QfC_l_8vPaTmii7KFbCu4mjIRVMYR-hY55n57be7R1noZbAD7zLuSIF20Y9wbNiAoM_ZhNn4FK6egWgqdj78qjMdtVfGwqKQEmf-o7XG6Ydz4V5wbk_-S1vKEaYFk9WraIYWcnvBjdq9ncy7M_fCnaz4-ks9tWOqzL6Hz_CsO-bVOKTxVaT8rHfL2PZtKrFSKJXR6SVz2CFZ3cW18yCgU1mLwL2WUsOoICVOWaWvx4JbuKyZym6sIsjKsbdM-3O6DhCXTeqq45Gfpen2gBNQ4nWZMD7hWOA2CErm7iwc5t79TvpBIDvwqUEFTfxDGkN0uew7brOEjHfjoT26c_E08IJw1CaHsJwkdCgM-JV0J4PzSx7NlYg4LDdxj-AlOZ0kbmJnD-YdKkW3iUrXIAt0q3766fU0PnTCa2PE-niUZog6ukBmChqEY4NmOTC2yJA_mth6ZnsP_eLP_Qgohc4RllfZi5UmFIsx3poLGpGcyZZWTNeny0HZtspmg7HqNAA8TcMnb98iI3tJVpPKctrBM_8RdhzXP9MxCpfpRhH0guLv1B9WfcyLnxUN48u2zDADn-tQqgxU_SqhuRwcBIJDZx95mlcL8CzhUmUMEsb3X1OQOeZnx8mGtO42l2N6QO3N6h5W_L8LcFiuJZyQD7ZVvbdhrlJQ5REDESAE2RrUvlXOQfgCrlTcuEV5DnQEci3lC5M7Ie948DLq7DN1TFCOfDUVi4t2aYmnqB7LJEUqHC3mzZKlZ3IZPCxRQ_duW7O9VIUw8f6AmVt5rIaunwxTjEQR2Ho-T3T5mF_5143Uz0C8cyyoIxjQOQWUBkbhnmMq_UGs8RsUAwqgw4inIlSywGZYbfkSeTZtd9u7AqkpGjBJa15Q9Y0vLqROORfeW7FHtRd0Oo2VTcB5Fst30-NoWfJroAWrXp7Ojw5XN_rANhZzX1kc7JCc1Xi60ev2OZbSTQyi0gmKdiw1ptlt0HMzrMtYkDAn3vCQSyxf7NWP8Q_ozliJBBFPNdnRRTEN5XSg_1jCBAz9op44P14y4sfDp2baev5gENVm860ZPWuw-sFUiKvACOqP98h4ng8OvC_Pqq9NE15DxHMNJAgcaQunzxdrh7F6zTlPeA6QbeTR-BYLsPPr5sEJ7ZDtzJmRnYZfk66Y97lrEEKqHkOPILYRqflISNmbECWrnQhM&sai=AMfl-YRNUtPsHV_A_HO-dg_IePI3TKVSvuDbfT1uT6Hn1h78E5S1fBDl0-W_YNgFZILN6hvr1Ew0pIch9ym16OCAXRe3vM_3b5bQ5qK78o-sTT3eHUMYBA868XNWBGoB3EZCWbTgmjjnkvCRs-vJ3ujFua-5bH2eEXDOubz2k0vO20CNMyNEEJ_CWiBdQV5yeSEdfqoU9SXmdxkfC_FGNnsfoU8ZL5CUkizXt7ZRPX9gA5U1Y32gf_N9uI1VAySWE4cPkhBUWhYkX3LhvrUhMGQ9&sig=Cg0ArKJSzGoaNPUw0PsoEAE&uach_m=[UACH]&pr=8:1931C67B02E439CE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=744&vt=11&dtpt=525&dett=3&cstd=203&cisv=r20230510.14292&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 21:32:19 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 59FF 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb423541ab82843b6141dde6e556d1afb2d6549415f66c2ab0ec43f582f600e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5570
x-xss-protection
0
postback
s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/ Frame FE40 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/postback?to=3&pv=fcccac35-f187-44e5-b531-4f97a2630e94&si=&dm=728x90&pi=XRzobPsLhV&ac=Xmwo1n97Q8&pd=avt&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ti=&gt=DE&ci=948461&ui=&sr=GOOGLE_CONTENTNETWORK&de=2&md=1&dt=9484611597092707615000&ap=&sid=Af7PukAEEPNXAkGF&oz_sc=57d2d9c2eaed052b132640db&oz_df=1683927139156&oz_l=63&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 21:32:19 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
rs
ad4m.at/ Frame 1B96 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8600a2a095d01b93fcdfd935c5b328947fd978001383279a01c37fc1b4ebcd76

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qoWlWa0rDUpqhYt5q6Hg4l%2FIL%2FhD%2Fo1Hsgbf0tTe7MVrIzZ4MvTwcIzInQdQgbBhKWFak6CNwUhwvZ%2F9JbBwsbphui%2BPiNPHixK8bAcVWE8YgkqYDCkgWTUjukB%2FC3iuKV3gDf0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7c65c60c9925383e-FRA
x-backend-server
aa-reachservice-group-europe-west1-0pxx
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
generate_204
tpc.googlesyndication.com/ Frame C485 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7mWWNw
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3976 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46f19cea91581061435c5629fd2b6a6068d2643fa2bc3a1354a24a13e9219f9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5735
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 163B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyBEwNNmZH2rOoVUFrhhgd2H6u3Uc8N8ba4juIstMf2l_Whu794fcc4CTcmuN4GMpoFzW9G_UB8VFRaGmlGDU3WzTP&sig=Cg0ArKJSzA2qVoRS_kpvEAE&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1935728605&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683927137574&rpt=635&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c65c60c68f6383e-FRA
content-length
24
content-type
text/plain
date
Fri, 12 May 2023 21:32:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OgzNZpvq4oUs5ZNGn8xs5aW7gfk2hp9FVv9CvdyvSApeJc9NEO1BVj6ig36mSBLo%2FT3%2FjyB2W8vXgnMKt7AAC%2F4okmlviHnKXuot33HRgA0oSeAmX4WK5JYHO5ld5fnnA%2BR0WU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-0pxx
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3976 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 May 2023 21:32:19 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CAB2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 May 2023 21:32:19 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 59FF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 May 2023 21:32:19 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4FCC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 May 2023 21:32:19 GMT
rar
as.ad4m.at/ad/ Frame FF27 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d047070eebec16f628940dcc9eea0eb9%2F13436559338247333169&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683927139311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h734f169cf18q9wjg7jcf4fyycvmg28qgctm6v75adwhgvvd392tdwbwej4s5r5gbwcftp00fp8sd1zdpa5mejn4h2ztxrwnqxxqgdaaqe0sfhhvs9f8nxcngxg2y80548b1vdey33mczywrwnk63zmzwvknckf8cf3hs9bx03rsjsa2d8tbtrwna2v7jpgw9yqgwg4pnmmpmj5f8053ae172pw7t30m0bwyw4sxegatc75jnxmcvt5knqgn60w2gzv8255mfvh5gyxr3v5d0g39r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e38b113fe143a2e4db2c81bb1f5b18d27f7e279ef354f611e0dd6d80096d18d7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jxmngmb2783a63ezkk0jacse80xaj7ssjmjqn77rtm74zn9y48sczvwdp9s23qvnacr9cqf38k8x6ydne0bc792vsscr1batwxrr6ht9zgkahk7hygt7r9wx4kp8d1bkn7ann1y22zbhtn7paebyc9cpep7zxaee068xx9t79rs1b1z147hxk62ygdagtyh6ds4cc9t4ggw8txvnymktka9hnjp9m3xtay225kr781rh7nj0myh4bdr96j2jk8sn4b3bgfhqt5sh3vej6j9c7rh9me4g700qgraw7vddh125bmc92sd2v6zdhfptzhx66r290w37aeyhpvwt98tyhgageyw1ygam1eehs6f2kz0me63gdamdg7sat371wmcd7m7mvckbqg6a3wb4twp78fd580atg8aj30gqfhkry5vmevcfcx0gp42qxvefdcm8hmjay6pdm2g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%26client%3Dca-pub-6593523210010154%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c65c60d0d1a9b63-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:19 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
pagead2.googlesyndication.com/bg/ Frame BEE8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 14:52:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14732
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 14:52:20 GMT
postback
s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/ Frame FE40 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/postback?to=3&pv=fcccac35-f187-44e5-b531-4f97a2630e94&si=&dm=728x90&pi=XRzobPsLhV&ac=Xmwo1n97Q8&pd=avt&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ti=&gt=DE&ci=948461&ui=&sr=GOOGLE_CONTENTNETWORK&de=2&md=1&dt=9484611597092707615000&ap=&sid=Af7PukAEEPNXAkGF&oz_sc=57d2d9c2eaed052b132640db&oz_df=1683927139343&oz_l=2859&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 21:32:19 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
pagead2.googlesyndication.com/bg/ Frame AC18 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 14:52:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14732
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 14:52:20 GMT
visual.jpg
s0.2mdn.net/sadbundle/9170381621892120779/img/ Frame 59FF 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/img/visual.jpg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb578159169bb38173ca68b7f9ce061b18af4e4e6724bf3c9c3e745cc954f177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=4K0AJYh5Rj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 14:34:00 GMT
x-content-type-options
nosniff
age
543499
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94238
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 14:34:00 GMT
08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
pagead2.googlesyndication.com/bg/ Frame 294E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 14:52:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14732
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 14:52:20 GMT
6363a944e4b0125bde9e6739
ng.virgul.com/tck/i_vb2/ Frame 5454 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/6363a944e4b0125bde9e6739?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1683927139446&userId=vnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 21:32:19 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame 5454 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1683927139446&userId=vnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 21:32:19 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed771bae4b07a92411bc04c
ng.virgul.com/tck/i_vb2/ Frame 5454 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1683927139446&userId=vnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 21:32:19 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed771e3e4b07a92411bc04e
ng.virgul.com/tck/i_vb2/ Frame 5454 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1683927139446&userId=vnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 21:32:19 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame FF27 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d047070eebec16f628940dcc9eea0eb9%2F13436559338247333169&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683927139311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h734f169cf18q9wjg7jcf4fyycvmg28qgctm6v75adwhgvvd392tdwbwej4s5r5gbwcftp00fp8sd1zdpa5mejn4h2ztxrwnqxxqgdaaqe0sfhhvs9f8nxcngxg2y80548b1vdey33mczywrwnk63zmzwvknckf8cf3hs9bx03rsjsa2d8tbtrwna2v7jpgw9yqgwg4pnmmpmj5f8053ae172pw7t30m0bwyw4sxegatc75jnxmcvt5knqgn60w2gzv8255mfvh5gyxr3v5d0g39r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d047070eebec16f628940dcc9eea0eb9%2F13436559338247333169&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683927139311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h734f169cf18q9wjg7jcf4fyycvmg28qgctm6v75adwhgvvd392tdwbwej4s5r5gbwcftp00fp8sd1zdpa5mejn4h2ztxrwnqxxqgdaaqe0sfhhvs9f8nxcngxg2y80548b1vdey33mczywrwnk63zmzwvknckf8cf3hs9bx03rsjsa2d8tbtrwna2v7jpgw9yqgwg4pnmmpmj5f8053ae172pw7t30m0bwyw4sxegatc75jnxmcvt5knqgn60w2gzv8255mfvh5gyxr3v5d0g39r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
366783
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXOa8s9oFn2Vj4s%2BpV%2FLtMEUeyxHN2vigbdloauYc2UaaYU974Iz1gTow6J4eVsZrp5yRVyJlrbFxUkrId%2FdE7ssNi5uw9O8xUGaaMpTKu9eG6FuM6reNcRmroFRz0AFKXffkJlq1co%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7c65c60d9da89b63-FRA
expires
Fri, 12 May 2023 22:32:19 GMT
C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame FF27 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d047070eebec16f628940dcc9eea0eb9%2F13436559338247333169&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683927139311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h734f169cf18q9wjg7jcf4fyycvmg28qgctm6v75adwhgvvd392tdwbwej4s5r5gbwcftp00fp8sd1zdpa5mejn4h2ztxrwnqxxqgdaaqe0sfhhvs9f8nxcngxg2y80548b1vdey33mczywrwnk63zmzwvknckf8cf3hs9bx03rsjsa2d8tbtrwna2v7jpgw9yqgwg4pnmmpmj5f8053ae172pw7t30m0bwyw4sxegatc75jnxmcvt5knqgn60w2gzv8255mfvh5gyxr3v5d0g39r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84162
cf-polished
origFmt=png, origSize=10283
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4736
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Apr 2023 12:21:02 GMT
server
cloudflare
etag
"b90d04a587c2a1ab6749e51d8bb195d1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gu26pnMqokyVmdzQYXiEEnTIyVPvtabhDynaJ3W6Nz2hhS%2F5tAxz4qvjRWiU8cPnff0hemexW4o8Dj5Xc0f8ZZQ%2FfEmswCE5nzzN6lqhlVTFvfCd0v2YbbeB7PVvSn6XisXlCBvWhWB0KTzF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c65c60db9199b49-FRA
expires
Sat, 13 May 2023 21:32:19 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame FF27 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d047070eebec16f628940dcc9eea0eb9%2F13436559338247333169&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683927139311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h734f169cf18q9wjg7jcf4fyycvmg28qgctm6v75adwhgvvd392tdwbwej4s5r5gbwcftp00fp8sd1zdpa5mejn4h2ztxrwnqxxqgdaaqe0sfhhvs9f8nxcngxg2y80548b1vdey33mczywrwnk63zmzwvknckf8cf3hs9bx03rsjsa2d8tbtrwna2v7jpgw9yqgwg4pnmmpmj5f8053ae172pw7t30m0bwyw4sxegatc75jnxmcvt5knqgn60w2gzv8255mfvh5gyxr3v5d0g39r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1941311
cf-polished
origSize=105738, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
92686
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGE5vNfprcyRePQGXwOJF1IgX4nFq8XgXSdDhIaxpp9TfAMdU3QyAJV8%2Fdc7fK1pEWoQktfUoYwc1n3HrCmvUcMF8flPoXx7BuRmRGV1npahAUvPEJ73rNd3YdXkVBNnFfHj72Q%2FqU%2F80gVy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c65c60e3e559b63-FRA
expires
Sat, 13 May 2023 21:32:19 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame FF27 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d047070eebec16f628940dcc9eea0eb9%2F13436559338247333169&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683927139311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h734f169cf18q9wjg7jcf4fyycvmg28qgctm6v75adwhgvvd392tdwbwej4s5r5gbwcftp00fp8sd1zdpa5mejn4h2ztxrwnqxxqgdaaqe0sfhhvs9f8nxcngxg2y80548b1vdey33mczywrwnk63zmzwvknckf8cf3hs9bx03rsjsa2d8tbtrwna2v7jpgw9yqgwg4pnmmpmj5f8053ae172pw7t30m0bwyw4sxegatc75jnxmcvt5knqgn60w2gzv8255mfvh5gyxr3v5d0g39r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1627960
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atSDTYXZphKPpsSlx2L9jr4%2BtP5uPPncaP%2FV0H8KfYR6lulLeoiiMcWmTNjT7zapLD2lJTvGGb0EGSMGsgQ%2FgWO3hb4erhBwx4mLt5t0xGXUNHUivwRGYrIGc0yS2Ewxl%2B5sWNhC9nLBBJsV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c65c60e3e579b63-FRA
expires
Sat, 13 May 2023 21:32:19 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame FF27 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d047070eebec16f628940dcc9eea0eb9%2F13436559338247333169&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683927139311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h734f169cf18q9wjg7jcf4fyycvmg28qgctm6v75adwhgvvd392tdwbwej4s5r5gbwcftp00fp8sd1zdpa5mejn4h2ztxrwnqxxqgdaaqe0sfhhvs9f8nxcngxg2y80548b1vdey33mczywrwnk63zmzwvknckf8cf3hs9bx03rsjsa2d8tbtrwna2v7jpgw9yqgwg4pnmmpmj5f8053ae172pw7t30m0bwyw4sxegatc75jnxmcvt5knqgn60w2gzv8255mfvh5gyxr3v5d0g39r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1207838
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhF4My3c5pT8FX7GpsY0Tk4MdmedoMGCrA0ifevRTlNqZa77uSHCf3FS8%2B%2Fge5uEOtKpstZv6X0mEClrltTWkekzjV2p2Bl1PzcDfxuulmroYcrNscZWXBM6i6ZNzoEw4bamZ3k0Adt4Li4o"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c65c60e3e599b63-FRA
expires
Sat, 13 May 2023 21:32:19 GMT
cshow.php
www.awin1.com/ Frame FF27 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d047070eebec16f628940dcc9eea0eb9%2F13436559338247333169&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683927139311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h734f169cf18q9wjg7jcf4fyycvmg28qgctm6v75adwhgvvd392tdwbwej4s5r5gbwcftp00fp8sd1zdpa5mejn4h2ztxrwnqxxqgdaaqe0sfhhvs9f8nxcngxg2y80548b1vdey33mczywrwnk63zmzwvknckf8cf3hs9bx03rsjsa2d8tbtrwna2v7jpgw9yqgwg4pnmmpmj5f8053ae172pw7t30m0bwyw4sxegatc75jnxmcvt5knqgn60w2gzv8255mfvh5gyxr3v5d0g39r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 21:32:19 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame FF27 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d047070eebec16f628940dcc9eea0eb9%2F13436559338247333169&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683927139311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h734f169cf18q9wjg7jcf4fyycvmg28qgctm6v75adwhgvvd392tdwbwej4s5r5gbwcftp00fp8sd1zdpa5mejn4h2ztxrwnqxxqgdaaqe0sfhhvs9f8nxcngxg2y80548b1vdey33mczywrwnk63zmzwvknckf8cf3hs9bx03rsjsa2d8tbtrwna2v7jpgw9yqgwg4pnmmpmj5f8053ae172pw7t30m0bwyw4sxegatc75jnxmcvt5knqgn60w2gzv8255mfvh5gyxr3v5d0g39r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2085846
cf-polished
origFmt=png, origSize=62828
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36446
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRzwCGMK27K7FGR4fGN3WGtU1XVaFMhqgRK8OD7PIHXf8W68XkqsibtXCaWaXIkImmh5xd8xZbtpTDgKOJgtwBtlytBHU4bQoa8bLXNT86mR1chnBBc25ya5IwQl05y7kWK2VwbM%2B1IpORoz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c65c60e3e5a9b63-FRA
expires
Sat, 13 May 2023 21:32:19 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame FF27 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d047070eebec16f628940dcc9eea0eb9%2F13436559338247333169&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683927139311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h734f169cf18q9wjg7jcf4fyycvmg28qgctm6v75adwhgvvd392tdwbwej4s5r5gbwcftp00fp8sd1zdpa5mejn4h2ztxrwnqxxqgdaaqe0sfhhvs9f8nxcngxg2y80548b1vdey33mczywrwnk63zmzwvknckf8cf3hs9bx03rsjsa2d8tbtrwna2v7jpgw9yqgwg4pnmmpmj5f8053ae172pw7t30m0bwyw4sxegatc75jnxmcvt5knqgn60w2gzv8255mfvh5gyxr3v5d0g39r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2340887
cf-polished
qual=85, origFmt=jpeg, origSize=133780
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28740
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImqTEiRRNwU9XIGZ4dzzaEcJktKrJE9ygXL96caa%2FGVL8KnrO3HpqG360vqJjg%2FieXFvFezqAK5jcMwlkcw71ldkZBmoVQI29S1ScR2nIXvti0XRXkYuc%2F3uURGujxLdTU3LtNnm4RgsJPdZ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c65c60e3e5d9b63-FRA
expires
Sat, 13 May 2023 21:32:19 GMT
cshow.php
www.awin1.com/ Frame FF27 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d047070eebec16f628940dcc9eea0eb9%2F13436559338247333169&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683927139311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h734f169cf18q9wjg7jcf4fyycvmg28qgctm6v75adwhgvvd392tdwbwej4s5r5gbwcftp00fp8sd1zdpa5mejn4h2ztxrwnqxxqgdaaqe0sfhhvs9f8nxcngxg2y80548b1vdey33mczywrwnk63zmzwvknckf8cf3hs9bx03rsjsa2d8tbtrwna2v7jpgw9yqgwg4pnmmpmj5f8053ae172pw7t30m0bwyw4sxegatc75jnxmcvt5knqgn60w2gzv8255mfvh5gyxr3v5d0g39r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 21:32:19 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C21E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=1475720954006208&rc=
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
logo-joyn.svg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ Frame 3976 		864 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/logo-joyn.svg
Requested by
Host: joyn-creative-hosting.s3-eu-west-1.amazonaws.com
URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/polite.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.72.17 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8695956c55e8679652a5e34279fbcf353078c3883143582a847b8a26a50a3774

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:20 GMT
Last-Modified
Mon, 04 May 2020 20:14:51 GMT
Server
AmazonS3
x-amz-request-id
5X71XMVVZZBWNZMW
ETag
"4cfbd49bbe5134d80e544db8176b5503"
Access-Control-Max-Age
0
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
864
x-amz-id-2
BJmJt3XIP6BufqxLzPEWtrWrS91WCF07pe2O0yFtRiCAMu68KrwMdRDR6CVSS8PTEK2X2VRSYGMZD8e3a1TW6Q==
baseanimation_su.js
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/ Frame 3976 		28 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_su.js
Requested by
Host: joyn-creative-hosting.s3-eu-west-1.amazonaws.com
URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/polite.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.72.17 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
573d02c8ab3c7077877b487a446e8cfab1945fc1d348b986252801a88c128173

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:20 GMT
Last-Modified
Wed, 23 Nov 2022 14:42:12 GMT
Server
AmazonS3
x-amz-request-id
5X7EJJ96PJ8HEXW0
ETag
"bacba976cbdca65375a4cebccf543e83"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
29015
x-amz-id-2
uK50g1Z4DtS+dRSS+IDABr+T74ppHiXADLNnKYtOAqEkZVmID49GtDCqtbcD9bauoR/T2yGtoT90PZfZJahxhg==
logo-plus.svg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ Frame 3976 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/logo-plus.svg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.72.17 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9272dfdf03239cf58af5784397ea6611f8a902c28d21c6a1735b77507283c31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:20 GMT
Last-Modified
Mon, 04 May 2020 20:14:51 GMT
Server
AmazonS3
x-amz-request-id
5X7DHEKXFPQPQ3NK
ETag
"6d3478b94a6fd3697605ca78e6f49b56"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1416
x-amz-id-2
J6Decu/jR50vyRDZsX5ChFLqEDfiz6tZMJw9ZIUtGs11kHNkVps4lX88eZDUH6+SfLADjfzGPynvwoNtjAjDgg==
teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pklb5cky45g/728x90/ Frame 3976 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pklb5cky45g/728x90/teaser3_@1.5x.jpg?v=2023512213219400
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.72.17 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b6cbd4b6fad0e7ac8de858aa3363b341718b95996e70e10209e84f986f4908b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:20 GMT
Last-Modified
Wed, 22 Mar 2023 16:25:54 GMT
Server
AmazonS3
x-amz-request-id
5X76J1Y7B6GYN3NX
ETag
"37982cadcac0fd1ca51048adb1e91376"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
20107
x-amz-id-2
liAWG+ULRLSU8NPSJZz0saqGPL57XxU8djD7Ijp6uSMbzHxrxYb/l9mrdDLUda7FkZXI62piUM+Y6+W3jH4k0Q==
teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_po9y9840zl0/728x90/ Frame 3976 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_po9y9840zl0/728x90/teaser3_@1.5x.jpg?v=2023512213219400
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.72.17 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3bde41b326893ba56dee76c0e8e0d90b00356c0e0b25700e7b251d1038ec9060

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:20 GMT
Last-Modified
Fri, 03 Feb 2023 08:15:31 GMT
Server
AmazonS3
x-amz-request-id
5X74WDQSVH0008NB
ETag
"1924ba9ee3cda99eb0b98bbbf4f07f81"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
11780
x-amz-id-2
mJfDjXVnC0SPFCXnKKLL1sYSTDsYA84k7i5LeiUb/dkksavEQ4czDP7Qv2WNbk/UwzyFm1RfbB/HylsVvyNQBw==
teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_ptzm2qh0gts/728x90/ Frame 3976 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_ptzm2qh0gts/728x90/teaser3_@1.5x.jpg?v=2023512213219400
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.72.17 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88613123383fdeb876290f3bfae4876739dd454eb50c9da4689d3560327ab4f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:20 GMT
Last-Modified
Wed, 18 May 2022 12:35:06 GMT
Server
AmazonS3
x-amz-request-id
5X75QAS98J1FSGCN
ETag
"55aa3f13a4a2a9be8207f98fa8b5bfd4"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
19439
x-amz-id-2
xc08Q0e2L6P/diiYyqBvbRwyfrk57rxTOqjtsZ0iyk0uaA1QZQfnZQhhBY6G9WoxG/OA0yr8rqIDoBb0HpNt/g==
logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pklb5cky45g/ Frame 3976 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pklb5cky45g/logo.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.72.17 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
384cd2e9537de04af94a6c308e08cbe86da932ed77f40eef7e69230c67328f36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:20 GMT
Last-Modified
Thu, 02 Mar 2023 13:12:11 GMT
Server
AmazonS3
x-amz-request-id
5X74JR0B13MQNG5W
ETag
"83d786849ad0a859531ddd8fe66b0aab"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5475
x-amz-id-2
wDxSCphu+xtlFAZK2kuyiDkzBzafaVHOZnGHJHqLI3iT6iqmj3q6kBEXUomy2UwizXiT+vFN9dx73Cy2fS9VHA==
logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_po9y9840zl0/ Frame 3976 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_po9y9840zl0/logo.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.72.17 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fbdf3696870736c5efc3c56476804f8613b64ab8b92c0761f7edcfb0949c60d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:20 GMT
Last-Modified
Thu, 02 Feb 2023 10:33:04 GMT
Server
AmazonS3
x-amz-request-id
5X77KJPXM5S89YJM
ETag
"71d1e730ff9088ffdbb8a34ec2eab4e6"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5856
x-amz-id-2
+7seYDAzX5jsmmntuGXAbpJqJZNmHMMhi5XpYLJcEyqcd093/yY7TlitjoSFhxmw7RpJEOGYsuOONw+IWOwTiQ==
logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_ptzm2qh0gts/ Frame 3976 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_ptzm2qh0gts/logo.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.72.17 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68a4fa7dec536b911c2a8b38d4bc6509daeb9af7a03dc49ae6a36143e4f2ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:20 GMT
Last-Modified
Thu, 30 Jun 2022 10:51:19 GMT
Server
AmazonS3
x-amz-request-id
5X7909WPH6S7CBQ5
ETag
"fc5d0c6f115f6f777b62628926fc8b86"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
14895
x-amz-id-2
ionXJquC5ylgNO6Gh0nGFlelvRS5x4saNmSxUT2KweZ3CP7Y0reb2vtw4xxEC5i+OCXLG0hTaAkqJwocpOKYQQ==
joyn.svg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ Frame 3976 		1006 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/joyn.svg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.72.17 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1040aff8919d515c3d55763698fb4682a4e130a5023eb3d3d293f48e106f31f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:20 GMT
Last-Modified
Wed, 16 Dec 2020 09:18:49 GMT
Server
AmazonS3
x-amz-request-id
5X78RQRNJANDJMC6
ETag
"b70e85b2fd2c0045f066333d5a14d772"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1006
x-amz-id-2
JNgxsc6gZNNDzAVXpbk3nw+Posdg6cBiiwpd5fU7lp35KJKedzoZHTYqIYrHd22yfDEQNdDgL951QwENh7R6hg==
08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
pagead2.googlesyndication.com/bg/ Frame F67D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 14:52:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14732
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 14:52:20 GMT
08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
pagead2.googlesyndication.com/bg/ Frame 7921 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 14:52:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14732
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 14:52:20 GMT
08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
pagead2.googlesyndication.com/bg/ Frame 0909 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 14:52:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14732
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 14:52:20 GMT
08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
pagead2.googlesyndication.com/bg/ Frame 1111 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 14:52:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14732
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 14:52:20 GMT
link.html
track.webgains.com/ Frame FF27 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwykmayxf2gk3pzb1ephyy4ncs9fm0mx9ggg43p1rekx0bqz7zht8ccmqxj2f3zw1n1afj1n80g0dkty4n8544x7xqhqatea4y53gb4kpht3hb9jjmxk9tw8jm1f8e3w2njh5zz92zafbgh29hzpvxtr5he26tay3vzyg1ay2yfj3zggb72pxj3npppke01fxqnbba4k4rk38cxwtfjp45g004wjqkfbjn83bvn6wbxd0rdn4tmm8gn09zmjshaxjy8e%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h734f169cf18q9wjg7jcf4fyycvmg28qgctm6v75adwhgvvd392tdwbwej4s5r5gbwcftp00fp8sd1zdpa5mejn4h2ztxrwnqxxqgdaaqe0sfhhvs9f8nxcngxg2y80548b1vdey33mczywrwnk63zmzwvknckf8cf3hs9bx03rsjsa2d8tbtrwna2v7jpgw9yqgwg4pnmmpmj5f8053ae172pw7t30m0bwyw4sxegatc75jnxmcvt5knqgn60w2gzv8255mfvh5gyxr3v5d0g39r%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d047070eebec16f628940dcc9eea0eb9%2F13436559338247333169&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683927139311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h734f169cf18q9wjg7jcf4fyycvmg28qgctm6v75adwhgvvd392tdwbwej4s5r5gbwcftp00fp8sd1zdpa5mejn4h2ztxrwnqxxqgdaaqe0sfhhvs9f8nxcngxg2y80548b1vdey33mczywrwnk63zmzwvknckf8cf3hs9bx03rsjsa2d8tbtrwna2v7jpgw9yqgwg4pnmmpmj5f8053ae172pw7t30m0bwyw4sxegatc75jnxmcvt5knqgn60w2gzv8255mfvh5gyxr3v5d0g39r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.135.219.122 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
server
awselb/2.0
content-length
45
content-type
text/html
postback
s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/ Frame FE40 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/postback?to=3&pv=fcccac35-f187-44e5-b531-4f97a2630e94&si=&dm=728x90&pi=XRzobPsLhV&ac=Xmwo1n97Q8&pd=avt&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ti=&gt=DE&ci=948461&ui=&sr=GOOGLE_CONTENTNETWORK&de=2&md=1&dt=9484611597092707615000&ap=&sid=Af7PukAEEPNXAkGF&oz_sc=57d2d9c2eaed052b132640db&oz_df=1683927139591&oz_l=49&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 21:32:19 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame 3AA3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmC5ATNUuLoZX6Y_zSdP1qEoXq7NtLp4D2IQXNE_hWmiH5IW54q70lQrGPDBogVWrm1lWGCV-ozSL5smsoq-driwmnpRWUwHhxCDxAMg57QVd-VOkg&sig=Cg0ArKJSzOCxFOPwYuLEEAE&id=lidar2&mcvt=1089&p=0,0,600,160&mtos=1089,1089,1089,1089,1089&tos=1089,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3299242717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683927137806&rpt=778&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3AA3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstd6ZjPEZvM2og4R3i9nGGgfBtrQnbVLZ1wj3Ihws-nUfFC-Ym4wlBJx39sYepLOFQ8jYfnOXZRn7Fu8ntCgGuCaH9Ge7AKZ9o&sig=Cg0ArKJSzMgzYF7erxaTEAE&id=lidar2&mcvt=1093&p=0,0,600,160&mtos=1093,1093,1093,1093,1093&tos=1093,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683927137806&rpt=784&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 5CD5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?aJNo8g
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 9F57 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdLi6KbShDfVwFcpZodzio09v9wS8ay7BHqVExpczU3co8s9Y3D4l_Nvh0znLNG_Me0cfEdSqsw1gTzFmX7O4xLMRDqfXhZKA5u5ZciymyIN5T54KW&sig=Cg0ArKJSzJLsBjNgl0tDEAE&id=lidar2&mcvt=1119&p=0,0,600,160&mtos=1119,1119,1119,1119,1119&tos=1119,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3203893797&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683927137899&rpt=775&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9F57 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstX3GXqMDaJ1hJnvSacjpQ20VUzaODqGH0y1ccpBzfCKGBwVJkvbv_2C9r6SGd1CLt5tr_FiR4A89xEEWM2HFqeId_df2leSGE&sig=Cg0ArKJSzFJIxLwrzzj8EAE&id=lidar2&mcvt=1120&p=0,0,600,160&mtos=1120,1120,1120,1120,1120&tos=1120,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683927137899&rpt=783&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pklb5cky45g/728x90/ Frame 3976 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pklb5cky45g/728x90/teaser3_@1.5x.jpg?v=2023512213219400
Requested by
Host: joyn-creative-hosting.s3-eu-west-1.amazonaws.com
URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_su.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.72.17 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b6cbd4b6fad0e7ac8de858aa3363b341718b95996e70e10209e84f986f4908b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:20 GMT
Last-Modified
Wed, 22 Mar 2023 16:25:54 GMT
Server
AmazonS3
x-amz-request-id
5X7D42BQ5N4V510T
ETag
"37982cadcac0fd1ca51048adb1e91376"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
20107
x-amz-id-2
7QtbKJ9Xjj283Wr6CJNHntJibzDl96q96pBEaBlJFX3/gQvvbIssKSQw5jIN3rfqZ0BQLnXVlGJOBhLsCMCZTw==
teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_po9y9840zl0/728x90/ Frame 3976 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_po9y9840zl0/728x90/teaser3_@1.5x.jpg?v=2023512213219400
Requested by
Host: joyn-creative-hosting.s3-eu-west-1.amazonaws.com
URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_su.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.72.17 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3bde41b326893ba56dee76c0e8e0d90b00356c0e0b25700e7b251d1038ec9060

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:20 GMT
Last-Modified
Fri, 03 Feb 2023 08:15:31 GMT
Server
AmazonS3
x-amz-request-id
5X7CR56EWQ8VGVV2
ETag
"1924ba9ee3cda99eb0b98bbbf4f07f81"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
11780
x-amz-id-2
pLMHjLnC8T1bpNuIJMtazSGxHV1XKhbdwzVkXVbBxQJ7kGPDz9pPU2Pp1IvSk3e7EMU5SFbx16tinpfJlcfD9g==
teaser3_@1.5x.jpg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_ptzm2qh0gts/728x90/ Frame 3976 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_ptzm2qh0gts/728x90/teaser3_@1.5x.jpg?v=2023512213219400
Requested by
Host: joyn-creative-hosting.s3-eu-west-1.amazonaws.com
URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_su.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.72.17 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88613123383fdeb876290f3bfae4876739dd454eb50c9da4689d3560327ab4f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:20 GMT
Last-Modified
Wed, 18 May 2022 12:35:06 GMT
Server
AmazonS3
x-amz-request-id
5X78M6G92SJEZK00
ETag
"55aa3f13a4a2a9be8207f98fa8b5bfd4"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
19439
x-amz-id-2
ExpXE8RqUfB5L2OybYC5+84xlhnSQvWkcsEGn/DHBhPprBq8Dsb+GNvxTjvP/CG6P2K9su6l8oZggQdnwqH3oA==
truncated
/ Frame 3976 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44718d713af08035d3f9d246d249df63ed5d433a1d8571429241de984c0c4dd7

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ Frame 3976 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77f331acc0b5e3b63fcd3f31e9d334628691e1314b6fb0154b4ca5535828030a

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 32FE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9MbT2FucI52EutAZf5v99TKoD4o_isl3mDg7KGv_v39j1_92wdqqNjONc1Ps9s3XVvCzcra8FsZ2Dlj5W6W6JXEFl-HrVGeo&sig=Cg0ArKJSzPPLFLMP8ySOEAE&id=lidar2&mcvt=1131&p=0,0,90,728&mtos=1131,1131,1131,1131,1131&tos=1131,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683927137837&rpt=1010&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 32FE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuobEb45ucDovS8AZhDQjjRVPDgxHuto7OJxWAL8YQFYaoKhMi4HPhHL9jVVq3u6IW8y2MS5mBBh53Tox01Yvu61PnKCLyqqhtPPd_Jbk-nYBtHPjFa&sig=Cg0ArKJSzI7_9oh-FBKLEAE&id=lidar2&mcvt=1135&p=0,0,90,728&mtos=1135,1135,1135,1135,1135&tos=1135,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=456810305&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683927137837&rpt=1004&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rid
match.adsrvr.org/track/ Frame 5454 		63 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
13364ebab0adb45fc6ea6eebc0e96cc49fb1682d584148e2c2398e59ee4bd330

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 May 2023 21:32:20 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ye-mek.net
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sun, 11 Jun 2023 21:32:20 GMT
usync.html
eus.rubiconproject.com/ Frame D8F1 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 May 2023 21:32:20 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C88F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=46277
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 12 May 2023 21:32:20 GMT
expires
Sat, 13 May 2023 10:23:37 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 6046 		0
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame E256 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 12 May 2023 21:32:20 GMT
ETag
"623de86a-cf34"
Expires
Sat, 13 May 2023 21:32:22 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 914A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_sihX6ZDYWdjjmqSNlxCv1ohQQ5IAN45tdFthSvgRIIWxbc8MIPuVwKRha5EHoaIRzHL_vXY3-tIrCWtpAQa07yLMfcMZwQoPC2420hfpyFZDTlYQ&sig=Cg0ArKJSzHiQN2u1AgRdEAE&id=lidar2&mcvt=1154&p=0,0,250,300&mtos=1154,1154,1154,1154,1154&tos=1154,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=615407983&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683927137126&rpt=1735&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2886 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=3176556897090518&bg=!7-yl7LjNAAYldGN0BXQ7ADkAdvg8Wr7P5yQvZNg_Su-izNeNsvMDPb2Xfht0b8UJRxSpsEe-yNdKF8MsZDOGRUST6_RLlbyc7ekCAAABO1IAAAACaAEHCgAiAiGmTh3tAVrBMpSjjYJHeZIiFw4efLmDTFGsnYmhMcx9p5kDAIMCuHnVnsuTORKKPzbkCkiX7PVuMUSAYjHidTnfKeIQqGrY9k03gisVC48-cYt3gu795EhyifA7zxGWGZkrtISkrBOBYOSZEii96bSLgLX7VxpB9KMoV3RdA76_oSNbXTNy-eaJqj1l51rQkN5rgAOM9lHZ-QjdtD_rYr6pop187MmsQKXGi-w9wtl6nWQmVeessXh3o2pksenJAn7iX1dyz8ddcJLIe1nGAVE2zWOki5MED0HcLNGY4kRVF9rSHyM0TOjxyQLVXqUAGEcx3wtlVtkqDmRldH7as92WGmwJc37MVn9V94xzNFUWGZHOLa4wR2QrGNwEtjuiG2jV8Yj4cvnYmSZggk8wfRum6ZxEPmAocSL-xFdnYQXyUPpYByH2RezxsghJXhnFokd8izsc-sK9_204lBYoBFhQNJjMFanKeD-vWmV7y_lET5oN91iVwqMUSr99ISbS0yW2oXW-FKhBMpKpvSYHTWsuHZBpNErHQrMJOkRgaolSrBkbqaIxfzuQu7kdGI80AC7_eGd0RVrI6jDhf08UX_uo_uwqEqH-uN-Yr06Xw89KM5otPolNwUuoU-rElOxLBeaH-BjsBEgUHiThxZPIrFZ-BVKMa4VEhY45499uSROJjoRlwwZHlMitUdeCCObGn0rjjBhNveaqKk51Ki7lkXefP3MTNnKy1eF7aFOuj8o-nbAWYDcbU5QsBmoupu7097r_rTw-I8QOBeM2Db9qNjdDT3NdYhrMMdQOCBdioCKd4kz_Bi8j2htg_IrI4ZVvgwr16kewYZdQf3K66eLNm0Bj52w4sh-sooo9IUxw2PvvWJcpRbUTzSBddruKUj3JQHYlkFNfLFP37juUQT04s10R7UtZu3LIwka10Tn7DupDUpsuSMl9iuXJRJi7ub5el9hLg4IOBCZT6BKhGXGoc0HuEV22UUhurjoO1rqibhkAluXm9rb_GHOrOK1LYdOeWsrH80971O7-urhPJbrRrTekgL6qg6YPyMQQVI5871dOXcLNDQ
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame 5454 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1683927136214&userId=vnetdb2e3a66-accf-46cc-ab60-e7ce75756ab1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 21:32:20 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
usync.js
eus.rubiconproject.com/ Frame D8F1 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8fcb56caf9cbe84a2f9bf49ffdad370f4d26f2988d7565a10be0bb2f40cc826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 May 2023 11:59:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52053
Connection
keep-alive
Content-Length
10021
Expires
Sat, 13 May 2023 11:59:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AA3 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5387312497132&version=m202301230201&ct=76&x=8&cor=9347737207684751000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F57 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1846534580662&version=m202301230201&ct=76&x=8&cor=10256688904244488000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google-vast-viewability
csm.eu.criteo.net/ Frame 96A5 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csm.eu.criteo.net/google-vast-viewability?cppv=3&cpp=HoDPtNyxVrEO2vWVV5nRPrL2-FmAN6s2_9NaAOaQMt_Ulgi0jaenM8myNDUnDCoK2MUNUF0UvHDeH5b5nV6E_2vILmsvUyDH5gob21q54dkqc07ex9Cp1_2OiAWvg7msLQXbIuiBVofI2PAlAh1J4utx-2a-QepnYTaW3K6HLkrNsnC6R_xW8yGGvi_P7LefvgwBy3phD548onzd7mYxpmBwctsTkO-JkOKcGk1i9pmsNOZfTuj00nxLe7A
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 96A5 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviJgjiEFLkrW01oH5QK6d6Q-UiXPHB7Y43u7ASef0gxhffN1vYHJFNtsj_Q05bjRDebuJawr_Nnw4gyxTMoHyVj7k&sig=Cg0ArKJSzFftK9NLoNhtEAE&id=lidarv&acvw=sv%3D951%26v%3D20230510%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2274,0,0,0,0%26mtos%3D2274,2274,2274,2274,2274%26amtos%3D0,0,0,0,0%26mcvt%3D2274%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2461%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D227%26dur%3D20000%26vmtime%3D2476%26dtos%3D2274%26dtoss%3D1%26dvs%3D2274%26dfvs%3D2274%26dvpt%3D2461%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D516314257%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A1,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2274&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1683927137774
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pklb5cky45g/ Frame 3976 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_pklb5cky45g/logo.png
Requested by
Host: joyn-creative-hosting.s3-eu-west-1.amazonaws.com
URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_su.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.72.17 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
384cd2e9537de04af94a6c308e08cbe86da932ed77f40eef7e69230c67328f36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:21 GMT
Last-Modified
Thu, 02 Mar 2023 13:12:11 GMT
Server
AmazonS3
x-amz-request-id
GPAC4YENGHJ2PX26
ETag
"83d786849ad0a859531ddd8fe66b0aab"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5475
x-amz-id-2
89WEO5ihXH+xSFLWeXw1M0BuM2x6X/qR7wDTvcWfAskczzpVKTHDsvh4iA7eUYo1lBPZDhHHpBOpUd5tCieA6g==
joyn.svg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ Frame 3976 		1006 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/joyn.svg
Requested by
Host: joyn-creative-hosting.s3-eu-west-1.amazonaws.com
URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_su.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.72.17 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1040aff8919d515c3d55763698fb4682a4e130a5023eb3d3d293f48e106f31f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:21 GMT
Last-Modified
Wed, 16 Dec 2020 09:18:49 GMT
Server
AmazonS3
x-amz-request-id
GPACDKJR97NR459S
ETag
"b70e85b2fd2c0045f066333d5a14d772"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1006
x-amz-id-2
2PpHD8rMwD8Wv0aRC1hDwoyQBSCHeTq8ELzdRfbR6Ihp1k3l1M8A7PFeSvXoCbHcn1nEW1xc1/+u0FLbTZZsdw==
logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_po9y9840zl0/ Frame 3976 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_po9y9840zl0/logo.png
Requested by
Host: joyn-creative-hosting.s3-eu-west-1.amazonaws.com
URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_su.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.72.17 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fbdf3696870736c5efc3c56476804f8613b64ab8b92c0761f7edcfb0949c60d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:21 GMT
Last-Modified
Thu, 02 Feb 2023 10:33:04 GMT
Server
AmazonS3
x-amz-request-id
GPA0QZCTNX91JMC0
ETag
"71d1e730ff9088ffdbb8a34ec2eab4e6"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5856
x-amz-id-2
Jp1yd6G7W+it9/A7Kb8RvD+Ju5o4cT0u5VlK0XeW19Vam0wRzhJdN23T1YCHGhaDFCJOHmJi2TSakYfUKR/ipQ==
logo.png
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_ptzm2qh0gts/ Frame 3976 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/shows/d_ptzm2qh0gts/logo.png
Requested by
Host: joyn-creative-hosting.s3-eu-west-1.amazonaws.com
URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_su.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.72.17 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68a4fa7dec536b911c2a8b38d4bc6509daeb9af7a03dc49ae6a36143e4f2ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 21:32:21 GMT
Last-Modified
Thu, 30 Jun 2022 10:51:19 GMT
Server
AmazonS3
x-amz-request-id
GPAC078QSE5CWWMJ
ETag
"fc5d0c6f115f6f777b62628926fc8b86"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
14895
x-amz-id-2
VqGNBbx99RVmv3O4GUTYh9i1K/Juxf5i8uQhi3SEnMl8Hm8smTiyeT5M4Nrp9iZopadkwn2V+GY+IX1Y5Xq8aQ==
PugMaster
image6.pubmatic.com/AdServer/ Frame C88F 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73120540&p=159432&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6915cd200209479a271f531097ee0af4c78551db6a7f922481a18f1a0bf870b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 12 May 2023 21:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame E256 		0
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 21:32:20 GMT
AN-X-Request-Uuid
9fbe73a9-5c2e-4745-964a-cbff870187e1
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
postback
s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/ Frame FE40 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/postback?to=3&pv=fcccac35-f187-44e5-b531-4f97a2630e94&si=&dm=728x90&pi=XRzobPsLhV&ac=Xmwo1n97Q8&pd=avt&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ti=&gt=DE&ci=948461&ui=&sr=GOOGLE_CONTENTNETWORK&de=2&md=1&dt=9484611597092707615000&ap=&sid=Af7PukAEEPNXAkGF&oz_sc=57d2d9c2eaed052b132640db&oz_df=1683927140278&oz_l=11&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 21:32:20 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
gen_204
pagead2.googlesyndication.com/pagead/ Frame EE64 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUMkqYrBeZPm7CMexx_APjtaMmA8AAAAAOAHgBAI&bg=!Li2lLXnNAAYldGN0BXQ7ADkAdvg8WrSFWwHV3vha7CazSiPMoHeWjqc7cYCmH1oXqezkGG7Cn6ig7VAca-yaFjQSmDtpvhYwVJkCAAADrFIAAAAEaAEHmQLatgZe32dY1O7Lp4Fn_Qipn-imc-_jpWcrV8tkjUMphd2GdVg6Z6Vw2t2uGpBvtGYif4mZ9g3OC01xkSEc4uTC2VfKd0--oMaigqPPZW6Rowd608H65Gaog22Y9cyuckoaWJcO5gJ6pkVoWZhhQBmy8Mh_jGXN6oOCXkLY02CznFma-KmIiWPWLBtNtTFNv1yA4CvBstqZ3iR5em3jMpTNUQMYS1K5xvCuu-4L_mtcz0HfwdQ71ELt4wKxHW5S4sJAjEElyi9r6a2yqyS3GN33Rf4WbC9o8bCup6h6PXrm5UigXQQ47yJY6xi0yeB8p4t9tvKqnMEwuauWwYvcSUMjgWjEZK7h-D64kQBCMvc_hFHTU0weFlQVEkGK3-E-_hSSMUG5YbaJc2Yr538qQhPWM8EQtJOdUG3BwRFgszrKOa53K0oxdUFyfV0abFMJ4Jt70blXdFlaJm0i0v8oVJW5FdqKGjUbcDYCGT8QyCK2wGms0k5gLhlf20MO6Kmd5LQ0PSWdBCo0vy0JzaiIiSvk3GO7Tby8iv0byNtj-QtV3rNp44JLF48VNidPuROCxIHzO3gQ-1SPPt25mbb4c8zd7HM8nQrS67bKcLRRGbuWvv0NMUlhVosFZuHl1GAKAB3kbeBgi4PcJgcCqeeJ6gBIyqExgtPR29O3RyBgnULEbEYU4QgUpnJSg19M_fFpg5kt1geY70nWCIa4wJaGFNRg60UmXH6JuDHN12tNBTJOUwbugll2NHYUE18XPgzGULrmfnGbBtz2vMqbgpSnRXxzOIbva93A3TNfWS2lA4KSyXpe3elgWh_wJ1dAyMP_ceb6gr1FO5_DkegfnwJuWwRzwhZcCNYIfitbItHHZMjmP5GV3Y4cmhtn-T83TpAbUPvHveHcQhoXvojYcj5GdL4aHpI_eN8CHPy7PWyyQwULXflYWj9Wrj_FIV0blMEPmnrteEfvTASvcujvrw
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DB4E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9781938760697&version=m202301230201&ct=76&x=8&cor=1720882970395660800
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 32FE 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8640127889263&version=m202301230201&ct=76&x=8&cor=13795935488843485000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 1111 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Gw94iQ
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 30EC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJOk0YrBeZPOPEais9u8P-NGn-AYAAAAAOAHgBAI&bg=!DwylDFjNAAYldGN0BXQ7ADkAdvg8WkM2AxzDc5DQJPaFdJKwDzNy89RLSCjjdqjQ1psuMfkG0xHQzqqncd4PxNC6zOfOU7PQ1JsCAAAEOlIAAAADaAEHmQLS1Y7juEBnxPQLHuiRSBlqZ5AMcOfaAEG-TUTAq16JnqOQ3asJP5hTTcCSorrAI4eo3FIbmwzoGs38tkrYkr-SQ7lyDu7QYMB-VFEl9HornK-RrjUBkgLaYp5G1ZAONPJ2JCJzF5XQbXxktSIt1eNQEPcpyTVfn7zJ2VjEaDcZX-eevUyDLTEi2dDIRTOfxS6vA7fH6aG8K3puMhmikO-F0WdeE9lDEbONBua6ZqhTmNANUCrWFyOZ2ys1ab2pIFijpR4h6ey0PA8w8ta7egsuTXP4L7erFa7xxVenvoVQa9fJTz_r9c4pmi3BPCZ2HDJNDnC1Qt_ZjIKheh8YXvWqdKVNU_87mOWswWSYKvrW-0DHY7w4RWisq6angjkPgod-5FUrgrCEvZklUNNZbV_48sSvRUUSA4juGsU40hjksFZvaYLAlHOv4KfSJL32mkpWGOJcVGpZjWDc7i6H9ZY-ZXGObSqIMZfEDKeKKjIQ3gqwr9rJ1whtq5JImAmVCOuBjWp6TLZVilaE36fzfyqfRNMnFFBcV54MEW4z2cJvW29EqO8S3qihZl3tPxLKpRHIs2o4YRZeAKiP09gzRLytMeJmDchNirFlyY6p4bhwrmFo2T-J1buwg8jmydTAWR3Ze3NJslhRk6-77qUXg-97O88d0yfhsKaZ7OQWmoypHia2InVegfwIj4MumalpeUO7b7Q9RxWvCn1B-Ag4lfdXWAhSo4U58CQAVDuAUqpQcJd61RcHuTA5wv-UtqUENe-Y-ESVadkjAteR1yCzTb-_JOb8f9ifAm4caiaAXgGurFDoP8iQJ1CsH_cupUSET1GugNBtI6lrS9XSwJQcmXDCzhQRW9L61apz9cUFUrRYlukY4gXmMHeAITLELczkpXOWQ9lRtnfJgOLjMOZNWyxWFi-vxHz4cjSIT-nJa8jvRDk7ZGI4xhFIqdDLpIFrAbwsnAw
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 590E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c703645e-b062-4200-8ee3-20aa87de887b&gdpr=0&gdpr_consent=
42 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c703645e-b062-4200-8ee3-20aa87de887b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 21:32:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 12 May 2023 21:32:20 GMT
Expires
Fri, 12 May 2023 21:32:19 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master zrh-pixel-x25 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c703645e-b062-4200-8ee3-20aa87de887b&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame B9E0
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525660891978
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525660891978
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 21:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 12 May 2023 21:32:20 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525660891978
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
usersync.aspx
dis.criteo.com/dis/ Frame 945C 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:32:20 GMT
expires
Fri, 12 May 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
245219
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame C7A3
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3720595351137996402
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3720595351137996402
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 21:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3720595351137996402
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame FF57
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=365869802093930993&gdpr=0&gdpr_consent=
42 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=365869802093930993&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 21:32:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
67ebf8f3-3d4e-45d1-96a8-0663d2cd09c2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 12 May 2023 21:32:20 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=365869802093930993&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.23.2
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C88F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=frMHL2ugRtCWqdj-IM8_eg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
23.32.184.192 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:20 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=46277
accept-ranges
bytes
content-length
5554
expires
Sat, 13 May 2023 10:23:37 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame C88F 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7EB3072F-6BA0-46D0-96A9-D8FE20CF3F7A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.239.223 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.10.211
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame C88F
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3309139716
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7EB3072F-6BA0-46D0-96A9-D8FE20CF3F7A
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7EB3072F-6BA0-46D0-96A9-D8FE20CF3F7A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
34.111.131.239 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
via
1.1 google
last-modified
Fri, 12 May 2023 21:32:20 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7EB3072F-6BA0-46D0-96A9-D8FE20CF3F7A
date
Fri, 12 May 2023 21:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
match
a.audrte.com/ Frame C88F 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame C88F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0VCMzA3MkYtNkJBMC00NkQwLTk2QTktRDhGRTIwQ0YzRjdB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
185.64.191.210 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 21:32:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C88F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELfEwIqzZ2ujFF6LroEoL7M&google_cver=1
42 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELfEwIqzZ2ujFF6LroEoL7M&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
185.64.191.210 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 21:32:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELfEwIqzZ2ujFF6LroEoL7M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame C88F 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:32:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 11 May 2023 21:32:20 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C88F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1397760530191156922
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1397760530191156922
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 21:32:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1397760530191156922
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame C88F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
postback
s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/ Frame FE40 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/postback?to=3&pv=fcccac35-f187-44e5-b531-4f97a2630e94&si=&dm=728x90&pi=XRzobPsLhV&ac=Xmwo1n97Q8&pd=avt&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ti=&gt=DE&ci=948461&ui=&sr=GOOGLE_CONTENTNETWORK&de=2&md=1&dt=9484611597092707615000&ap=&sid=Af7PukAEEPNXAkGF&oz_sc=57d2d9c2eaed052b132640db&oz_df=1683927140539&oz_l=72&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 21:32:20 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
firstevent
unilever.demdex.net/ Frame 5454
Redirect Chain
  • https://unilever.demdex.net/event?d_sid=25453995&cs=1683927140608
  • https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1683927140608
42 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1683927140608
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Server
52.16.253.114 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v048-0abd7ecd6.edge-irl1.demdex.com 7 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ZDjjbma5TJA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v048-05e9a70ea.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
H3aOkWKES4M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1683927140608
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
gen_204
pagead2.googlesyndication.com/pagead/ Frame AC18 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqWLhYrBeZOeeE9W8x_APicGYiAoAAAAAOAHgBAI&bg=!KSqlKn7NAAYldGN0BXQ7ADkAdvg8WkyY-LG13wxvVAOzbpIg0gVsBQMkG5SpKd5ywHvYfTBYOjYjaiEZKjWBgyw94y2TzWZEF0gCAAADnlIAAAADaAEHCgBEL5FHjymBo-XlWkRdsHBTWoNEcoL8qh4zd7T7NDchqUi-rec7U7V-OYfcgIH9t31Vt4SphsLTukUpTTpjK-S8V2C68mWZAtU0WivkCT0d3te6YVtjbQ3l6BYve2fpE7SF1YBD8BCqzMLhcH55uH22SGhc22WpU6UZ1JwmZ_5PSB54VniLabvDjfZlFfC8WAH3xlqUu9hUqN5PU2WTNoljiwGgZd4X6WT4V0rXBYCpZz_pmF7as1QKFC-2ixBML3nbIrQpZ11hRdAcZXg86u5yySFqjeEYsEypnE1rgx7MxxmTHvtP_KTJDkWzkyqlcin_WCq_8HRa2VLsR1LEJ5cI_j9ZkvOWpug_rLw2J8JlX4FPCYW77Qvw06365MHpYx5sK--bgavv9Ftrke9mvnYfref7CVnsm3ZnGvLxWSEbX-nAK39KmJ_0l6ISZP8ncUGFpXilgxChV6GcrPvY0Unf4xbuJuAG-Ad-BCqud9S4eGxJd7Hvv-Ux9SSglymH9U5hxqoQNxw2Sja0PJJqQua9y6H8akRNLS8cuLxuCwm_HRzshe41c0LMoy94QjcYS0FSItwJ337yNX_jZmnCe5nEZKFqF8P3ZjAdmk60gNd_ItS-m9EyqYiBXF0OUpj4KOk8lANa9czr0Cms68zisgy1nLqyGc8mvXACxpSOFUkpS62LpUIZqAeqzWT2hWZIg8JdEY7d5BtcaldKmkk61j_sAzzdcTHs5zLoVDqSD6LNy7PGUtT0mVDYWggzPJae5OQpwy3iHzWs9Nr_byrFNXF04QY5fC1w-rU5nbDDdHs68VSvAm2Tk_pukRzpwY-LFt9vyckMdHbBOxkZAF559RH294LW5vOcVe7ycUp9JIDU1VEESl1tTQqFDyRa5ch8UhZLZaNAwV3GM8KD85lCjMFavMYA0d6KZUn3rrYXZJiJ_8uWslegivbY9RZXDlO4nFUhcXPLny_QN2flquiWDra5wLXBnwOCoPqf3PkknFpnlex2BsTBOvi3HHXpH8rB5WzfpeEq3lkZUKANJ7z3KYfYKSxjebxV2acFckpN4Q
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BEE8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvwF4YrBeZMnzEKDB9u8P9YyDkAUAAAAAOAHgBAI&bg=!n5ylnMjNAAYldGN0BXQ7ADkAdvg8WoQS3Lc3HWsQlqUU-CbyM58xwfX3fXRc9zkWlaFWgbV-RTY328haKECS_ZcE1OtH4bOzJJACAAAD2FIAAAADaAEHmQLiVag_Fpa23ecJHx5ISp0HTwvQ_hIiAT2CIyekkzVRTaJ6KSnm742vgr_cDmynXcX0xNhNus8ktz7mlVgTH0_a9rf7o0iwa2trT0MGx-OzpEVFyBEEC80t_h4gdCPopRnTFShESi8TaIvJw4KPw3rs0UarF2DCO83SvYiaidplnrLb6_PSeYqiWu7t9k1mAZJjA8Se8MHf3GgyvVLjrb0vfrcyna4P-_AjUVcOlrUfU-WQA7PBrQd0ituAQGb97dlA_e51Jn1NNFOByozCAtZEcIPb4TIvzblkdW6mRXwOfPemY5IY4UDCr66TxNHq1781XaWQvBceRUTCFVWsbOU_X8Si9qCOVg5h0gyKZQrRc5h8GJ2nE5sVsx-MMlyylH-PBG3jxIJIxcFwBFIqHL7Ajgr0Ww788mhyvh1CsBUDumVvrFTyF8-PkcdJzrUAlmIB3h5HRGWosMWhU2IgvkPqZV7QS6-khtuuCLvg6HPh_atfBvUPlx53-rVGpaLRnK61_qtpb-Cw6qeQBZmYcvRhNcaexNbSZlcQv5VJP5EYDixEHPcBJk-sYJUAL_6VGFRzVPsAGDhlLqgUsJMalgTS2mAdEnMzxu_EKeas5we5d_5WqnNxT6HmqssF6tq7y-LPh_TshkpBwz9JssmcQAV-RKOibnhn09G7zjwjj99igd40mhe_CFuTKRzfbmnAW_XCqBQwyDeSMZ3GYGkrjgaiBRA8erx00NfYGvsvMmlSVGFqT3YpnIPK2wiDKbZdqwyS-QR0nk1szAtBdnetAJmTbMIuuGULSkX7mQAEow-AsmTIQFQOyPOE2W5bXW5eGuv21pu3xHcnHwpRLowQCEQtWKDV_0kXtFb0qOBj9mEp_CjgJgpeJLK7w9NMS7od3c4vTkgbwzHb2eQTlB0C8OGS8YaFOcSM86jjy-Rq9Ntsm1L_MfyNyvSuHbRVZx0yCyxnZUsh1F6eg-ZDjSVyYGM8xkZS
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 21:32:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/ Frame FE40 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af7PukAEEPNXAkGF/postback?to=3&pv=fcccac35-f187-44e5-b531-4f97a2630e94&si=&dm=728x90&pi=XRzobPsLhV&ac=Xmwo1n97Q8&pd=avt&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ti=&gt=DE&ci=948461&ui=&sr=GOOGLE_CONTENTNETWORK&de=2&md=1&dt=9484611597092707615000&ap=&sid=Af7PukAEEPNXAkGF&oz_sc=57d2d9c2eaed052b132640db&oz_df=1683927140701&oz_l=528&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 21:32:20 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sodar
pagead2.googlesyndication.com/pagead/ Frame 7A95 		0
0
bf8fe5b3-ccfe-4be5-b53b-21ce5931f8a5
https://googleads.g.doubleclick.net/ Frame FE40 		802 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://googleads.g.doubleclick.net/bf8fe5b3-ccfe-4be5-b53b-21ce5931f8a5
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28960a9aa0071776192259a5836f4d2c1acc9e978c1f3f1a8f3a7e5bc67a65ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length
802
Content-Type

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb.emxdgt.com
URL
https://hb.emxdgt.com/?t=1500&ts=1683927136649&src=pbjs
Domain
biddr.brealtime.com
URL
https://biddr.brealtime.com/check.html
Domain
a.audrte.com
URL
https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7EB3072F-6BA0-46D0-96A9-D8FE20CF3F7A
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=4087476141590835&bg=!Dg2lDVnNAAYldGN0BXQ7ADkAdvg8WhVEZacZQZVRACGDAqOesuLC_O-Zubb8sKoiS5M1eKa8CL-Gx9vxSRWZyL1CWcfryJ2h0lwCAAADb1IAAAADaAEHmQMQqYWe8pbRkkcQ4ZkRi8gdGVHaKzHFhmIWC-GuepDOKwHR5Z5Rhuo9YL9S1SdFb_U3rxRtg3V2s1L1p8eh1V91oryYj69T4G6wYZWW6p_h1Rk3teuDRsnbcKB1AesU9EppBcvG5thBD-X4Tn5M1VhJdeh1fu09KjX82lWowLEuBetuauQ_oHrSKt9X-Vba3QHnrvHoUbeBG_url3lW2igCJgwEiMZXRku1rKeOvCvxoxQbUOYbUwj6v0l8Eepvh77-hbpaUqiEhXpeRUVSFKNftavrCdongfib6PMI_vfr-tmmEhhruXUplHb0LDzMqVUforkVFRQJ6BX7Iy4nYUQ0mvD546pXqDbSHZAj7mrNg_7R4nClgvphf872AUb7Yj8y7P8Xjv1EeDHnyi55K2kAFL_5Ho0rKCj7QirHfJj4DlQglzTp4wOLpwhQrFYoPVNsHnjvCBt85qha81e8mXzkFqZlTsttQnhUM6eRT1ic-0J5fwqGmkJFIdOCOrxd8XpYFz0etZzXRpxBfgKb0NqSJLB1-z-Ill6MgOOpetzF6IJlPYZNa1TVRT_rL8IXZAL2Zvz8k8aBOLom0ZLb44cp-YZ_wSCkVwGsgAJUAjnXwcnHpcYGu_BYRUlEuCDgtjr6rsSS2jcWIxwf6mEKxfzwFCPJi4BjWoFhJvkXoQ0bVtVfU783O_lV9MaWFiOL8dGmbr-x_Q1Fy2bPE5oF--MIV3_I6dJSLFJ0LuLxEiP-DT-ZxLEHhIf-V_U-p1-wPy9JiOluTzc4MFt8L_G15Pcb8rdm-lXWnpIt0ZvB8-TyhO6v7Lwl6_SarWx6TpoQuksMBUuKJw9dxCL7tg2S7RIWxIaRgVZnQIfWE9NSgVDnsRdHdI0-oQcnDW9iFTiqPb9BTyGMNwdbdTiAKE2EFcaD7bkfbuidqCu91XiE0Qexl5cNHwZQ6f6WpuDE9e74pJkauvpcRGmj_nnCuQUdfSFrGSqWWFp00UFtpeyqktzAXbc8ZQ0YCJQzsnlX5lZQAJWo39uMUAXT9b8OJA-hn_VdaQ

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| cloakan string| data object| xmlHttp number| data2 string| hash object| ifrm

22 Cookies

Domain/Path Name / Value
.rubiconproject.com/ Name: khaos
Value: LHL2QMDJ-1W-6DWN
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qr8ZdTia+KJj/sKGGM1eolu5vVtDhgOVUPn/4TLQE0M/97e/vaeDCVBDqDbQAwtYdFN+011ZXQEx2pNjxJ85LHdsqlSNZOaaDQ=
.doubleclick.net/ Name: IDE
Value: AHWqTUn81bPSqj0edJtVUTjE0R8V0dZa4Feu5xPwiOBrY59H32IjU-lQ81r6jpcU4GE
.w55c.net/ Name: wfivefivec
Value: InVdp0po1PXAn75
.hspvst.com/ Name: VI2677
Value: %7B%22time%22%3A1683927136%2C%22utid%22%3A%225b5aa5b0e7ebb05d62bb87167225c793%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/ Name: VIP2677
Value: 1
.casalemedia.com/ Name: CMID
Value: ZF6wYaGuBs5V.gJa9n5H7QAA
.casalemedia.com/ Name: CMPS
Value: 3325
.casalemedia.com/ Name: CMPRO
Value: 3325
.mathtag.com/ Name: uuid
Value: c703645e-b062-4200-8ee3-20aa87de887b
.mathtag.com/ Name: mt_mop
Value: 4:1683927138
.bidswitch.net/ Name: tuuid
Value: 66bcd0dc-1670-4850-a767-e30549147bd8
.bidswitch.net/ Name: c
Value: 1683927137
.bidswitch.net/ Name: tuuid_lu
Value: 1683927137
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZF6wYQAJiOHgEgBS
.adform.net/ Name: C
Value: 1
.adnxs.com/ Name: uuid2
Value: 365869802093930993
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?an:Jdi!]tbPl1M>e)ZlrFUfJ+tGXxpGZpO@<TCI0A?3`([=3px`M[H+hb#p)KcHA*K3If)y3KL9D3I?+gAZp[P
.bidswitch.net/ Name: google_push
Value: ATf1kGORqwu5YtJsUe0tgNW8eGMubZCRKnKKPHEJpJvAp-Y3qHFXUxj7OZeuE7OU8z4vTG9wFiiuNSF-7tafETEj0P0519WdvpZ3p1SRvFhK4i5i9R8jiOQVMusULpOCZXI1FpTupKbJ0EXbwiHJmD10vT6VFyo
.adform.net/ Name: TPC
Value: 1683927138260
.adform.net/ Name: uid
Value: 1397760530191156922
.tribalfusion.com/ Name: ANON_ID
Value: arnseFNZaiMjAmemFmDgvn4mnrMogSfiGHbyEfF9SZccywQu3STK5UtLvKqCZdN6XjD1JAyej1KPHXZaMTXByQ9x

12 Console Messages

Source Level URL
Text
network error URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript error URL: https://ye-mek.net/(Line 39)
Message:
Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network error URL: https://hb.emxdgt.com/?t=1500&ts=1683927136649&src=pbjs
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683927136325&bpp=5&bdt=705&idt=372&shv=r20230510&mjsv=m202305110101&ptt=9&saldr=aa&nras=1&correlator=6199928146877&frm=24&ife=1&pv=2&ga_vid=1524346168.1683927136&ga_sid=1683927137&ga_hid=1084965607&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C44773809%2C31074468%2C31074562%2C44788442%2C44789923&oid=2&pvsid=1093726643794446&tmod=2084691924&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.slukqhyk4a1q&fsb=1&dtd=389
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://as.ad4m.at/ad/dr?ed=1jxmngmb2783a63ezkk0jacse80xaj7ssjmjqn77rtm74zn9y48sczvwdp9s23qvnacr9cqf38k8x6ydne0bc792vsscr1batwxrr6ht9zgkahk7hygt7r9wx4kp8d1bkn7ann1y22zbhtn7paebyc9cpep7zxaee068xx9t79rs1b1z147hxk62ygdagtyh6ds4cc9t4ggw8txvnymktka9hnjp9m3xtay225kr781rh7nj0myh4bdr96j2jk8sn4b3bgfhqt5sh3vej6j9c7rh9me4g700qgraw7vddh125bmc92sd2v6zdhfptzhx66r290w37aeyhpvwt98tyhgageyw1ygam1eehs6f2kz0me63gdamdg7sat371wmcd7m7mvckbqg6a3wb4twp78fd580atg8aj30gqfhkry5vmevcfcx0gp42qxvefdcm8hmjay6pdm2g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%26client%3Dca-pub-6593523210010154%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
worker error URL: blob:https://googleads.g.doubleclick.net/219554c3-6efe-441f-8da9-3316cf3dfc37
Message:
Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/219554c3-6efe-441f-8da9-3316cf3dfc37' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://googleads.g.doubleclick.net/219554c3-6efe-441f-8da9-3316cf3dfc37
Message:
Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/219554c3-6efe-441f-8da9-3316cf3dfc37' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=d047070eebec16f628940dcc9eea0eb9%2F13436559338247333169&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683927139311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h734f169cf18q9wjg7jcf4fyycvmg28qgctm6v75adwhgvvd392tdwbwej4s5r5gbwcftp00fp8sd1zdpa5mejn4h2ztxrwnqxxqgdaaqe0sfhhvs9f8nxcngxg2y80548b1vdey33mczywrwnk63zmzwvknckf8cf3hs9bx03rsjsa2d8tbtrwna2v7jpgw9yqgwg4pnmmpmj5f8053ae172pw7t30m0bwyw4sxegatc75jnxmcvt5knqgn60w2gzv8255mfvh5gyxr3v5d0g39r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
network error URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwykmayxf2gk3pzb1ephyy4ncs9fm0mx9ggg43p1rekx0bqz7zht8ccmqxj2f3zw1n1afj1n80g0dkty4n8544x7xqhqatea4y53gb4kpht3hb9jjmxk9tw8jm1f8e3w2njh5zz92zafbgh29hzpvxtr5he26tay3vzyg1ay2yfj3zggb72pxj3npppke01fxqnbba4k4rk38cxwtfjp45g004wjqkfbjn83bvn6wbxd0rdn4tmm8gn09zmjshaxjy8e%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h734f169cf18q9wjg7jcf4fyycvmg28qgctm6v75adwhgvvd392tdwbwej4s5r5gbwcftp00fp8sd1zdpa5mejn4h2ztxrwnqxxqgdaaqe0sfhhvs9f8nxcngxg2y80548b1vdey33mczywrwnk63zmzwvknckf8cf3hs9bx03rsjsa2d8tbtrwna2v7jpgw9yqgwg4pnmmpmj5f8053ae172pw7t30m0bwyw4sxegatc75jnxmcvt5knqgn60w2gzv8255mfvh5gyxr3v5d0g39r%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCFR9nYbBeZLvAKLGS5LcPpKed-ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQK4Sb-1M2eyPqgDAaoE1gFP0I9pkjzbPJL6KpqY2B9sTkHmyFShMIlK0LnDgk0C8M2Axvnq0DskMoo9zdI-7rhJKjmZ_rtq-vBEKagV0G008qQ2ical1RY3rqsPuxjatoQUxmfm1DtObX94WQSRBNLcz1hmNgY5q2k7KDKwSgQRHvyrSJVQKIrsO-7j1c1ZuSFFYh3rykffCpQOfq0TJ24QfsZwinbSXjV6SDzy_IpvfXupIxWBhdtZYlDaggey0MlL7DnJtbHHvDYi_c9sYlS297roCUATaAdNT2pj0THhIGbnARaWgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2rOjXKjcTJVhH0c1No3S2nClvj_A%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7EB3072F-6BA0-46D0-96A9-D8FE20CF3F7A&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.yieldlab.net
ad4m.at
ads.eu.criteo.com
ads.pubmatic.com
ads.w55c.net
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
ap.lijit.com
as.ad4m.at
assets.ad4m.at
beacon-ams3.rubiconproject.com
bidder.criteo.com
biddr.brealtime.com
c.amazon-adsystem.com
c0ea010f67e147cdaef0672b3a8d87b0.safeframe.googlesyndication.com
c1.adform.net
c1.imgiz.com
cat.fr3.eu.criteo.com
cdn.jsdelivr.net
cdn.ye-mek.net
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
cpm.programattik.com
cr.frontend.weborama.fr
csi.gstatic.com
csm.eu.criteo.net
cti.w55c.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.emxdgt.com
hbopenbid.pubmatic.com
i.w55c.net
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images.dmca.com
imasdk.googleapis.com
joyn-creative-hosting.s3-eu-west-1.amazonaws.com
match.adsrvr.org
mp.4dex.io
ng.virgul.com
ng2.virgul.com
p.rfihub.com
pagead2.googlesyndication.com
pcloak.blob.core.windows.net
pghub.io
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prod-rtb.ad4mat.net
px.ads.linkedin.com
rtb.openx.net
s.amazon-adsystem.com
s.h.w55c.net
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
s7.addthis.com
script.4dex.io
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
static.virgul.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
t.hspvst.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track.webgains.com
um.simpli.fi
unilever.demdex.net
us-u.openx.net
www.awin1.com
www.cloakan.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ye-mek.net
z.moatads.com
a.audrte.com
biddr.brealtime.com
hb.emxdgt.com
pagead2.googlesyndication.com
104.102.45.165
104.75.88.126
13.224.192.181
142.250.184.226
142.250.186.162
151.101.2.49
151.139.128.10
154.58.197.185
178.250.1.9
178.250.7.9
18.135.219.122
18.64.140.4
185.29.132.245
185.64.189.110
185.64.189.112
185.64.190.78
185.64.191.210
185.7.176.222
185.7.176.223
185.80.39.216
192.229.233.53
193.0.160.130
20.60.220.36
213.155.156.169
216.52.2.6
23.215.16.120
23.32.184.180
23.32.184.192
23.35.237.151
23.37.63.179
2600:1901:0:76b9::
2600:9000:2491:fe00:1b:f040:3600:93a1
2602:803:c003:200::27
2602:803:c003:200::41
2606:4700:20::681a:8a9
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700::6812:18ad
2606:4700::6812:372
2607:f8b0:4003:c02::5e
2620:1ec:21::14
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:806::200a
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2006
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:d::4
2a02:6ea0:c700::17
2a03:2880:f084:d:face:b00c:0:3
2a04:4e42:200::485
2a05:d018:d29:3601:ce52:e49c:b504:58d
3.127.4.50
3.5.72.17
34.102.243.38
34.111.129.221
34.111.131.239
34.98.64.218
35.156.145.116
35.186.253.211
35.204.74.118
35.241.45.217
35.71.131.137
37.157.2.232
37.157.2.239
37.157.3.28
37.157.6.235
37.252.173.215
52.16.253.114
52.19.198.230
52.30.239.223
52.46.151.131
52.58.99.4
52.95.126.138
69.173.144.139
77.245.159.14
85.111.6.48
89.207.16.201
94.138.206.83
95.101.149.35
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
0210c85818d68e70d5b2b7173b9c3ae65774adee772ad11018f968403f1abcc4
0310d06b42963760d784418ad04a7ccd0de2c3e325f289edea62ef95c696a661
0365ed3385b6b8bf3e1048ac4261d1a0bff4545474f89bbc53fa76909d4608cd
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05c72250b7b0da8e896799e32f88440d53848a083665b797629e25bad1bde6fd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e1e26a165f2cb3c31ff0a987d9ce256eb75bf7f14dee8a632af5a9044c848b
07849c46f2c450b07dfccf7163e986d80d942edd003d11dbe02f083bc21ac008
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08ea981d8e95685d3e51862b19b49ffad381b140f8389b86658b47b5eed2b0e9
09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570
0b0aa71ad86560c9cea5f70f15b3066175bbf24fdb8287a9cdd61bf097fed137
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0f7226a27d44ba3b13a34640b036b2d2666f057b039861b781576c4bf8308642
101470fcde40e5ad29c691a0cc4276b7e311972a8e02a684f19db29fd4698645
1040aff8919d515c3d55763698fb4682a4e130a5023eb3d3d293f48e106f31f0
11d6662d3ec87142f2ed1ed445fbec4b43557708224e35222b3116d42ba796a4
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13364ebab0adb45fc6ea6eebc0e96cc49fb1682d584148e2c2398e59ee4bd330
13ff6af5172fc402fe5174317b50cb5b008fa4ce409b2222118d8d704829b301
1714c80136358042cd6b64593726896ea3ae1f489337adb950155d114e72a2fd
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18f556f2b0c04f80c3cafbaff04148564bc3f7e530087c204f4b6b09e41a2308
1a31116435468733dfeaff049d37258b318eccb81a30ac7d64899d1689a84b8e
1b6cbd4b6fad0e7ac8de858aa3363b341718b95996e70e10209e84f986f4908b
1fbdf3696870736c5efc3c56476804f8613b64ab8b92c0761f7edcfb0949c60d
204be8afb130957abf83d87a592dfb6de645dcfc7035fafefec72e676dfe05e9
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
219cc2a32fb9f3ff83294f971ec5970c3a73944a497a603848643c759d4f8dee
220e94de118d5d4c0cb30081674c488bdd146fc4e9f1a00e42fdbc0121e8e82c
22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437
27b94fc57baeeee41299fbbf43e3bc948d14cbd48086299bef055149e7fe8b75
27ba12f0d35d6395e3ff5d7e6776c677ac49d3f64bfb95511d4810dd1b71f3aa
28960a9aa0071776192259a5836f4d2c1acc9e978c1f3f1a8f3a7e5bc67a65ea
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2bbc86f05cfc3ef4655b07248c8836f0feda3315adde1f8d07508a6ad130309d
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3129aa523d159f576a3ab572bfc966d6f78234ff62cde1fd4537242851b9c8dc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
337194a31426946824f6404cdc5729c4a81e0da32fe7086329243592074a10ce
34036b7ceed88b75d9cf9fcc6b414372042896bcc28954b304766f6f1bf8e8bd
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3667232496fffa270cd921dd76b1b8fd0e9465df050df9d9e04aa45d13bac4c6
37021096af63c545493abb4b12a7f1dd605299af2066e52a4a78c1f1d2261a0d
384cd2e9537de04af94a6c308e08cbe86da932ed77f40eef7e69230c67328f36
3b56bf5f41b5d3c92b8ba3a6c48f9e33779a5470e4eba1c67825325af94b1cb6
3bc501087c297a6f3d740843828eabab1f7f9de9787718f2ec63952faedbec0e
3bde41b326893ba56dee76c0e8e0d90b00356c0e0b25700e7b251d1038ec9060
3bf48016240e2a08d327f70eed169e186b2fca957544ed5c02e9b7c6c9af7d94
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dad89bd01783443195a892365b91096da2f6ebb36b2169ab32af37344c82f1f
3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f
3e92bdd7f1df11f8e39e89ac9cfe47e4a256e0d3e8915ed6359f27c9b4b17939
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
3f064267c64c1eeca604b20f9d60538c32c14e90528441d0524c2f30161f8b47
3f71870dae7ba7c0cd4f214f25c19ecd336beb6f4c3a5947607159b0806084fc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
434674e8d2fbd9c8d26e6a6fee05e6bd6ed1b7806ad3fb0cfe24c3908672bd28
436484b452f8f1c015d37c79077fd81dcfbb053f58e6f0b586692ef9de9fc2d8
44718d713af08035d3f9d246d249df63ed5d433a1d8571429241de984c0c4dd7
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f19cea91581061435c5629fd2b6a6068d2643fa2bc3a1354a24a13e9219f9e
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4787417aa489e159270669c86324631a61aea491cf5ce290a6f723bb2d7a52d7
48455726dd22d4565cec25526db3492e9a2b35a24de1a37790655faffd8142ed
4b039a23952a82e4198c633b4243309a51ed0048f299a292994987846054fdc5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c032f38ebd0c3e38bdd3cd1073b852daf7cd44ab29c38750ad66d6418636826
4c26ab5213fe4f14868147548fe5247901109fc9722a26c30d9ebeb46404fa3f
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
4db3292f4d48701915b46f5de3cc365ad20985486373d51af771c1e3d9ce7baa
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d0c652b729f4780a4d5e8c16fb29bb2e6f96a7a7226d288a219cfe877314ed
51b106ac892d7b8b05073208aa4b373a8aa4f4a1677b8f650c1acc221b0d1e7f
52af61b670174152ab2383bb37c9d5ab86242ff0a7171fbef4d06390edaf919d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ddcabedf2600fc561ab8ea1d690461ad399c9b8f77f82214d905b21310c71e
573d02c8ab3c7077877b487a446e8cfab1945fc1d348b986252801a88c128173
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d867d8101d7d263052fd7656e7e10f585b485c3c38cb96e2c7bca172f579491
5e84bfba85c4f1f092da6f39501512eeb72da8c1000ec942581cfff0f69e843f
5ede07b1b6be956f651771b663aef8dd28afb1a12156780871f4adeb16f5be6e
606d06739d2baff1ed51573ba13ece0ecd2f7484e55570f5b71634d82e1a9dea
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
640362f3e25c71c15f4fdc09de8540889def4d43dec08f83834d9f93474dd6d2
6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306
65f265907f909e5c25aa72142f1eaa840276d02fdfa62cbd8433a58b2e1c75ce
65fb4798ce5d6c245da63cc949a4909180b95d36906efdbd49e5a3789d262266
691257cf7d510da3434f5eedca2b2e0137949c698e3750c7705526a1ee75684c
6915cd200209479a271f531097ee0af4c78551db6a7f922481a18f1a0bf870b4
698e0676947b790fd6a59bc2d68ac8e64293d4d25ac749818b2d51e9bb90f12b
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a88e0d82ba2998038cc86adc47bfb48d21e6114e18d97f0ecd05f5df519a95f
6bfe09f0e69c4c09277d895b1146f4217b705d6bee219c661b36031742c24dd0
6c6d900511c502a6d0b97a298ecab07040eb48a8756ec785beddb35006825f0a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77f331acc0b5e3b63fcd3f31e9d334628691e1314b6fb0154b4ca5535828030a
783bd0388c09ad3e51dfca406cd42bb187386610b5cfad4780d317f50fc9beeb
79b2d73340afc2c8c63c4ce6a08472edfff6e9677d3428faab3de9e4d69509b5
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
7d9fcac1fb7114def5ff3d03c471a461834e48dd9bdeb94f803a76bfe01a3a37
7e8156fc1dd9f893c1ffe18d1775221cccbbe1132c5344b680808660ceaad5d2
7fb65548f1070a02531030355eb69c1dbdaa000acc7997f5c2af52e01bc29aa4
81fa8db261275be7531fb128593cece26d5e679e6e7a633f28f77add13a0d217
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840f32948f13a31acb240f2481999e70efe9eabea0d423581bb2e4f9e53aafb3
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
8600a2a095d01b93fcdfd935c5b328947fd978001383279a01c37fc1b4ebcd76
8695956c55e8679652a5e34279fbcf353078c3883143582a847b8a26a50a3774
88613123383fdeb876290f3bfae4876739dd454eb50c9da4689d3560327ab4f6
886aadb9d7fd797e07b70c67dfc5e3f40f8cb9a350bee05e5cc4db9c078613c4
8c47b44c2eb52f803ff7faa3cc7043d75a2814f83cf9c1dd66a1c669184e68f8
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8ef632787197eed4d48c94b8bf69add99b244a562f4927b491f8ec1f4d27e8e2
9133b1a03fbaae9ea9cc0430b15c8f9a20dbff26288ab9eef75a9959d775c6ef
969a8143f8f335c9f56e63ab37a5b66306128576b048866705cf560d4ded55f0
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96e22a33f827f042ac4b239c21f468a17c87545df3f6b90e100d3a91b253a1e7
98a3ab26574717a95d200c12658c4dbbb28109a057cc52f8a100e6da2b645963
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1ec654e529d91133a96b94592f569bdef2932fa03d52c6fdb164a5195d7b9b
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff6d05f1898cc5facda5693a0b147ca6a3ba2b23ba04146b8b37e630c96b7e2
a09a0a0b27c17ceedfae9a0c2db6819018ce22c4630ae3b4f8b0a75bbb0a86ae
a1a500def9fe345fb289e7426d31a3711e0ee2247a09040f8115329e301728e0
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5bf8085d36b337460ed4dce5f001470776da989847194b004ba9db02b6520de
a63f82fa1fbabcf61b201f88bf70466f61130178b8b456f48a060b8b7d5e4650
a6bc16609b7f55319669da5605340e40fb23b3b59783c46fa5de3d5565eab17f
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
aa72e70ff9c5d62ba812ca4b4b5de46d4afac0fe5582aa7ec197470db3a002b9
ac2429c9dd60bbe0eeab4fb4322667db2a3566125b4a1d772c488381de05b9e6
ac7712f91fa061ed44fcfa0af261cf6c1defd3639eb5bc771c4e49557a673abb
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
adbdcb6833ef9afddb1d2c03243acadf048a911782b0ccc8787b4723e0db16ab
ae684e653cf5edc8bec110ff0669b6daa58f690d550735f98954697799f963da
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d00fbfa476c2f186585f88af777e8893d3c1670694fd842d17c4d149f793a6
b2dc8641cae7c9da5e18a7136802a48be4d9aa19368eeb606e01f6158e9577b8
b2ecd92de7982ef4ffd3778b02d62aaef7341b3c9ac5f4e53e749a9bde702119
b438fcb0b6409866bcf245a57397590528a9db351cceb09953f27f9105069895
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b8d67ef7bffe4c32d736235ba01919cfb4b6bcad3953a3f18c228fecffbce75b
bdfe396bfc96412ac7f226699051811824a1b47c132532f9587364cefcf15fee
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c225e4ccd3c913dae6294135a8ea50faa4124cb928bee49a2cd863aac5eca39f
c2dae277ef2883a33f9ef4a86f97076e910c4ed3c3dc68afd4a3be18bccc20bc
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c640c42b4a2a1496c51c7cb9b08d64690cd4bac5189186c9d8f90e5674e3e2f0
c680cf4488e4a436f34c10a174ed9038be5d8e12b09baf2095933e71b0c1e53f
c8e6f1e3e44d7c3d7e421052751096b93056c82c001c659d83f680ae54abed88
c8fcb56caf9cbe84a2f9bf49ffdad370f4d26f2988d7565a10be0bb2f40cc826
cc1039874612c4c9fc5eb0beb43562fc7f2614837bb1a621b239a2ed2e904b6d
cd1f03c58166c87f8eb9e10f3ad92eb4aeaffda13f9ec679bb48e534804620f1
ce7aa9a76e1ef06e22d13a5c8678b9b7440f5b1f854ecb62b447ad383927abb6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d097640899d5463bb80ef510e59d68ccae6e71994991e6cccfdbb57b700b1545
d36dfe6d6d9da7b8fca74c7e5587a057a719eed2d2d1eae4fcd7af0e2d12f21f
d3c70a5ecb1b5c16ddff716d6a83d189efa57a07c4210acf01c978093e3a80eb
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
d82c4906e4b728e92a7fcec80c1f8bcb5b16502d30a9de09a361dc503a70145a
d8b4887a05128d173df033ad7b0ecf00bba347394d67b8800b831a90dfeff00c
d8d0978ea5d4c12a8a9fc1376a848092e7a20eb96bdc727302275f4217e14911
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
dae7109f24f6327fbc591a47975348c4852484c8c3ef12ecee070c7f1f70c366
e041f359812b31ffb3d561c106435550a58d86540a0262a93e6e462624fada6f
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
e183dfed35d6921278c39359a5d34fbb9dfaaf4f990ec6d210a7217a95e897db
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e333cb1305d380d1fea95d56af2665209ad86d60e8df0d3d0b1d6aba56d5836f
e38b113fe143a2e4db2c81bb1f5b18d27f7e279ef354f611e0dd6d80096d18d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4650f4174f493f55872212df25cf7141eb2d10de0f59ab7ebffda0f85399311
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5c767ed3f738518c17c23fe8f6adecc7256a65b1153db4ded6a85a03cce51fd
e5faea593d5e188325e41c31f3dbc3ec368fd6a05ad98d3ca3ebfd16ba525bfe
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
ea68e20514296ce314c3ca1eb5ff2cd1c1a1fc396b303b41c2364ffbd31e1550
eb423541ab82843b6141dde6e556d1afb2d6549415f66c2ab0ec43f582f600e5
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcf59fdf3ac3d28311311d161305bb088af0d82599ac41722bfdcbf53aa6872
f0271b293b9164564f695b1c4f49061b4a147adef9f300e76aa419f93b9c82f9
f0c23f0b835ed029a7df3d30c691d6cc6296436c24041543cf66c46f58facdd6
f22e44016410fdcef01a56b89401973c22cc1d5fc740e615ed904add45ad7ffe
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68a4fa7dec536b911c2a8b38d4bc6509daeb9af7a03dc49ae6a36143e4f2ae9
f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2
f9272dfdf03239cf58af5784397ea6611f8a902c28d21c6a1735b77507283c31
f95b937f65fa89aceb57f80b2547b8b16c4e20aee0f2fd464b7dc187d6154d1d
fb578159169bb38173ca68b7f9ce061b18af4e4e6724bf3c9c3e745cc954f177
fb9ee137734c9d4933d908d02325dc37c4dd86dd58614a2c7d9d5a01890aefd2
fcc58cc9d4be09fdd40a74ca3a453622a269f2bdd1c598a863f54d2bd07a2126
fcc8d02d1890db4b4310e06955eb7c309069e9672717fe97e043d6114cd105ae
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
fea49d6f04f43be15c142cc2967d18e3010d0cc27e6f65264103ec863b687320
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884