pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Submission: On June 25 via api (June 25th 2023, 10:49:39 pm UTC) from TR — Scanned from DE

Summary HTTP 433 Redirects Behaviour Indicators

Summary

This website contacted 68 IPs in 12 countries across 64 domains to perform 433 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.

This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.60.220.36 20.60.220.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	77.245.159.14 77.245.159.14	42868 (NIOBEBILI...) (NIOBEBILISIMHIZMETLERI)
2	94.138.206.83 94.138.206.83	49126 (AS49126) (AS49126)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
40	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	23.206.208.114 23.206.208.114	16625 (AKAMAI-AS) (AKAMAI-AS)
21	185.7.176.222 185.7.176.222	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
42	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	108.138.37.209 108.138.37.209	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
1	18.173.191.32 18.173.191.32	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2 60	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
36	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 11	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
3	185.29.134.245 185.29.134.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 4	74.121.143.240 74.121.143.240	30419 (MEDIAMATH...) (MEDIAMATH-INC)
6 42	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 6	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 3	2600:9000:237... 2600:9000:237d:600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 4	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2 4	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
4	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4	178.63.52.121 178.63.52.121	24940 (HETZNER-AS) (HETZNER-AS)
3	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
6 7	3.70.92.75 3.70.92.75	16509 (AMAZON-02) (AMAZON-02)
2 2	54.77.64.97 54.77.64.97	16509 (AMAZON-02) (AMAZON-02)
3	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4009:82d::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.16.151 49.12.16.151	24940 (HETZNER-AS) (HETZNER-AS)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
3 3	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
2 2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	185.86.138.150 185.86.138.150	201081 (SMARTADSE...) (SMARTADSERVER)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	3.11.176.98 3.11.176.98	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.167 213.155.156.167	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	3.72.196.231 3.72.196.231	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
2	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	92.123.148.9 92.123.148.9	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:7f05	() ()
4 4	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2	167.233.13.224 167.233.13.224	() ()
2	18.66.147.52 18.66.147.52	16509 (AMAZON-02) (AMAZON-02)
2	108.138.36.11 108.138.36.11	16509 (AMAZON-02) (AMAZON-02)
4	18.168.234.149 18.168.234.149	() ()
1 2	63.34.168.218 63.34.168.218	() ()
433	68

4 20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pcloak.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com

www.cloakan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)

ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.208.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-114.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 185.7.176.222 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng2.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.37.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-37-209.muc50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.191.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-191-32.muc50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.121.143.240 (United States) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 142.250.186.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.91.62.186 (Groningen, Netherlands) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:237d:600:1b:5138:8a40:93a1 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.252 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.89.75 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.63.52.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de

hal900020.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Bad Durrheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.70.92.75 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-92-75.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.64.97 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-64-97.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4009:82d::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.18 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.29 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.11.176.98 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-176-98.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.72.196.231 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-196-231.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.148.9 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f05 (None, )

ASN- ()

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.230 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.233.13.224 (None, )

ASN- ()

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.36.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-11.muc50.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.168.234.149 (None, )

ASN- ()

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.34.168.218 (None, ) 1 redirects

ASN- ()

unilever.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
112	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155	3 MB
82	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 ad.doubleclick.net — Cisco Umbrella Rank: 184	431 KB
42	ye-mek.net ye-mek.net — Cisco Umbrella Rank: 858491 cdn.ye-mek.net	612 KB
36	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29450 ad4m.at — Cisco Umbrella Rank: 9747 assets.ad4m.at — Cisco Umbrella Rank: 39050	1006 KB
34	gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com csi.gstatic.com	451 KB
19	virgul.com static.virgul.com — Cisco Umbrella Rank: 63446 ng.virgul.com — Cisco Umbrella Rank: 55403 ng2.virgul.com — Cisco Umbrella Rank: 60888	233 KB
15	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	2 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	560 KB
8	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 39899 hal900020.redintelligence.net — Cisco Umbrella Rank: 324509	34 KB
8	mathtag.com 4 redirects tags.mathtag.com — Cisco Umbrella Rank: 4813 sync.mathtag.com — Cisco Umbrella Rank: 566 pixel.mathtag.com — Cisco Umbrella Rank: 1145	6 KB
8	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 422 imasdk.googleapis.com — Cisco Umbrella Rank: 495 fonts.googleapis.com — Cisco Umbrella Rank: 80	346 KB
7	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 361	3 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 21204 api.webgains.io	63 KB
6	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 920 s.tribalfusion.com — Cisco Umbrella Rank: 2022	3 KB
6	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 130926 static-de.ad4mat.net — Cisco Umbrella Rank: 177631	12 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 635	3 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1039 r.turn.com — Cisco Umbrella Rank: 3929	2 KB
4	medialead.de pv.medialead.de — Cisco Umbrella Rank: 53229	1 KB
4	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8915 dis.criteo.com — Cisco Umbrella Rank: 601 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 9800	8 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1404	909 B
4	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 874	1 KB
4	simpli.fi 4 redirects um.simpli.fi — Cisco Umbrella Rank: 976	2 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 357 aax.amazon-adsystem.com — Cisco Umbrella Rank: 444	62 KB
4	windows.net pcloak.blob.core.windows.net	3 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 583 csm.eu.criteo.net — Cisco Umbrella Rank: 8989	1 KB
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 421	1 KB
3	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 340	180 B
3	smaato.net 3 redirects s.ad.smaato.net — Cisco Umbrella Rank: 805	1 KB
2	demdex.net 1 redirects unilever.demdex.net	2 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 57739	15 KB
2	o2online.de partner.o2online.de	3 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net	871 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 69350	524 B
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 16217	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4988	645 B
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 35620	4 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 618	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 822	1 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 135629	6 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 36977	1 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1651	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486	2 KB
2	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 102765	131 KB
2	pghub.io pghub.io — Cisco Umbrella Rank: 1964 feed.pghub.io — Cisco Umbrella Rank: 2174	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	89 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 13184	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	91 KB
2	cloakan.co www.cloakan.co	1 KB
1	conrad.de www.conrad.de	476 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1233	214 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 696	730 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 44520	616 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1042	246 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 933	761 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2376	174 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 867	75 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1281	572 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 381	460 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 778	543 B
1	futalis.de futalis.de — Cisco Umbrella Rank: 192473	401 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 191967	932 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 846	465 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	21 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 2353	361 B
433	64

	Domain	Requested by
60	tpc.googlesyndication.com	2 redirects 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com ye-mek.net securepubads.g.doubleclick.net
42	cm.g.doubleclick.net	6 redirects 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com ye-mek.net googleads.g.doubleclick.net
42	pagead2.googlesyndication.com	static.virgul.com pagead2.googlesyndication.com 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net pcloak.blob.core.windows.net ye-mek.net tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
40	cdn.ye-mek.net	ye-mek.net cdn.ye-mek.net
23	securepubads.g.doubleclick.net	static.virgul.com securepubads.g.doubleclick.net 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com pcloak.blob.core.windows.net ye-mek.net www.googletagservices.com
13	www.gstatic.com	9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com googleads.g.doubleclick.net ye-mek.net
12	assets.ad4m.at	as.ad4m.at
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com as.ad4m.at googleads.g.doubleclick.net ad4m.at
11	www.google.com	1 redirects 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
10	www.googletagservices.com	9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com googleads.g.doubleclick.net
10	9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
9	ng.virgul.com	static.virgul.com ye-mek.net
7	x.bidswitch.net	6 redirects ye-mek.net
7	static.virgul.com	ye-mek.net static.virgul.com pcloak.blob.core.windows.net
6	csi.gstatic.com	imasdk.googleapis.com
5	fonts.gstatic.com	fonts.googleapis.com
5	a.tribalfusion.com	1 redirects 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	api.webgains.io	analytics.webgains.io
4	ad.doubleclick.net	4 redirects
4	c1.adform.net	4 redirects
4	pv.medialead.de	hal900020.redintelligence.net as.ad4m.at
4	hal900020.redintelligence.net	hal9000.redintelligence.net 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com hal900020.redintelligence.net
4	encrypted-tbn2.gstatic.com	9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
4	hal9000.redintelligence.net	pcloak.blob.core.windows.net hal900020.redintelligence.net
4	sync.teads.tv	2 redirects 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
4	onetag-sys.com	3 redirects 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
4	um.simpli.fi	4 redirects
4	sync.mathtag.com	4 redirects
4	fonts.googleapis.com	9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com hal900020.redintelligence.net
4	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	pcloak.blob.core.windows.net	pcloak.blob.core.windows.net
3	ng2.virgul.com	ye-mek.net
3	eb2.3lift.com	3 redirects
3	ups.analytics.yahoo.com	9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
3	static-de.ad4mat.net	as.ad4m.at
3	encrypted-tbn3.gstatic.com	9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
3	encrypted-tbn0.gstatic.com	9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
3	s.ad.smaato.net	3 redirects
3	tags.mathtag.com	9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com tags.mathtag.com
3	prod-rtb.ad4mat.net	pcloak.blob.core.windows.net googleads.g.doubleclick.net
3	imasdk.googleapis.com	c1.imgiz.com 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
3	c.amazon-adsystem.com	static.virgul.com c.amazon-adsystem.com
2	unilever.demdex.net	1 redirects
2	cdn.track.production.webgains.team	9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com as.ad4m.at
2	analytics.webgains.io	track.webgains.com
2	partner.o2online.de	as.ad4m.at
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	www.awin1.com	1 redirects as.ad4m.at
2	cat.fr3.eu.criteo.com	ye-mek.net
2	d5p.de17a.com	2 redirects
2	track.webgains.com	9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com as.ad4m.at
2	sync.1rx.io	2 redirects
2	image6.pubmatic.com	2 redirects
2	static.criteo.net	9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
2	r.turn.com	ye-mek.net googleads.g.doubleclick.net
2	ad.turn.com	2 redirects
2	cdn.retailads.net	1 redirects futalis.de
2	r.scoota.co	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	c1.imgiz.com	static.virgul.com c1.imgiz.com
2	connect.facebook.net	ye-mek.net connect.facebook.net
2	images.dmca.com	ye-mek.net
2	www.googletagmanager.com	ye-mek.net adv.office-partner.de
2	ye-mek.net	www.cloakan.co ye-mek.net
2	www.cloakan.co	pcloak.blob.core.windows.net
1	www.conrad.de	as.ad4m.at
1	csm.eu.criteo.net	ye-mek.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	rtb.openx.net	9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
1	dis.criteo.com	googleads.g.doubleclick.net
1	p.rfihub.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	ssbsync.smartadserver.com	9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	futalis.de	hal900020.redintelligence.net
1	adv.office-partner.de	hal900020.redintelligence.net
1	ads.eu.criteo.com	imasdk.googleapis.com
1	cms.quantserve.com	9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
1	pixel.mathtag.com	tags.mathtag.com
1	s.tribalfusion.com	9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
1	feed.pghub.io	pghub.io
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	pghub.io	static.virgul.com
1	www.google-analytics.com	www.googletagmanager.com
1	s7.addthis.com	ye-mek.net
1	ajax.googleapis.com	ye-mek.net
433	94

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-22` - `2024-03-22`	a year	crt.sh
cpanel.cloakan.co R3	`2023-05-03` - `2023-08-01`	3 months	crt.sh
www.ye-mek.net RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-29` - `2023-07-07`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
1099124734.rsc.cdn77.org R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
images.dmca.com R3	`2023-05-13` - `2023-08-11`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-24` - `2023-09-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-07-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-27` - `2023-09-09`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-06-04` - `2023-09-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
redintelligence.net R3	`2023-06-09` - `2023-09-07`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-13` - `2023-08-10`	3 months	crt.sh
pv.medialead.de R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
adv.office-partner.de R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.futalis.de R3	`2023-06-16` - `2023-09-14`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-03` - `2023-08-27`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-07` - `2023-08-30`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh

This page contains 52 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Frame ID: 18EA868D6FA7F03B8D4D740445C8D16F
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: 96E730928CAC9D984CD083E128B5A3CD
Requests: 95 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: DEB032169AF4FC86D23A286A53CCD333
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html
Frame ID: B55AE2E56FBE2B01CB1CE3BA50B69412
Requests: 1 HTTP requests in this frame

Frame: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4AF62227A66212AE2B4E035A3075D173
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 8E1BE0099FD16C1790F0AC6C7A62CD5E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plaf=1%3A2%2C7%3A2&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733375023&bpp=4&bdt=471&idt=170&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&nras=1&correlator=5280307616153&frm=24&ife=1&pv=2&ga_vid=1913456181.1687733375&ga_sid=1687733375&ga_hid=2097080441&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759837%2C31071756%2C31074584%2C31075309%2C31075431%2C31075473%2C44788441%2C44794790&oid=2&pvsid=3120190652059256&tmod=59414405&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.abp2ro4x0t11&fsb=1&dtd=181
Frame ID: 5A83901932267DB4F6AB74CF997C3617
Requests: 1 HTTP requests in this frame

Frame: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 942C3A144D15C48A983907DE85818C71
Requests: 12 HTTP requests in this frame

Frame: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 996BA4019201A995A4F5F617AA3D0B95
Requests: 34 HTTP requests in this frame

Frame: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: CA00EB7482581C3F1D75A67EF1D8B4E9
Requests: 9 HTTP requests in this frame

Frame: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 15EA2262D524CBDF456381AF7011AC6D
Requests: 21 HTTP requests in this frame

Frame: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A6D522545D46DB280538E953A6B0D1F5
Requests: 19 HTTP requests in this frame

Frame: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 89EE619CA5A62272C8721746B639E4CB
Requests: 22 HTTP requests in this frame

Frame: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 2FDDF16281FC65DFBE64F3319AE457A0
Requests: 13 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ktkgcy2c7p2bramrg0yfja4tz9rbtezmt635wgpbzd8ycyj5zyzfpk9amjwmfn4xtcj9f8gbb1njye2v2qd55f0avbt15dzrvz86z2j17qrrfkzxekdx8jp6cscq30jfww8d0jbk0t62sxnz9w7zb44jz5sr7qntgw7qjy2hnrrg3svpay27f2p3jga1tmh637ke7w7bcaz8vntaz7cqspgwrwpz8nfh7k2wth44pcg1phvb4e7be2mnedbtfdqabk7kzdjcywhj22pwvg3av6nyss1kmy8fxsfdqm80gwdtq4kyd46x6r9ed2m4ddsam1dfsag6k7aekeafjf0zk82see13sebhfp7j6zr39hesceg8czjkph23j3757h0aa03s0x836dntqr03mz76d98d14tqe04q6qx6t4c740skfm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAlUDf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT4AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyJ5ntNTLdqMOm2-nJA-U7MQApouvqTou24wcGTtxuSrB-z6jSUj9nn124AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hDRV4_vQmv3UHCsKFNhLpYQDgFQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Frame ID: 4324BED2E0668AA6C280815397293C8A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5D40A205044B857FE38B9C9388AF6C36
Requests: 9 HTTP requests in this frame

Frame: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: AAA16FEC0418375B27577AC5E1FD6F77
Requests: 17 HTTP requests in this frame

Frame: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B0B2C7C3ED2F6BFF1EE42E60A790E872
Requests: 27 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 60064D996ACB4746FC6E6B114F22642B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733375694&bpp=8&bdt=252&idt=290&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&nras=1&correlator=6233626849654&frm=8&ife=1&pv=2&ga_vid=1185053461.1687733376&ga_sid=1687733376&ga_hid=1280661681&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=331233372&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075473%2C44788442%2C44794790%2C21065725&oid=2&pvsid=2002279294703575&tmod=1969052952&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.1rgabpvfvbjd&fsb=1&dtd=304
Frame ID: 61F99E2FBF7574D178ED6BA3A7C4ECF5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733375702&bpp=2&bdt=259&idt=363&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6233626849654&frm=8&ife=1&pv=1&ga_vid=1185053461.1687733376&ga_sid=1687733376&ga_hid=1280661681&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=331233372&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075473%2C44788442%2C44794790%2C21065725&oid=2&pvsid=2002279294703575&tmod=1969052952&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ziegm06hzmjm&fsb=1&dtd=372
Frame ID: 909444438C2BA7AEB2F58DD24B8CF123
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 28B37F40B5985613FA12066C6D8C6DD3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4E30B6401AA2B09841099A9211D3E2DA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7E2F4A6391B058D12A742F296D8E8D60
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: ED2B223ECC14BEEDC945F0C81E7C271E
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=20054700002822800951389012367020&t=htlp&gdpr=1&consent=1&gdpr_consent=li
Frame ID: 2A39E03B3908388EC403AB0D5B95A88F
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 732153D5977423E1B59F84911B8390A1
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2818805775
Frame ID: 1765C28FB4D2B0151BEC48C6553D3532
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kessmg29hxxy8zzv2a3py1zrpn08redf2z2rb00za4r165rmbfmg8a5hnw8zq2khsqdjyf6ysdpqtgxnphz3f2ya9n87dm02bdgh1yf5m6embw7xzzs6g7cbtk0nvvhzv5mchjrgf4fvtdhsbyyrjejsx28n7e0mk277xgjwdzn8eq4es5gnpb0qv59cnfap7xfwycfwjz10qqx2h3eb22xwd7svxvtv6m1q89xwwcy9wc1790wryye5tsmjv0a5gq5agap943gq428xzy770mckr9yy773nb789rtcmxp7yf5e555bghsn9z44cef265yjj2vm0wfwnd4eqkefghyqbpcxm1tt22851rnnkc128cq4tt913eb50b056c4gpmcx5r5rjbe0ad9syyfzpdbwqjxc20j7qqnx2q274qfjw1w76hdyh3tm0gj0c180t3bkwqwy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%26client%3Dca-pub-6593523210010154%26adurl%3D
Frame ID: 560236795DF43619474C40D53E17FBDA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3A6FAF5FD04873FF8ACCBD907116D9BD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js
Frame ID: CF705D701904C1248BC3D27BDA9A073D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=2659786642&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733376177&bpp=3&bdt=431&idt=330&shv=r20230620&mjsv=m202306200101&ptt=9&saldr=aa&nras=1&correlator=5495337629142&frm=8&ife=1&pv=2&ga_vid=2091669099.1687733377&ga_sid=1687733377&ga_hid=2006700439&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=100&ifk=3292667763&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075511%2C44788442&oid=2&pvsid=2924831764484956&tmod=1080248799&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.q9tbe8lw5mco&fsb=1&dtd=347
Frame ID: 6BC1E3E495BBB500C34620D5CAF0302F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js
Frame ID: 332FC1B14A64EBE84EAEC3F523C18D51
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=100&slotname=3173123908&adk=2061921259&adf=3171362771&pi=t.ma~as.3173123908&w=320&fwrn=16&format=320x100&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733376180&bpp=1&bdt=434&idt=424&shv=r20230620&mjsv=m202306200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5495337629142&frm=8&ife=1&pv=1&ga_vid=2091669099.1687733377&ga_sid=1687733377&ga_hid=2006700439&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=100&ifk=3292667763&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075511%2C44788442&oid=2&pvsid=2924831764484956&tmod=1080248799&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.iouiqa6e8hh3&fsb=1&dtd=436
Frame ID: D5BB5A37DFDB06D60795A5C75513F803
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js
Frame ID: CEA80949D401A3699BABF51F560DBC6C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js
Frame ID: A79A4A68566537C91BC94E72971A4029
Requests: 1 HTTP requests in this frame

Frame: https://hal900020.redintelligence.net/request_content.php?s=20054700002822800951389012367020&a=e4dc257c
Frame ID: A731D9B23A32D8551D056D223A00CDFC
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 60ED8DC0D509477E045B0293D66B53E4
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jd5q3qv4btm61d8bpx0p37enbf3vm7jp0bq48hy7ckhcf243bdea9q8q3ar8pw6prwb3mh2kber42sye14sn38atpqcmteef1zgbf7srbjtssd0dfjj3kra4x36df6p1jnn29fgy8xr9sq18s9nz3axs5d08f1864sbn2ka228wx868x4ya20a697zp8nsmn5ky1j8fxvwgsj7aqvevnzj5kyp82r4q39h221gkbydcssmpxng7zwyb33w942kgvzt7bmfaf1grkq3bq0sscx704efkj6q0q3jz6nqp1pr7m9vb282h8qy2v6sgvd69dhgdppxtcy4b6zh9aa3jhp4wzk7036hsmhvvmnqndpvngcv7rjz6svct073h214g3tc1d01xhp9f1yyhw1w87yjsh6cjnwmsq2g33xxhw1x1wqw8nb9edezxayncqw79xhv6bcc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeN9ZgMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsgFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWqha-I5V4qUtfDTulXCKavc3UNQzKB-x2bOx9eM5dp89HeIdvJzPVWwqgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09YJvGUkp9hyjOb2SEMeGsYQzv0g%26client%3Dca-pub-6593523210010154%26adurl%3D
Frame ID: 153DD03662C0C172F8CBCC2C3FE9738B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js
Frame ID: A956F60213791644DDD2122C062BC0F6
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 71495C6D99B2124C65AD7B525D6C4720
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: DAC5C69C9ABC3FF331E77CCAC11C2175
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C19456&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGk&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2CxEbfQfAf39VtPHdHztDCRRgc7S6TqkxSBQ&c=468&d=60&e=&g=b38070d33a74ed6c905735402f161859%2F9574666730445966684&i=21596%2C20774&j=16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1687733377116&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jghpvesqkgzvmshcgh6gjft0ecxv106d16kqe8p36vdt4hkgafssbvncsh6gt7t0y4bd1m6pkq1x8yd8fx7rc4s6wf5nn9ygm0ztssmf8589f7681k3nnyp4hc8whvat8j6z2sezj8qc9aa5av77bvr7yx03yr1f5397fmkv540bsbh9gfnp9yag6s58nn6r6dhvnk056gs1f0dr1p2713xrpv0k4mpvd9n364eg5way02wews100v3rtw1w90frw1jea681fvwp06yx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAlUDf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT4AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyJ5ntNTLdqMOm2-nJA-U7MQApouvqTou24wcGTtxuSrB-z6jSUj9nn124AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1hDRV4_vQmv3UHCsKFNhLpYQDgFQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Frame ID: 5BDCE75477B9F2510251778587D3E8CE
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C9BC957486F2B21B8B830E9D2286F27F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 93DF6D8E17C3EB4CE51B61C32BF44890
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 68E90A03A8FCCD2574A3DF4BAFDA3D30
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=728&d=90&e=&g=441c0bafd52a8959e5d7fde5a7d751e8%2F14915146673650936238&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687733377244&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3pdv18z4a0epc2mgdpf4bg592v7cpqs8bfp7e1nd9s6xjwtz8awmj828dqx2y2av2sh8p113e62asr5sj6y7ffh5z77h2fbxkq9a36k5pr04st0zyqqmcezfxnmqfteawav1jwv3nt95r7m2mbzhkz4qydzftr73esd2mxxqtees36mtk2b1rk8psj13bz0dawef8jkbr3c9nqtydsecsm88h6cy2f4gap799ak58j4agsdghw7dc04demnf2ewbzabg8jjgxf33kq5y2wf9g7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Frame ID: 6830257DFF744A5D40E56C97C9414DC3
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=7f42dee6652c2bf97f2dc1d611f99cf7%2F11058943393521182765&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1687733377312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k3d63bv9jn65rjcpmstyy4xqv18kbty1ghmkfb2j1p4x25dshw28b4921tacfv34hvz5f8zys7xk6d3fc99fqdc372kb7cvpjsgpp8aayfqakas9egz43t0y708gmx53e7122strss3t4gkczp2a53h1c6kdyzdc8hqqn0gv91m08wgn45b8sx3ag2ksb92ydrzqt2vcncjvqzsgm0g8wpq7r21yjc7sbyhqvpbv8qgpnm6p58aevyrdpkc2s3sh8hf04sv32gy6a9eebt7ejp8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeN9ZgMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsgFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWqha-I5V4qUtfDTulXCKavc3UNQzKB-x2bOx9eM5dp89HeIdvJzPVWwqgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_09YJvGUkp9hyjOb2SEMeGsYQzv0g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Frame ID: AF0A0C8643D72B3BD1B521C720635D5E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 529AAAECB0831C972819F28F8A22E066
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E20C8272C4927F7D2C45E270220F164B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DB54EBB28C8BD0CA0E6F46BCA636DE19
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 742E4DDA42D1048C745D0116D9BD445E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AddThis (Widgets) Expand

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

433
Requests

90 %
HTTPS

40 %
IPv6

64
Domains

94
Subdomains

68
IPs

12
Countries

7357 kB
Transfer

31882 kB
Size

46
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 158

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEICJ06hvwFdADg2HV5SrdbI&google_cver=1&google_push=ATf1kGOS2ye1dbebCzGJ_cSLWNmDN90uWJX2NBAtK_BFcsjYh0HDOIk9Li1IMmBATeQo7oH4V16YEJA9cg2yL-NBF3znm5hqaUTg2w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aGNkmMR_SwGkkJbjwnEnSA&google_push=ATf1kGOS2ye1dbebCzGJ_cSLWNmDN90uWJX2NBAtK_BFcsjYh0HDOIk9Li1IMmBATeQo7oH4V16YEJA9cg2yL-NBF3znm5hqaUTg2w

Request Chain 159

https://a.tribalfusion.com/i.match?p=b6&u=CAESEH8j65r_XFEixcY8GFZDuzg&google_cver=1&google_push=ATf1kGMNMAcgVV6Wc4V5lyo9DE142GwivM1btLSb4WPfHHqUvOKajcoYJkoWPNtj4Cm09QFg7WpqXmuvXitoxjEql6WuxD2iq66oLQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMNMAcgVV6Wc4V5lyo9DE142GwivM1btLSb4WPfHHqUvOKajcoYJkoWPNtj4Cm09QFg7WpqXmuvXitoxjEql6WuxD2iq66oLQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH8j65r_XFEixcY8GFZDuzg&google_cver=1&google_push=ATf1kGMNMAcgVV6Wc4V5lyo9DE142GwivM1btLSb4WPfHHqUvOKajcoYJkoWPNtj4Cm09QFg7WpqXmuvXitoxjEql6WuxD2iq66oLQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMNMAcgVV6Wc4V5lyo9DE142GwivM1btLSb4WPfHHqUvOKajcoYJkoWPNtj4Cm09QFg7WpqXmuvXitoxjEql6WuxD2iq66oLQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 160

https://um.simpli.fi/gp_match?google_gid=CAESEBr72T6lA4TKnpHjaxes-28&google_cver=1&google_push=ATf1kGNNDQiwAGoun-OoOS89RrqAJ0TJnx9DMydjokNJr-V1Rvmsdl4UrlV1KC2CV20mhzm7nzUhyHLbZrqRDaVl3gxTmD_-5uCA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DF47DFD2FE5411289D6C968097DF179&google_push=ATf1kGNNDQiwAGoun-OoOS89RrqAJ0TJnx9DMydjokNJr-V1Rvmsdl4UrlV1KC2CV20mhzm7nzUhyHLbZrqRDaVl3gxTmD_-5uCA

Request Chain 161

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED3wvCf4NDSi1tp6qOZmrIU&google_cver=1&google_push=ATf1kGPwcxEewRh906gXH1FNBSZMSUhUh2bEpCk9HYg3GBpfXjDYAUc-5zxL4XOIs_4mOT4c6Zl2b53zcBDGzsxv4-FULha0yzLc HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESED3wvCf4NDSi1tp6qOZmrIU&google_push=ATf1kGPwcxEewRh906gXH1FNBSZMSUhUh2bEpCk9HYg3GBpfXjDYAUc-5zxL4XOIs_4mOT4c6Zl2b53zcBDGzsxv4-FULha0yzLc&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED3wvCf4NDSi1tp6qOZmrIU&google_hm=ZJjEf0IcV8j4-h58qrAS-gAADOcAAAIB&google_nid=index&google_push=ATf1kGPwcxEewRh906gXH1FNBSZMSUhUh2bEpCk9HYg3GBpfXjDYAUc-5zxL4XOIs_4mOT4c6Zl2b53zcBDGzsxv4-FULha0yzLc

Request Chain 162

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENeB_X1_c9Q_PwCfY93LiYs&google_cver=1&google_push=ATf1kGNXm5PV9QWEmqHm-1qM1JSJ6IlDnH5sqcyx8GO58SQGyMA3P60NSTXDLE2acvK1e1GKpeUy9WBpzmheus7g5I4kYShLaGJ72Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNXm5PV9QWEmqHm-1qM1JSJ6IlDnH5sqcyx8GO58SQGyMA3P60NSTXDLE2acvK1e1GKpeUy9WBpzmheus7g5I4kYShLaGJ72Q

Request Chain 163

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMM72OmqpBh-SCHrPJ1QT9w&google_cver=1&google_push=ATf1kGNVlZW3OkRws4ZM7UU4AEDr6hPRu7iTML94QHiAaAP77190Sgt2MsJBVitHUXw73D4B_83Fm7g9VpJaZn0hMHmYrlq2DPPXj4Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNVlZW3OkRws4ZM7UU4AEDr6hPRu7iTML94QHiAaAP77190Sgt2MsJBVitHUXw73D4B_83Fm7g9VpJaZn0hMHmYrlq2DPPXj4Y HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 164

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOoThrLtk5q0hfSUDIUoTUU&google_cver=1&google_push=ATf1kGOLtNGOhdIKVeCYpnuA-MvmnH-11PWikOdd-yUMA1q-sAwFBoqkDZ6Rxm_6qh36gdb3RexIebdCQWVqKfOkE2RPUWg-zllDYcQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGOLtNGOhdIKVeCYpnuA-MvmnH-11PWikOdd-yUMA1q-sAwFBoqkDZ6Rxm_6qh36gdb3RexIebdCQWVqKfOkE2RPUWg-zllDYcQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 203

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDXka3jswEQoAsY6AIyCEX_xPwlOMZw HTTP 301
https://tpc.googlesyndication.com/simgad/288935350077081929

Request Chain 224

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDXka3jswEQoAsY6AIyCEX_xPwlOMZw HTTP 301
https://tpc.googlesyndication.com/simgad/288935350077081929

Request Chain 230

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECR-WQMklHe-Ya9_a3JfJag&google_cver=1&google_push=ATf1kGNhdsEFExd4I_gaTE-z7LY2Ah-Xn5SRB3atrvltrw86_5QA08ZaHCOG3VFgZBd8Tnmyyp1hRIJb9X1IalCGMwDLcvAQwFnySQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0ODc1OTY1NDI5MjcxNTY3MQ%3D%3D&google_push=ATf1kGNhdsEFExd4I_gaTE-z7LY2Ah-Xn5SRB3atrvltrw86_5QA08ZaHCOG3VFgZBd8Tnmyyp1hRIJb9X1IalCGMwDLcvAQwFnySQ

Request Chain 231

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEM9HrT_r3dN1sjaqIrQyO7g&google_cver=1&google_push=ATf1kGPvwhK6ut0wIuddzwi0q-fUL7cKi7TwVKOzWFhPnEN3VALROwz7hJQhUKJjaUsfuJTHC1nxXE6jYu_xU77zJr2Tn_iho3jOOg HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEM9HrT_r3dN1sjaqIrQyO7g&google_cver=1&google_push=ATf1kGPvwhK6ut0wIuddzwi0q-fUL7cKi7TwVKOzWFhPnEN3VALROwz7hJQhUKJjaUsfuJTHC1nxXE6jYu_xU77zJr2Tn_iho3jOOg HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=93cc0099-1606-4ceb-a988-a5c3f8ad7864&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=nWSENe8WS4WbR7hKMOv9bA== HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEM9HrT_r3dN1sjaqIrQyO7g&google_cver=1

Request Chain 232

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFG42ZCEWCJ5lTA6G2eJII0&google_cver=1&google_push=ATf1kGMRcL-3yWwf07U-_VmMr_xN09LD-_1GByQT8Sh8sEHA3T_wvJ-xV3cuMUCqOFwh802fJPSWNAcL-F8sakQGXOTFOEGGcai4YQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMRcL-3yWwf07U-_VmMr_xN09LD-_1GByQT8Sh8sEHA3T_wvJ-xV3cuMUCqOFwh802fJPSWNAcL-F8sakQGXOTFOEGGcai4YQ

Request Chain 234

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFQgJOmSply3GNSNtyurEKE&google_cver=1&google_push=ATf1kGO51Dly12nVpmXHN6lYWhHJhUbp0vFvLwnJW3t5_TmXieNmT7nDTRgisOhIfme93r8I8LPbMrD4nWls-H9jtoZ0skjkJaM6yjg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGO51Dly12nVpmXHN6lYWhHJhUbp0vFvLwnJW3t5_TmXieNmT7nDTRgisOhIfme93r8I8LPbMrD4nWls-H9jtoZ0skjkJaM6yjg HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 259

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=20054700002822800951389012367020&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2818805775

Request Chain 271

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHRtZMAj62KyyqCD-c3NuA8&google_cver=1&google_push=ATf1kGM3RLakt8DQKyjL_EvT61Pl8XwtaoGs9Arhde8YVSGSnVGHpSinKguFoyq5PvSo4Yc43d6vxM0wCqJmWD_FzsRQ97dz7Cn0OQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQ1Njk3OTc1MzQ4MjkxNjY0OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP4riLJ9AUYCPvAJRhg5Kl0&google_cver=1

Request Chain 272

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOkvEGeEQ75Bi8x-bAYo3mY&google_cver=1&google_push=ATf1kGOEuLBk6lNUQviohqyJHcmZ9503ZLyOnAvo1Sua5uyj_CNElu1VofL7CNbVqsuLn7L5IsCXyogKPCB5NjUoi5i9ANBA2t0OmQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOkvEGeEQ75Bi8x-bAYo3mY&google_push=ATf1kGOEuLBk6lNUQviohqyJHcmZ9503ZLyOnAvo1Sua5uyj_CNElu1VofL7CNbVqsuLn7L5IsCXyogKPCB5NjUoi5i9ANBA2t0OmQ

Request Chain 273

https://um.simpli.fi/gp_match?google_gid=CAESEFzCwBY-rKP1UJyJG4dG6pA&google_cver=1&google_push=ATf1kGPThbRegaMqWcjUoc8WRIS9Yhi6MxxhKHKuV6GBPdd9GGTC_QgvUBGwrb5Hq9PPp6JTPoMyjPjLa-9KakfExsi5IwQuTFZP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DF47DFD2FE5411289D6C968097DF179&google_push=ATf1kGPThbRegaMqWcjUoc8WRIS9Yhi6MxxhKHKuV6GBPdd9GGTC_QgvUBGwrb5Hq9PPp6JTPoMyjPjLa-9KakfExsi5IwQuTFZP

Request Chain 274

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENSx03lOt4ErQNl_GooHKqQ&google_cver=1&google_push=ATf1kGNZptCSDpjV625H30K4Dpt_HbU0aP1b7aTzToruYIfPMrwhzObQCtS6MyZu7CjTAFm57holZkkec83M5onaqtA9ki54oqlHNQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNZptCSDpjV625H30K4Dpt_HbU0aP1b7aTzToruYIfPMrwhzObQCtS6MyZu7CjTAFm57holZkkec83M5onaqtA9ki54oqlHNQ

Request Chain 275

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEL5WBaCMZnbZDKAZ3traY4Q&google_cver=1&google_push=ATf1kGPdlnO5e9gwzlk2GhO88nxekXBvaOAAhC5GJkkC-BhG5eqYpXoJ5enL26LeAM6TXb6Fi7D6r0aVQd0LKEZXOr_hADhIQrSPqA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPdlnO5e9gwzlk2GhO88nxekXBvaOAAhC5GJkkC-BhG5eqYpXoJ5enL26LeAM6TXb6Fi7D6r0aVQd0LKEZXOr_hADhIQrSPqA

Request Chain 276

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMTFw6FUKeS3ZUqUYF-FpCo&google_cver=1&google_push=ATf1kGMas8ZKr7PPc9QA5RwPsiz-abPTVwxmbet509UosojrHuYytpxNHr95xXrOazEosulfW72TfMQqpF5HtuIlBVb5i4G2RHl2 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGMas8ZKr7PPc9QA5RwPsiz-abPTVwxmbet509UosojrHuYytpxNHr95xXrOazEosulfW72TfMQqpF5HtuIlBVb5i4G2RHl2&google_gid=CAESEMTFw6FUKeS3ZUqUYF-FpCo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM3NjgyMzc3NTg1MDQ4NDkxNDk0&google_push=ATf1kGMas8ZKr7PPc9QA5RwPsiz-abPTVwxmbet509UosojrHuYytpxNHr95xXrOazEosulfW72TfMQqpF5HtuIlBVb5i4G2RHl2

Request Chain 285

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELnbhfqIv-AFAGXkOTweKA4&google_cver=1&google_push=ATf1kGNOyQtR1HZjHDRkllcAw_5feiePnnwFui-j9UqkboAmDOrDkHn5fvVBBzZOs0DLRuLWGgN6su34qwrgGz_d7W4o-aC6Lg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aGNkmMR_SwGkkJbjwnEnSA&google_push=ATf1kGNOyQtR1HZjHDRkllcAw_5feiePnnwFui-j9UqkboAmDOrDkHn5fvVBBzZOs0DLRuLWGgN6su34qwrgGz_d7W4o-aC6Lg

Request Chain 286

https://um.simpli.fi/gp_match?google_gid=CAESENR2ABvOJfS5bJCkULkgRMA&google_cver=1&google_push=ATf1kGNjbHtA0BwfeiKGNPUMbjVniZ2jhXmmBtclH1Yub1NVWYkJijHlb1YCRBHfxPH8LspF5VsDBiFT2JRAN0Zn6S4ODRpkoag HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DF47DFD2FE5411289D6C968097DF179&google_push=ATf1kGNjbHtA0BwfeiKGNPUMbjVniZ2jhXmmBtclH1Yub1NVWYkJijHlb1YCRBHfxPH8LspF5VsDBiFT2JRAN0Zn6S4ODRpkoag

Request Chain 287

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAeLl_tPkfPo2Ui6g2ygztg&google_cver=1&google_push=ATf1kGMRLclcgRyfhIMTal_B9n25ol4ZrV4ihihSVONLBj_nEs9GkEgXgJAD3MhjypRN6Cb71Ov8iCA-kT1aTkDkeoUEL1ShN38 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAeLl_tPkfPo2Ui6g2ygztg&google_cver=1&google_push=ATf1kGMRLclcgRyfhIMTal_B9n25ol4ZrV4ihihSVONLBj_nEs9GkEgXgJAD3MhjypRN6Cb71Ov8iCA-kT1aTkDkeoUEL1ShN38 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2OTA1MTUwOTU3NTQyNzAx&google_push=ATf1kGMRLclcgRyfhIMTal_B9n25ol4ZrV4ihihSVONLBj_nEs9GkEgXgJAD3MhjypRN6Cb71Ov8iCA-kT1aTkDkeoUEL1ShN38

Request Chain 288

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHBI3NrtMVdT9tepfJ04mmE&google_cver=1&google_push=ATf1kGOA1NJeYPjujPa0tiuxBSRDCISi3VB9IBpikX-tYhhagNGx9m3PUI08E8u6yfxgd9YBlBHqvNeaj8yN-10gWlOvOn9415A HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHBI3NrtMVdT9tepfJ04mmE&google_cver=1&google_push=ATf1kGOA1NJeYPjujPa0tiuxBSRDCISi3VB9IBpikX-tYhhagNGx9m3PUI08E8u6yfxgd9YBlBHqvNeaj8yN-10gWlOvOn9415A&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=agKIlDdUQsCUSUiGvFny9Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOA1NJeYPjujPa0tiuxBSRDCISi3VB9IBpikX-tYhhagNGx9m3PUI08E8u6yfxgd9YBlBHqvNeaj8yN-10gWlOvOn9415A

Request Chain 289

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFXOT8m4RR-cxA35En1JZSs&google_cver=1&google_push=ATf1kGOoELKjiwRQBdTmcaEMm70H5o8ElJdonpajyXN9bYB6XiQ2q31XOV_O1ILe3KrTKHwjhFoh2V15a35Krt502hylEcddKWI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpDMFZKVlUtMUgtNlBJTQ==&google_push=ATf1kGOoELKjiwRQBdTmcaEMm70H5o8ElJdonpajyXN9bYB6XiQ2q31XOV_O1ILe3KrTKHwjhFoh2V15a35Krt502hylEcddKWI

Request Chain 290

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEHnVbAdZFGtBl9yff9gHOrM&google_cver=1&google_push=ATf1kGP5Tlh1CGsRAuEMYM3SVUM7snfT2HUv7E3i7Oc6rIEkcOS9luHaXrNJaK4Mgt5XfS0fsCRfshnc9sie4gbuGvdqrDY1Yg HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGP5Tlh1CGsRAuEMYM3SVUM7snfT2HUv7E3i7Oc6rIEkcOS9luHaXrNJaK4Mgt5XfS0fsCRfshnc9sie4gbuGvdqrDY1Yg&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1687733376624 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8b50dc60-16c7-4210-9f73-bf7975b9fc7f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGP5Tlh1CGsRAuEMYM3SVUM7snfT2HUv7E3i7Oc6rIEkcOS9luHaXrNJaK4Mgt5XfS0fsCRfshnc9sie4gbuGvdqrDY1Yg%26google_hm%3DA4tQ3GAWx0IQn3O_eXW5_H8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP5Tlh1CGsRAuEMYM3SVUM7snfT2HUv7E3i7Oc6rIEkcOS9luHaXrNJaK4Mgt5XfS0fsCRfshnc9sie4gbuGvdqrDY1Yg&google_hm=A4tQ3GAWx0IQn3O_eXW5_H8

Request Chain 294

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 308

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP4riLJ9AUYCPvAJRhg5Kl0&google_cver=1&google_push=ATf1kGPNZe0JsiBDfot2FworDSgQ4-ygiwxwGGlsHuyl8kXsXnA0C-BtHUKz1rsNVfeU7NnoJWd9P2m3LbkHd3dvGMjyeJ-AAqEuAg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQ1Njk3OTc1MzQ4MjkxNjY0OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP4riLJ9AUYCPvAJRhg5Kl0&google_cver=1

Request Chain 311

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEM9HrT_r3dN1sjaqIrQyO7g&google_cver=1&google_push=ATf1kGMAJMQrbTDoGpmmLBjCM837O-z8rIKKSTnLUnwDtS2A4Kv6_Ee-C62Jq5cat5-8nwHdzHjSHhmAnMD7Pj3OAYijidKj4hsZhA HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433828527557043&expires=30&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMAJMQrbTDoGpmmLBjCM837O-z8rIKKSTnLUnwDtS2A4Kv6_Ee-C62Jq5cat5-8nwHdzHjSHhmAnMD7Pj3OAYijidKj4hsZhA&google_hm=nWSENe8WS4WbR7hKMOv9bA==

Request Chain 313

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELTkLxa14nXjDvUOl7q5gOg&google_cver=1&google_push=ATf1kGMHcBdLZadYNZ0TSOSgCsSrm-EktE5Zli6fInCt2RtFkGAMjVSVX2VnaLnmW2gthwoHVWeGAy_LhsCsF-wEgfOBd-1e9aHECA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2OTA1MTUwOTU3NTQyNzAx&google_push=ATf1kGMHcBdLZadYNZ0TSOSgCsSrm-EktE5Zli6fInCt2RtFkGAMjVSVX2VnaLnmW2gthwoHVWeGAy_LhsCsF-wEgfOBd-1e9aHECA

Request Chain 314

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMHK-1zImJwOTT3ui_ApX1U&google_cver=1&google_push=ATf1kGNl0hsyHprbjX_gbuIlJsLZBIx91XYoYscRnpJCeg77q4R_S0KaZ5DtjOxkHV_v05fSviAM550BXGNEk9gRXageVaHIEPTYlg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNl0hsyHprbjX_gbuIlJsLZBIx91XYoYscRnpJCeg77q4R_S0KaZ5DtjOxkHV_v05fSviAM550BXGNEk9gRXageVaHIEPTYlg

Request Chain 330

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECJ_2dDnQhnZMzgW5xr6JGI&google_cver=1&google_push=ATf1kGNCIfGQczIFjiFZ21vzUeU6GTlN8-ch3iT8_QNXVRQp-OV5xi3ksoOxc34jY-M5RrCRiR5SNGnlagFd0mctpYMHhIwofsI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aGNkmMR_SwGkkJbjwnEnSA&google_push=ATf1kGNCIfGQczIFjiFZ21vzUeU6GTlN8-ch3iT8_QNXVRQp-OV5xi3ksoOxc34jY-M5RrCRiR5SNGnlagFd0mctpYMHhIwofsI

Request Chain 332

https://um.simpli.fi/gp_match?google_gid=CAESEF4yBrSwxuZ9Syr7__u957A&google_cver=1&google_push=ATf1kGPyvyjIlMTbt6SZ-ssGG7LeeTGQ9IQhSwkrOZEu7a_vcgc-v_p8NVgIdK5hORMWXUASY1zwS6DVzuxI5F_dDTV_prNIzgTi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DF47DFD2FE5411289D6C968097DF179&google_push=ATf1kGPyvyjIlMTbt6SZ-ssGG7LeeTGQ9IQhSwkrOZEu7a_vcgc-v_p8NVgIdK5hORMWXUASY1zwS6DVzuxI5F_dDTV_prNIzgTi

Request Chain 333

https://d5p.de17a.com/cookies/google?google_gid=CAESEEVmQv-KiO4qsNlje5TQhYc&google_cver=1&google_push=ATf1kGNp-y5dU9EUvQOALNwCwSkJdp6RSl-ucXFXCTro4VOW7FsTTOM9mKhUjCedkEPspn199Y6v4uio0E3ktIGYVHnVmjkCrpM HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEVmQv-KiO4qsNlje5TQhYc&google_cver=1&google_push=ATf1kGNp-y5dU9EUvQOALNwCwSkJdp6RSl-ucXFXCTro4VOW7FsTTOM9mKhUjCedkEPspn199Y6v4uio0E3ktIGYVHnVmjkCrpM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNp-y5dU9EUvQOALNwCwSkJdp6RSl-ucXFXCTro4VOW7FsTTOM9mKhUjCedkEPspn199Y6v4uio0E3ktIGYVHnVmjkCrpM

Request Chain 335

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELF_eElGrTimC-rwwrnQLhY&google_cver=1&google_push=ATf1kGNFMXClmhjxBWOfpcGt76Peuro9jXwT9p8NTQYlgp_kZjGzeNMQ1EPH68oEE4wTA7YvYaCX46z-lpzqTiLL9AmE2-8SH2px HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM3NjgyMzc3NTg1MDQ4NDkxNDk0&google_push=ATf1kGNFMXClmhjxBWOfpcGt76Peuro9jXwT9p8NTQYlgp_kZjGzeNMQ1EPH68oEE4wTA7YvYaCX46z-lpzqTiLL9AmE2-8SH2px

Request Chain 343

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPb3qQLJ6JoaxlAddSaHU64&google_cver=1&google_push=ATf1kGO045eldGgHr8qlhwA3DD9X44LU7C9rFWWiQzo-QaBngiielEMLhlEQHHN8GmhcDNcZrbRkp5GRSfaZ2p5BYGK6ncaLnxDBZE8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aGNkmMR_SwGkkJbjwnEnSA&google_push=ATf1kGO045eldGgHr8qlhwA3DD9X44LU7C9rFWWiQzo-QaBngiielEMLhlEQHHN8GmhcDNcZrbRkp5GRSfaZ2p5BYGK6ncaLnxDBZE8

Request Chain 345

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFN-tOUtlPROrbV3Q49NLbc&google_cver=1&google_push=ATf1kGMKPKhwgpnztebUAwyeEFXY6Sn_bH4yqskLJpgYpB4O1yEeEg-usFEZ8ADQLn1TMGPiTPpET1qkhkwjgg9SM52p2vKyA-owB-xw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMKPKhwgpnztebUAwyeEFXY6Sn_bH4yqskLJpgYpB4O1yEeEg-usFEZ8ADQLn1TMGPiTPpET1qkhkwjgg9SM52p2vKyA-owB-xw&google_hm=y4HzNuZIR_mGGHwr0yNvx4Y

Request Chain 346

https://d.agkn.com/pixel/2175/?google_gid=CAESEKom52c7I5MMjdCdFJpUEEQ&google_cver=1&google_push=ATf1kGM7IbntRuBs0X4FXCsSHPZpBpazpzzxmhLz-FaRCmwHKt57bqxwx7d-jbagcNQHSQRIovELJbPaV1ZNUHsSw8pAkKeyOLy4fpE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGM7IbntRuBs0X4FXCsSHPZpBpazpzzxmhLz-FaRCmwHKt57bqxwx7d-jbagcNQHSQRIovELJbPaV1ZNUHsSw8pAkKeyOLy4fpE&google_hm=Q0FFU0VLb201MmM3STVNTWpkQ2RGSnBVRUVR

Request Chain 347

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECR-WQMklHe-Ya9_a3JfJag&google_cver=1&google_push=ATf1kGMKuCONmrpt4FvwM_mwuVXOW5WPon-s34sAvuvVBowPQlyF5M8pyQ2tAr71NdgazjtV7VAeSh76Lxab1J1Q-heOSmLoAXKSYKk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0ODc1OTY1NDI5MjcxNTY3MQ%3D%3D&google_push=ATf1kGMKuCONmrpt4FvwM_mwuVXOW5WPon-s34sAvuvVBowPQlyF5M8pyQ2tAr71NdgazjtV7VAeSh76Lxab1J1Q-heOSmLoAXKSYKk

Request Chain 348

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEM9HrT_r3dN1sjaqIrQyO7g&google_cver=1&google_push=ATf1kGPEF_yUsO1ReqFGoV7EU5gSqkKk6uWyw9-JHKEA_nKh25IJl3NEoIg96uk1E87foIke1ePHDtly0HEHuQX2KbWqxuCbK25KxDk HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=9d648435-ef16-4b85-9b47-b84a30ebfd6c&ssp=google&gdpr=&gdpr_consent=

Request Chain 349

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELTkLxa14nXjDvUOl7q5gOg&google_cver=1&google_push=ATf1kGNboo6P5zIMZPuhwSWhblBzddqaS4r9IydfcRRhW5z_kccF25Bpt_agX7iyI27UwARiIZ3BB6o95g_BSqpHOBrqcSKdGgFuSIkW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2OTA1MTUwOTU3NTQyNzAx&google_push=ATf1kGNboo6P5zIMZPuhwSWhblBzddqaS4r9IydfcRRhW5z_kccF25Bpt_agX7iyI27UwARiIZ3BB6o95g_BSqpHOBrqcSKdGgFuSIkW

Request Chain 377

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidJBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1687733377_8fe12890-13aa-11ee-87f6-2265f034cf4c&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 380

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGkoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNv8wePA3_8CFdzhuwgd8TALsA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGkoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGkoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGkoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023062600493786223012505X117679V1226132702MSviewoneidjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGkoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&cons=0&spid=2023062600493786223012505X117679V1226132702MSviewoneidjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGkoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&wfid=117679&partnerid=12218

Request Chain 399

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117683V1226132702M%26subid%3Dviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLb-wePA3_8CFc3huwgdgUMEZg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117683V1226132702M%26subid%3Dviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023062600493786223012503X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023062600493786223012503X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&partnerid=12218

Request Chain 443

https://unilever.demdex.net/event?d_sid=25453995&cs=1687733379110 HTTP 302
https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1687733379110

433 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 6x6uf5z9e3262.html Show response
pcloak.blob.core.windows.net/web/ 1 KB
2 KB 406ms
101ms Document
text/html 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 1324
Content-MD5: XPHdOVCmWyxrVVstkB9xGw==
Content-Type: text/html
Date: Sun, 25 Jun 2023 22:49:32 GMT
ETag: 0x8DB5ED08476F0C5
Last-Modified: Sat, 27 May 2023 16:36:27 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 655ebab7-501e-0051-75b7-a7df81000000
x-ms-version: 2009-09-19

GET
H/1.1 404
The specified blob does not exist. jquery.min.js
pcloak.blob.core.windows.net/web/ 0
0 95ms
94ms Script
application/xml 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-request-id: 655ebb3e-501e-0051-6fb7-a7df81000000
Date: Sun, 25 Jun 2023 22:49:32 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK cloakan.js Show response
pcloak.blob.core.windows.net/web/ 308 B
717 B 288ms
95ms Script
text/javascript 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 25 Jun 2023 22:49:33 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zPiKctHo6j8i1UGOFPpInw==
ETag: 0x8DA4D4A263C11C2
Content-Type: text/javascript
x-ms-request-id: 655ebc2d-501e-0051-4db7-a7df81000000
x-ms-version: 2009-09-19
Content-Length: 308

GET
H/1.1 200
OK style.css
pcloak.blob.core.windows.net/web/ 166 B
568 B 192ms
98ms Stylesheet
text/css 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/style.css
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 25 Jun 2023 22:49:32 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9ruAIrm4XHnQO3/sM8J0AQ==
ETag: 0x8DA4D4A26527CA0
Content-Type: text/css
x-ms-request-id: 655ebbb7-501e-0051-5db7-a7df81000000
x-ms-version: 2009-09-19
Content-Length: 166

GET
H2 200 px.php Show response
www.cloakan.co/ 743 B
681 B 261ms
129ms XHR
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/px.php?id=6x6uf5z9e3262
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:31 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 404

GET
H2 200 nv.php Show response
www.cloakan.co/ 232 B
385 B 291ms
182ms Script
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:31 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 112

GET
H2 200 / Show response
ye-mek.net/ Frame 96E7 76 KB
76 KB 203ms
52ms Document
text/html 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/
Requested by: Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 43cdc80307bb7996633d034718f6ac0aaa64ec111ba07b1bd54381c876b96b3f

Request headers

Referer: https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 77532
content-type: text/html; charset=utf-8
date: Sun, 25 Jun 2023 22:49:34 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 96E7 90 KB
91 KB 81ms
24ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 18:18:28 GMT
x-content-type-options: nosniff
age: 189066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92629
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jun 2024 18:18:28 GMT

GET
H2 200 yemeknet.js Show response
ye-mek.net/js/ Frame 96E7 10 KB
2 KB 79ms
79ms Script
application/javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/js/yemeknet.js?v=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Sun, 25 Jun 2023 22:49:34 GMT
content-encoding: br
last-modified: Tue, 20 Aug 2019 13:15:54 GMT
server: Microsoft-IIS/10.0
etag: "0a144655957d51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2179

GET
H2 200 maincss.css
cdn.ye-mek.net/ Frame 96E7 40 KB
12 KB 51ms
15ms Stylesheet
text/css 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ye-mek.net/maincss.css?v=434
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 5923932
x-accel-date: 1681809442
x-77-nzt: AZySIYjuhD7/XGRaAA
x-accel-expires: @1713345442
last-modified: Tue, 24 Nov 2020 00:00:32 GMT
server: CDN77-Turbo
etag: W/"5fbc4d20-9e5b"
x-77-nzt-ray: f6587a1d29d9decc7ec4986411ed4523
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 96E7 121 KB
47 KB 60ms
25ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df44afd9580ba1b37743d8b9604e0f11fb0daabea9eeea20b0361aff8f1b068d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47885
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Jun 2023 22:49:34 GMT

GET
H2 200 searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame 96E7 542 B
897 B 13ms
12ms Image
image/png 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923984
x-accel-date: 1681809390
content-length: 542
x-77-nzt: AZySIYiraOn/kGRaAA
x-accel-expires: @1713345390
last-modified: Sat, 22 Oct 2022 20:00:57 GMT
server: CDN77-Turbo
etag: "63544bf9-21e"
x-77-nzt-ray: f6587a1d29d9decc7ec49864dc884527
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ara.png
cdn.ye-mek.net/App_UI/Img/ Frame 96E7 2 KB
2 KB 13ms
12ms Image
image/png 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923932
x-accel-date: 1681809442
content-length: 1651
x-77-nzt: AZySIYgrBOv/XGRaAA
x-accel-expires: @1713345442
last-modified: Mon, 14 May 2018 22:41:08 GMT
server: CDN77-Turbo
etag: "5afa1084-673"
x-77-nzt-ray: f6587a1d29d9decc7ec49864ffef8428
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kaburga-misir-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 96E7 17 KB
17 KB 22ms
16ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/kaburga-misir-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 60553b12e1cecec323684ec8158d0fdcc8cc22ae5ee712fc104390e70637df74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 84664
x-accel-date: 1687648710
content-length: 17278
x-77-nzt: AZySIYhTq6H/uEoBAA
x-accel-expires: @1719184710
last-modified: Sat, 24 Jun 2023 23:00:33 GMT
server: CDN77-Turbo
etag: "64977591-437e"
x-77-nzt-ray: f6587a1d29d9decc7ec49864798bec28
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 bezelyeli-enginar-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 96E7 13 KB
14 KB 27ms
19ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/bezelyeli-enginar-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b28212f4baadf3c72472e06c83eeb9f674659bc3390f8279644cc35c2b3cca60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 170182
x-accel-date: 1687563192
content-length: 13577
x-77-nzt: AZySIYhgbkP/xpgCAA
x-accel-expires: @1719099192
last-modified: Fri, 23 Jun 2023 23:12:58 GMT
server: CDN77-Turbo
etag: "649626fa-3509"
x-77-nzt-ray: f6587a1d29d9decc7ec49864d6231629
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 cilek-kompostosu-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 96E7 13 KB
13 KB 32ms
25ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/cilek-kompostosu-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1c850554971fd0815ab530813c41947b41fd5485122fcc6ddad7e52554ca4c5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 259380
x-accel-date: 1687473994
content-length: 13316
x-77-nzt: AZySIYgxqx//NPUDAA
x-accel-expires: @1719009994
last-modified: Thu, 22 Jun 2023 22:09:37 GMT
server: CDN77-Turbo
etag: "6494c6a1-3404"
x-77-nzt-ray: f6587a1d29d9decc7ec49864feb21e29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 buzlukta-havuc-saklama-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 96E7 15 KB
15 KB 36ms
28ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/buzlukta-havuc-saklama-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c2b14f3faab1ff78bc25ec1143035f67f3653c08c243adfa3772e33e52502a1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 344774
x-accel-date: 1687388600
content-length: 14858
x-77-nzt: AZySIYiBt3r/xkIFAA
x-accel-expires: @1718924600
last-modified: Wed, 21 Jun 2023 22:51:04 GMT
server: CDN77-Turbo
etag: "64937ed8-3a0a"
x-77-nzt-ray: f6587a1d29d9decc7ec4986453f32629
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 bugu-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/07/ Frame 96E7 11 KB
12 KB 37ms
29ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/07/bugu-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7de327885eb13552b4d8343d92108ecd9f34c139b358c2e2e4573227be944949

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923174
x-accel-date: 1681810200
content-length: 11750
x-77-nzt: AZySIYgJlav/ZmFaAA
x-accel-expires: @1713346200
last-modified: Wed, 01 May 2019 23:21:23 GMT
server: CDN77-Turbo
etag: "5cca29f3-2de6"
x-77-nzt-ray: f6587a1d29d9decc7ec4986489392e29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 patlican-oturtma-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2013/07/ Frame 96E7 14 KB
14 KB 37ms
29ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2013/07/patlican-oturtma-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 82b26c270816480cac7ae6e6b713f4aa513bbfa78e68d5b6d2230ba9eb055519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923159
x-accel-date: 1681810215
content-length: 13962
x-77-nzt: AZySIYgMy1H/V2FaAA
x-accel-expires: @1713346215
last-modified: Wed, 01 May 2019 22:16:19 GMT
server: CDN77-Turbo
etag: "5cca1ab3-368a"
x-77-nzt-ray: f6587a1d29d9decc7ec498645ff73329
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-bamya-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/08/ Frame 96E7 12 KB
12 KB 37ms
30ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/08/tavuklu-bamya-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 94dc350acb3e491e883e23665acdfe801c1559d67026fbcd533dfce70d5a6270

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 117636
x-accel-date: 1687615738
content-length: 12328
x-77-nzt: AZySIYgjwZv/hMsBAA
x-accel-expires: @1719151738
last-modified: Wed, 21 Aug 2019 22:20:01 GMT
server: CDN77-Turbo
etag: "5d5dc391-3028"
x-77-nzt-ray: f6587a1d29d9decc7ec49864f4893829
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuk-fajita-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/04/ Frame 96E7 12 KB
12 KB 42ms
35ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/04/tavuk-fajita-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d966ecd46380ed5fdc36aadcd4b5a4bbd65ba852833ce5e834a4e37380ac9535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5920386
x-accel-date: 1681812988
content-length: 12005
x-77-nzt: AZySIYjNCMb/glZaAA
x-accel-expires: @1713348988
last-modified: Wed, 01 May 2019 23:32:42 GMT
server: CDN77-Turbo
etag: "5cca2c9a-2ee5"
x-77-nzt-ray: f6587a1d29d9decc7ec4986473653d29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 helle-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/05/ Frame 96E7 10 KB
11 KB 42ms
35ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/05/helle-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1cea80ffc30d80158c46d24a373c07f3fd1f12b0964ec0960d54cc7476dbe5ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923196
x-accel-date: 1681810178
content-length: 10666
x-77-nzt: AZySIYhdqOb/fGFaAA
x-accel-expires: @1713346178
last-modified: Fri, 03 May 2019 21:45:18 GMT
server: CDN77-Turbo
etag: "5cccb66e-29aa"
x-77-nzt-ray: f6587a1d29d9decc7ec49864283f4329
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 erzurum-helvasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/02/ Frame 96E7 11 KB
12 KB 42ms
35ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/02/erzurum-helvasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ce1d83c141c0efd469c46097a827914115fb3f663b722b4ac8923d00234552c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923363
x-accel-date: 1681810011
content-length: 11700
x-77-nzt: AZySIYgdbP7/I2JaAA
x-accel-expires: @1713346011
last-modified: Tue, 18 Feb 2020 23:09:17 GMT
server: CDN77-Turbo
etag: "5e4c6e9d-2db4"
x-77-nzt-ray: f6587a1d29d9decc7ec4986473245029
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 harire-tatlisi-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/11/ Frame 96E7 17 KB
17 KB 42ms
36ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/11/harire-tatlisi-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6422dc989c7ed2f0e36102e17d4207dc8374dc040183e8b752e21f77f8e3a31c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 209930
x-accel-date: 1687523444
content-length: 17098
x-77-nzt: AZySIYg5f2n/CjQDAA
x-accel-expires: @1719059444
last-modified: Sat, 20 Nov 2021 22:46:59 GMT
server: CDN77-Turbo
etag: "61997ae3-42ca"
x-77-nzt-ray: f6587a1d29d9decc7ec49864f9915729
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 acem-koftesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/03/ Frame 96E7 14 KB
14 KB 43ms
36ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/03/acem-koftesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b0a9edd9406b9e846d2613b16def49dca3d2307816622cb274acc4d0d2314245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923733
x-accel-date: 1681809641
content-length: 14065
x-77-nzt: AZySIYhU2dP/lWNaAA
x-accel-expires: @1713345641
last-modified: Sun, 15 Mar 2020 20:02:10 GMT
server: CDN77-Turbo
etag: "5e6e89c2-36f1"
x-77-nzt-ray: f6587a1d29d9decc7ec498647e3e5f29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-patlican-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2014/05/ Frame 96E7 15 KB
15 KB 43ms
36ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2014/05/firinda-patlican-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fe665a455aceb9598500cae8ccd808cbffe5a3525c32cdc7bcbaa0e83a58ac0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923174
x-accel-date: 1681810200
content-length: 15015
x-77-nzt: AZySIYgFGIX/ZmFaAA
x-accel-expires: @1713346200
last-modified: Wed, 01 May 2019 22:25:01 GMT
server: CDN77-Turbo
etag: "5cca1cbd-3aa7"
x-77-nzt-ray: f6587a1d29d9decc7ec49864b9256829
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kc4b1ymalc4b1-kibrit-kebabc4b1-resimli-yemek-tarifi-20.jpg
cdn.ye-mek.net/App_UI/Img/out/270/2012/09/ Frame 96E7 14 KB
14 KB 43ms
37ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2012/09/kc4b1ymalc4b1-kibrit-kebabc4b1-resimli-yemek-tarifi-20.jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: dacdec6aa88bb9571d309c295248ee5b202de625eba8aaa232f863ad9ba9fed5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5922626
x-accel-date: 1681810748
content-length: 14293
x-77-nzt: AZySIYjUaYf/Ql9aAA
x-accel-expires: @1713346748
last-modified: Wed, 01 May 2019 22:05:06 GMT
server: CDN77-Turbo
etag: "5cca1812-37d5"
x-77-nzt-ray: f6587a1d29d9decc7ec49864bc3b6d29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ev-koftesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/12/ Frame 96E7 17 KB
17 KB 43ms
37ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/12/ev-koftesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a1a1863860f40862a7df0b5316bc3805f213fa1c9fb01060bbd994d91dc140ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923931
x-accel-date: 1681809443
content-length: 17248
x-77-nzt: AZySIYiUwPb/W2RaAA
x-accel-expires: @1713345443
last-modified: Sun, 25 Dec 2022 22:38:25 GMT
server: CDN77-Turbo
etag: "63a8d0e1-4360"
x-77-nzt-ray: f6587a1d29d9decc7ec4986411c37129
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 elbasan-tava-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 96E7 13 KB
14 KB 43ms
37ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/elbasan-tava-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3a7cdd2a8d457a3a736abdd116f27948e56ad18163f6f31bc4191240fe28e312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923081
x-accel-date: 1681810293
content-length: 13627
x-77-nzt: AZySIYhsdZH/CWFaAA
x-accel-expires: @1713346293
last-modified: Fri, 22 May 2020 00:07:54 GMT
server: CDN77-Turbo
etag: "5ec717da-353b"
x-77-nzt-ray: f6587a1d29d9decc7ec498640c6b7629
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-sebzeli-tavuk-yemegi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/12/ Frame 96E7 15 KB
15 KB 43ms
37ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/12/firinda-sebzeli-tavuk-yemegi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4f1949e21d597e282a24f9a971964cc38fea30c795c1b02d864f8e22988d4571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5922842
x-accel-date: 1681810532
content-length: 14959
x-77-nzt: AZySIYik+5n/GmBaAA
x-accel-expires: @1713346532
last-modified: Wed, 01 May 2019 23:10:01 GMT
server: CDN77-Turbo
etag: "5cca2749-3a6f"
x-77-nzt-ray: f6587a1d29d9decc7ec498649d168029
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuk-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/11/ Frame 96E7 12 KB
13 KB 43ms
37ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/11/tavuk-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5d867d8101d7d263052fd7656e7e10f585b485c3c38cb96e2c7bca172f579491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5920992
x-accel-date: 1681812382
content-length: 12499
x-77-nzt: AZySIYgBMkH/4FhaAA
x-accel-expires: @1713348382
last-modified: Wed, 01 May 2019 23:26:22 GMT
server: CDN77-Turbo
etag: "5cca2b1e-30d3"
x-77-nzt-ray: f6587a1d29d9decc7ec498647c728529
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-etimekli-besamel-soslu-tavuk-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/12/ Frame 96E7 12 KB
13 KB 44ms
38ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/12/firinda-etimekli-besamel-soslu-tavuk-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e041f359812b31ffb3d561c106435550a58d86540a0262a93e6e462624fada6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5922610
x-accel-date: 1681810764
content-length: 12566
x-77-nzt: AZySIYh1Jqv/Ml9aAA
x-accel-expires: @1713346764
last-modified: Wed, 01 May 2019 23:10:13 GMT
server: CDN77-Turbo
etag: "5cca2755-3116"
x-77-nzt-ray: f6587a1d29d9decc7ec498644bee8929
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-citir-tavuk-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 96E7 14 KB
14 KB 44ms
38ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/firinda-citir-tavuk-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6e517f1f2da440c36103d61ae698974db84ded6b3ac8635a8c24d8ac8652c10d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 778942
x-accel-date: 1686954432
content-length: 14117
x-77-nzt: AZySIYj8dNH/vuILAA
x-accel-expires: @1718490432
last-modified: Fri, 16 Jun 2023 22:14:46 GMT
server: CDN77-Turbo
etag: "648cded6-3725"
x-77-nzt-ray: f6587a1d29d9decc7ec498649cb88e29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 butun-mantar-kavurmasi-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/09/ Frame 96E7 15 KB
16 KB 44ms
38ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/09/butun-mantar-kavurmasi-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a9813636d064a6c030d55ade3e86f5de6475ea07aa4bb75d2197f653bd8f60d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5922029
x-accel-date: 1681811345
content-length: 15573
x-77-nzt: AZySIYhBacn/7VxaAA
x-accel-expires: @1713347345
last-modified: Thu, 16 Sep 2021 22:01:48 GMT
server: CDN77-Turbo
etag: "6143becc-3cd5"
x-77-nzt-ray: f6587a1d29d9decc7ec49864a5489329
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kereviz-pane-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2013/04/ Frame 96E7 14 KB
14 KB 44ms
38ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2013/04/kereviz-pane-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 083455b37d5acec4df41ab90d9b2ce2783b16221edd0103c215a1ed7731739d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923081
x-accel-date: 1681810293
content-length: 14044
x-77-nzt: AZySIYgJaGH/CWFaAA
x-accel-expires: @1713346293
last-modified: Wed, 01 May 2019 22:13:42 GMT
server: CDN77-Turbo
etag: "5cca1a16-36dc"
x-77-nzt-ray: f6587a1d29d9decc7ec49864028e9829
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pirasa-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/11/ Frame 96E7 11 KB
11 KB 44ms
39ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/11/pirasa-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d35c67d542078ebe3ed291cc13c0e270d15d7a3243db9397930b6d75364e568d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923392
x-accel-date: 1681809982
content-length: 11108
x-77-nzt: AZySIYg03S//QGJaAA
x-accel-expires: @1713345982
last-modified: Wed, 01 May 2019 23:26:31 GMT
server: CDN77-Turbo
etag: "5cca2b27-2b64"
x-77-nzt-ray: f6587a1d29d9decc7ec49864c99d9d29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-sutlu-karnabahar-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/12/ Frame 96E7 15 KB
15 KB 44ms
39ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/12/firinda-sutlu-karnabahar-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 598a8457413e85866a6501f257f380354f5dfb6f11ba2995668dc55d5c237bf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923546
x-accel-date: 1681809828
content-length: 15367
x-77-nzt: AZySIYjFTgH/2mJaAA
x-accel-expires: @1713345828
last-modified: Sat, 18 Dec 2021 21:47:33 GMT
server: CDN77-Turbo
etag: "61be56f5-3c07"
x-77-nzt-ray: f6587a1d29d9decc7ec49864e2d7a329
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 yogurtlu-kuskus-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/10/ Frame 96E7 12 KB
12 KB 44ms
39ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/10/yogurtlu-kuskus-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8ef632787197eed4d48c94b8bf69add99b244a562f4927b491f8ec1f4d27e8e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923846
x-accel-date: 1681809528
content-length: 12366
x-77-nzt: AZySIYjEkQ//BmRaAA
x-accel-expires: @1713345528
last-modified: Wed, 01 May 2019 23:05:42 GMT
server: CDN77-Turbo
etag: "5cca2646-304e"
x-77-nzt-ray: f6587a1d29d9decc7ec498644cb7a929
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sutlu-eriste-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/06/ Frame 96E7 15 KB
16 KB 44ms
39ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/06/sutlu-eriste-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ee9d41464ff0659fd5f2e67beaeff888ac540f69221099b55239b07939175a1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923723
x-accel-date: 1681809651
content-length: 15626
x-77-nzt: AZySIYg9u97/i2NaAA
x-accel-expires: @1713345651
last-modified: Tue, 07 Jun 2022 22:11:58 GMT
server: CDN77-Turbo
etag: "629fcd2e-3d0a"
x-77-nzt-ray: f6587a1d29d9decc7ec498649856ae29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ipek-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/04/ Frame 96E7 9 KB
10 KB 44ms
39ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/04/ipek-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b3fce6c522254e35e5dbbdd484afaacc4007ffc56c7cb235b9a6e7b15d3d6f5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5176833
x-accel-date: 1682556541
content-length: 9371
x-77-nzt: AZySIYgYUVv/Af5OAA
x-accel-expires: @1714092541
last-modified: Wed, 01 May 2019 23:47:22 GMT
server: CDN77-Turbo
etag: "5cca300a-249b"
x-77-nzt-ray: f6587a1d29d9decc7ec498644539b329
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-mercimek-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/06/ Frame 96E7 10 KB
11 KB 44ms
40ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/06/tavuklu-mercimek-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: bd9b3105907a46f1a808c0fc4b8223e88064cbb5a3606ad642b34b8168388566

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923392
x-accel-date: 1681809982
content-length: 10682
x-77-nzt: AZySIYhe6hv/QGJaAA
x-accel-expires: @1713345982
last-modified: Wed, 01 May 2019 23:35:36 GMT
server: CDN77-Turbo
etag: "5cca2d48-29ba"
x-77-nzt-ray: f6587a1d29d9decc7ec498645ff2b629
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tahinli-pide-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/10/ Frame 96E7 14 KB
14 KB 44ms
40ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/10/tahinli-pide-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3f0d21ed99dd514e23c62900e74f9178645ff8e7df24471e1780d022fdf88af5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5921357
x-accel-date: 1681812017
content-length: 14237
x-77-nzt: AZySIYgrtT//TVpaAA
x-accel-expires: @1713348017
last-modified: Tue, 13 Oct 2020 22:29:51 GMT
server: CDN77-Turbo
etag: "5f862a5f-379d"
x-77-nzt-ray: f6587a1d29d9decc7ec498644f24bc29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tarcinli-havuclu-kek-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/02/ Frame 96E7 15 KB
15 KB 44ms
40ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/02/tarcinli-havuclu-kek-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6b91c314a391f29f536508c1d0fe320e16a71c187c49a6e56b70f5d5f46baeef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 1314280
x-accel-date: 1686419094
content-length: 15017
x-77-nzt: AZySIYg424T/6A0UAA
x-accel-expires: @1717955094
last-modified: Mon, 31 Jan 2022 23:35:35 GMT
server: CDN77-Turbo
etag: "61f87247-3aa9"
x-77-nzt-ray: f6587a1d29d9decc7ec49864fa6ac029
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 carkifelek-tatlisi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/04/ Frame 96E7 13 KB
14 KB 44ms
40ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/04/carkifelek-tatlisi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4ada1ab36d79498691a5e1f161485d0aefa6f6611160e9183963d67e977a7690

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923623
x-accel-date: 1681809751
content-length: 13755
x-77-nzt: AZySIYgAxXX/J2NaAA
x-accel-expires: @1713345751
last-modified: Fri, 07 Apr 2023 22:48:19 GMT
server: CDN77-Turbo
etag: "64309db3-35bb"
x-77-nzt-ray: f6587a1d29d9decc7ec49864c2dac429
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 baklavalik-yufkadan-fistikli-katmer-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/04/ Frame 96E7 15 KB
15 KB 45ms
40ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/04/baklavalik-yufkadan-fistikli-katmer-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 845eb9ea29b7a5637e5caa0a807e46db1ad49dd0bfd4dd1145a6ea3e6895555f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923765
x-accel-date: 1681809609
content-length: 15175
x-77-nzt: AZySIYgy4jj/tWNaAA
x-accel-expires: @1713345609
last-modified: Wed, 01 May 2019 22:41:25 GMT
server: CDN77-Turbo
etag: "5cca2095-3b47"
x-77-nzt-ray: f6587a1d29d9decc7ec49864c748cc29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 yumurtasiz-krep-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/01/ Frame 96E7 14 KB
14 KB 45ms
40ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/01/yumurtasiz-krep-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: acb44d3e0809d52dd8af3dc579ac584e30cd3b786b929908a3e38f6f9dd18d0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5919339
x-accel-date: 1681814035
content-length: 14075
x-77-nzt: AZySIYgf8KX/a1JaAA
x-accel-expires: @1713350035
last-modified: Thu, 27 Jan 2022 23:32:15 GMT
server: CDN77-Turbo
etag: "61f32b7f-36fb"
x-77-nzt-ray: f6587a1d29d9decc7ec49864edfdd029
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-patatesli-yumurta-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/03/ Frame 96E7 16 KB
16 KB 45ms
40ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/03/firinda-patatesli-yumurta-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e9673ca3b0535583388ed1d9ef9155833cc4fea22742618a10718d4b38a633aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5916839
x-accel-date: 1681816535
content-length: 16218
x-77-nzt: AZySIYhWGA//p0haAA
x-accel-expires: @1713352535
last-modified: Tue, 16 Mar 2021 23:14:20 GMT
server: CDN77-Turbo
etag: "60513bcc-3f5a"
x-77-nzt-ray: f6587a1d29d9decc7ec49864c0e7d529
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 unsuz-mayasiz-ekmek-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/03/ Frame 96E7 15 KB
16 KB 45ms
41ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/03/unsuz-mayasiz-ekmek-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4700eb8b971b735339c6d28127ff4da88fe0150ecaaea67a47c57eedd4837f1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3087150
x-accel-date: 1684646224
content-length: 15561
x-77-nzt: AZySIYhNXsb/LhsvAA
x-accel-expires: @1716182224
last-modified: Sun, 29 Mar 2020 21:46:53 GMT
server: CDN77-Turbo
etag: "5e81174d-3cc9"
x-77-nzt-ray: f6587a1d29d9decc7ec498644a23da29
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-koz-tadinda-patates-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/11/ Frame 96E7 11 KB
12 KB 45ms
41ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/11/firinda-koz-tadinda-patates-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a4e20e17e33fe6f4b0488f8547af1e685ff73b8ece971d6c780db52c6391ab38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923765
x-accel-date: 1681809609
content-length: 11480
x-77-nzt: AZySIYjA39T/tWNaAA
x-accel-expires: @1713345609
last-modified: Wed, 11 Nov 2020 23:10:35 GMT
server: CDN77-Turbo
etag: "5fac6f6b-2cd8"
x-77-nzt-ray: f6587a1d29d9decc7ec498648667e429
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 _dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame 96E7 5 KB
6 KB 46ms
15ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:34 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "8ae3cdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1687733374.cds320.fr8.hn,1687733374.cds153.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length: 5605

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame 96E7 56 B
361 B 79ms
15ms Script
text/javascript 23.206.208.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-114.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Jun 2023 22:49:34 GMT
server: Oracle API Gateway
opc-request-id: /2227664DAFA544E05E2D945DFE015FC1/AAF125B666037C433D5EFA0993201281
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ Frame 96E7 465 B
585 B 46ms
16ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:34 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1687733374.cds320.fr8.hn,1687733374.cds057.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ Frame 96E7 75 KB
26 KB 160ms
50ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19533
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 66413d92e3b48b21f37de7968a4c6ee6dafb956f4963d0557959a3d10db2c492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:34 GMT
content-encoding: gzip
last-modified: Fri, 23 Jun 2023 06:55:07 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H2 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame 96E7 3 KB
2 KB 29ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00ed6bec3fac29221f31283fec86c6cd1e112fea8f06dcc00674ca9604a26d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Jun 2023 22:49:34 GMT
content-md5: +Ua8g7l5fIGpHh4tZ9v5Hg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
x-fb-debug: J5yuuLfxPhr38KnMYxeWV0gMXg97QvTIA68iR+io4mj3Ee0LCHpWGavH/+yFM+WI0h2OV4mwGLFGl6fDoYl1fg==
x-fb-content-md5: 96afc449b4fa15db6f8b93447e5e82d8
cross-origin-opener-policy: same-origin-allow-popups
etag: "c2d38584db34af804a55d5134d599505"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 25 Jun 2023 22:51:05 GMT

GET
H2 200 sprite_3.png
cdn.ye-mek.net/grafik/ Frame 96E7 21 KB
21 KB 43ms
41ms Image
image/png 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by: Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ye-mek.net/maincss.css?v=434
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 25 Jun 2023 22:49:34 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 5923932
x-accel-date: 1681809442
content-length: 21525
x-77-nzt: AZySIYiLZnz/XGRaAA
x-accel-expires: @1713345442
last-modified: Mon, 14 May 2018 20:55:05 GMT
server: CDN77-Turbo
etag: "5af9f7a9-5415"
x-77-nzt-ray: f6587a1d29d9decc7ec49864bd79e829
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H3 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame 96E7 307 KB
87 KB 21ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js?hash=73360436220a3c86841453a22d39f829

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bd3f5325edc56946cd3b4a6b91db978707a82a52605e2cc70bb2e6ba4f60268f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Jun 2023 22:49:34 GMT
content-md5: W/fS9hiFyqrwjiULKSrwmg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88819
x-fb-debug: Xi5DmjEWX0DNvH5Dy3tlxE1oiuAa6Nb1BCMBttHzlG1MvCxxf+EioboAk8Sd2w5rOMckg3uxL7eloF9DLb4DNw==
x-fb-content-md5: ff9876840eeaa509c7b6e3eb65868350
cross-origin-opener-policy: same-origin-allow-popups
etag: "f91de186850af8dc06c614dbf3450fe7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 24 Jun 2024 22:17:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 96E7 52 KB
21 KB 50ms
13ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Jun 2023 22:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 852
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 26 Jun 2023 00:35:22 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 96E7 77 KB
26 KB 117ms
42ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19533

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

916f321e4a18a7ce0ffd5932be42b4f06cca5038c2c889adfd2c19b465fb3849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26460
x-xss-protection: 0
server: cafe
etag: 330 / 19533 / m202306200101 / config-hash: 3635630053877940451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame 96E7 120 B
307 B 47ms
46ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:34 GMT
last-modified: Wed, 21 Dec 2022 18:47:42 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 120

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame DEB0 891 B
1 KB 47ms
47ms Document
text/html 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Sun, 25 Jun 2023 22:49:34 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 96E7 138 KB
48 KB 82ms
32ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19533

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0fe3ad86715a79c216a36308c199b9aa0226286cde2bea5f2af79eb423aecd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48325
x-xss-protection: 0
server: cafe
etag: 10911185980712095514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 22:49:34 GMT

GET
H2 200 prebid7.38.0.js Show response
static.virgul.com/theme/mockups/outside/ Frame 96E7 489 KB
182 KB 53ms
52ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:34 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 14:56:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 96E7 236 KB
58 KB 75ms
16ms Script
application/javascript 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19533
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:25:29 GMT
content-encoding: gzip
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
last-modified: Thu, 15 Jun 2023 18:14:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MUC50-P2
age: 1446
x-amz-server-side-encryption: AES256
etag: W/"9352f20e556bff9fea6fd0461aac850d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: DZUAE2rHJyeSjuhsLhOozHZ4Gn9S2HLclJ2WpsX7wsRBD99hOJdu-A==

GET
H2 200 pageview Show response
ng.virgul.com/ Frame 96E7 38 KB
7 KB 99ms
87ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1687733374904&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.8056856817405327
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0a4da92f4f7f1af10d9453a68d234cfb71d43fd5a83c5b251f69175c9ecf063b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:34 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/fallback/ Frame 96E7 12 KB
2 KB 47ms
47ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19533
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:34 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 21:45:07 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 hb Show response
ng.virgul.com/ Frame 96E7 50 KB
5 KB 96ms
87ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=468814
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 79cb6ad70fe727e71d8973eba82c18b1b65652ea34507aa486729951ed9f84fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:34 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 96E7 0
307 B 15ms
15ms XHR
text/plain 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 21:53:17 GMT
via: 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P2
age: 3377
x-cache: Hit from cloudfront
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: _AkBMNeEBlszBU8XGM9UR0fk1ROggoF0d7UXS8QVrX5U-eB5h_UUBw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 96E7 6 KB
3 KB 43ms
14ms XHR
application/javascript 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 210c8ad3e752d602af05a2de06eb2ff8.cloudfront.net (CloudFront)
date: Sun, 25 Jun 2023 09:19:17 GMT
x-amz-cf-pop: MUC50-P2
age: 48619
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: zPXp6SMof_F-vCGx7Vk0Cf9J968p-kJ5njPP3mMDWwu5r9H5BljSpg==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/ Frame 96E7 356 KB
119 KB 84ms
56ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31075473

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e58bf4f63bd87d87eacbf152657fef7120915f96dc3808ef9d021d108572919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122033
x-xss-protection: 0
server: cafe
etag: 1089880895665051111
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/ Frame B55A 10 KB
5 KB 52ms
14ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13953
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 18:57:02 GMT
etag: 15057649708203361565
expires: Sun, 09 Jul 2023 18:57:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 empowerwebplayer3.js Show response
static.virgul.com/theme/mockups/outside/ Frame 96E7 10 KB
3 KB 48ms
47ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 3e9569df702eb478e6e7699775a0f555b64ef9e89d89a81742bc97c7803dba96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 13:36:40 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/sites/ Frame 96E7 11 KB
5 KB 47ms
47ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=468814
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 09:08:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ Frame 96E7 17 KB
5 KB 51ms
14ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19533
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:43:05 GMT
content-encoding: gzip
age: 390
x-guploader-uploadid: ADPycdu_XFTtE4fzuYqF7RzO1XKeWRlJ4BZ_-H006tRgGWmOCeVXgJiBQB-B4WbiMZLh8amIUMvmznmmtvBM0I12iPCAwPXcGXjG
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5009
last-modified: Mon, 05 Jun 2023 16:36:50 GMT
server: UploadServer
etag: "47a886353056caf33a998c6041e20896"
vary: Accept-Encoding
x-goog-generation: 1685983010517890
x-goog-hash: crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 5009
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 zoneview
ng.virgul.com/ Frame 96E7 0
210 B 48ms
47ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1687733375045&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnet1dfca4b5-094e-4446-aa45-ceb1aa82778f&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.9538982304691452
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 25 Jun 2023 22:49:35 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/ Frame 96E7 393 KB
125 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

923ac60ae2b51d9cb2025f34d30e8188c5bdfb61e04f7d5c88908b56800c7ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 12:45:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36266
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127691
x-xss-protection: 0
server: cafe
etag: 13681810057703077335
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 24 Jun 2024 12:45:09 GMT

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ Frame 96E7 7 KB
3 KB 251ms
46ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19533
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 11:58:21 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sun, 02 Jul 2023 22:49:35 GMT

GET
H2 200 zoneview
ng.virgul.com/ Frame 96E7 0
210 B 47ms
47ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1687733375109&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnet1dfca4b5-094e-4446-aa45-ceb1aa82778f&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.6621945068313355
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 25 Jun 2023 22:49:35 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 96E7 23 B
462 B 123ms
52ms XHR
text/javascript 18.173.191.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=oR33SOclDXq0l&cb=0&ws=1600x1200&v=23.612.1758&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.191.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-191-32.muc50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 99a7400285d83f528f50f54d665628e2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P4
x-amz-rid: FEFYW8NM3BGZMN4VCMWY
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: pkDlYzCtw_nBShG6jxZCCcpfaYeEDNxYFxfxx-AEoXt7Nj_FLPiKZg==

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 96E7 107 B
457 B 70ms
21ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 96E7 27 KB
11 KB 248ms
248ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3120190652059256&correlator=1952828025405839&eid=31072019%2C31075556%2C31075028&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687733374904%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet1dfca4b5-094e-4446-aa45-ceb1aa82778f%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet1dfca4b5094e4446aa45ceb1aa82778f&sc=1&cdm=ye-mek.net&abxe=1&dt=1687733375150&lmt=1687733375&dlt=1687733374552&idt=563&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=3xewomthil6h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1913456181.1687733375&ga_sid=1687733375&ga_hid=2097080441&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39affe9402e1796f60ae6ea47415e8b515976cb76907c05778f96454e5eb9e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11660
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425583957
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4AF6 6 KB
3 KB 101ms
23ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:35 GMT
expires: Mon, 24 Jun 2024 22:49:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tag Show response
feed.pghub.io/ Frame 8E1B 13 B
258 B 56ms
22ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Sun, 25 Jun 2023 22:49:35 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 96E7 170 KB
43 KB 328ms
328ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3120190652059256&correlator=1829850600556525&eid=31072019%2C31075556%2C31075028&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=3&adks=1992264516&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687733374904%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet1dfca4b5-094e-4446-aa45-ceb1aa82778f%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D1%26amznp%3D1&ppid=vnet1dfca4b5094e4446aa45ceb1aa82778f&sc=1&cdm=ye-mek.net&abxe=1&dt=1687733375173&lmt=1687733375&dlt=1687733374552&idt=563&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=98hw6kxfkxd5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=1913456181.1687733375&ga_sid=1687733375&ga_hid=2097080441&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a5b5a6cf23559a4bbdd47781d3113470871031199a11e6449cb4055ba4d63ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44231
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 96E7 27 KB
11 KB 418ms
418ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3120190652059256&correlator=1829850600556525&eid=31072019%2C31075556%2C31075028&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=4&adks=2327352581&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687733374904%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet1dfca4b5-094e-4446-aa45-ceb1aa82778f%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D1%26amznp%3D1&ppid=vnet1dfca4b5094e4446aa45ceb1aa82778f&sc=1&cdm=ye-mek.net&abxe=1&dt=1687733375177&lmt=1687733375&dlt=1687733374552&idt=563&adxs=349&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=4ot4lhqff68r&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=1913456181.1687733375&ga_sid=1687733375&ga_hid=2097080441&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b44a96194b82e6d6379bfc9fda315abd6bd5d3f82757d732a1936b9c1690567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11739
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425583972
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 96E7 64 KB
15 KB 551ms
551ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3120190652059256&correlator=1829850600556525&eid=31072019%2C31075556%2C31075028&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=5&adks=1343742099&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687733374904%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet1dfca4b5-094e-4446-aa45-ceb1aa82778f%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D1%26amznp%3D1&ppid=vnet1dfca4b5094e4446aa45ceb1aa82778f&sc=1&cdm=ye-mek.net&abxe=1&dt=1687733375180&lmt=1687733375&dlt=1687733374552&idt=563&adxs=985&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=8pgrzr9ft3aw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=1913456181.1687733375&ga_sid=1687733375&ga_hid=2097080441&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f2455813be8ff3d363e41018a7c00ec7932660ebdc17663f9b53081af2a5cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15572
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5A83 603 B
219 B 70ms
69ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plaf=1%3A2%2C7%3A2&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733375023&bpp=4&bdt=471&idt=170&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&nras=1&correlator=5280307616153&frm=24&ife=1&pv=2&ga_vid=1913456181.1687733375&ga_sid=1687733375&ga_hid=2097080441&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759837%2C31071756%2C31074584%2C31075309%2C31075431%2C31075473%2C44788441%2C44794790&oid=2&pvsid=3120190652059256&tmod=59414405&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.abp2ro4x0t11&fsb=1&dtd=181

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31075473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 96E7 107 B
166 B 22ms
22ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 96E7 131 KB
41 KB 294ms
293ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3120190652059256&correlator=174230013775617&eid=31072019%2C31075556%2C31075028&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=6&adks=3299242717&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687733374904%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet1dfca4b5-094e-4446-aa45-ceb1aa82778f%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet1dfca4b5094e4446aa45ceb1aa82778f&sc=1&cdm=ye-mek.net&abxe=1&dt=1687733375290&lmt=1687733375&dlt=1687733374552&idt=563&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=64ni456nbx8v&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&ga_vid=1913456181.1687733375&ga_sid=1687733375&ga_hid=2097080441&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9af82253af29f75a7029a637ad811cf2ff6853a5a83f6594f89823dec5295a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41540
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 96E7 33 KB
14 KB 216ms
215ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3120190652059256&correlator=279103477678671&eid=31072019%2C31075556%2C31075028&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=7&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687733374904%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet1dfca4b5-094e-4446-aa45-ceb1aa82778f%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet1dfca4b5094e4446aa45ceb1aa82778f&sc=1&cdm=ye-mek.net&abxe=1&dt=1687733375294&lmt=1687733375&dlt=1687733374552&idt=563&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=sn2taz13o2zr&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1913456181.1687733375&ga_sid=1687733375&ga_hid=2097080441&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8436ca69ffda252efeca3241e9f358998cec316eff0daa622e947cc943d9a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14149
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 96E7 133 KB
42 KB 407ms
406ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3120190652059256&correlator=3734309685946516&eid=31072019%2C31075556%2C31075028&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=8&adks=3203893797&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687733374904%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet1dfca4b5-094e-4446-aa45-ceb1aa82778f%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet1dfca4b5094e4446aa45ceb1aa82778f&sc=1&cdm=ye-mek.net&abxe=1&dt=1687733375298&lmt=1687733375&dlt=1687733374552&idt=563&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=iyjkgndksthw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&ga_vid=1913456181.1687733375&ga_sid=1687733375&ga_hid=2097080441&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b97715f33424f5b90913a465dce8e16b844e7d7c7969f3499d9ff02b6121e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42641
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 96E7 33 KB
14 KB 236ms
235ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3120190652059256&correlator=1909714105579145&eid=31072019%2C31075556%2C31075028&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=9&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687733374904%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet1dfca4b5-094e-4446-aa45-ceb1aa82778f%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet1dfca4b5094e4446aa45ceb1aa82778f&sc=1&cdm=ye-mek.net&abxe=1&dt=1687733375300&lmt=1687733375&dlt=1687733374552&idt=563&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=y0hcsqg9mtzw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1913456181.1687733375&ga_sid=1687733375&ga_hid=2097080441&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c5b4b6c48988a75d8b011d9324950a82da9b93f6efc82d390fa5f4ed58dd7a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14623
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 96E7 121 KB
41 KB 280ms
279ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3120190652059256&correlator=3692184425796684&eid=31072019%2C31075556%2C31075028&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=10&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687733374904%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet1dfca4b5-094e-4446-aa45-ceb1aa82778f%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet1dfca4b5094e4446aa45ceb1aa82778f&sc=1&cdm=ye-mek.net&abxe=1&dt=1687733375303&lmt=1687733375&dlt=1687733374552&idt=563&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=qc1mwbwt8b6l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1913456181.1687733375&ga_sid=1687733375&ga_hid=2097080441&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63d0d932deda2775e286593cb44f808b318a8b045485956e65ab96ab913f0772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41984
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 96E7 361 KB
121 KB 76ms
23ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19533

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123120
x-xss-protection: 0
expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ Frame 96E7 398 KB
128 KB 50ms
50ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=6/25/2023
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: gzip
last-modified: Mon, 29 May 2023 18:51:56 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sun, 02 Jul 2023 22:49:35 GMT

GET
H2 200 container.html Show response
9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 942C 6 KB
3 KB 16ms
15ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:35 GMT
expires: Mon, 24 Jun 2024 22:49:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 942C 24 KB
7 KB 63ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 384404
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 20 Jun 2024 12:02:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 942C 137 KB
47 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd3ca16bab51d6d28db453bceea8192a2f085b76ae1c065ad2771f437dbfab90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Origin: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48163
x-xss-protection: 0
server: cafe
etag: 3737441295758309895
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 942C 179 KB
56 KB 160ms
111ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H3 200 container.html Show response
9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 996B 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:35 GMT
expires: Mon, 24 Jun 2024 22:49:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CA00 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:35 GMT
expires: Mon, 24 Jun 2024 22:49:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 15EA 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:35 GMT
expires: Mon, 24 Jun 2024 22:49:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 942C 0
0 53ms
52ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssh0YxVAhP2B7Qu9VI02-UE-BX2vDTQNNgnxCXqY8xRDUxx7r5Du8qOGvSWxwDDGUJ3LFDU9jVCT9TYtR0cixAqd2hDwB1r5YfCs62RehftcoYYsfCj8h-HZGV5W7VGqdmyKrkeSkQVKVfxLb0rL-UhkM3BxJ-9vi_wFfmI-Z_75aIZ63VFnbbx6hjGfQ0MCfZmb745IynTcEE_hpC-uwKq3-FE8AxcWIPrnJbkWWzTRYah12GHZu_lXdVZu34KEh2iHH11wZ19PnAoJpFaESX5Xfpyu4Elh9xvvv_JGxdfC-tRX2GLWB3TvAKzLJ9AwJVIi8kzeZQggZy7duesO7hHekgrIcSvQ0vZibbFw9InHPG_xjp_2j9tpA&sai=AMfl-YThkkwVipkAuygSKEGu9rmKNh46LO51twO8KeCcet9ArhirFo3RV5TS_CvR5RkWOjlhhUch9jXyfGSU41e_uUW1rUKk3O368SOsPmVPgOI&sig=Cg0ArKJSzH6--pahofCxEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A6D5 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:35 GMT
expires: Mon, 24 Jun 2024 22:49:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 9162cfb8f9e171e5e49ad48038de6feb.js Show response
www.gstatic.com/mysidia/ Frame 996B 8 KB
4 KB 52ms
13ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9162cfb8f9e171e5e49ad48038de6feb.js?tag=client_fast_engine_2019

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211dc8588f711db179785e224fe895b50a4398e4c69ccfff61704fa2793f394d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 22:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 432932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3796
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Sep 2023 22:34:03 GMT

GET
H2 200 c7c7fc4498c55ae5bd5c07be5baea188.js Show response
www.gstatic.com/mysidia/ Frame 996B 35 KB
14 KB 52ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c7c7fc4498c55ae5bd5c07be5baea188.js?tag=local_product/lca_square_v3

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9660001e85696de25af9973353857f8890029cb744d86948018bb679d52c7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 06:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14018
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 06:35:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 996B 21 KB
2 KB 61ms
23ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2Cbold

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 21:58:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 996B 2 KB
892 B 23ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:22:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 996B 22 KB
9 KB 24ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 18:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 18:49:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 996B 3 KB
1 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:48:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 996B 19 KB
8 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:19:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 996B 179 KB
56 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H3 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame 996B 33 KB
14 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 10:26:40 GMT

GET
H3 200 container.html Show response
9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 89EE 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:35 GMT
expires: Mon, 24 Jun 2024 22:49:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2FDD 6 KB
3 KB 15ms
15ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:35 GMT
expires: Mon, 24 Jun 2024 22:49:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CA00 0
0 59ms
57ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ClUMIf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT1AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyNxllUYcjyROU-jvstXdfjY5soECoxQ2BgzeUKmJLTTt4-t_1gg14AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=kNoaswyPHRI&uach_m=[UACH]&cid=CAQSOwBygQiD_goRT-uYS5e7dvttf51aOtf0lAJCqEpiKkle7BYaYB02Ely5J6pHvBPk8poys50G5SF9g_tUGAE
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame CA00 0
0 57ms
19ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hyxg34skb6btbf3bm1v9zwd8r14dgqfjt24xxgwx78cbk2xdw6x0t6mnhstabx2z4tqzwc18h97ham9jg4wd6wh6z9vpv7jggqz6ntxbn20c8zttgdnek7vnj0r31sxcwrnzpa6havzthjegezeffbw5860zsrrat2s1gpkdex2t1m8jpwm8egzsgcfcq63320rr2wmxv3x5gxdkc0vs44cwnvhczr9kpah8qaka1p34r1v0p6nhcm6bdty9zpwvpf0qhngxwzqrzsjaayh89efze71g3ajbfaw5ffrg3kg77k8477z5fcy0n933g2zy7jqgst2z3h9s2wae5zh9ebgjtnxbx3cr4bnhd5e049kk4637kw41zxd0b5x5xjqp4a2brq6rw&b=ZJjEfwAFfR8Ke65JAAFUBRL29vUrypkd1_ezxw
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 25 Jun 2023 22:49:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 4324 2 KB
3 KB 57ms
28ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1ktkgcy2c7p2bramrg0yfja4tz9rbtezmt635wgpbzd8ycyj5zyzfpk9amjwmfn4xtcj9f8gbb1njye2v2qd55f0avbt15dzrvz86z2j17qrrfkzxekdx8jp6cscq30jfww8d0jbk0t62sxnz9w7zb44jz5sr7qntgw7qjy2hnrrg3svpay27f2p3jga1tmh637ke7w7bcaz8vntaz7cqspgwrwpz8nfh7k2wth44pcg1phvb4e7be2mnedbtfdqabk7kzdjcywhj22pwvg3av6nyss1kmy8fxsfdqm80gwdtq4kyd46x6r9ed2m4ddsam1dfsag6k7aekeafjf0zk82see13sebhfp7j6zr39hesceg8czjkph23j3757h0aa03s0x836dntqr03mz76d98d14tqe04q6qx6t4c740skfm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAlUDf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT4AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyJ5ntNTLdqMOm2-nJA-U7MQApouvqTou24wcGTtxuSrB-z6jSUj9nn124AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hDRV4_vQmv3UHCsKFNhLpYQDgFQ%26client%3Dca-pub-7983651257838282%26adurl%3D

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11c5c6c1a3a50f78a352b3b15ce99e61342814eef13725d874c79bf370c07dc5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7dd0c3be2b3a3a5c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:35 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame CA00 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:48:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5D40 1 KB
643 B 15ms
13ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Mon, 26 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame CA00 19 KB
8 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:19:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CA00 0
0 84ms
23ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQNe0HWfHjwgx9x9IkvbGEE81P1yH6ZbX2J2LVHvgBIt2WOzx63fGOSuvfyQf0t51tc_t2HEIO2IO3S1zfeUagdKJAGg
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CA00 24 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 384404
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 20 Jun 2024 12:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CA00 179 KB
56 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/ Frame 942C 356 KB
119 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com&bust=31075473

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0becc067af3efb0b3e42c3cadb863177c50c83426947d2cf2b20ab1a89bc1341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122033
x-xss-protection: 0
server: cafe
etag: 12682785006206078165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 15EA 0
0 60ms
58ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C2mEQf8SYZKONFpS1gQey17nIAs-HjptcwIbZgsYCwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwHIAwKqBPcBT9CVEajPlqO_hqtKCzNd-Yssi9CDePVAX7UYmbrD087e8m7icjuW9kU-gt0dS8g7beGrnmvygCCRLZOFShVopgBKuhcmVWIDgGy9g0XTgtMvf_gdDWRuZkgzg7hDmuhe66yKZYIc1_afKFh0yDkfaFlCVJAC6VcPpktR_8UonvpHJtXU5JZ7rVgictlrr2E0Evp-FKnM_ZEm2JVbY38CYmLws49-_ugwDMCSVc2LJn1Iy_tn4XDUT5tbA_xI4E4Kqkm9W5BRGvQFfXqDnH0hWo31uw3gIlrNJZkzxrqgcC5P6PgHCRCErypiektpuEJd9NoBIyZxA-AEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzk4MzY1MTI1NzgzODI4MhjqwW0&sigh=tnwJQDd2ASc&uach_m=[UACH]&cid=CAQSOwBygQiDVvvD8BE-5q1LsM0NSyyOyCDc5CUc1RSKobBZwcEtbGAU-yznyHxzaNVoHOMQq12yZxUkIknVGAE&tpd=AGWhJmt_UYCq83W1--vdOrkygskgvyuxX71rx9i7tgtiGdKZrVenNAkrql71T2MY4WQZ0GTy7ZHO5I6978vYua3M7K_QHCZAAuZxwTycJbDSELOTdN0zs8UPb1f5XEVFDrwdERFRVI-rHGIwhvXOibiufX6rvHHSMhXYzyy1IOi96_i_mkAb-uJsxWXXdXuXjZmro1C60lAoPv1GB1eUrZotboNKAhzB7iCDpPwPgwI8h5qITjvBcDoOHmzhvogktFB0gIAMxH8_Ds8FtH91JNFN7_BDEb87Fuy82e2vV0UgZCX_luYiXZh0C3xvdctHd7YHVEhfNVvqk14_Gy6PxpJ35WSBsJKg4ZcHfYY8DDE1JtpkRJ8EdfLh20TWGL1ym4ZwSYZy5K5yVKXCgnq8Uz-sCGov8IOdRj7AFu0U8oAMkhFHX3pht9--eRRZVnyHb-4MXbuUJsDcDN_kGf6v_2TTVa1tP9x3Cgb12RiGg7a3mzRN5E4WXYYpgZZytd0YISWAdYYeSC_0xmgtwiuWJX0bcMdN-zRethv09h4c2aVcnl0EToM5XLWaE7VhxM7AdhciqhmLNQveV9zpnJJ02tpaMMR89u3mVhRPQZs9eNZTdKKqPAXMAVn08cl77mp7USmhIiP_OG7RP-nKgd5Zz0clDOK8C1GTGlMcbOBJVgfOjeCZbG-fEgIoh5VJZRIQxiBt7Nzm82-BkJoEiSJYUueGSv5vshJ1NtEwV-sR1B6huEllfry9Py-_rBkGGQnm44N5IYlQUPKLLMz1yAOFqXfBMCQpj8MGr3rIoM-Etf8NVOZG6oQ03jufY2wplo2hpojfeFLWxp4TL0N5zqmYeOK-zwbeMvq1SfuRWP9T6ImoLSDG3TUjtZDxTpx1IkzPEwL12bEZjFnyD3JFYKkYnWncANhUilYC6fdsQqc1CbLoWfCzRgMoNY120MIvuiO8mWaFc05jak5ZLMjxTOlavMh1beuVzC_lcdrSQGzzG17MI3FCHt_FNINfE1e2b7i9nXJurgb-ujfv5B9hPt4Ot83GE5159BP7mzKhTtrWnqii_Ni1rYfP63YcxKbhUr7_vq6UeBPGSTP-iIGXYrVkd4NC9-R8cNfTt3nZNr8Lku1Ibnvqe2Mkl6A
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 15EA 3 KB
2 KB 51ms
14ms Script
application/x-javascript 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRGaU1qVXdaREF0TW1NeVppMDBZakJqTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg3NDQ3MzQyODM4MDg4MjA2ODcvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1LUptbkQ5a2oyaFBEbE1oMVFnRjdsNC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NzQ0NzM0MjgzODA4ODIwNjg3L2Ftcy8wLzEyMC8zLzk5OS8xNjIvMmEwMDpjOTg6MjA1MDo6LzAuMDAwLzE2ODc3MzMzNzUvMTY4Nzc0NTk3NS80L3B1Yi03OTgzNjUxMjU3ODM4MjgyLw/AFgotjU6LYu2AG-5G-7IXyJu_qs&nodeid=3286&group=cdg&auctionid=8744734283808820687&pbs_auctionid=8744734283808820687&shardkey=8744734283808820687&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.71&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaMgKf8SYZKONFpS1gQey17nIAs-HjptcwIbZgsYCwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwHIAwKqBPoBT9CVEajPlqO_hqtKCzNd-Yssi9CDePVAX7UYmbrD087e8m7icjuW9kU-gt0dS8g7beGrnmvygCCRLZOFShVopgBKuhcmVWIDgGy9g0XTgtMvf_gdDWRuZkgzg7hDmuhe66yKZYIc1_afKFh0yDkfaFlCVJAC6VcPpktR_8UonvpHJtXU5JZ7rVgictlrr2E0Evp-FKnM_ZEm2JVbY38CYmLws49-_ugwDMCSVc2LJn1Iy_tn4XDUT5tbA_xI4E4Kqkm9W5BRGvQFfXqDnH0hWo23uSxyjuZpIhSXjhF4MIG_9ewNtRqqt8vfugvGQuND2MKvupp2jgRmcOAEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tigI5K8n-xO19YlNpEd4aYOErpA%26client%3Dca-pub-7983651257838282%26adurl%3D
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.392.6 /
Resource Hash: 83e33457cf3f5f17669a9c61326502f97e6aed5bead555f9842d783771391e43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 22:49:35 GMT
x-mm-nodeid: 3286
Content-Encoding: gzip
x-mm-bid-request-time: 1687733375
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Sun, 25 Jun 2023 22:49:35 GMT
Server: MMBD/3.392.6
x-mm-latency: 0 (0)
x-mm-notify-action-done: LD5wfw
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: cdg-router-x97, cdg-bidder-x141
x-mm-lag: 0
Expires: Sun, 25 Jun 2023 22:49:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 15EA 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:48:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 15EA 19 KB
8 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:19:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 15EA 0
0 27ms
24ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4-oW_jQSYbt23rLKj2qNWwAh8US76O2Au7FthKAoFrElzCFKJKp1z-pm3n0Tf8XM7Q5i3ukCfonu0804r8rEox4RRMQ
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 15EA 24 KB
6 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 384404
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 20 Jun 2024 12:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 15EA 179 KB
56 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H3 200 container.html Show response
9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AAA1 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:35 GMT
expires: Mon, 24 Jun 2024 22:49:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fd7a1f331e8cd4de1f7c76ae539ff9b3.js Show response
www.gstatic.com/mysidia/ Frame A6D5 9 KB
4 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fd7a1f331e8cd4de1f7c76ae539ff9b3.js?tag=client_fast_engine_2019

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b419bc31d076c8dfb5c8423f024c9efa32e1c64d1d35fd36dce64d23ba5c0b51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:04:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3970
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 19:50:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 20:04:48 GMT

GET
H2 200 d6eaa537eaca368d0ffdeded54ff1f36.js Show response
www.gstatic.com/mysidia/ Frame A6D5 23 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d6eaa537eaca368d0ffdeded54ff1f36.js?tag=pingback

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e520e6f9d499ce8fb77432f349c4a952aa098f3b76254de6d50504c4f51f730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9351
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 19:50:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 20:12:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A6D5 14 KB
1 KB 26ms
25ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 21:05:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame A6D5 2 KB
905 B 17ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:22:22 GMT

GET
H2 200 136beb7e84d4b05a5b5bba85738ca9f6.js Show response
www.gstatic.com/mysidia/ Frame A6D5 6 KB
2 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 23:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2330
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 23:29:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame A6D5 22 KB
9 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 18:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 18:49:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame A6D5 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:48:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame A6D5 19 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:19:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A6D5 0
0 21ms
21ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTA7jCfEVO8soG-QWVU9V-UtCJFk_RMhH2u--AMsfReX9qyVNs6QF4ROu5SHmXOXy20opf7eG7Q-VDjrT75zo2B8yMo6Q
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A6D5 179 KB
56 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H3 200 95d52fd2d3470bdf70a280ba9b2fe75b.js Show response
www.gstatic.com/mysidia/ Frame A6D5 34 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/95d52fd2d3470bdf70a280ba9b2fe75b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4280cd4b56f2c32730c10b51d0f72b21d2a82f83104f1f450d3436d5166d692e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 22:02:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 19:50:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 22:02:06 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.42/one-ad/ Frame 4324 106 KB
13 KB 31ms
29ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ktkgcy2c7p2bramrg0yfja4tz9rbtezmt635wgpbzd8ycyj5zyzfpk9amjwmfn4xtcj9f8gbb1njye2v2qd55f0avbt15dzrvz86z2j17qrrfkzxekdx8jp6cscq30jfww8d0jbk0t62sxnz9w7zb44jz5sr7qntgw7qjy2hnrrg3svpay27f2p3jga1tmh637ke7w7bcaz8vntaz7cqspgwrwpz8nfh7k2wth44pcg1phvb4e7be2mnedbtfdqabk7kzdjcywhj22pwvg3av6nyss1kmy8fxsfdqm80gwdtq4kyd46x6r9ed2m4ddsam1dfsag6k7aekeafjf0zk82see13sebhfp7j6zr39hesceg8czjkph23j3757h0aa03s0x836dntqr03mz76d98d14tqe04q6qx6t4c740skfm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAlUDf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT4AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyJ5ntNTLdqMOm2-nJA-U7MQApouvqTou24wcGTtxuSrB-z6jSUj9nn124AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hDRV4_vQmv3UHCsKFNhLpYQDgFQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1ktkgcy2c7p2bramrg0yfja4tz9rbtezmt635wgpbzd8ycyj5zyzfpk9amjwmfn4xtcj9f8gbb1njye2v2qd55f0avbt15dzrvz86z2j17qrrfkzxekdx8jp6cscq30jfww8d0jbk0t62sxnz9w7zb44jz5sr7qntgw7qjy2hnrrg3svpay27f2p3jga1tmh637ke7w7bcaz8vntaz7cqspgwrwpz8nfh7k2wth44pcg1phvb4e7be2mnedbtfdqabk7kzdjcywhj22pwvg3av6nyss1kmy8fxsfdqm80gwdtq4kyd46x6r9ed2m4ddsam1dfsag6k7aekeafjf0zk82see13sebhfp7j6zr39hesceg8czjkph23j3757h0aa03s0x836dntqr03mz76d98d14tqe04q6qx6t4c740skfm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAlUDf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT4AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyJ5ntNTLdqMOm2-nJA-U7MQApouvqTou24wcGTtxuSrB-z6jSUj9nn124AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hDRV4_vQmv3UHCsKFNhLpYQDgFQ%26client%3Dca-pub-7983651257838282%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1686312358
age: 211109
cf-polished: origSize=108907
x-guploader-uploadid: ADPycds4BaPB2cnNKfGCpO0DHbi1YsFTcCTGXC9fJnH_NboEzcGfHcnLXlcIvq2iasQ1ZmCVOJqaFT1yvUfFyfqQRQlEfuWooABE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 09 Jun 2023 12:06:25 GMT
server: cloudflare
etag: W/"913a188acf4937267d989357edafdccf"
vary: Accept-Encoding
x-goog-generation: 1686312385390155
content-type: text/css
x-goog-hash: crc32c=+kWf1Q==, md5=kToYis9JNyZ9mJNX7a/czw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7b2vDnWrb6un9jd6YMrfz2Xj8kAc5AddK1B1RGToWhbSadIYnyKnxx7WIVJX9RUGXFG15ugux%2Bb9%2BGyfcsJaXBIQmEw8d%2BMUTC7FgL2QvAaMVPAjBpzpJ1ALLr%2Fq7SL4xy1S8j85uBs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 108907
cf-ray: 7dd0c3beec123a5c-FRA
expires: Sun, 25 Jun 2023 23:49:35 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 4324 25 KB
10 KB 62ms
26ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ktkgcy2c7p2bramrg0yfja4tz9rbtezmt635wgpbzd8ycyj5zyzfpk9amjwmfn4xtcj9f8gbb1njye2v2qd55f0avbt15dzrvz86z2j17qrrfkzxekdx8jp6cscq30jfww8d0jbk0t62sxnz9w7zb44jz5sr7qntgw7qjy2hnrrg3svpay27f2p3jga1tmh637ke7w7bcaz8vntaz7cqspgwrwpz8nfh7k2wth44pcg1phvb4e7be2mnedbtfdqabk7kzdjcywhj22pwvg3av6nyss1kmy8fxsfdqm80gwdtq4kyd46x6r9ed2m4ddsam1dfsag6k7aekeafjf0zk82see13sebhfp7j6zr39hesceg8czjkph23j3757h0aa03s0x836dntqr03mz76d98d14tqe04q6qx6t4c740skfm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAlUDf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT4AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyJ5ntNTLdqMOm2-nJA-U7MQApouvqTou24wcGTtxuSrB-z6jSUj9nn124AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hDRV4_vQmv3UHCsKFNhLpYQDgFQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 527463
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PejiSyLjJd7W07fRKIW1l8Ttf%2FQ3BM1IpTY8%2Fgynazb0wtroobts4YWM4pxzf96GyAtuQ9cGu4hMJ%2Bg%2BFi%2Ff5dAi4BrxKSKD7Ch0kQiOk21sh%2B03Q7KNn3FE8K5JTkMc9NNRmxE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7dd0c3bf1c723a5c-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Jun 2023 13:46:16 GMT

GET
H3 200 container.html Show response
9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B0B2 6 KB
3 KB 22ms
16ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:35 GMT
expires: Mon, 24 Jun 2024 22:49:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fd7a1f331e8cd4de1f7c76ae539ff9b3.js Show response
www.gstatic.com/mysidia/ Frame 89EE 9 KB
4 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fd7a1f331e8cd4de1f7c76ae539ff9b3.js?tag=client_fast_engine_2019

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b419bc31d076c8dfb5c8423f024c9efa32e1c64d1d35fd36dce64d23ba5c0b51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:04:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3970
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 19:50:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 20:04:48 GMT

GET
H3 200 d6eaa537eaca368d0ffdeded54ff1f36.js Show response
www.gstatic.com/mysidia/ Frame 89EE 23 KB
9 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d6eaa537eaca368d0ffdeded54ff1f36.js?tag=pingback

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e520e6f9d499ce8fb77432f349c4a952aa098f3b76254de6d50504c4f51f730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9351
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 19:50:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 20:12:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 89EE 2 KB
905 B 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:22:22 GMT

GET
H3 200 136beb7e84d4b05a5b5bba85738ca9f6.js Show response
www.gstatic.com/mysidia/ Frame 89EE 6 KB
2 KB 32ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 23:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2330
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 23:29:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 89EE 22 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 18:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 18:49:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 89EE 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:48:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 89EE 19 KB
8 KB 31ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:19:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 89EE 0
0 21ms
21ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQF-0dJGaNKWrX9A7Sfs3ODV7Waqy3I9uzQOFBjWWSk0hQuwf2EM6AFnhst-MT3liPJzMn27OgolBVu7Svg6ilpmyiyeQ
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 89EE 179 KB
56 KB 50ms
32ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H3 200 95d52fd2d3470bdf70a280ba9b2fe75b.js Show response
www.gstatic.com/mysidia/ Frame 89EE 34 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/95d52fd2d3470bdf70a280ba9b2fe75b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4280cd4b56f2c32730c10b51d0f72b21d2a82f83104f1f450d3436d5166d692e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 22:02:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 19:50:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 22:02:06 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2FDD 24 KB
6 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 384404
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 20 Jun 2024 12:02:51 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2FDD 139 KB
48 KB 40ms
33ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be39d51a3750f8e0f401a2728d53878d56fda876dcea1adc842bf82320fa0797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Origin: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48841
x-xss-protection: 0
server: cafe
etag: 10185588650820653234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2FDD 179 KB
56 KB 51ms
45ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D40
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEICJ06hvwFdADg2HV5SrdbI&google_cver=1&google_push=ATf1kGOS2ye1dbebCzGJ_cSLWNmDN90uWJX2NBAtK_BFcsjYh0HDOIk9Li1IMmBATeQo7oH4V16YEJA9cg2yL-NB...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aGNkmMR_SwGkkJbjwnEnSA&google_push=ATf1kGOS2ye1dbebCzGJ_cSLWNmDN90uWJX2NBAtK_BFcsjYh0HDOIk9Li1IMmBATeQo7oH4V16YEJA9cg2yL-NBF3znm5hq...

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aGNkmMR_SwGkkJbjwnEnSA&google_push=ATf1kGOS2ye1dbebCzGJ_cSLWNmDN90uWJX2NBAtK_BFcsjYh0HDOIk9Li1IMmBATeQo7oH4V16YEJA9cg2yL-NBF3znm5hqaUTg2w

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 25 Jun 2023 22:49:36 GMT
Server: MT3 1031 59fd23a master pao pao-pixel-x19 config_version:"386"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aGNkmMR_SwGkkJbjwnEnSA&google_push=ATf1kGOS2ye1dbebCzGJ_cSLWNmDN90uWJX2NBAtK_BFcsjYh0HDOIk9Li1IMmBATeQo7oH4V16YEJA9cg2yL-NBF3znm5hqaUTg2w
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 5D40
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEH8j65r_XFEixcY8GFZDuzg&google_cver=1&google_push=ATf1kGMNMAcgVV6Wc4V5lyo9DE142GwivM1btLSb4WPfHHqUvOKajcoYJkoWPNtj4Cm09QFg7WpqXmuvXitoxjEql6WuxD2iq66oL...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH8j65r_XFEixcY8GFZDuzg&google_cver=1&google_push=ATf1kGMNMAcgVV6Wc4V5lyo9DE142GwivM1btLSb4WPfHHqUvOKajcoYJkoWPNtj4Cm09QFg7WpqXmuvXitoxjEql6WuxD2iq66...

43 B
388 B

195ms
186ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH8j65r_XFEixcY8GFZDuzg&google_cver=1&google_push=ATf1kGMNMAcgVV6Wc4V5lyo9DE142GwivM1btLSb4WPfHHqUvOKajcoYJkoWPNtj4Cm09QFg7WpqXmuvXitoxjEql6WuxD2iq66oLQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMNMAcgVV6Wc4V5lyo9DE142GwivM1btLSb4WPfHHqUvOKajcoYJkoWPNtj4Cm09QFg7WpqXmuvXitoxjEql6WuxD2iq66oLQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7dd0c3c15ace2bdf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 82
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH8j65r_XFEixcY8GFZDuzg&google_cver=1&google_push=ATf1kGMNMAcgVV6Wc4V5lyo9DE142GwivM1btLSb4WPfHHqUvOKajcoYJkoWPNtj4Cm09QFg7WpqXmuvXitoxjEql6WuxD2iq66oLQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMNMAcgVV6Wc4V5lyo9DE142GwivM1btLSb4WPfHHqUvOKajcoYJkoWPNtj4Cm09QFg7WpqXmuvXitoxjEql6WuxD2iq66oLQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7dd0c3bf98fa2bdf-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5D40
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBr72T6lA4TKnpHjaxes-28&google_cver=1&google_push=ATf1kGNNDQiwAGoun-OoOS89RrqAJ0TJnx9DMydjokNJr-V1Rvmsdl4UrlV1KC2CV20mhzm7nzUhyHLbZrqRDaVl3gxTmD_-5uCA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DF47DFD2FE5411289D6C968097DF179&google_push=ATf1kGNNDQiwAGoun-OoOS89RrqAJ0TJnx9DMydjokNJr-V1Rvmsdl4UrlV1KC2CV20mhzm7nzUhyHLbZrqRDaV...

170 B
244 B

38ms
35ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DF47DFD2FE5411289D6C968097DF179&google_push=ATf1kGNNDQiwAGoun-OoOS89RrqAJ0TJnx9DMydjokNJr-V1Rvmsdl4UrlV1KC2CV20mhzm7nzUhyHLbZrqRDaVl3gxTmD_-5uCA

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 25 Jun 2023 22:49:35 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DF47DFD2FE5411289D6C968097DF179&google_push=ATf1kGNNDQiwAGoun-OoOS89RrqAJ0TJnx9DMydjokNJr-V1Rvmsdl4UrlV1KC2CV20mhzm7nzUhyHLbZrqRDaVl3gxTmD_-5uCA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 24 Jun 2023 22:49:35 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D40
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED3wvCf4NDSi1tp6qOZmrIU&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESED3wvCf4NDSi1tp6qOZmrIU&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED3wvCf4NDSi1tp6qOZmrIU&google_hm=ZJjEf0IcV8j4-h58qrAS-gAADOcAAAIB&google_nid=index&google_push=ATf1kGPwcxEewRh906gXH1FNBSZMSUhUh2bEp...

170 B
188 B

26ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED3wvCf4NDSi1tp6qOZmrIU&google_hm=ZJjEf0IcV8j4-h58qrAS-gAADOcAAAIB&google_nid=index&google_push=ATf1kGPwcxEewRh906gXH1FNBSZMSUhUh2bEpCk9HYg3GBpfXjDYAUc-5zxL4XOIs_4mOT4c6Zl2b53zcBDGzsxv4-FULha0yzLc

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 25 Jun 2023 22:49:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED3wvCf4NDSi1tp6qOZmrIU&google_hm=ZJjEf0IcV8j4-h58qrAS-gAADOcAAAIB&google_nid=index&google_push=ATf1kGPwcxEewRh906gXH1FNBSZMSUhUh2bEpCk9HYg3GBpfXjDYAUc-5zxL4XOIs_4mOT4c6Zl2b53zcBDGzsxv4-FULha0yzLc
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5D40
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENeB_X1_c9Q_PwCfY93LiYs&google_cver=1&google_push=ATf1kGNXm5PV9QWEmqHm-1qM1JSJ6IlDnH5sqcyx8GO58SQGyMA3P60NSTXDLE2acvK1e1GKpeUy9WBpzmheus7g...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNXm5PV9QWEmqHm-1qM1JSJ6IlDnH5sqcyx8GO58SQGyMA3P60NSTXDLE2acvK1e1GKpeUy9WBpzmheus7g5I4kYShLaGJ72Q

170 B
233 B

38ms
36ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNXm5PV9QWEmqHm-1qM1JSJ6IlDnH5sqcyx8GO58SQGyMA3P60NSTXDLE2acvK1e1GKpeUy9WBpzmheus7g5I4kYShLaGJ72Q

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 25 Jun 2023 22:49:35 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNXm5PV9QWEmqHm-1qM1JSJ6IlDnH5sqcyx8GO58SQGyMA3P60NSTXDLE2acvK1e1GKpeUy9WBpzmheus7g5I4kYShLaGJ72Q
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 3bE-jqWZNr24irPdMWp6vYsb_ZivxiV7F7ftj97Zq8wwftTBCjXIVQ==

GET
H2

200

/
onetag-sys.com/match/ Frame 5D40
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMM72OmqpBh-SCHrPJ1QT9w&google_cver=1&google_push=ATf1kGNVlZW3OkRws4ZM7UU4AEDr6hPRu7iTML94QHiAaAP77190Sgt2MsJBVitHUXw73D4B_83Fm7g9VpJ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNVlZW3OkRws4ZM7UU4AEDr6hPRu7iTML94QHiAaAP77190Sgt2MsJBVitHUXw73D4B_83Fm7g9VpJaZn0hMHmYrlq2DPPXj4Y
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

15ms
14ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 5D40
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOoThrLtk5q0hfSUDIUoTUU&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGOLtNGOhdIKVeCYpnuA-MvmnH-11PWikOdd-yUMA1q-sAwFBoqkDZ6Rxm_6qh36gdb3RexIebdCQWVqKfOkE2RPUWg-zllDYcQ
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
165 B

31ms
31ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sun, 25 Jun 2023 22:49:36 GMT
pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5D40 0
131 B 89ms
30ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KVZYIvHy7IjTPHL54dR7ui1EMDUZmSMtKGjZn1uNz-4EjXvqGkbNmAJU_3UZhv2WOg2hH8FQQ

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame AAA1 2 KB
892 B 15ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:22:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame AAA1 22 KB
9 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 18:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 18:49:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame AAA1 3 KB
1 KB 24ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:48:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6006 1 KB
643 B 21ms
14ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Mon, 26 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame AAA1 19 KB
8 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:19:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AAA1 0
0 31ms
22ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSI6_lHcMiY4izrIL6e6RFohtOkag1GvYXxZku2Q7FvV5k2B212UIWHoSwwBxTHug-utrdKO4C1LPNprZ45L8Ue_5RfDA
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AAA1 179 KB
56 KB 32ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H3 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame AAA1 33 KB
14 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 10:26:40 GMT

GET
H/1.1 200
OK ajk4xlebn4mw Show response
hal9000.redintelligence.net/zone/ Frame 15EA 10 KB
4 KB 58ms
15ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=8744734283808820687&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dnoo4LrfJu6Mt6pWws45cgg%26exch_seat%3D20035004448%26mt_aid%3D8744734283808820687%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D68636498-c47f-4b01-a490-96e3c2712748%26mt_cid%3D68636498-c47f-4b01-a490-96e3c2712748%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCaMgKf8SYZKONFpS1gQey17nIAs-HjptcwIbZgsYCwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwHIAwKqBPoBT9CVEajPlqO_hqtKCzNd-Yssi9CDePVAX7UYmbrD087e8m7icjuW9kU-gt0dS8g7beGrnmvygCCRLZOFShVopgBKuhcmVWIDgGy9g0XTgtMvf_gdDWRuZkgzg7hDmuhe66yKZYIc1_afKFh0yDkfaFlCVJAC6VcPpktR_8UonvpHJtXU5JZ7rVgictlrr2E0Evp-FKnM_ZEm2JVbY38CYmLws49-_ugwDMCSVc2LJn1Iy_tn4XDUT5tbA_xI4E4Kqkm9W5BRGvQFfXqDnH0hWo23uSxyjuZpIhSXjhF4MIG_9ewNtRqqt8vfugvGQuND2MKvupp2jgRmcOAEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tigI5K8n-xO19YlNpEd4aYOErpA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 09bc6f5fe9d77df8b5d63cf18019869153da22cce157fe512aed322903685b3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 22:49:35 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3458
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 15EA 49 B
330 B 48ms
17ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=8744734283808820687&node_id=3286&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRGaU1qVXdaREF0TW1NeVppMDBZakJqTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg3NDQ3MzQyODM4MDg4MjA2ODcvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1LUptbkQ5a2oyaFBEbE1oMVFnRjdsNC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NzQ0NzM0MjgzODA4ODIwNjg3L2Ftcy8wLzEyMC8zLzk5OS8xNjIvMmEwMDpjOTg6MjA1MDo6LzAuMDAwLzE2ODc3MzMzNzUvMTY4Nzc0NTk3NS80L3B1Yi03OTgzNjUxMjU3ODM4MjgyLw/AFgotjU6LYu2AG-5G-7IXyJu_qs&nodeid=3286&group=cdg&auctionid=8744734283808820687&pbs_auctionid=8744734283808820687&shardkey=8744734283808820687&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.71&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaMgKf8SYZKONFpS1gQey17nIAs-HjptcwIbZgsYCwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwHIAwKqBPoBT9CVEajPlqO_hqtKCzNd-Yssi9CDePVAX7UYmbrD087e8m7icjuW9kU-gt0dS8g7beGrnmvygCCRLZOFShVopgBKuhcmVWIDgGy9g0XTgtMvf_gdDWRuZkgzg7hDmuhe66yKZYIc1_afKFh0yDkfaFlCVJAC6VcPpktR_8UonvpHJtXU5JZ7rVgictlrr2E0Evp-FKnM_ZEm2JVbY38CYmLws49-_ugwDMCSVc2LJn1Iy_tn4XDUT5tbA_xI4E4Kqkm9W5BRGvQFfXqDnH0hWo23uSxyjuZpIhSXjhF4MIG_9ewNtRqqt8vfugvGQuND2MKvupp2jgRmcOAEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tigI5K8n-xO19YlNpEd4aYOErpA%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.392.6 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 22:49:35 GMT
Server: MMBD/3.392.6
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x95, cdg-bidder-x141
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 25 Jun 2023 22:49:34 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 15EA 43 B
418 B 63ms
20ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=8744734283808820687&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRGaU1qVXdaREF0TW1NeVppMDBZakJqTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg3NDQ3MzQyODM4MDg4MjA2ODcvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1LUptbkQ5a2oyaFBEbE1oMVFnRjdsNC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NzQ0NzM0MjgzODA4ODIwNjg3L2Ftcy8wLzEyMC8zLzk5OS8xNjIvMmEwMDpjOTg6MjA1MDo6LzAuMDAwLzE2ODc3MzMzNzUvMTY4Nzc0NTk3NS80L3B1Yi03OTgzNjUxMjU3ODM4MjgyLw/AFgotjU6LYu2AG-5G-7IXyJu_qs&nodeid=3286&group=cdg&auctionid=8744734283808820687&pbs_auctionid=8744734283808820687&shardkey=8744734283808820687&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.71&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaMgKf8SYZKONFpS1gQey17nIAs-HjptcwIbZgsYCwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwHIAwKqBPoBT9CVEajPlqO_hqtKCzNd-Yssi9CDePVAX7UYmbrD087e8m7icjuW9kU-gt0dS8g7beGrnmvygCCRLZOFShVopgBKuhcmVWIDgGy9g0XTgtMvf_gdDWRuZkgzg7hDmuhe66yKZYIc1_afKFh0yDkfaFlCVJAC6VcPpktR_8UonvpHJtXU5JZ7rVgictlrr2E0Evp-FKnM_ZEm2JVbY38CYmLws49-_ugwDMCSVc2LJn1Iy_tn4XDUT5tbA_xI4E4Kqkm9W5BRGvQFfXqDnH0hWo23uSxyjuZpIhSXjhF4MIG_9ewNtRqqt8vfugvGQuND2MKvupp2jgRmcOAEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tigI5K8n-xO19YlNpEd4aYOErpA%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x14 config_version:"1438" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 22:49:35 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x14 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sun, 25 Jun 2023 22:49:34 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 15EA 49 B
330 B 49ms
18ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=8744734283808820687&st=4562306&time=1687733375&nodeid=3286
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRGaU1qVXdaREF0TW1NeVppMDBZakJqTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg3NDQ3MzQyODM4MDg4MjA2ODcvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1LUptbkQ5a2oyaFBEbE1oMVFnRjdsNC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NzQ0NzM0MjgzODA4ODIwNjg3L2Ftcy8wLzEyMC8zLzk5OS8xNjIvMmEwMDpjOTg6MjA1MDo6LzAuMDAwLzE2ODc3MzMzNzUvMTY4Nzc0NTk3NS80L3B1Yi03OTgzNjUxMjU3ODM4MjgyLw/AFgotjU6LYu2AG-5G-7IXyJu_qs&nodeid=3286&group=cdg&auctionid=8744734283808820687&pbs_auctionid=8744734283808820687&shardkey=8744734283808820687&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.71&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaMgKf8SYZKONFpS1gQey17nIAs-HjptcwIbZgsYCwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwHIAwKqBPoBT9CVEajPlqO_hqtKCzNd-Yssi9CDePVAX7UYmbrD087e8m7icjuW9kU-gt0dS8g7beGrnmvygCCRLZOFShVopgBKuhcmVWIDgGy9g0XTgtMvf_gdDWRuZkgzg7hDmuhe66yKZYIc1_afKFh0yDkfaFlCVJAC6VcPpktR_8UonvpHJtXU5JZ7rVgictlrr2E0Evp-FKnM_ZEm2JVbY38CYmLws49-_ugwDMCSVc2LJn1Iy_tn4XDUT5tbA_xI4E4Kqkm9W5BRGvQFfXqDnH0hWo23uSxyjuZpIhSXjhF4MIG_9ewNtRqqt8vfugvGQuND2MKvupp2jgRmcOAEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0tigI5K8n-xO19YlNpEd4aYOErpA%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.392.6 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 22:49:35 GMT
Server: MMBD/3.392.6
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x50, cdg-bidder-x141
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 25 Jun 2023 22:49:34 GMT

GET
DATA 200
OK truncated
/ Frame 942C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7056179b94ee750ec70b4c01ac9ff7f6a06a3e48695847782d75abcf69cad3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 11549748137088864604
tpc.googlesyndication.com/simgad/ Frame 996B 697 KB
697 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11549748137088864604

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00b318d367780a24035143885d9ef75f11c4e1e456a20efbbbe34ead04098346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:38:57 GMT
x-content-type-options: nosniff
age: 375038
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 713323
x-xss-protection: 0
last-modified: Mon, 22 May 2023 08:27:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jun 2024 14:38:57 GMT

GET
H3 200 7270274004438815947
tpc.googlesyndication.com/simgad/ Frame 996B 3 KB
3 KB 32ms
24ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7270274004438815947?w=100&h=100

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a87115a15c920c65256aba1ec1ae22d5d5bfad9a29a29b45365ef47f8894815c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 20:49:20 GMT
x-content-type-options: nosniff
age: 93615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Tue, 01 Jun 2021 13:20:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 20:49:20 GMT

GET
H3 200 3652143368064008382
tpc.googlesyndication.com/simgad/ Frame 996B 157 KB
157 KB 34ms
25ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3652143368064008382?sqp=uqWu0g0ICOgHEOgHQEg&rs=AOga4qm63_W9BGOGMZW3W4yo6Di8XGsuhQ&w=100&h=100

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87cdee81d90c79b44e31bfe161aeb99f4daf2e4f5925921707193950887873e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:41:35 GMT
x-content-type-options: nosniff
age: 382080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160713
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 16:12:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jun 2024 12:41:35 GMT

GET
H3 200 10360451382768357602
tpc.googlesyndication.com/simgad/ Frame 996B 152 KB
152 KB 38ms
30ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10360451382768357602?sqp=uqWu0g0ICOgHEOgHQEg&rs=AOga4qnRzJA9Z8BIaeiOfQ2ewgAshjZt3g&w=100&h=100

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0d8f3ac9fc525760b939918e38642ea90c0583b6432c9f955fdbaed0f32b19b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:50:08 GMT
x-content-type-options: nosniff
age: 385167
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 155443
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 16:13:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jun 2024 11:50:08 GMT

GET
H3 200 2221502854848882862
tpc.googlesyndication.com/simgad/ Frame 996B 135 KB
135 KB 32ms
24ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2221502854848882862?sqp=uqWu0g0ICOgHEOgHQEg&rs=AOga4qn_bTChT65P9uPHu9EGMsplGDx9Vw&w=100&h=100

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

867012b8a1d06615a588bd03812248123cf62fab0a2a7dea528379b2e48f61b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 04:28:07 GMT
x-content-type-options: nosniff
age: 152488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138043
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 16:13:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 04:28:07 GMT

GET
H3 200 13899676516715381102
tpc.googlesyndication.com/simgad/ Frame 996B 52 KB
52 KB 41ms
33ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13899676516715381102?sqp=uqWu0g0ICOgHEOgHQEg&rs=AOga4qmI0doqKJJlV8rp1PdeehYWg5hd3Q&w=100&h=100

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e957fa3b58e29758a1479660620644c2b29203302d32be915d693652e7a71f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 05:37:48 GMT
x-content-type-options: nosniff
age: 407507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52736
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 16:13:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jun 2024 05:37:48 GMT

GET
H3 200 15518675574943847629
tpc.googlesyndication.com/simgad/ Frame 996B 77 KB
77 KB 48ms
40ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15518675574943847629?sqp=uqWu0g0ICOgHEOgHQEg&rs=AOga4qm4UHnmSy8qz4xcFZPQCk7vZytOlg&w=100&h=100

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

936b50b08938f7307a68a6ee3066d2877b1327670461e8ddb46b3a062bb0c1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 05:37:48 GMT
x-content-type-options: nosniff
age: 407507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78938
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 16:12:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jun 2024 05:37:48 GMT

GET
H3 200 14227982764697348795
tpc.googlesyndication.com/simgad/ Frame 996B 53 KB
53 KB 52ms
45ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14227982764697348795?sqp=uqWu0g0ICOgHEOgHQEg&rs=AOga4qm_CcXLEOyz6fYa2D1S9H_X7MZ5bw&w=100&h=100

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a829930b8ab95c07ef602df21f922d5e2b13621d2499eaedcbc717bc8f01ac1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 00:10:21 GMT
x-content-type-options: nosniff
age: 427154
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54143
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 16:41:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jun 2024 00:10:21 GMT

GET
H3 200 11498981896757837680
tpc.googlesyndication.com/simgad/ Frame 996B 50 KB
51 KB 42ms
35ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11498981896757837680?sqp=uqWu0g0ICOgHEOgHQEg&rs=AOga4qkGEgpOvHi6XvVNF53i_064BJlytQ&w=100&h=100

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6d869df20b0af22707393356591215d6cef9ead59654ab8f7082c8cd40f6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:01:30 GMT
x-content-type-options: nosniff
age: 391685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51696
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 16:12:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jun 2024 10:01:30 GMT

GET
H3 200 2269545576638870885
tpc.googlesyndication.com/simgad/ Frame 996B 66 KB
66 KB 50ms
43ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2269545576638870885?sqp=uqWu0g0ICOgHEOgHQEg&rs=AOga4qkfCJUplrzroWRrBNv58uA0iGRjsQ&w=100&h=100

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71d289a4354a65025282f3bdcc13de8ba5582e41fb575830d0bdd774c257266d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:06:35 GMT
x-content-type-options: nosniff
age: 402180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67913
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 16:12:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jun 2024 07:06:35 GMT

GET
H3 200 9064474727177079827
tpc.googlesyndication.com/simgad/ Frame 996B 81 KB
81 KB 57ms
50ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9064474727177079827?sqp=uqWu0g0ICOgHEOgHQEg&rs=AOga4qmSUZvA2MerncyZHAgf1Yzf_8eI4A&w=100&h=100

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a592a0a94c5eb46d7460c27b035de7b282e7ff34782f439fe301971734dab31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 05:28:11 GMT
x-content-type-options: nosniff
age: 148884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82987
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 16:12:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 05:28:11 GMT

GET
H3 200 5433795835586566919
tpc.googlesyndication.com/simgad/ Frame 996B 71 KB
71 KB 58ms
51ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5433795835586566919?sqp=uqWu0g0ICOgHEOgHQEg&rs=AOga4qlrzW2HsadlsXEHokJ1Q6rYh6puiw&w=100&h=100

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e34b7da1840ce783b956d557b469c44e07bfc91b67088e0715fc2ae2a50b9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 04:28:07 GMT
x-content-type-options: nosniff
age: 152488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73156
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 16:12:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 04:28:07 GMT

GET
H3 200 7760373316898847047
tpc.googlesyndication.com/simgad/ Frame 996B 66 KB
66 KB 54ms
48ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7760373316898847047?sqp=uqWu0g0ICOgHEOgHQEg&rs=AOga4qmC-spzukjEQjSuh1W1p0kYBvaaXw&w=100&h=100

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74ae75f2a0b5bfeb97eda530c9edcc70313b2b094a9ca644d364b6b5152cfef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:07:01 GMT
x-content-type-options: nosniff
age: 391354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67260
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 16:41:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jun 2024 10:07:01 GMT

GET
H3 200 14075283559930644556
tpc.googlesyndication.com/simgad/ Frame 996B 197 KB
198 KB 62ms
55ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14075283559930644556?sqp=uqWu0g0ICOgHEOgHQEg&rs=AOga4qlYDxqXYsIteu2mvPVgsnNQdCcr-w&w=100&h=100

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6da539f07c3d8cc7223365f1b263e0f4c4fd087648d245ce26b82a95c8d0574f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 22:14:16 GMT
x-content-type-options: nosniff
age: 434119
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 202199
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 16:12:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Jun 2024 22:14:16 GMT

GET
H3 200 10892542480552537375
tpc.googlesyndication.com/simgad/ Frame 996B 67 KB
67 KB 52ms
46ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10892542480552537375?sqp=uqWu0g0ICOgHEOgHQEg&rs=AOga4qkFwXBndbmTGDYTOicV3v404Evrpg&w=100&h=100

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df150d79798d66ff674d883d61686b8f05c6a4a1a577db593be6ea6958e0f14e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 08:14:07 GMT
x-content-type-options: nosniff
age: 398128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68469
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 16:12:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jun 2024 08:14:07 GMT

GET
H3 200 12684656577525410966
tpc.googlesyndication.com/simgad/ Frame 996B 100 KB
100 KB 54ms
48ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12684656577525410966?sqp=uqWu0g0ICOgHEOgHQEg&rs=AOga4qm-oUOSy8Siuv4XHeNu_2nrdnYytQ&w=100&h=100

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7b0d40cf51e81dd002a6c80ea4dbbc30233e3db9b64f4a7ea3cc697f84787d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 21:19:13 GMT
x-content-type-options: nosniff
age: 178222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102116
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 16:12:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Jun 2024 21:19:13 GMT

GET
H3 200 4799855484137655530
tpc.googlesyndication.com/simgad/ Frame 996B 96 KB
96 KB 62ms
56ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4799855484137655530?sqp=uqWu0g0ICOgHEOgHQEg&rs=AOga4qkWDIvWiY9DlJfNTxnIo0hCrkcL5Q&w=100&h=100

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87043a5c58ea9bb13cadca622b6e15c0308e580c628deef94c560ed885481777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 08:14:22 GMT
x-content-type-options: nosniff
age: 138913
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98360
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 16:41:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 08:14:22 GMT

GET
H3 200 location_map_preview_80x80.png
googleads.g.doubleclick.net/pagead/images/ Frame 996B 4 KB
4 KB 19ms
13ms Image
image/png 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/location_map_preview_80x80.png

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f4e942b89543c917fca335351a2bd1d968c5415f04b2054d01348bed12dd644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 18:04:43 GMT
x-content-type-options: nosniff
server: cafe
age: 17092
etag: 208617018205852857
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4410
x-xss-protection: 0
expires: Mon, 26 Jun 2023 18:04:43 GMT

GET
H3 200 directions_googblue_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 996B 448 B
472 B 25ms
20ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/directions_googblue_24dp.png

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3254b0c4685110561aece33f604a07923b63e4dfd91ea9bd691a65ca85455691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 09:46:03 GMT
x-content-type-options: nosniff
age: 133412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 448
x-xss-protection: 0
last-modified: Wed, 27 Jul 2022 20:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 23 Jun 2024 09:46:03 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame AAA1 39 KB
39 KB 78ms
20ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSJuGPanCkyiJfQb646uSfg2mmQqWrZP6oCiu-thgaJJ0ZPdncyHc86VU-BUw&usqp=CAI

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d64bacb8e64c89a9a6a53a577c6e6160a32284997086031d7e4ff6d1530c143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 22:20:11 GMT
x-content-type-options: nosniff
age: 433765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39778
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 08:40:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 19 Jun 2024 22:20:11 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame AAA1 12 KB
13 KB 77ms
19ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRFOvM_bvz4Txh_KE4UfHFGmLzersoNx8BvCFn-TPw-GGZ1xS_mmvURfc4oBis&usqp=CAI

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adf637a791dd199225960a143ab19bbaa3ad803cd2893d5f3bff3a5e7f0594c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 22:05:14 GMT
x-content-type-options: nosniff
age: 521062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12376
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 09:03:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 18 Jun 2024 22:05:14 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame AAA1 24 KB
24 KB 77ms
20ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSyIQCeg9PatqVe1jat5grL2nXmjlS-y6GHuXVQDXitbfmyavr0Ptu2UxV05Vg&usqp=CAI

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94190abd8e1637609b95ed3d56617defab97a7d0e91b29c07215c375e8cf7fd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 22:05:13 GMT
x-content-type-options: nosniff
age: 521063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24482
x-xss-protection: 0
last-modified: Sun, 16 Oct 2022 20:49:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 18 Jun 2024 22:05:13 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame AAA1 19 KB
19 KB 100ms
43ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRpzlRbhSGtn17Ej-8ZI_35oyMwwBc5LLq0gGzi3IxPAcHFGOo7USaGYGHyIdA&usqp=CAI

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe603a462731c86402f907607b6ee2a6674f0ebeb1a1a3ebc79c89fb327cad4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 22:05:17 GMT
x-content-type-options: nosniff
age: 521059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19592
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 02:42:10 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 18 Jun 2024 22:05:17 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame AAA1 21 KB
21 KB 79ms
23ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcToBO0OalLWMsCcTQ5_RsJXdDaNpXpJPKUKWQz0l3DsIJr-u6dqQ1Tgxp5Ydqs&usqp=CAI

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45f7962e7f9373e784ae65ffd3db85ee40a6d669fcabfe7cc8fed1cee57928e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 06:23:10 GMT
x-content-type-options: nosniff
age: 145586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21556
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 11:37:36 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 23 Jun 2024 06:23:10 GMT

GET
H3

200

288935350077081929
tpc.googlesyndication.com/simgad/ Frame AAA1
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDXka3jswEQoAsY6AIyCEX_xPwlOMZw
https://tpc.googlesyndication.com/simgad/288935350077081929

89 KB
89 KB

16ms
16ms

Image
image/jpeg

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/288935350077081929

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de33c2f61b55cd9016acde7f717bdaacdf9bf6913202e05a109a567db6a67a8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 22:01:43 GMT
x-content-type-options: nosniff
age: 434873
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91411
x-xss-protection: 0
last-modified: Mon, 25 Jan 2021 15:07:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Jun 2024 22:01:43 GMT

Redirect headers

date: Sun, 25 Jun 2023 22:06:35 GMT
x-content-type-options: nosniff
server: cafe
age: 2580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/288935350077081929
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Jul 2023 22:06:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B0B2 8 KB
750 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Jun 2023 22:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 21:10:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame B0B2 15 KB
3 KB 17ms
11ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 05:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 495809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2883
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 05:06:06 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame B0B2 371 KB
127 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130330
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 16:50:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame B0B2 19 KB
8 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:19:38 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B0B2 24 KB
6 KB 19ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 384404
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 20 Jun 2024 12:02:51 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 942C 107 B
122 B 24ms
21ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 61F9 0
16 B 100ms
100ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733375694&bpp=8&bdt=252&idt=290&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&nras=1&correlator=6233626849654&frm=8&ife=1&pv=2&ga_vid=1185053461.1687733376&ga_sid=1687733376&ga_hid=1280661681&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=331233372&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075473%2C44788442%2C44794790%2C21065725&oid=2&pvsid=2002279294703575&tmod=1969052952&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.1rgabpvfvbjd&fsb=1&dtd=304

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CA00 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06d8f6a8f4c933e532841e7e518b4b9aee6865c77e915055f02b1f4a2fc11651

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 996B 0
0 60ms
60ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CwhuXf8SYZIqrDsSUgAecnpawCrX5h4Nxjr-WwNgRk6Sy0esBEAEgwLKCa2CV-vCBjAegAaW0hM4DyAEJqQI2xPCRH0eyPuACAKgDAcgDSKoE5AFP0K5126_aheWbO2uFGSfkRlZW918x3Sm8hSDA4rRl6i3TtoUNsLPl1FHUtzSqTY28Od5ml3_8fZQa32XSVjgUJSVMqp_c1M18FidFHBS7NoyhmSJRkR0rfEAMXN0sfS_XdTxDXASxc0DrExJLZoquGOqdxEHVSmsBUIAWYICJ2GOdmcSSxWGjAlRkW_Hht-H_EsznIV8mnyKH7K9WPan3QL3CVGSu-wDJTFu3E-muzrUjCjQUmWufF-fxtSNTZ_O652OBvuyyQ7UPU06jw4qKgA-sOaJcH1KLbgNpbUHRCZJ8v4jABNii0bTEBOAEAZIFBAgEGAGSBQQIBRgEoAYugAftnahxqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEOyVAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgPICwGYDJe6-dG4BKIMCCoGCgTDsLECuBOlBNgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=CP1H1U384dM&uach_m=[UACH]&cid=CAQSbQBygQiDDLQkMpGweyUDZmKUgCOK7TWG9fbLjamwSdUEXWQqzaw4YCL-VgQYR73jYif_r4rQa5cdlGW0xEtpZn96M4Ru6mqKMS9-afL9EtvA45EtrfwmhcPTZ_7XPjQUyP3zcD4cfK9K6rxlgxgYAQ&template_id=549
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 6363a944e4b0125bde9e6739
ng.virgul.com/tck/imp/ Frame 96E7 0
210 B 49ms
48ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/imp/6363a944e4b0125bde9e6739?g=1&t=cpc_annotation&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1687733374904&userId=vnet1dfca4b5-094e-4446-aa45-ceb1aa82778f
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 25 Jun 2023 22:49:36 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
DATA 200
OK truncated
/ Frame 996B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0dfc54594423d966acd9818c9f917e9a09f0ae101d9d05e13a7bc9e3455a2d25

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9094 32 KB
13 KB 223ms
223ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733375702&bpp=2&bdt=259&idt=363&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6233626849654&frm=8&ife=1&pv=1&ga_vid=1185053461.1687733376&ga_sid=1687733376&ga_hid=1280661681&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=331233372&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075473%2C44788442%2C44794790%2C21065725&oid=2&pvsid=2002279294703575&tmod=1969052952&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ziegm06hzmjm&fsb=1&dtd=372

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd6e01f64a5f7bf74ca6382669abb62026e97b345f1998af768a301dbdd1322e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13787
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2FDD 0
0 53ms
53ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssS5JpzH1nGz5HWJSvhPY_CnXCmpSQx9p28Yt5j6bAXvNRcCTKfpaDJqeUbiE2fndUlrdbW5r85fT6NHCuST61yemY1gjMUDdM00TdqFr6sAFq18K29v23JKbBBEt3gmWx7_msW8_LmHiksfEcmVegNCnGUFkpiwbkB5RKWaUhLefGruu9aR5cj1-Ib7pZy7fFckt2a7smAMefvCcvuAeUnNMLBiMh9iMvLHOPBlXw07Foy1Zaputpyc-pJf1zeD3MibBQBuLiAZP9jV7bycegs2aGaZDyx5r2KpKaHprh_VCsq0WEgCAz-C18ah2zyad4SJ0M7_4f6LxKnCyADsDD5D9zeuFzJXBIZtCD&sai=AMfl-YRH3rLFq25MPEx1Ft2uvPpvC1gViMCxbn0ffaTIe3quaA0wglxQqijrSOlOslZ2t68FiPJXY0ogfIAvx9H8qLPaDmGcUmIkHduks2UONugoygiasc7i8DN1knLBXofvM_xv5mGpPeh--VB3VZ09aYrMlrQFUbZR9E8k5c6919dWBfDsnTVDqnd05Nwm6uvz&sig=Cg0ArKJSzH4i_IDBi8e9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A6D5 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK request.php Show response
hal900020.redintelligence.net/ Frame 15EA 3 KB
2 KB 123ms
78ms Script
application/x-javascript 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=b8e3875d5f&subid=&uid=f8c5033981ecf19a&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dnoo4LrfJu6Mt6pWws45cgg%26exch_seat%3D20035004448%26mt_aid%3D8744734283808820687%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D68636498-c47f-4b01-a490-96e3c2712748%26mt_cid%3D68636498-c47f-4b01-a490-96e3c2712748%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCaMgKf8SYZKONFpS1gQey17nIAs-HjptcwIbZgsYCwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwHIAwKqBPoBT9CVEajPlqO_hqtKCzNd-Yssi9CDePVAX7UYmbrD087e8m7icjuW9kU-gt0dS8g7beGrnmvygCCRLZOFShVopgBKuhcmVWIDgGy9g0XTgtMvf_gdDWRuZkgzg7hDmuhe66yKZYIc1_afKFh0yDkfaFlCVJAC6VcPpktR_8UonvpHJtXU5JZ7rVgictlrr2E0Evp-FKnM_ZEm2JVbY38CYmLws49-_ugwDMCSVc2LJn1Iy_tn4XDUT5tbA_xI4E4Kqkm9W5BRGvQFfXqDnH0hWo23uSxyjuZpIhSXjhF4MIG_9ewNtRqqt8vfugvGQuND2MKvupp2jgRmcOAEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tigI5K8n-xO19YlNpEd4aYOErpA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2F9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=9969099491062&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=8744734283808820687&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dnoo4LrfJu6Mt6pWws45cgg%26exch_seat%3D20035004448%26mt_aid%3D8744734283808820687%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D68636498-c47f-4b01-a490-96e3c2712748%26mt_cid%3D68636498-c47f-4b01-a490-96e3c2712748%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCaMgKf8SYZKONFpS1gQey17nIAs-HjptcwIbZgsYCwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwHIAwKqBPoBT9CVEajPlqO_hqtKCzNd-Yssi9CDePVAX7UYmbrD087e8m7icjuW9kU-gt0dS8g7beGrnmvygCCRLZOFShVopgBKuhcmVWIDgGy9g0XTgtMvf_gdDWRuZkgzg7hDmuhe66yKZYIc1_afKFh0yDkfaFlCVJAC6VcPpktR_8UonvpHJtXU5JZ7rVgictlrr2E0Evp-FKnM_ZEm2JVbY38CYmLws49-_ugwDMCSVc2LJn1Iy_tn4XDUT5tbA_xI4E4Kqkm9W5BRGvQFfXqDnH0hWo23uSxyjuZpIhSXjhF4MIG_9ewNtRqqt8vfugvGQuND2MKvupp2jgRmcOAEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tigI5K8n-xO19YlNpEd4aYOErpA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: 0cd3e20f32b0003a0426feba240180eb286ceebd0ba48bcfdb7b3f2b45eb2a09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Jun 2023 22:49:36 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 20054700002822800951389012367020
Connection: close
Content-Length: 1146
Expires: Sun, 25 Jun 2023 23:49:36 +0200

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 89EE 39 KB
39 KB 17ms
13ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSJuGPanCkyiJfQb646uSfg2mmQqWrZP6oCiu-thgaJJ0ZPdncyHc86VU-BUw&usqp=CAI

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d64bacb8e64c89a9a6a53a577c6e6160a32284997086031d7e4ff6d1530c143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 22:20:11 GMT
x-content-type-options: nosniff
age: 433765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39778
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 08:40:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 19 Jun 2024 22:20:11 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 89EE 12 KB
12 KB 17ms
13ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRFOvM_bvz4Txh_KE4UfHFGmLzersoNx8BvCFn-TPw-GGZ1xS_mmvURfc4oBis&usqp=CAI

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adf637a791dd199225960a143ab19bbaa3ad803cd2893d5f3bff3a5e7f0594c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 22:05:14 GMT
x-content-type-options: nosniff
age: 521062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12376
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 09:03:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 18 Jun 2024 22:05:14 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 89EE 24 KB
24 KB 17ms
13ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSyIQCeg9PatqVe1jat5grL2nXmjlS-y6GHuXVQDXitbfmyavr0Ptu2UxV05Vg&usqp=CAI

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94190abd8e1637609b95ed3d56617defab97a7d0e91b29c07215c375e8cf7fd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 22:05:13 GMT
x-content-type-options: nosniff
age: 521063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24482
x-xss-protection: 0
last-modified: Sun, 16 Oct 2022 20:49:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 18 Jun 2024 22:05:13 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 89EE 19 KB
19 KB 23ms
20ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRpzlRbhSGtn17Ej-8ZI_35oyMwwBc5LLq0gGzi3IxPAcHFGOo7USaGYGHyIdA&usqp=CAI

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe603a462731c86402f907607b6ee2a6674f0ebeb1a1a3ebc79c89fb327cad4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 22:05:17 GMT
x-content-type-options: nosniff
age: 521059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19592
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 02:42:10 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 18 Jun 2024 22:05:17 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 89EE 17 KB
17 KB 22ms
19ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQfAJOHoAHLClFzE_JQjvsJUCleVhCaDk2qWtUbXMT2Ff2rJ_fcxPPmibTjYA&usqp=CAI

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

103633794a55ca326620203b8c516474932ed6f2585db98aae19458b648e9e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 23:24:41 GMT
x-content-type-options: nosniff
age: 170695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17210
x-xss-protection: 0
last-modified: Sun, 23 Oct 2022 18:07:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 22 Jun 2024 23:24:41 GMT

GET
H3

200

288935350077081929
tpc.googlesyndication.com/simgad/ Frame 89EE
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDXka3jswEQoAsY6AIyCEX_xPwlOMZw
https://tpc.googlesyndication.com/simgad/288935350077081929

89 KB
89 KB

13ms
13ms

Image
image/jpeg

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/288935350077081929

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de33c2f61b55cd9016acde7f717bdaacdf9bf6913202e05a109a567db6a67a8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 22:01:43 GMT
x-content-type-options: nosniff
age: 434873
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91411
x-xss-protection: 0
last-modified: Mon, 25 Jan 2021 15:07:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Jun 2024 22:01:43 GMT

Redirect headers

date: Sun, 25 Jun 2023 22:06:35 GMT
x-content-type-options: nosniff
server: cafe
age: 2581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/288935350077081929
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Jul 2023 22:06:35 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 89EE 0
0 59ms
57ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CohrEf8SYZIj6FZSVgAfn0pmoDca4_IZku7qQpIwJuZqqz9kgEAEgwLKCa2CVmv6BlAegAaTc-ssDyAEJqQI2xPCRH0eyPuACAKgDAcgDywSqBNwBT9BfNVxn_cgWpO4YIsIaeHiKwwEMS-6qGM4oWU8UHzIzMs3mMm6HkDnft7XsiHiqb1JX38FwtyJW4YTwvnpnu3lDUemHHVVjMUnKwz-zP-jqze79cICzFS1o3rfwJc7bKXb_4W5eW439aFDSY955RrrOpT4ASOjgV3nl1KxxyERdLuBBjjOHho3-CH1sdLtK0rCMmmacN-Pzn-KE4STQHWVkEx4Wi0bDGrl-MTxWxpJP0XtI0AFeTkwkWDEWqFCVze2_mbuw58qYex8qyzV-Je7743A31wMGzVV_isAEhPzH_EXgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxKOFNKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDu3ALSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsB2BMCiBQG0BUBmBYBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt&sigh=0nkfUMq06IM&uach_m=[UACH]&cid=CAQSOwBygQiDkm2Cgy_8SwzcL6yzJfu3XwYnTbQYAMTUpST_FBZVM9lSOsi5VjQ0Ayue-5nd98C1rifmI318GAE&template_id=494
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/ Frame 2FDD 345 KB
119 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com&bust=31075511

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ff8200b5eae6b894e48e320b778d8066a942f00fab78157f655870f5dbc9833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121299
x-xss-protection: 0
server: cafe
etag: 8136129729657515800
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 22:49:36 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 4324 3 KB
4 KB 47ms
17ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2220
x-guploader-uploadid: ADPycduTog6A2JPifmWwDYui9vUCCU5W1ZNEVFDzlBRMT9l9xNdgptaa0KpBuLLbjaWfVX7sXot7cGI-Oc2HEQNQ3r-JUA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTpYzWmqR8hGU12XApJjWtS1C29eLddo5PO%2FNLaFDyUcpZ2x5xLnH1%2FnBPpTCn6BDFI8qu9BJpf5%2Ft8MXlYlVSBkTUwtIMdM970okL84UsMA%2BMWNmq5xdqma7kip%2BboH4XuH2iwcq8WY5PyLEbHCQMeD"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7dd0c3c17a3c9bbe-FRA
expires: Sun, 25 Jun 2023 22:39:40 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6006 35 B
465 B 47ms
9ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJs6Di2GCrxnMc48NBRJMaY&google_cver=1&google_push=ATf1kGOSBANwMBA3HiU8O9fbMzF-IjYmomfpOQoFxNvtMvo__-b755lvMQx9rsYuUTq_4Jkr8gMYkGGeHStMmv5FwF-2T90uJgIKmA

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 6006 43 B
415 B 178ms
175ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEGyNibBCLKljLFBRoEPH3WI&google_cver=1&google_push=ATf1kGO7jrzzJarRtaNu3Jv0_n7GmN-o-9SjHbPfC2Wh9xcjFQ1FQRp4mPccqk-xCobKhs-lRmsnX2Nn_As6KPvTJP8Yp9sW9slZEg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO7jrzzJarRtaNu3Jv0_n7GmN-o-9SjHbPfC2Wh9xcjFQ1FQRp4mPccqk-xCobKhs-lRmsnX2Nn_As6KPvTJP8Yp9sW9slZEg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7dd0c3c14abf2bdf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6006
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECR-WQMklHe-Ya9_a3JfJag&google_cver=1&google_push=ATf1kGNhdsEFExd4I_gaTE-z7LY2Ah-Xn5SRB3atrvltrw86_5QA08ZaHCOG3VFgZBd8Tnmyyp1hRIJb9X1Ial...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0ODc1OTY1NDI5MjcxNTY3MQ%3D%3D&google_push=ATf1kGNhdsEFExd4I_gaTE-z7LY2Ah-Xn5SRB3atrvltrw86_5QA08ZaHCOG3VFgZBd8Tnmyyp1hRIJb9X1IalCGMw...

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0ODc1OTY1NDI5MjcxNTY3MQ%3D%3D&google_push=ATf1kGNhdsEFExd4I_gaTE-z7LY2Ah-Xn5SRB3atrvltrw86_5QA08ZaHCOG3VFgZBd8Tnmyyp1hRIJb9X1IalCGMwDLcvAQwFnySQ

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0ODc1OTY1NDI5MjcxNTY3MQ%3D%3D&google_push=ATf1kGNhdsEFExd4I_gaTE-z7LY2Ah-Xn5SRB3atrvltrw86_5QA08ZaHCOG3VFgZBd8Tnmyyp1hRIJb9X1IalCGMwDLcvAQwFnySQ
Date: Sun, 25 Jun 2023 22:49:36 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

google_sync_status
x.bidswitch.net/ Frame 6006
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEM9HrT_r3dN1sjaqIrQyO7g&google_cver=1&google_push=ATf1kGPvwhK6ut0wIuddzwi0q-fUL7cKi7TwVKOzWFhPnEN3VALROwz7hJQhUKJjaUsfuJTHC1nxXE6jYu_xU77zJr2T...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEM9HrT_r3dN1sjaqIrQyO7g&google_cver=1&google_push=ATf1kGPvwhK6ut0wIuddzwi0q-fUL7cKi7TwVKOzWFhPnEN3VALROwz7hJQhUKJjaUsfuJTHC1nxXE6jYu_xU7...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=93cc0099-1606-4ceb-a988-a5c3f8ad7864&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=nWSENe8WS4WbR7hKMOv9bA==
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEM9HrT_r3dN1sjaqIrQyO7g&google_cver=1

43 B
146 B

16ms
14ms

Image
image/gif

3.70.92.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEM9HrT_r3dN1sjaqIrQyO7g&google_cver=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Server: 3.70.92.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-92-75.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEM9HrT_r3dN1sjaqIrQyO7g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6006
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFG42ZCEWCJ5lTA6G2eJII0&google_cver=1&google_push=ATf1kGMRcL-3yWwf07U-_VmMr_xN09LD-_1GByQT8Sh8sEHA3T_wvJ-xV3cuMUCqOFwh802fJPSWNAcL-F8sakQG...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMRcL-3yWwf07U-_VmMr_xN09LD-_1GByQT8Sh8sEHA3T_wvJ-xV3cuMUCqOFwh802fJPSWNAcL-F8sakQGXOTFOEGGcai4YQ

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMRcL-3yWwf07U-_VmMr_xN09LD-_1GByQT8Sh8sEHA3T_wvJ-xV3cuMUCqOFwh802fJPSWNAcL-F8sakQGXOTFOEGGcai4YQ

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 25 Jun 2023 22:49:36 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMRcL-3yWwf07U-_VmMr_xN09LD-_1GByQT8Sh8sEHA3T_wvJ-xV3cuMUCqOFwh802fJPSWNAcL-F8sakQGXOTFOEGGcai4YQ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: -kpywYoJwJC4X66qJ5OmzZuHxOGJA5snBmkdPHo2Ct2QYpQbiwHLkg==

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58281/ Frame 6006 0
126 B 52ms
11ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEI2d0Fe9v4K2aHEVsMMSqqg&google_cver=1&google_push=ATf1kGNiils5nOjHZmZtkEoyk0K02pbkFsl5ICTb0R-y4_gObSvunzejA-n20Jo3Vxf751kiSjYPfuejL5UP1C5F6GBk6HiXpMqL8A

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

report
sync.teads.tv/um/ Frame 6006
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFQgJOmSply3GNSNtyurEKE&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGO51Dly12nVpmXHN6lYWhHJhUbp0vFvLwnJW3t5_TmXieNmT7nDTRgisOhIfme93r8I8LPbMrD4nWls-H9jtoZ0skjkJaM6yjg
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
165 B

31ms
31ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sun, 25 Jun 2023 22:49:36 GMT
pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6006 0
12 B 24ms
23ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I8Tns_KYPdmzpLCyoct93Uuqg0EWrNUfwhXDMCJ5tGW9tdePJCa9FCur331WNXNLNL3gg1h9U

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 28B3 143 B
166 B 14ms
13ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:16:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4E30 1 KB
643 B 15ms
13ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Mon, 26 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 996B 33 KB
33 KB 55ms
18ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2Cbold

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 445219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 19:09:17 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjwUvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 996B 19 KB
20 KB 50ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjwUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2Cbold

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08d75b5efe81a77e5662b604db053d1d0ff9e0d8e9625d480543e1c5b68afb49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:20:32 GMT
x-content-type-options: nosniff
age: 444544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19700
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 19:20:32 GMT

GET
DATA 200
OK truncated
/ Frame A6D5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a7bb4a7dc1ca20c6fd785951a0e6881e83b8a10555bfc5b389c80ba72d236a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2FDD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef89cf8be9babf5adc16097b5e2f7648c36bb75ae2da31b5323b121e5b483abb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7E2F 1 KB
643 B 13ms
13ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Mon, 26 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 frame.html Show response
ad4m.at/ Frame ED2B 2 KB
1 KB 17ms
16ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1481101
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7dd0c3c1f96d1e6a-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 25 Jun 2023 22:49:36 GMT
expires: Thu, 08 Jun 2023 00:41:56 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aBEKHOkHW9Y5NQ0wILD%2FjJnBufsbXNTvDVbDy3KSoHu0GpcOje1tFwFwgaWdS3xQQ4bSmb%2B%2BBgQCOamTtLr2DKLYlUwR9z%2B8VkhsUETdEIBSh4fxlK0836MKmR9tuCuP9AsUto%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A6D5 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoRCAEqDWJhbm5lci1ub2xvZ28KCggCKgZzZXJ2ZXIKMQgEKi1teXNpZGlhX2FuYWx5dGljc19leHAyLG15c2lkaWFfcmVsZWFzZV9jYW5hcnkKDRArIQAAAAAAgFFAMAQKDRADIQAAAGhm5n9AMAQKDRAKIQAAAAAAAB5AMAQKDRANIQAAAAAAAAAAMAQKDBAeKgY5NzZ4OTAwBAoMEBkqBjk3Nng5MDAECg0QDiEAAAAAAAAAADAECg0QBCEAAADOzDSAQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAABUQDAECg0QBSEAAACamTWAQDAEEhpDUFNCd3VMQTNfOENGWXdGNEFvZFdQZ0o3USINdGV4dC9tYWNhd192MygD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d6eaa537eaca368d0ffdeded54ff1f36.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 89EE 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d31269b170b66c0893aabc6c7543e3391b73c67c8a5f47a99e4928baa021e2ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AAA1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e586a5a904fb4b87361c72262143f394cb513dab2bc1ece1a230a686def3505

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame B0B2 0
235 B 1080ms
375ms Ping
image/gif 2404:6800:4009:82d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ljc0vjm1&c=169839974646&slotId=84919987323&qqid=CNSyz-LA3_8CFQhY4Aodv-kF-A&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82d::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B0B2 15 KB
16 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 107121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 17:04:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B0B2 15 KB
15 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 155949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 03:30:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B0B2 0
20 B 48ms
48ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cn57af8SYZJT3I4iwgQe_05fAD8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBBakCNsTwkR9Hsj7gAgCoAwHIAwKqBPcBT9DggTC7kEtrEMbJR5wUiGy3R-s6KJd6GTMxeRQTnH_Wr9y3tCNAMiObLyTkW8NEP0xIrP_xmCYaxB-1aLtI4H_VaawEzmrkz8YUXQezDrsBJZFluWGM_GSUi5gamDu-I03jzjgAxnWsELvSi7Pl2HWLnws4PsiZClVdy8MZOQHDJgX3E1-ImvS6HzmVwkF4zQQR_ibA6h0DuFeVPLweMYrPDrqVeCx6IIofhvatew9OnpabH2_PEqrJ92I8dAvenl3YUJIEs--BiZOyWrobJ3skwULDY_zCb2zi57fDbtpJVkUE-WuteTN3N__gSnGgLL7lZq1uW-AEAYAG5dCu8Jq8u4hQoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB&eventType=clickstring&clientTime=1687733376359&ai=Cn57af8SYZJT3I4iwgQe_05fAD8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBBakCNsTwkR9Hsj7gAgCoAwHIAwKqBPcBT9DggTC7kEtrEMbJR5wUiGy3R-s6KJd6GTMxeRQTnH_Wr9y3tCNAMiObLyTkW8NEP0xIrP_xmCYaxB-1aLtI4H_VaawEzmrkz8YUXQezDrsBJZFluWGM_GSUi5gamDu-I03jzjgAxnWsELvSi7Pl2HWLnws4PsiZClVdy8MZOQHDJgX3E1-ImvS6HzmVwkF4zQQR_ibA6h0DuFeVPLweMYrPDrqVeCx6IIofhvatew9OnpabH2_PEqrJ92I8dAvenl3YUJIEs--BiZOyWrobJ3skwULDY_zCb2zi57fDbtpJVkUE-WuteTN3N__gSnGgLL7lZq1uW-AEAYAG5dCu8Jq8u4hQoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B0B2 0
55 B 1062ms
376ms Ping
image/gif 2404:6800:4009:82d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ljc0vjop&c=169839974646&slotId=84919987323&qqid=CNSyz-LA3_8CFQhY4Aodv-kF-A&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.x7&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82d::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast.php Show response
ads.eu.criteo.com/delivery/r/0.1/ Frame B0B2 12 KB
7 KB 74ms
20ms XHR
text/xml 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/0.1/vast.php?z=ZJjEfwAI-5QK4FgIAAXpv9nvW_ggQJsPuaNShA&u=%7CDjmdgZYzfDobbutWxVYfihQ6c2ZvLg5j66KjwM9mIiA%3D%7C&c1=s9Ouqadr9PNjmdWEvnIhCeON5eq0Yfy817nyR0B5GwZXgYWXwbmDe9kpYSMilCDwZHTqTSHU28qPS699-x6-pdPmHC8ESfc6jWDFBEINRxVFWXLtQft7xikDu2-fx8kH-gxvO8_lwhUM9unlZM9SKy_z1rCAQJ0cjQk3uZBE6USzzpcE-40tYwq3_xguY9KNwh3oE7HkdVR2QUvFFy7X8DQ9czd1qWI4XPmUUCB0R7TBXhOGWXwbfh1PQn6vRhEuYtGDgxd2oEfJ5GRFZwf3LVSL9Z2-lAcLou8jd7lAC78K4fY5jZrACdSJCir2-2jLbrH5DYZA-KLEDYjayYGe-Y55fAoTbYrteWpYHK7EJx8wS3NPIhOBVg2-dJKQJXOhlVavlC_ra2V6vP-ran0xc7rT-kIFdrdKDha6u1WJCnepfATgJPeTxaUtn0zzZhn-LSjqlQodbUMbNGTuq-HrAUumMZyNjSY0dEXa8H5U5D_Yxp8J4eDuAlSnJAYygUQerLnqBOyfXOEBhDut8vy79ugZ05PLbxnZSopx8M7BSo_papjmVhILWIYl3NA609TxsML8tzWJUOM5tCcI678PZ7XsMRU9Zz6z-FNFA-J6xqC0drJLkA7eZosayauKczihKFf5dyafgEU&ct0=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn57af8SYZJT3I4iwgQe_05fAD8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBBakCNsTwkR9Hsj7gAgCoAwHIAwKqBPcBT9DggTC7kEtrEMbJR5wUiGy3R-s6KJd6GTMxeRQTnH_Wr9y3tCNAMiObLyTkW8NEP0xIrP_xmCYaxB-1aLtI4H_VaawEzmrkz8YUXQezDrsBJZFluWGM_GSUi5gamDu-I03jzjgAxnWsELvSi7Pl2HWLnws4PsiZClVdy8MZOQHDJgX3E1-ImvS6HzmVwkF4zQQR_ibA6h0DuFeVPLweMYrPDrqVeCx6IIofhvatew9OnpabH2_PEqrJ92I8dAvenl3YUJIEs--BiZOyWrobJ3skwULDY_zCb2zi57fDbtpJVkUE-WuteTN3N__gSnGgLL7lZq1uW-AEAYAG5dCu8Jq8u4hQoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dmNG_ZTauihQOdUDkAFrSwU1MiA%26client%3Dca-pub-7983651257838282%26adurl%3D

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bb8669fe8be7ece861db10641722bf450eb2531c334c8c9effcaf36e042d4ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2959378
pragma: no-cache
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/xml
access-control-allow-origin: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 9094 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733375702&bpp=2&bdt=259&idt=363&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6233626849654&frm=8&ife=1&pv=1&ga_vid=1185053461.1687733376&ga_sid=1687733376&ga_hid=1280661681&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=331233372&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075473%2C44788442%2C44794790%2C21065725&oid=2&pvsid=2002279294703575&tmod=1969052952&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ziegm06hzmjm&fsb=1&dtd=372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:48:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 9094 19 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:19:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9094 0
0 24ms
22ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQH-BDpqtYYibDy5N-A3wl2sehNn57iu85FAhS5XOMdofsxNmryfmFKbA_1O1zXmqCNt40g9ozsgJmwQW_wFHwg7IufvA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733375702&bpp=2&bdt=259&idt=363&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6233626849654&frm=8&ife=1&pv=1&ga_vid=1185053461.1687733376&ga_sid=1687733376&ga_hid=1280661681&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=331233372&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075473%2C44788442%2C44794790%2C21065725&oid=2&pvsid=2002279294703575&tmod=1969052952&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ziegm06hzmjm&fsb=1&dtd=372
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9094 179 KB
56 KB 37ms
34ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jun 2023 22:49:36 GMT

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 2A39 0
366 B 150ms
80ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=20054700002822800951389012367020&t=htlp&gdpr=1&consent=1&gdpr_consent=li

Requested by

Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=b8e3875d5f&subid=&uid=f8c5033981ecf19a&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dnoo4LrfJu6Mt6pWws45cgg%26exch_seat%3D20035004448%26mt_aid%3D8744734283808820687%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D68636498-c47f-4b01-a490-96e3c2712748%26mt_cid%3D68636498-c47f-4b01-a490-96e3c2712748%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCaMgKf8SYZKONFpS1gQey17nIAs-HjptcwIbZgsYCwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwHIAwKqBPoBT9CVEajPlqO_hqtKCzNd-Yssi9CDePVAX7UYmbrD087e8m7icjuW9kU-gt0dS8g7beGrnmvygCCRLZOFShVopgBKuhcmVWIDgGy9g0XTgtMvf_gdDWRuZkgzg7hDmuhe66yKZYIc1_afKFh0yDkfaFlCVJAC6VcPpktR_8UonvpHJtXU5JZ7rVgictlrr2E0Evp-FKnM_ZEm2JVbY38CYmLws49-_ugwDMCSVc2LJn1Iy_tn4XDUT5tbA_xI4E4Kqkm9W5BRGvQFfXqDnH0hWo23uSxyjuZpIhSXjhF4MIG_9ewNtRqqt8vfugvGQuND2MKvupp2jgRmcOAEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tigI5K8n-xO19YlNpEd4aYOErpA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2F9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=9969099491062&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 0
Content-Type: application/javascript; charset=utf-8
Date: Sun, 25 Jun 2023 22:49:36 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: B2A2D186:9B86_91EFC182:01BB_6498C480_3E405A2:1ECFE

GET
H2 200 / Show response
adv.office-partner.de/ Frame 7321 930 B
932 B 136ms
84ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=b8e3875d5f&subid=&uid=f8c5033981ecf19a&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dnoo4LrfJu6Mt6pWws45cgg%26exch_seat%3D20035004448%26mt_aid%3D8744734283808820687%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D68636498-c47f-4b01-a490-96e3c2712748%26mt_cid%3D68636498-c47f-4b01-a490-96e3c2712748%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCaMgKf8SYZKONFpS1gQey17nIAs-HjptcwIbZgsYCwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwHIAwKqBPoBT9CVEajPlqO_hqtKCzNd-Yssi9CDePVAX7UYmbrD087e8m7icjuW9kU-gt0dS8g7beGrnmvygCCRLZOFShVopgBKuhcmVWIDgGy9g0XTgtMvf_gdDWRuZkgzg7hDmuhe66yKZYIc1_afKFh0yDkfaFlCVJAC6VcPpktR_8UonvpHJtXU5JZ7rVgictlrr2E0Evp-FKnM_ZEm2JVbY38CYmLws49-_ugwDMCSVc2LJn1Iy_tn4XDUT5tbA_xI4E4Kqkm9W5BRGvQFfXqDnH0hWo23uSxyjuZpIhSXjhF4MIG_9ewNtRqqt8vfugvGQuND2MKvupp2jgRmcOAEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tigI5K8n-xO19YlNpEd4aYOErpA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2F9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=9969099491062&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 25 Jun 2023 22:49:36 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 02 Jul 2023 22:49:36 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

htlp Show response
futalis.de/ Frame 1765
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=20054700002822800951389012367020&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2818805775

350 B
401 B

48ms
12ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2818805775
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=b8e3875d5f&subid=&uid=f8c5033981ecf19a&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dnoo4LrfJu6Mt6pWws45cgg%26exch_seat%3D20035004448%26mt_aid%3D8744734283808820687%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D68636498-c47f-4b01-a490-96e3c2712748%26mt_cid%3D68636498-c47f-4b01-a490-96e3c2712748%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCaMgKf8SYZKONFpS1gQey17nIAs-HjptcwIbZgsYCwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwHIAwKqBPoBT9CVEajPlqO_hqtKCzNd-Yssi9CDePVAX7UYmbrD087e8m7icjuW9kU-gt0dS8g7beGrnmvygCCRLZOFShVopgBKuhcmVWIDgGy9g0XTgtMvf_gdDWRuZkgzg7hDmuhe66yKZYIc1_afKFh0yDkfaFlCVJAC6VcPpktR_8UonvpHJtXU5JZ7rVgictlrr2E0Evp-FKnM_ZEm2JVbY38CYmLws49-_ugwDMCSVc2LJn1Iy_tn4XDUT5tbA_xI4E4Kqkm9W5BRGvQFfXqDnH0hWo23uSxyjuZpIhSXjhF4MIG_9ewNtRqqt8vfugvGQuND2MKvupp2jgRmcOAEAYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0tigI5K8n-xO19YlNpEd4aYOErpA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2F9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=9969099491062&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 25 Jun 2023 22:49:36 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2818805775
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 15EA 0
366 B 149ms
80ms Script
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=20054700002822800951389012367020&t=htlp&gdpr=1&consent=1&gdpr_consent=li

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 22:49:36 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B2A2D186:9B88_91EFC182:01BB_6498C480_3E405A3:1ECFE
X-IPLB-Instance: 40028
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 15EA 43 B
382 B 165ms
93ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=20054700002822800951389012367020&t=htlp&gdpr=1&consent=1&gdpr_consent=li

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 22:49:36 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B2A2D186:9B8A_91EFC182:01BB_6498C480_3E3BCCC:1ECFC
X-IPLB-Instance: 40028
Content-Type: image/gif
Keep-Alive: timeout=20
Content-Length: 43
Proxy-Host: pv.medialead.de

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame A6D5 33 KB
33 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 445219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 19:09:17 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B0B2 0
0 56ms
56ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COO55f8SYZJT3I4iwgQe_05fAD8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBBakCNsTwkR9Hsj7gAgCoAwGqBPQBT9DggTC7kEtrEMbJR5wUiGy3R-s6KJd6GTMxeRQTnH_Wr9y3tCNAMiObLyTkW8NEP0xIrP_xmCYaxB-1aLtI4H_VaawEzmrkz8YUXQezDrsBJZFluWGM_GSUi5gamDu-I03jzjgAxnWsELvSi7Pl2HWLnws4PsiZClVdy8MZOQHDJgX3E1-ImvS6HzmVwkF4zQQR_ibA6h0DuFeVPLweMYrPDrqVeCx6IIofhvatew9OnpabH2_PEqrJ92I8dAvenl3YUJIEs--BiZOyWrpZJVq2Rs1fcENee88y2hE7Z85D4E8q4ekZsQ7RxUD-Zmklhjr22eAEAYAG5dCu8Jq8u4hQoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=lXIC47EyRrs&uach_m=[UACH]&cid=CAQSbQBygQiD2ZottWNVc4KbSHoxczckmYZc5gg0v70d-e1enau3ilFgEg7YlRGUlnubr5ooIHU-28_mG9FaYhCyn_0NrB5s74fag-fMeZvulauhPt2vJRr_xm2o7uUz6gGNKt2jxoUDotziZiOLswoYAQ&vt=10
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 89EE 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d6eaa537eaca368d0ffdeded54ff1f36.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9094 0
0 60ms
57ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CS01_gMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoErgFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3MsSsmGK5m2o1-l1yU6jlAOMRBX1IvHASYy2v4TsGRuad7_4IxpWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY1OTM1MjMyMTAwMTAxNTQYAA&sigh=OgunSEMrfqU&uach_m=[UACH]&cid=CAQSKQBygQiD80tuU58AU1vHJbxuIOlPGEJ-04-jIkrbRV4EWrPmh50Z6TgIGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733375702&bpp=2&bdt=259&idt=363&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6233626849654&frm=8&ife=1&pv=1&ga_vid=1185053461.1687733376&ga_sid=1687733376&ga_hid=1280661681&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=331233372&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075473%2C44788442%2C44794790%2C21065725&oid=2&pvsid=2002279294703575&tmod=1969052952&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ziegm06hzmjm&fsb=1&dtd=372
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 25 Jun 2023 22:49:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 9094 0
0 22ms
19ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g9yjby316t1yta20a5zn2dn2rsrqkq93892q1dnq2hfzerh3jtgcdkmtc8gry4rdm7mp14v7eb2953x4fpn29x5v5nb01jtqt3zcmhedg64xbpns1n04hrx421k99mt1jz9f4b2dscgea1se0yt9hbwrykgzhj9fbmznb8t6a1730rzakmt1zjne8pm7nah3q4spq362346vk6b1jpz8jw7v8mnjx4xk1ms2ckpbh0p26w74rv29w7hq3j4dqzn3kym70nwxz0jeqphv2v0cqjeq03b2ed3qwn07ryyxzrae73nntm18m5sad6kpzsqm0x6pq0wvw8pvtvyz9fh786bzts3jg6mmqshva6vd2q71arq97dzmwzmsrrwy3rfb957nr3jk349hm8&b=ZJjEgAAB5KwDogdLAA44EFL20Nu79Ppm8BLX0Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733375702&bpp=2&bdt=259&idt=363&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6233626849654&frm=8&ife=1&pv=1&ga_vid=1185053461.1687733376&ga_sid=1687733376&ga_hid=1280661681&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=331233372&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075473%2C44788442%2C44794790%2C21065725&oid=2&pvsid=2002279294703575&tmod=1969052952&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ziegm06hzmjm&fsb=1&dtd=372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 25 Jun 2023 22:49:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 5602 2 KB
2 KB 29ms
27ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kessmg29hxxy8zzv2a3py1zrpn08redf2z2rb00za4r165rmbfmg8a5hnw8zq2khsqdjyf6ysdpqtgxnphz3f2ya9n87dm02bdgh1yf5m6embw7xzzs6g7cbtk0nvvhzv5mchjrgf4fvtdhsbyyrjejsx28n7e0mk277xgjwdzn8eq4es5gnpb0qv59cnfap7xfwycfwjz10qqx2h3eb22xwd7svxvtv6m1q89xwwcy9wc1790wryye5tsmjv0a5gq5agap943gq428xzy770mckr9yy773nb789rtcmxp7yf5e555bghsn9z44cef265yjj2vm0wfwnd4eqkefghyqbpcxm1tt22851rnnkc128cq4tt913eb50b056c4gpmcx5r5rjbe0ad9syyfzpdbwqjxc20j7qqnx2q274qfjw1w76hdyh3tm0gj0c180t3bkwqwy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%26client%3Dca-pub-6593523210010154%26adurl%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a3f37468d71e7d2fefb26323e83b62d15c24ed3f07aea31c9ac14ee54ef6b7f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7dd0c3c2fa6a1e6a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:36 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3A6F 1 KB
643 B 20ms
13ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Mon, 26 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame CF70 37 KB
14 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 16:26:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jun 2024 16:26:16 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AAA1 0
0 59ms
59ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ch6Ctf8SYZIuLFtT8gQfSmYSQBca4_IZku7qQpIwJuZqqz9kgEAEgwLKCa2CVmv6BlAegAaTc-ssDyAEJqQI2xPCRH0eyPuACAKgDAcgDywSqBNwBT9A9dN14lyMbm5oFT4I1J5OXTCYwRyXeEWD_qis2RURK-pkwQJbqCGuprR1gPG4LOb03ekYB3JHwS-3yRBLt-8QM17pbddRCdVCjj0L5A2diKUFYcPi0wjDaVpJnQkGurYuB84ViDQGoa1hotWHwNh7o2K-NbphxpdhXXcARmS_76hv2sxg3y9Ut6gZCQm27Q5-ETbWYY3wbYFSLaWMlb1xYhXHlg8AYRtgNob4xLRKSy9XMnkMhzL8mHoayY6tjah8wCvQ_Zgbu_1Hs_cKZohLljosDwqv8aPHwOsAEhPzH_EXgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxKOFNKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBC3jgPSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsBogwIKgYKBMOwsQLYEwKIFAbQFQGYFgGAFwGyFx4KHAgAEhRwdWItNjU5MzUyMzIxMDAxMDE1NBjqwW0&sigh=Cl3bMXfl6a0&uach_m=[UACH]&cid=CAQSOwBygQiDrb-ncVmy63xfIAfZ9LtWKaAw-e-VDiH2VMIfLKyWOQ5D0xfOL2xZ_MstTfwMw2AD2Gl8fCTOGAE&template_id=494&cbvp=2&vis=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4E30
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHRtZMAj62KyyqCD-c3NuA8&google_cver=1&google_push=ATf1kGM3RLakt8DQKyjL_EvT61Pl8XwtaoGs9Arhde8YVSGSnVGHpSinKguFoyq5PvSo4Yc43d6vxM0wCqJmWD_FzsRQ97dz7Cn0OQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQ1Njk3OTc1MzQ4MjkxNjY0OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP4riLJ9AUYCPvAJRhg5Kl0&google_cver=1

43 B
398 B

56ms
24ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP4riLJ9AUYCPvAJRhg5Kl0&google_cver=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP4riLJ9AUYCPvAJRhg5Kl0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E30
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOkvEGeEQ75Bi8x-bAYo3mY&google_push=ATf1kGOEuLBk6lNUQviohqyJHcmZ9503ZLyOnAvo1Sua5uyj_CNElu1Vof...

170 B
188 B

24ms
23ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOkvEGeEQ75Bi8x-bAYo3mY&google_push=ATf1kGOEuLBk6lNUQviohqyJHcmZ9503ZLyOnAvo1Sua5uyj_CNElu1VofL7CNbVqsuLn7L5IsCXyogKPCB5NjUoi5i9ANBA2t0OmQ

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230053-FRA
pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1687733377.543723,VS0,VE90
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOkvEGeEQ75Bi8x-bAYo3mY&google_push=ATf1kGOEuLBk6lNUQviohqyJHcmZ9503ZLyOnAvo1Sua5uyj_CNElu1VofL7CNbVqsuLn7L5IsCXyogKPCB5NjUoi5i9ANBA2t0OmQ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E30
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEFzCwBY-rKP1UJyJG4dG6pA&google_cver=1&google_push=ATf1kGPThbRegaMqWcjUoc8WRIS9Yhi6MxxhKHKuV6GBPdd9GGTC_QgvUBGwrb5Hq9PPp6JTPoMyjPjLa-9KakfExsi5IwQuTFZP
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DF47DFD2FE5411289D6C968097DF179&google_push=ATf1kGPThbRegaMqWcjUoc8WRIS9Yhi6MxxhKHKuV6GBPdd9GGTC_QgvUBGwrb5Hq9PPp6JTPoMyjPjLa-9Kakf...

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DF47DFD2FE5411289D6C968097DF179&google_push=ATf1kGPThbRegaMqWcjUoc8WRIS9Yhi6MxxhKHKuV6GBPdd9GGTC_QgvUBGwrb5Hq9PPp6JTPoMyjPjLa-9KakfExsi5IwQuTFZP

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 25 Jun 2023 22:49:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DF47DFD2FE5411289D6C968097DF179&google_push=ATf1kGPThbRegaMqWcjUoc8WRIS9Yhi6MxxhKHKuV6GBPdd9GGTC_QgvUBGwrb5Hq9PPp6JTPoMyjPjLa-9KakfExsi5IwQuTFZP
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 24 Jun 2023 22:49:36 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E30
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENSx03lOt4ErQNl_GooHKqQ&google_cver=1&google_push=ATf1kGNZptCSDpjV625H30K4Dpt_HbU0aP1b7aTzToruYIfPMrwhzObQCtS6MyZu7CjTAFm57holZkkec83M5ona...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNZptCSDpjV625H30K4Dpt_HbU0aP1b7aTzToruYIfPMrwhzObQCtS6MyZu7CjTAFm57holZkkec83M5onaqtA9ki54oqlHNQ

170 B
188 B

23ms
23ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNZptCSDpjV625H30K4Dpt_HbU0aP1b7aTzToruYIfPMrwhzObQCtS6MyZu7CjTAFm57holZkkec83M5onaqtA9ki54oqlHNQ

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 25 Jun 2023 22:49:36 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNZptCSDpjV625H30K4Dpt_HbU0aP1b7aTzToruYIfPMrwhzObQCtS6MyZu7CjTAFm57holZkkec83M5onaqtA9ki54oqlHNQ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: UPyRHbFeGV2P1m-srWNGcHiYfI3VwooR6lIBEZARQ9vwPSdvRqmhvA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E30
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEL5WBaCMZnbZDKAZ3traY4Q&google_cver=1&google_push=ATf1kGPdlnO5e9gwzlk2GhO88nxekXBvaOAAhC5GJkkC-BhG5eqYpXoJ5enL26LeAM6TXb6Fi7D6r0aVQd0L...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPdlnO5e9gwzlk2GhO88nxekXBvaOAAhC5GJkkC-BhG5eqYpXoJ5enL26LeAM6TXb6Fi7D6r0aVQd0LKEZXOr_hADhIQrSPqA

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPdlnO5e9gwzlk2GhO88nxekXBvaOAAhC5GJkkC-BhG5eqYpXoJ5enL26LeAM6TXb6Fi7D6r0aVQd0LKEZXOr_hADhIQrSPqA

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPdlnO5e9gwzlk2GhO88nxekXBvaOAAhC5GJkkC-BhG5eqYpXoJ5enL26LeAM6TXb6Fi7D6r0aVQd0LKEZXOr_hADhIQrSPqA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E30
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMTFw6FUKeS3ZUqUYF-FpCo&google_cver=1&google_push=ATf1kGMas8ZKr7PPc9QA5RwPsiz-abPTVwxmbet509UosojrHuYytpxNHr95xXrOazEosulfW72TfMQqpF5HtuIlBVb5i4G2RHl2
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGMas8ZKr7PPc9QA5RwPsiz-abPTVwxmbet509UosojrHuYytpxNHr95xXrOazEosulfW72TfMQqpF5HtuIlBVb5i4G2RHl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM3NjgyMzc3NTg1MDQ4NDkxNDk0&google_push=ATf1kGMas8ZKr7PPc9QA5RwPsiz-abPTVwxmbet509UosojrHuYytpxNHr95xXrO...

170 B
188 B

24ms
23ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM3NjgyMzc3NTg1MDQ4NDkxNDk0&google_push=ATf1kGMas8ZKr7PPc9QA5RwPsiz-abPTVwxmbet509UosojrHuYytpxNHr95xXrOazEosulfW72TfMQqpF5HtuIlBVb5i4G2RHl2

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM3NjgyMzc3NTg1MDQ4NDkxNDk0&google_push=ATf1kGMas8ZKr7PPc9QA5RwPsiz-abPTVwxmbet509UosojrHuYytpxNHr95xXrOazEosulfW72TfMQqpF5HtuIlBVb5i4G2RHl2
date: Sun, 25 Jun 2023 22:49:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58281/ Frame 4E30 0
15 B 16ms
10ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOwU__ysVMC3t8VOdkrMRos&google_cver=1&google_push=ATf1kGPdJy0adO2Vj0EcI7-tF96RP17TzzwudgU_-8J-m0wG07v1wB7nFFPnVltwDr4xZJ4SesDC524ECxSZPlXebXQjFwp3OSE7Wg

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4E30 0
12 B 27ms
22ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KHEnHCm1ADwTAX5mfW31lfPnla9Ip90dKGQ_xesVV2m-f0xzwgZwPxbmKbNCUScHPTjvzEvw

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame B0B2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c72b1c67735919b96e020312fc966fb3228468048e68b105b5a186d9509435c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2FDD 107 B
122 B 22ms
22ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com&bust=31075511

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6BC1 0
16 B 88ms
87ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=2659786642&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733376177&bpp=3&bdt=431&idt=330&shv=r20230620&mjsv=m202306200101&ptt=9&saldr=aa&nras=1&correlator=5495337629142&frm=8&ife=1&pv=2&ga_vid=2091669099.1687733377&ga_sid=1687733377&ga_hid=2006700439&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=100&ifk=3292667763&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075511%2C44788442&oid=2&pvsid=2924831764484956&tmod=1080248799&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.q9tbe8lw5mco&fsb=1&dtd=347

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A6D5 0
0 64ms
63ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CPY2Af8SYZLTGFoyLgAfY8KfoDvDN2Ptt06yhkfsQrfu-lpo4EAEgwLKCa2CV-vCBjAegAbzBveUDyAEGqQI2xPCRH0eyPuACAKgDAcgDywSqBNgBT9DkM4iGBQMEtBzBq-2GnIDkY-iePzi-BG3MDikVEJ689d322lx-VCPa9BjoIWn_jaUEzsy91sZf7nkUJxHU7nXKu6wLC7i9ZHmWdPGLNBjxgL3x0B1OyNAiFOIWi1ymbT8m2uvbeWndrQrF08-33LiQ0H_Cw70ZNkn3fr_dUqFyVZ0gP49dkMOlc6HP8IbvFvyKOekh9iXQ_kZPKSplHfza_h7JkxrWdbn-iEH8V0Hwu5HAhiu9Rzd_8r5caafkTqa5RGuDJbcSDx-xXNRTMQH0KXxdR7KVwATE07PYHeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAesvsIaqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQkpEB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA8gLAdgTDYgUAtAVAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=IAliQLmK3ug&uach_m=[UACH]&cid=CAQSOwBygQiDeF67NMgYLwWsOWP0j2BIqJakc4iB8eLdF9y0OPIJiOecrI-0hpbDI_ZUuVggl8K_BVdJp-IUGAE&template_id=492&cbvp=2&vis=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame B0B2 0
55 B 886ms
376ms Ping
image/gif 2404:6800:4009:82d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ljc0vjp8&c=169839974646&slotId=84919987323&qqid=CNSyz-LA3_8CFQhY4Aodv-kF-A&fb=outstream-lima&vast_v=3.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=15x19&vmfc=1&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82d::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame B0B2 2 KB
1 KB 57ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Jun 2024 22:49:36 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7E2F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELnbhfqIv-AFAGXkOTweKA4&google_cver=1&google_push=ATf1kGNOyQtR1HZjHDRkllcAw_5feiePnnwFui-j9UqkboAmDOrDkHn5fvVBBzZOs0DLRuLWGgN6su34qwrgGz_d...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aGNkmMR_SwGkkJbjwnEnSA&google_push=ATf1kGNOyQtR1HZjHDRkllcAw_5feiePnnwFui-j9UqkboAmDOrDkHn5fvVBBzZOs0DLRuLWGgN6su34qwrgGz_d7W4o-aC6Lg

170 B
188 B

73ms
72ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aGNkmMR_SwGkkJbjwnEnSA&google_push=ATf1kGNOyQtR1HZjHDRkllcAw_5feiePnnwFui-j9UqkboAmDOrDkHn5fvVBBzZOs0DLRuLWGgN6su34qwrgGz_d7W4o-aC6Lg

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 25 Jun 2023 22:49:36 GMT
Server: MT3 1031 59fd23a master pao pao-pixel-x19 config_version:"386"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aGNkmMR_SwGkkJbjwnEnSA&google_push=ATf1kGNOyQtR1HZjHDRkllcAw_5feiePnnwFui-j9UqkboAmDOrDkHn5fvVBBzZOs0DLRuLWGgN6su34qwrgGz_d7W4o-aC6Lg
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 25 Jun 2023 22:49:35 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7E2F
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENR2ABvOJfS5bJCkULkgRMA&google_cver=1&google_push=ATf1kGNjbHtA0BwfeiKGNPUMbjVniZ2jhXmmBtclH1Yub1NVWYkJijHlb1YCRBHfxPH8LspF5VsDBiFT2JRAN0Zn6S4ODRpkoag
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DF47DFD2FE5411289D6C968097DF179&google_push=ATf1kGNjbHtA0BwfeiKGNPUMbjVniZ2jhXmmBtclH1Yub1NVWYkJijHlb1YCRBHfxPH8LspF5VsDBiFT2JRAN0Z...

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DF47DFD2FE5411289D6C968097DF179&google_push=ATf1kGNjbHtA0BwfeiKGNPUMbjVniZ2jhXmmBtclH1Yub1NVWYkJijHlb1YCRBHfxPH8LspF5VsDBiFT2JRAN0Zn6S4ODRpkoag

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 25 Jun 2023 22:49:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DF47DFD2FE5411289D6C968097DF179&google_push=ATf1kGNjbHtA0BwfeiKGNPUMbjVniZ2jhXmmBtclH1Yub1NVWYkJijHlb1YCRBHfxPH8LspF5VsDBiFT2JRAN0Zn6S4ODRpkoag
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 24 Jun 2023 22:49:36 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7E2F
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAeLl_tPkfPo2Ui6g2ygztg&google_cver=1&google_push=ATf1kGMRLclcgRyfhIMTal_B9n25ol4ZrV4ihihSVONLBj_nEs9GkEgXgJAD3MhjypRN6Cb71Ov8iCA-...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAeLl_tPkfPo2Ui6g2ygztg&google_cver=1&google_push=ATf1kGMRLclcgRyfhIMTal_B9n25ol4ZrV4ihihSVONLBj_nEs9GkEgXgJAD3MhjypRN6Cb71Ov...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2OTA1MTUwOTU3NTQyNzAx&google_push=ATf1kGMRLclcgRyfhIMTal_B9n25ol4ZrV4ihihSVONLBj_nEs9GkEgXgJAD3MhjypRN6Cb71Ov8iCA-...

170 B
188 B

73ms
73ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2OTA1MTUwOTU3NTQyNzAx&google_push=ATf1kGMRLclcgRyfhIMTal_B9n25ol4ZrV4ihihSVONLBj_nEs9GkEgXgJAD3MhjypRN6Cb71Ov8iCA-kT1aTkDkeoUEL1ShN38

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2OTA1MTUwOTU3NTQyNzAx&google_push=ATf1kGMRLclcgRyfhIMTal_B9n25ol4ZrV4ihihSVONLBj_nEs9GkEgXgJAD3MhjypRN6Cb71Ov8iCA-kT1aTkDkeoUEL1ShN38
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7E2F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=agKIlDdUQsCUSUiGvFny9Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

26ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=agKIlDdUQsCUSUiGvFny9Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOA1NJeYPjujPa0tiuxBSRDCISi3VB9IBpikX-tYhhagNGx9m3PUI08E8u6yfxgd9YBlBHqvNeaj8yN-10gWlOvOn9415A

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=agKIlDdUQsCUSUiGvFny9Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOA1NJeYPjujPa0tiuxBSRDCISi3VB9IBpikX-tYhhagNGx9m3PUI08E8u6yfxgd9YBlBHqvNeaj8yN-10gWlOvOn9415A
date: Sun, 25 Jun 2023 22:49:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7E2F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFXOT8m4RR-cxA35En1JZSs&google_cver=1&google_push=ATf1kGOoELKjiwRQBdTmcaEMm70H5o8ElJdonpajyXN9bYB6XiQ2q31XOV_O1ILe3KrTKHwjhFo...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpDMFZKVlUtMUgtNlBJTQ==&google_push=ATf1kGOoELKjiwRQBdTmcaEMm70H5o8ElJdonpajyXN9bYB6XiQ2q31XOV_O1ILe3KrTKHwjhFoh2V15a35Krt502hylEcddKWI

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpDMFZKVlUtMUgtNlBJTQ==&google_push=ATf1kGOoELKjiwRQBdTmcaEMm70H5o8ElJdonpajyXN9bYB6XiQ2q31XOV_O1ILe3KrTKHwjhFoh2V15a35Krt502hylEcddKWI

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpDMFZKVlUtMUgtNlBJTQ==&google_push=ATf1kGOoELKjiwRQBdTmcaEMm70H5o8ElJdonpajyXN9bYB6XiQ2q31XOV_O1ILe3KrTKHwjhFoh2V15a35Krt502hylEcddKWI
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7E2F
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGP5Tlh1CGsRAuEMYM3SVUM7snfT2HUv7E3i7Oc6rIEkcOS9luHaXrNJaK4Mgt5XfS0fsCRfshnc9sie4gbuGvdqrDY1Yg&redir=https%3A%2F%2Fcm.g.doublec...
https://sync.targeting.unrulymedia.com/csync/RX-8b50dc60-16c7-4210-9f73-bf7975b9fc7f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGP5Tlh1CGsRAuEMYM3SV...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP5Tlh1CGsRAuEMYM3SVUM7snfT2HUv7E3i7Oc6rIEkcOS9luHaXrNJaK4Mgt5XfS0fsCRfshnc9sie4gbuGvdqrDY1Yg&google_hm=A4tQ3GAWx0IQn3O_eXW5_H8

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP5Tlh1CGsRAuEMYM3SVUM7snfT2HUv7E3i7Oc6rIEkcOS9luHaXrNJaK4Mgt5XfS0fsCRfshnc9sie4gbuGvdqrDY1Yg&google_hm=A4tQ3GAWx0IQn3O_eXW5_H8

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP5Tlh1CGsRAuEMYM3SVUM7snfT2HUv7E3i7Oc6rIEkcOS9luHaXrNJaK4Mgt5XfS0fsCRfshnc9sie4gbuGvdqrDY1Yg&google_hm=A4tQ3GAWx0IQn3O_eXW5_H8
date: Sun, 25 Jun 2023 22:49:36 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX8b50dc6016c742109f73bf7975b9fc7f003
content-type: text/html

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 7E2F 0
75 B 71ms
20ms Image
text/plain 185.86.138.150
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDabpsPbrkWBf8tWlpU0NTw&google_cver=1&google_push=ATf1kGNATh8wu_qxPfpW77Xk-rP9A7ToOZTiPgFXJEi_qmd77uC6bfHyMqyzZDiy-Pf0oot-84l_awV8IGxLK5yDwYlGT0VveA
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:35 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7E2F 0
12 B 23ms
22ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IR-MU5EzZh5_jsDqut6ItmK5mWiUoo2iEsgybjwE2a3ao0SYjBAsuEhyFqdOOm5HEOCCCb

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame 332F 37 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 16:26:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jun 2024 16:26:16 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 28B3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

28ms
27ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:36 GMT
expires: Sun, 25 Jun 2023 22:49:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.42/one-ad/ Frame 5602 106 KB
13 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kessmg29hxxy8zzv2a3py1zrpn08redf2z2rb00za4r165rmbfmg8a5hnw8zq2khsqdjyf6ysdpqtgxnphz3f2ya9n87dm02bdgh1yf5m6embw7xzzs6g7cbtk0nvvhzv5mchjrgf4fvtdhsbyyrjejsx28n7e0mk277xgjwdzn8eq4es5gnpb0qv59cnfap7xfwycfwjz10qqx2h3eb22xwd7svxvtv6m1q89xwwcy9wc1790wryye5tsmjv0a5gq5agap943gq428xzy770mckr9yy773nb789rtcmxp7yf5e555bghsn9z44cef265yjj2vm0wfwnd4eqkefghyqbpcxm1tt22851rnnkc128cq4tt913eb50b056c4gpmcx5r5rjbe0ad9syyfzpdbwqjxc20j7qqnx2q274qfjw1w76hdyh3tm0gj0c180t3bkwqwy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kessmg29hxxy8zzv2a3py1zrpn08redf2z2rb00za4r165rmbfmg8a5hnw8zq2khsqdjyf6ysdpqtgxnphz3f2ya9n87dm02bdgh1yf5m6embw7xzzs6g7cbtk0nvvhzv5mchjrgf4fvtdhsbyyrjejsx28n7e0mk277xgjwdzn8eq4es5gnpb0qv59cnfap7xfwycfwjz10qqx2h3eb22xwd7svxvtv6m1q89xwwcy9wc1790wryye5tsmjv0a5gq5agap943gq428xzy770mckr9yy773nb789rtcmxp7yf5e555bghsn9z44cef265yjj2vm0wfwnd4eqkefghyqbpcxm1tt22851rnnkc128cq4tt913eb50b056c4gpmcx5r5rjbe0ad9syyfzpdbwqjxc20j7qqnx2q274qfjw1w76hdyh3tm0gj0c180t3bkwqwy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%26client%3Dca-pub-6593523210010154%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1686312358
age: 211110
cf-polished: origSize=108907
x-guploader-uploadid: ADPycds4BaPB2cnNKfGCpO0DHbi1YsFTcCTGXC9fJnH_NboEzcGfHcnLXlcIvq2iasQ1ZmCVOJqaFT1yvUfFyfqQRQlEfuWooABE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 09 Jun 2023 12:06:25 GMT
server: cloudflare
etag: W/"913a188acf4937267d989357edafdccf"
vary: Accept-Encoding
x-goog-generation: 1686312385390155
content-type: text/css
x-goog-hash: crc32c=+kWf1Q==, md5=kToYis9JNyZ9mJNX7a/czw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUnbD6YqISKxBI%2FAqJrQVzAs6M6hoUvYDCpx%2FGwKIyjcvyFBP3SOCg7l7ZysprdD1cc1Vrs%2BWF%2B3%2FWpCE8OeXlW5QYHDKsKFxAZ2ja9rqYSDFTYEQvz4jEtFCkQTw4KbcDP5mNM%2Bt0Q%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 108907
cf-ray: 7dd0c3c3ab6b1e6a-FRA
expires: Sun, 25 Jun 2023 23:49:36 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 5602 25 KB
10 KB 32ms
31ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kessmg29hxxy8zzv2a3py1zrpn08redf2z2rb00za4r165rmbfmg8a5hnw8zq2khsqdjyf6ysdpqtgxnphz3f2ya9n87dm02bdgh1yf5m6embw7xzzs6g7cbtk0nvvhzv5mchjrgf4fvtdhsbyyrjejsx28n7e0mk277xgjwdzn8eq4es5gnpb0qv59cnfap7xfwycfwjz10qqx2h3eb22xwd7svxvtv6m1q89xwwcy9wc1790wryye5tsmjv0a5gq5agap943gq428xzy770mckr9yy773nb789rtcmxp7yf5e555bghsn9z44cef265yjj2vm0wfwnd4eqkefghyqbpcxm1tt22851rnnkc128cq4tt913eb50b056c4gpmcx5r5rjbe0ad9syyfzpdbwqjxc20j7qqnx2q274qfjw1w76hdyh3tm0gj0c180t3bkwqwy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 432929
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfIpUohvVW0VgkKNaNZ%2FKignH6sAejnjLht9AR0ySSWHDhZuAzVoP208n6crDfwmd6DLHxfB%2BJt1V6ii%2BZGeoTaK7Oqb8BzNjcdqOZmEy3ozmBGRJ2l4%2BXz9%2BGioyxCpgYkJvD4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7dd0c3c3ab6d1e6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 20 Jun 2023 13:46:18 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D5BB 44 KB
16 KB 236ms
233ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=100&slotname=3173123908&adk=2061921259&adf=3171362771&pi=t.ma~as.3173123908&w=320&fwrn=16&format=320x100&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733376180&bpp=1&bdt=434&idt=424&shv=r20230620&mjsv=m202306200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5495337629142&frm=8&ife=1&pv=1&ga_vid=2091669099.1687733377&ga_sid=1687733377&ga_hid=2006700439&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=100&ifk=3292667763&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075511%2C44788442&oid=2&pvsid=2924831764484956&tmod=1080248799&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.iouiqa6e8hh3&fsb=1&dtd=436

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

071e0b2510018c83fb8f81c44813ab1d38173b4df1d4b30b95e177a181a677ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16131
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A6D5 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoRCAEqDWJhbm5lci1ub2xvZ28KCggCKgZzZXJ2ZXIKMQgEKi1teXNpZGlhX2FuYWx5dGljc19leHAyLG15c2lkaWFfcmVsZWFzZV9jYW5hcnkKDRAQIQAAAAAAEqdAMAQKDRARIQAAAAAgxPBAMAQKDRASIQAAAAAAABxAMAQKDRATIQAAAAAAAAhAMAQKDRAXIQAAAGhmIolAMAQKDRAUIQAAAADAvPNAMAQKDRAVIQAAAAAAACpAMAQKDRAWIQAAAAAAABRAMAQKDRAYIQAAAJqZ7YxAMAQSGkNQU0J3dUxBM184Q0ZZd0Y0QW9kV1BnSjdRIg10ZXh0L21hY2F3X3YzKAM=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d6eaa537eaca368d0ffdeded54ff1f36.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B0B2 0
55 B 818ms
376ms Ping
image/gif 2404:6800:4009:82d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ljc0vju3&c=169839974646&slotId=84919987323&qqid=CNSyz-LA3_8CFQhY4Aodv-kF-A&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=1000&mt=video%2Fmp4&vs=1080x1080&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4&hvmf=false&vms=1&bit=0&hcn=0&met.4=arp_a_e.129~videopreviewvisible.143&umsem=0&ape=1&ple=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82d::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 1765 5 KB
5 KB 11ms
10ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2818805775
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame CEA8 37 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 16:26:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jun 2024 16:26:16 GMT

GET
H2 206 ed2ce3f30f62411a8d88b33f6114edaa_k6_1080x1080_15sec_cta_social_paid_de.mp4
static.criteo.net/design/dt/10758/4758893/ Frame B0B2 18 MB
0 23ms
22ms Media
video/mp4 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/10758/4758893/ed2ce3f30f62411a8d88b33f6114edaa_k6_1080x1080_15sec_cta_social_paid_de.mp4

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 01 Jun 2023 13:46:50 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6478a14a-11c7062"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-18640993/18640994
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 18640994
expires: Wed, 19 Jun 2024 22:49:36 GMT

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame A79A 37 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 16:26:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jun 2024 16:26:16 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B0B2 0
55 B 744ms
377ms Ping
image/gif 2404:6800:4009:82d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~ljc0vjw0&c=169839974646&slotId=84919987323&qqid=CNSyz-LA3_8CFQhY4Aodv-kF-A&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=1000&mt=video%2Fmp4&vs=1080x1080&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fads.eu.criteo.com%252Fdelivery%252Fr%252F0.1%252Fvast.php%253Fz%253DZJjEfwAI-5QK4FgIAAXpv9nvW_ggQJsPuaNShA%2526u%253D%25257CDjmdgZYzfDobbutWxVYfihQ6c2ZvLg5j66KjwM9mIiA%25253D%25257C%2526c1%253Ds9Ouqadr9PNjmdWEvnIhCeON5eq0Yfy817nyR0B5GwZXgYWXwbmDe9kpYSMilCDwZHTqTSHU28qPS699-x6-pdPmHC8ESfc6jWDFBEINRxVFWXLtQft7xikDu2-fx8kH-gxvO8_lwhUM9unlZM9SKy_z1rCAQJ0cjQk3uZBE6USzzpcE-40tYwq3_xguY9KNwh3oE7HkdVR2QUvFFy7X8DQ9czd1qWI4XPmUUCB0R7TBXhOGWXwbfh1PQn6vRhEuYtGDgxd2oEfJ5GRFZwf3LVSL9Z2-lAcLou8jd7lAC78K4fY5jZrACdSJCir2-2jLbrH5DYZA-KLEDYjayYGe-Y55fAoTbYrteWpYHK7EJx8wS3NPIhOBVg2-dJKQJXOhlVavlC_ra2V6vP-ran0xc7rT-kIFdrdKDha6u1WJCnepfATgJPeTxaUtn0zzZhn-LSjqlQodbUMbNGTuq-HrAUumMZyNjSY0dEXa8H5U5D_Yxp8J4eDuAlSnJAYygUQerLnqBOyfXOEBhDut8vy79ugZ05PLbxnZSopx8M7BSo_papjmVhILWIYl3NA609TxsML8tzWJUOM5tCcI678PZ7XsMRU9Zz6z-FNFA-J6xqC0drJLkA7eZosayauKczihKFf5dyafgEU%2526ct0%253Dhttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Faclk%25253Fsa%25253DL%252526ai%25253DCn57af8SYZJT3I4iwgQe_05fAD8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBBakCNsTwkR9Hsj7gAgCoAwHIAwKqBPcBT9DggTC7kEtrEMbJR5wUiGy3R-s6KJd6GTMxeRQTnH_Wr9y3tCNAMiObLyTkW8NEP0xIrP_xmCYaxB-1aLtI4H_VaawEzmrkz8YUXQezDrsBJZFluWGM_GSUi5gamDu-I03jzjgAxnWsELvSi7Pl2HWLnws4PsiZClVdy8MZOQHDJgX3E1-ImvS6HzmVwkF4zQQR_ibA6h0DuFeVPLweMYrPDrqVeCx6IIofhvatew9OnpabH2_PEqrJ92I8dAvenl3YUJIEs--BiZOyWrobJ3skwULDY_zCb2zi57fDbtpJVkUE-WuteTN3N__gSnGgLL7lZq1uW-AEAYAG5dCu8Jq8u4hQoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0dmNG_ZTauihQOdUDkAFrSwU1MiA%252526client%25253Dca-pub-7983651257838282%252526adurl%25253D&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82d::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A6D5 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoRCAEqDWJhbm5lci1ub2xvZ28KCggCKgZzZXJ2ZXIKMQgEKi1teXNpZGlhX2FuYWx5dGljc19leHAyLG15c2lkaWFfcmVsZWFzZV9jYW5hcnkKDRAyIQAAAACgmdk_MAQKDRAzIQAAAACgmdk_MAQKDRA0IQAAAACgmdk_MAQKDRA1IQAAAACgmdk_MAQKDRA2IQAAAACgmdk_MAQKDRA3IQAAAACgmdk_MAQKDRA4IQAAAAA0M_M_MAQKDRA5IQAAAACamS1AMAQKDRA6IQAAAIAzMy9AMAQKDRA7IQAAAGhmFolAMAQKDRA8IQAAAGhmFolAMAQKDRA9IQAAAGhmIolAMAQKDRA-IQAAAJqZgYxAMAQKDRA_IQAAAJqZgYxAMAQKDRBAIQAAAAAADI1AMAQSGkNQU0J3dUxBM184Q0ZZd0Y0QW9kV1BnSjdRIg10ZXh0L21hY2F3X3YzKAM=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d6eaa537eaca368d0ffdeded54ff1f36.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 89EE 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBnRvd2VyMQoKCAIqBnNlcnZlcgoxCAQqLW15c2lkaWFfYW5hbHl0aWNzX2V4cDMsbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQoNEBAhAAAAAAASp0AwBAoNEBEhAAAAANCp8kAwBAoNEBIhAAAAAAAAGEAwBAoNEBMhAAAAAAAAAEAwBAoNEBchAAAANDMziUAwBAoNEBQhAAAAAJDTBEEwBAoNEBUhAAAAAAAAMkAwBAoNEBYhAAAAAAAAJkAwBAoNEBghAAAANDOTjUAwBAoNEDIhAAAAAJqZCUAwBAoNEDMhAAAAAJqZCUAwBAoNEDQhAAAAAJqZCUAwBAoNEDUhAAAAAJqZCUAwBAoNEDYhAAAAAJqZCUAwBAoNEDchAAAAAJqZCUAwBAoNEDghAAAAAM3MFEAwBAoNEDkhAAAAQDMzM0AwBAoNEDohAAAAAAAANUAwBAoNEDshAAAAaGYuiUAwBAoNEDwhAAAAaGYuiUAwBAoNED0hAAAAAAA0iUAwBAoNED4hAAAAmplRjUAwBAoNED8hAAAAaGZSjUAwBAoNEEAhAAAANDPHjUAwBBIaQ01pMXdlTEEzXzhDRlpRSzRBb2RaMmtHMVEiEmdwYS9tYXhpbWFsX3YxX29jaCgM

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d6eaa537eaca368d0ffdeded54ff1f36.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 7321 113 KB
44 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f65fd50c237ec7c056be9935030d62e9ab345ac7e426aaf5bec163746e4453b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44493
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Jun 2023 22:49:36 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3A6F
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP4riLJ9AUYCPvAJRhg5Kl0&google_cver=1&google_push=ATf1kGPNZe0JsiBDfot2FworDSgQ4-ygiwxwGGlsHuyl8kXsXnA0C-BtHUKz1rsNVfeU7NnoJWd9P2m3LbkHd3dvGMjyeJ-AAqEuAg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQ1Njk3OTc1MzQ4MjkxNjY0OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP4riLJ9AUYCPvAJRhg5Kl0&google_cver=1

43 B
398 B

16ms
16ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP4riLJ9AUYCPvAJRhg5Kl0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733375702&bpp=2&bdt=259&idt=363&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6233626849654&frm=8&ife=1&pv=1&ga_vid=1185053461.1687733376&ga_sid=1687733376&ga_hid=1280661681&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=331233372&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075473%2C44788442%2C44794790%2C21065725&oid=2&pvsid=2002279294703575&tmod=1969052952&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ziegm06hzmjm&fsb=1&dtd=372
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP4riLJ9AUYCPvAJRhg5Kl0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 i.match
a.tribalfusion.com/ Frame 3A6F 43 B
620 B 181ms
178ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEGyNibBCLKljLFBRoEPH3WI&google_cver=1&google_push=ATf1kGPiC_m5qFC0IBgXqVXHoTeNoVEIfWCwXOZ1NldRa_qo31FpYti59H5HNvrbUitY2yryVgz2rsS0ttS_azsJFFyX8ZifqtRu&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPiC_m5qFC0IBgXqVXHoTeNoVEIfWCwXOZ1NldRa_qo31FpYti59H5HNvrbUitY2yryVgz2rsS0ttS_azsJFFyX8ZifqtRu%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733375702&bpp=2&bdt=259&idt=363&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6233626849654&frm=8&ife=1&pv=1&ga_vid=1185053461.1687733376&ga_sid=1687733376&ga_hid=1280661681&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=331233372&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075473%2C44788442%2C44794790%2C21065725&oid=2&pvsid=2002279294703575&tmod=1969052952&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ziegm06hzmjm&fsb=1&dtd=372
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7dd0c3c4ddea9104-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 3A6F 0
174 B 77ms
28ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEK0QDaWBlDYErmiZQYo07_I&google_cver=1&google_push=ATf1kGOyq2HlnsVk82qgkn83KG9G_B6Hz-p9PA9Iqm7a1Plr4Yw4e3noI6htpp4usJRdy60UIHWhpYuZzt1x9gdJrv4zHaH0-CM-
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733375702&bpp=2&bdt=259&idt=363&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6233626849654&frm=8&ife=1&pv=1&ga_vid=1185053461.1687733376&ga_sid=1687733376&ga_hid=1280661681&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=331233372&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075473%2C44788442%2C44794790%2C21065725&oid=2&pvsid=2002279294703575&tmod=1969052952&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ziegm06hzmjm&fsb=1&dtd=372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A6F
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEM9HrT_r3dN1sjaqIrQyO7g&google_cver=1&google_push=ATf1kGMAJMQrbTDoGpmmLBjCM837O-z8rIKKSTnLUnwDtS2A4Kv6_Ee-C62Jq5cat5-8nwHdzHjSHhmAnMD7Pj3OAYij...
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433828527557043&expires=30&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMAJMQrbTDoGpmmLBjCM837O-z8rIKKSTnLUnwDtS2A4Kv6_Ee-C62Jq5cat5-8nwHdzHjSHhmAnMD7Pj3OAYijidKj4hsZhA&google_hm=nWSENe8WS4WbR7hKMOv9bA==

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMAJMQrbTDoGpmmLBjCM837O-z8rIKKSTnLUnwDtS2A4Kv6_Ee-C62Jq5cat5-8nwHdzHjSHhmAnMD7Pj3OAYijidKj4hsZhA&google_hm=nWSENe8WS4WbR7hKMOv9bA==

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMAJMQrbTDoGpmmLBjCM837O-z8rIKKSTnLUnwDtS2A4Kv6_Ee-C62Jq5cat5-8nwHdzHjSHhmAnMD7Pj3OAYijidKj4hsZhA&google_hm=nWSENe8WS4WbR7hKMOv9bA==
date: Sun, 25 Jun 2023 22:49:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 3A6F 43 B
363 B 283ms
16ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEB2nbQNF3k0xBABDQEn38k8&google_cver=1&google_push=ATf1kGM-zJpeWnoWzdGLt7u3dv0azY-QLladq7b9EedKz5eh0UH0DQW5LDU5IjWgY6r5_SGBOBlV86GF_IrQcxJFoL4dYpmBlLlTYQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 151325
expires: Sun, 25 Jun 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A6F
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELTkLxa14nXjDvUOl7q5gOg&google_cver=1&google_push=ATf1kGMHcBdLZadYNZ0TSOSgCsSrm-EktE5Zli6fInCt2RtFkGAMjVSVX2VnaLnmW2gthwoHVWeGAy_L...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2OTA1MTUwOTU3NTQyNzAx&google_push=ATf1kGMHcBdLZadYNZ0TSOSgCsSrm-EktE5Zli6fInCt2RtFkGAMjVSVX2VnaLnmW2gthwoHVWeGAy_L...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2OTA1MTUwOTU3NTQyNzAx&google_push=ATf1kGMHcBdLZadYNZ0TSOSgCsSrm-EktE5Zli6fInCt2RtFkGAMjVSVX2VnaLnmW2gthwoHVWeGAy_LhsCsF-wEgfOBd-1e9aHECA

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2OTA1MTUwOTU3NTQyNzAx&google_push=ATf1kGMHcBdLZadYNZ0TSOSgCsSrm-EktE5Zli6fInCt2RtFkGAMjVSVX2VnaLnmW2gthwoHVWeGAy_LhsCsF-wEgfOBd-1e9aHECA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A6F
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMHK-1zImJwOTT3ui_ApX1U&google_cver=1&google_push=ATf1kGNl0hsyHprbjX_gbuIlJsLZBIx91XYoYscRnpJCeg77q4R_S0KaZ5DtjOxkHV_v05fSviAM550BXGNE...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNl0hsyHprbjX_gbuIlJsLZBIx91XYoYscRnpJCeg77q4R_S0KaZ5DtjOxkHV_v05fSviAM550BXGNEk9gRXageVaHIEPTYlg

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNl0hsyHprbjX_gbuIlJsLZBIx91XYoYscRnpJCeg77q4R_S0KaZ5DtjOxkHV_v05fSviAM550BXGNEk9gRXageVaHIEPTYlg

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNl0hsyHprbjX_gbuIlJsLZBIx91XYoYscRnpJCeg77q4R_S0KaZ5DtjOxkHV_v05fSviAM550BXGNEk9gRXageVaHIEPTYlg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3A6F 0
12 B 24ms
22ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KMwSwV9ZUeYoyCSJ1jVfCNlFycgrTzYSF5DhH7PSHyHueLCLjs9QNXHQlD53MCgsGXx4G6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 9094 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 532aca381e108ff78e1f3ecc2f7d5da8aec40ce95e7e86268225be74cfe6bb0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 link.html Show response
track.webgains.com/ Frame 15EA 2 KB
2 KB 399ms
75ms Script
text/html 3.11.176.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=20054700002822800951389012367020&nw=1
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.176.98 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-176-98.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e8227d4866b82bae76754a05c52ac806a3991d596ccca143193b855aace7dcda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
last-modified: Sun, 25 Jun 2023 22:49:37 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 25 Jun 2023 22:50:37 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900020.redintelligence.net/ Frame A731 7 KB
2 KB 300ms
14ms Document
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/request_content.php?s=20054700002822800951389012367020&a=e4dc257c
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: 488ff211f9ef08255e3819c9f17fe2b3304302d9b50d95d5e2c34f357e503d6a

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2073
Content-Type: text/html; charset=utf-8
Date: Sun, 25 Jun 2023 22:49:37 GMT
Expires: Sun, 25 Jun 2023 23:49:37 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 60ED 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Mon, 26 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 15EA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b7217947ed1b02dede4d55614d127b3d7363fd7333579e2dc0568b6610867e3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame 96E7 0
210 B 59ms
52ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1687733374904&userId=vnet1dfca4b5-094e-4446-aa45-ceb1aa82778f
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 25 Jun 2023 22:49:36 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5602 3 KB
3 KB 17ms
17ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2220
x-guploader-uploadid: ADPycduTog6A2JPifmWwDYui9vUCCU5W1ZNEVFDzlBRMT9l9xNdgptaa0KpBuLLbjaWfVX7sXot7cGI-Oc2HEQNQ3r-JUA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHiU5hhSd%2BmNSXq334%2BTi5mNZxiFXxZP%2BnjhHA0k7bUJG4%2Ffy4wiWGqcV1WNdma0pAg655Pcqt1W2C9vqz6E9PQoAEog%2FfaEmOy62MhkQBEO8a5gl%2B22edRWZ7Ad%2BU4qqCcTUQ%2FCc2qtYofB8RojzAQ3"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7dd0c3c5edb89bbe-FRA
expires: Sun, 25 Jun 2023 22:39:40 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 153D 2 KB
2 KB 29ms
29ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jd5q3qv4btm61d8bpx0p37enbf3vm7jp0bq48hy7ckhcf243bdea9q8q3ar8pw6prwb3mh2kber42sye14sn38atpqcmteef1zgbf7srbjtssd0dfjj3kra4x36df6p1jnn29fgy8xr9sq18s9nz3axs5d08f1864sbn2ka228wx868x4ya20a697zp8nsmn5ky1j8fxvwgsj7aqvevnzj5kyp82r4q39h221gkbydcssmpxng7zwyb33w942kgvzt7bmfaf1grkq3bq0sscx704efkj6q0q3jz6nqp1pr7m9vb282h8qy2v6sgvd69dhgdppxtcy4b6zh9aa3jhp4wzk7036hsmhvvmnqndpvngcv7rjz6svct073h214g3tc1d01xhp9f1yyhw1w87yjsh6cjnwmsq2g33xxhw1x1wqw8nb9edezxayncqw79xhv6bcc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeN9ZgMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsgFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWqha-I5V4qUtfDTulXCKavc3UNQzKB-x2bOx9eM5dp89HeIdvJzPVWwqgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09YJvGUkp9hyjOb2SEMeGsYQzv0g%26client%3Dca-pub-6593523210010154%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=100&slotname=3173123908&adk=2061921259&adf=3171362771&pi=t.ma~as.3173123908&w=320&fwrn=16&format=320x100&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733376180&bpp=1&bdt=434&idt=424&shv=r20230620&mjsv=m202306200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5495337629142&frm=8&ife=1&pv=1&ga_vid=2091669099.1687733377&ga_sid=1687733377&ga_hid=2006700439&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=100&ifk=3292667763&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075511%2C44788442&oid=2&pvsid=2924831764484956&tmod=1080248799&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.iouiqa6e8hh3&fsb=1&dtd=436

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06d0cdac88311cef59cc43361e96870b5319e65e7807d6510c49d577270a9bd4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7dd0c3c65de11e6a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:37 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame A956 3 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:48:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7149 1 KB
643 B 16ms
14ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34227
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Mon, 26 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame A956 19 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:19:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A956 0
0 26ms
24ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSdcjG-uNv2Lcuc21lI8A5KP2LBDsXBu9knWZ2eIx48os9rQRR9ScFz_4XyF284_bW8Qo7qgfiQ1NTXN5aGwHb1zkYz_w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=100&slotname=3173123908&adk=2061921259&adf=3171362771&pi=t.ma~as.3173123908&w=320&fwrn=16&format=320x100&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733376180&bpp=1&bdt=434&idt=424&shv=r20230620&mjsv=m202306200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5495337629142&frm=8&ife=1&pv=1&ga_vid=2091669099.1687733377&ga_sid=1687733377&ga_hid=2006700439&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=100&ifk=3292667763&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075511%2C44788442&oid=2&pvsid=2924831764484956&tmod=1080248799&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.iouiqa6e8hh3&fsb=1&dtd=436
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A956 179 KB
56 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jun 2023 22:49:37 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame DAC5 2 KB
1 KB 18ms
18ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1481102
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7dd0c3c66de71e6a-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 25 Jun 2023 22:49:37 GMT
expires: Thu, 08 Jun 2023 00:41:56 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYSvrWuOQL%2FVx9k%2FAzmkZVI1zBu152BIwF6OUgbhVbblzX6zk%2FfHH28NYjbodSYfJjgPduKyKZzPN0aZTonAgqIRzeUKK6MWRb89l3Y6yNz2R9aSYCEKR5jUTaoZ0meqvLM0Dwg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60ED
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECJ_2dDnQhnZMzgW5xr6JGI&google_cver=1&google_push=ATf1kGNCIfGQczIFjiFZ21vzUeU6GTlN8-ch3iT8_QNXVRQp-OV5xi3ksoOxc34jY-M5RrCRiR5SNGnlagFd0mct...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aGNkmMR_SwGkkJbjwnEnSA&google_push=ATf1kGNCIfGQczIFjiFZ21vzUeU6GTlN8-ch3iT8_QNXVRQp-OV5xi3ksoOxc34jY-M5RrCRiR5SNGnlagFd0mctpYMHhIwofsI

170 B
188 B

29ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aGNkmMR_SwGkkJbjwnEnSA&google_push=ATf1kGNCIfGQczIFjiFZ21vzUeU6GTlN8-ch3iT8_QNXVRQp-OV5xi3ksoOxc34jY-M5RrCRiR5SNGnlagFd0mctpYMHhIwofsI

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 25 Jun 2023 22:49:37 GMT
Server: MT3 1031 59fd23a master pao pao-pixel-x26 config_version:"386"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aGNkmMR_SwGkkJbjwnEnSA&google_push=ATf1kGNCIfGQczIFjiFZ21vzUeU6GTlN8-ch3iT8_QNXVRQp-OV5xi3ksoOxc34jY-M5RrCRiR5SNGnlagFd0mctpYMHhIwofsI
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 25 Jun 2023 22:49:36 GMT

GET
H3 200 i.match
a.tribalfusion.com/ Frame 60ED 43 B
620 B 189ms
184ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEL9zvHGbKW1bS8pccVLF4rI&google_cver=1&google_push=ATf1kGNAY5zVIK7xyQYnKMOCf4qMIbDYh-of1rd8lOZq1nR4B0GZN3nCmPcqki2VDttrRlkUG0PL8rS9tsn04UKto4gtxxlRkJzI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNAY5zVIK7xyQYnKMOCf4qMIbDYh-of1rd8lOZq1nR4B0GZN3nCmPcqki2VDttrRlkUG0PL8rS9tsn04UKto4gtxxlRkJzI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7dd0c3c67ede9104-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60ED
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEF4yBrSwxuZ9Syr7__u957A&google_cver=1&google_push=ATf1kGPyvyjIlMTbt6SZ-ssGG7LeeTGQ9IQhSwkrOZEu7a_vcgc-v_p8NVgIdK5hORMWXUASY1zwS6DVzuxI5F_dDTV_prNIzgTi
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DF47DFD2FE5411289D6C968097DF179&google_push=ATf1kGPyvyjIlMTbt6SZ-ssGG7LeeTGQ9IQhSwkrOZEu7a_vcgc-v_p8NVgIdK5hORMWXUASY1zwS6DVzuxI5F_...

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DF47DFD2FE5411289D6C968097DF179&google_push=ATf1kGPyvyjIlMTbt6SZ-ssGG7LeeTGQ9IQhSwkrOZEu7a_vcgc-v_p8NVgIdK5hORMWXUASY1zwS6DVzuxI5F_dDTV_prNIzgTi

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 25 Jun 2023 22:49:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DF47DFD2FE5411289D6C968097DF179&google_push=ATf1kGPyvyjIlMTbt6SZ-ssGG7LeeTGQ9IQhSwkrOZEu7a_vcgc-v_p8NVgIdK5hORMWXUASY1zwS6DVzuxI5F_dDTV_prNIzgTi
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 24 Jun 2023 22:49:37 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60ED
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEEVmQv-KiO4qsNlje5TQhYc&google_cver=1&google_push=ATf1kGNp-y5dU9EUvQOALNwCwSkJdp6RSl-ucXFXCTro4VOW7FsTTOM9mKhUjCedkEPspn199Y6v4uio0E3ktIGYVHnVmjk...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEVmQv-KiO4qsNlje5TQhYc&google_cver=1&google_push=ATf1kGNp-y5dU9EUvQOALNwCwSkJdp6RSl-ucXFXCTro4VOW7FsTTOM9mKhUjCedkEPspn199Y6v4uio0E3ktIGYVHnVm...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNp-y5dU9EUvQOALNwCwSkJdp6RSl-ucXFXCTro4VOW7FsTTOM9mKhUjCedkEPspn199Y6v4uio0E3ktIGYVHnVmjkCrpM

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNp-y5dU9EUvQOALNwCwSkJdp6RSl-ucXFXCTro4VOW7FsTTOM9mKhUjCedkEPspn199Y6v4uio0E3ktIGYVHnVmjkCrpM

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNp-y5dU9EUvQOALNwCwSkJdp6RSl-ucXFXCTro4VOW7FsTTOM9mKhUjCedkEPspn199Y6v4uio0E3ktIGYVHnVmjkCrpM
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 dds
rtb.openx.net/sync/ Frame 60ED 43 B
246 B 87ms
18ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEAUuMGytbcp-CENKyO1ar2Q&google_cver=1&google_push=ATf1kGNChSqDvRF9U_zuiwHCmkh8q7blknH2GSAuAhwOV0Yw9lvE2tXhc_7OXeZY4Il1AP2gzgHssaBzU6vMvljYNs3sd6xC6VU
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60ED
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELF_eElGrTimC-rwwrnQLhY&google_cver=1&google_push=ATf1kGNFMXClmhjxBWOfpcGt76Peuro9jXwT9p8NTQYlgp_kZjGzeNMQ1EPH68oEE4wTA7YvYaCX46z-lpzqTiLL9AmE2-8SH2px
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM3NjgyMzc3NTg1MDQ4NDkxNDk0&google_push=ATf1kGNFMXClmhjxBWOfpcGt76Peuro9jXwT9p8NTQYlgp_kZjGzeNMQ1EPH68oE...

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM3NjgyMzc3NTg1MDQ4NDkxNDk0&google_push=ATf1kGNFMXClmhjxBWOfpcGt76Peuro9jXwT9p8NTQYlgp_kZjGzeNMQ1EPH68oEE4wTA7YvYaCX46z-lpzqTiLL9AmE2-8SH2px

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM3NjgyMzc3NTg1MDQ4NDkxNDk0&google_push=ATf1kGNFMXClmhjxBWOfpcGt76Peuro9jXwT9p8NTQYlgp_kZjGzeNMQ1EPH68oEE4wTA7YvYaCX46z-lpzqTiLL9AmE2-8SH2px
date: Sun, 25 Jun 2023 22:49:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58281/ Frame 60ED 0
39 B 22ms
11ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHWPJZfAVn_jWWlTxDyn3nw&google_cver=1&google_push=ATf1kGOq7RArOk0FjmoUbWYv2vN7f-ND7sWwXMQn-ZLFKsxoIZq7PwT-ZnqXnpE3Sq4Ps86cESjke_tjgvej4kRyfqSPc5nKS8Pe

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 60ED 0
12 B 34ms
26ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KJBxI30LIqNj9cGpU8eVAwN3SfJb15h7sIAxC3-kBmb19FAZGA0iXXjYm-MsF08fh_60kb8g

Requested by

Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 rs Show response
ad4m.at/ Frame 4324 1 KB
2 KB 33ms
31ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad264f14f1c41cb1ce408eda183c7f0efab4cb1f2d2e51a3c8afaa09867f3bf6

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzV7iK%2BMC7dbpzzqbJnMBixq7drmdP4csMNRvkZJ5788Uxav%2B0w0Xo8kWBCEglGZ5z693HcAI2DQJs8cvhpEF9WUzG6R%2FXJgLZEieQ2ib%2BGM%2F5stYJ1Z%2FB8UtfpMr5bk%2BXrnLSw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7dd0c3c6e960917d-FRA
x-backend-server: aa-reachservice-group-europe-west1-400d
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 54ms
39ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7dd0c3c69931917d-FRA
content-length: 24
content-type: text/plain
date: Sun, 25 Jun 2023 22:49:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odkiWgTc%2BW3FpuUznKHpVCWiESkz4gYeB%2BCG4eR0wF4k%2BpcQ3PO%2F1vfB%2FsSFv00TY9G6O1GVPGxm1KCbYqu4NXUoK8ZzONUhUM60%2BFf9aly3GLK0O8%2B%2BQPU1HaO%2FrNl3tyPsF0U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-400d

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.42/one-ad/ Frame 153D 106 KB
13 KB 25ms
24ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jd5q3qv4btm61d8bpx0p37enbf3vm7jp0bq48hy7ckhcf243bdea9q8q3ar8pw6prwb3mh2kber42sye14sn38atpqcmteef1zgbf7srbjtssd0dfjj3kra4x36df6p1jnn29fgy8xr9sq18s9nz3axs5d08f1864sbn2ka228wx868x4ya20a697zp8nsmn5ky1j8fxvwgsj7aqvevnzj5kyp82r4q39h221gkbydcssmpxng7zwyb33w942kgvzt7bmfaf1grkq3bq0sscx704efkj6q0q3jz6nqp1pr7m9vb282h8qy2v6sgvd69dhgdppxtcy4b6zh9aa3jhp4wzk7036hsmhvvmnqndpvngcv7rjz6svct073h214g3tc1d01xhp9f1yyhw1w87yjsh6cjnwmsq2g33xxhw1x1wqw8nb9edezxayncqw79xhv6bcc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeN9ZgMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsgFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWqha-I5V4qUtfDTulXCKavc3UNQzKB-x2bOx9eM5dp89HeIdvJzPVWwqgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09YJvGUkp9hyjOb2SEMeGsYQzv0g%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jd5q3qv4btm61d8bpx0p37enbf3vm7jp0bq48hy7ckhcf243bdea9q8q3ar8pw6prwb3mh2kber42sye14sn38atpqcmteef1zgbf7srbjtssd0dfjj3kra4x36df6p1jnn29fgy8xr9sq18s9nz3axs5d08f1864sbn2ka228wx868x4ya20a697zp8nsmn5ky1j8fxvwgsj7aqvevnzj5kyp82r4q39h221gkbydcssmpxng7zwyb33w942kgvzt7bmfaf1grkq3bq0sscx704efkj6q0q3jz6nqp1pr7m9vb282h8qy2v6sgvd69dhgdppxtcy4b6zh9aa3jhp4wzk7036hsmhvvmnqndpvngcv7rjz6svct073h214g3tc1d01xhp9f1yyhw1w87yjsh6cjnwmsq2g33xxhw1x1wqw8nb9edezxayncqw79xhv6bcc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeN9ZgMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsgFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWqha-I5V4qUtfDTulXCKavc3UNQzKB-x2bOx9eM5dp89HeIdvJzPVWwqgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09YJvGUkp9hyjOb2SEMeGsYQzv0g%26client%3Dca-pub-6593523210010154%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1686312358
age: 211111
cf-polished: origSize=108907
x-guploader-uploadid: ADPycds4BaPB2cnNKfGCpO0DHbi1YsFTcCTGXC9fJnH_NboEzcGfHcnLXlcIvq2iasQ1ZmCVOJqaFT1yvUfFyfqQRQlEfuWooABE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 09 Jun 2023 12:06:25 GMT
server: cloudflare
etag: W/"913a188acf4937267d989357edafdccf"
vary: Accept-Encoding
x-goog-generation: 1686312385390155
content-type: text/css
x-goog-hash: crc32c=+kWf1Q==, md5=kToYis9JNyZ9mJNX7a/czw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaNuQQ9svyS1ZXV2B9H5KanfFhTgsumLP4m7uqNVocuEpOCpOKsXXiHvmn42WHU5tIpjZD2xrm4WAGauqBFkDLxc1z85K0LCOY7PiVW5p4ZWN%2BjbRKwRMJeIj38KKzy6vdKRlyNoFGo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 108907
cf-ray: 7dd0c3c6ae281e6a-FRA
expires: Sun, 25 Jun 2023 23:49:37 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 153D 25 KB
10 KB 24ms
24ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jd5q3qv4btm61d8bpx0p37enbf3vm7jp0bq48hy7ckhcf243bdea9q8q3ar8pw6prwb3mh2kber42sye14sn38atpqcmteef1zgbf7srbjtssd0dfjj3kra4x36df6p1jnn29fgy8xr9sq18s9nz3axs5d08f1864sbn2ka228wx868x4ya20a697zp8nsmn5ky1j8fxvwgsj7aqvevnzj5kyp82r4q39h221gkbydcssmpxng7zwyb33w942kgvzt7bmfaf1grkq3bq0sscx704efkj6q0q3jz6nqp1pr7m9vb282h8qy2v6sgvd69dhgdppxtcy4b6zh9aa3jhp4wzk7036hsmhvvmnqndpvngcv7rjz6svct073h214g3tc1d01xhp9f1yyhw1w87yjsh6cjnwmsq2g33xxhw1x1wqw8nb9edezxayncqw79xhv6bcc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeN9ZgMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsgFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWqha-I5V4qUtfDTulXCKavc3UNQzKB-x2bOx9eM5dp89HeIdvJzPVWwqgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09YJvGUkp9hyjOb2SEMeGsYQzv0g%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 432930
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ti4ETEfCSfIfOmpCAu3W4HPeDkR52yjb95x%2Ftu6zRIHTpQGovbocUvlwug7Xs5Q9ASToFNzXapV1nbBbH2VefGkPYuzXnLh7Y82JC0LcHg4GwOq6CSZtCqQpleX7GVG9NYC9Gy8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7dd0c3c6ae2a1e6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 20 Jun 2023 13:46:18 GMT

GET
DATA 200
OK truncated
/ Frame A956 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7062bbc1bd1c251ef6a695a15890f217eeac5a19cf3f0f024d4a2702980dd2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7149
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPb3qQLJ6JoaxlAddSaHU64&google_cver=1&google_push=ATf1kGO045eldGgHr8qlhwA3DD9X44LU7C9rFWWiQzo-QaBngiielEMLhlEQHHN8GmhcDNcZrbRkp5GRSfaZ2p5B...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aGNkmMR_SwGkkJbjwnEnSA&google_push=ATf1kGO045eldGgHr8qlhwA3DD9X44LU7C9rFWWiQzo-QaBngiielEMLhlEQHHN8GmhcDNcZrbRkp5GRSfaZ2p5BYGK6ncaL...

170 B
188 B

27ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aGNkmMR_SwGkkJbjwnEnSA&google_push=ATf1kGO045eldGgHr8qlhwA3DD9X44LU7C9rFWWiQzo-QaBngiielEMLhlEQHHN8GmhcDNcZrbRkp5GRSfaZ2p5BYGK6ncaLnxDBZE8

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 25 Jun 2023 22:49:37 GMT
Server: MT3 1031 59fd23a master pao pao-pixel-x18 config_version:"386"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=aGNkmMR_SwGkkJbjwnEnSA&google_push=ATf1kGO045eldGgHr8qlhwA3DD9X44LU7C9rFWWiQzo-QaBngiielEMLhlEQHHN8GmhcDNcZrbRkp5GRSfaZ2p5BYGK6ncaLnxDBZE8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 25 Jun 2023 22:49:36 GMT

GET
H3 200 i.match
a.tribalfusion.com/ Frame 7149 43 B
592 B 190ms
188ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEGyNibBCLKljLFBRoEPH3WI&google_cver=1&google_push=ATf1kGMQlXr3BivdnNzO3uxPGkJjpzw7NPeyeIKd_jEpMfE9suYnOjQvd8ZrLOv1EOz922XI8oWPfIKOYZgCXY2cVbLrz8xdV7ngKsFz&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMQlXr3BivdnNzO3uxPGkJjpzw7NPeyeIKd_jEpMfE9suYnOjQvd8ZrLOv1EOz922XI8oWPfIKOYZgCXY2cVbLrz8xdV7ngKsFz%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=100&slotname=3173123908&adk=2061921259&adf=3171362771&pi=t.ma~as.3173123908&w=320&fwrn=16&format=320x100&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733376180&bpp=1&bdt=434&idt=424&shv=r20230620&mjsv=m202306200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5495337629142&frm=8&ife=1&pv=1&ga_vid=2091669099.1687733377&ga_sid=1687733377&ga_hid=2006700439&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=100&ifk=3292667763&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075511%2C44788442&oid=2&pvsid=2924831764484956&tmod=1080248799&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.iouiqa6e8hh3&fsb=1&dtd=436
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7dd0c3c6bef99104-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7149
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFN-tOUtlPROrbV3Q49NLbc&google_cver=1&google_push=ATf1kGMKPKhwgpnztebUAwyeEFXY6Sn_bH4yqskLJpgYpB4O1yEeEg-usFEZ8ADQLn1TMGPiTPpET1qkhkw...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMKPKhwgpnztebUAwyeEFXY6Sn_bH4yqskLJpgYpB4O1yEeEg-usFEZ8ADQLn1TMGPiTPpET1qkhkwjgg9SM52p2vKyA-owB-xw&google_hm=y4HzNuZIR_mGGHwr...

170 B
188 B

39ms
37ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMKPKhwgpnztebUAwyeEFXY6Sn_bH4yqskLJpgYpB4O1yEeEg-usFEZ8ADQLn1TMGPiTPpET1qkhkwjgg9SM52p2vKyA-owB-xw&google_hm=y4HzNuZIR_mGGHwr0yNvx4Y

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMKPKhwgpnztebUAwyeEFXY6Sn_bH4yqskLJpgYpB4O1yEeEg-usFEZ8ADQLn1TMGPiTPpET1qkhkwjgg9SM52p2vKyA-owB-xw&google_hm=y4HzNuZIR_mGGHwr0yNvx4Y
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7149
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEKom52c7I5MMjdCdFJpUEEQ&google_cver=1&google_push=ATf1kGM7IbntRuBs0X4FXCsSHPZpBpazpzzxmhLz-FaRCmwHKt57bqxwx7d-jbagcNQHSQRIovELJbPaV1ZNUHsSw8pAkKeyOLy4fpE
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGM7IbntRuBs0X4FXCsSHPZpBpazpzzxmhLz-FaRCmwHKt57bqxwx7d-jbagcNQHSQRIovELJbPaV1ZNUHsSw8pAkKeyOLy4fpE&google_hm=Q0FFU0VLb201MmM3ST...

170 B
188 B

40ms
38ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGM7IbntRuBs0X4FXCsSHPZpBpazpzzxmhLz-FaRCmwHKt57bqxwx7d-jbagcNQHSQRIovELJbPaV1ZNUHsSw8pAkKeyOLy4fpE&google_hm=Q0FFU0VLb201MmM3STVNTWpkQ2RGSnBVRUVR

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 25 Jun 2023 22:49:37 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGM7IbntRuBs0X4FXCsSHPZpBpazpzzxmhLz-FaRCmwHKt57bqxwx7d-jbagcNQHSQRIovELJbPaV1ZNUHsSw8pAkKeyOLy4fpE&google_hm=Q0FFU0VLb201MmM3STVNTWpkQ2RGSnBVRUVR
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7149
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECR-WQMklHe-Ya9_a3JfJag&google_cver=1&google_push=ATf1kGMKuCONmrpt4FvwM_mwuVXOW5WPon-s34sAvuvVBowPQlyF5M8pyQ2tAr71NdgazjtV7VAeSh76Lxab1J...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0ODc1OTY1NDI5MjcxNTY3MQ%3D%3D&google_push=ATf1kGMKuCONmrpt4FvwM_mwuVXOW5WPon-s34sAvuvVBowPQlyF5M8pyQ2tAr71NdgazjtV7VAeSh76Lxab1J1Q-h...

170 B
188 B

26ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0ODc1OTY1NDI5MjcxNTY3MQ%3D%3D&google_push=ATf1kGMKuCONmrpt4FvwM_mwuVXOW5WPon-s34sAvuvVBowPQlyF5M8pyQ2tAr71NdgazjtV7VAeSh76Lxab1J1Q-heOSmLoAXKSYKk

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0ODc1OTY1NDI5MjcxNTY3MQ%3D%3D&google_push=ATf1kGMKuCONmrpt4FvwM_mwuVXOW5WPon-s34sAvuvVBowPQlyF5M8pyQ2tAr71NdgazjtV7VAeSh76Lxab1J1Q-heOSmLoAXKSYKk
Date: Sun, 25 Jun 2023 22:49:37 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 7149
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEM9HrT_r3dN1sjaqIrQyO7g&google_cver=1&google_push=ATf1kGPEF_yUsO1ReqFGoV7EU5gSqkKk6uWyw9-JHKEA_nKh25IJl3NEoIg96uk1E87foIke1ePHDtly0HEHuQX2KbWq...
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=9d648435-ef16-4b85-9b47-b84a30ebfd6c&ssp=google&gdpr=&gdpr_consent=

42 B
214 B

381ms
328ms

Image
image/gif

34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=9d648435-ef16-4b85-9b47-b84a30ebfd6c&ssp=google&gdpr=&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=100&slotname=3173123908&adk=2061921259&adf=3171362771&pi=t.ma~as.3173123908&w=320&fwrn=16&format=320x100&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733376180&bpp=1&bdt=434&idt=424&shv=r20230620&mjsv=m202306200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5495337629142&frm=8&ife=1&pv=1&ga_vid=2091669099.1687733377&ga_sid=1687733377&ga_hid=2006700439&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=100&ifk=3292667763&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075511%2C44788442&oid=2&pvsid=2924831764484956&tmod=1080248799&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.iouiqa6e8hh3&fsb=1&dtd=436
Protocol: H2
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=9d648435-ef16-4b85-9b47-b84a30ebfd6c&ssp=google&gdpr=&gdpr_consent=
date: Sun, 25 Jun 2023 22:49:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7149
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELTkLxa14nXjDvUOl7q5gOg&google_cver=1&google_push=ATf1kGNboo6P5zIMZPuhwSWhblBzddqaS4r9IydfcRRhW5z_kccF25Bpt_agX7iyI27UwARiIZ3BB6o9...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2OTA1MTUwOTU3NTQyNzAx&google_push=ATf1kGNboo6P5zIMZPuhwSWhblBzddqaS4r9IydfcRRhW5z_kccF25Bpt_agX7iyI27UwARiIZ3BB6o9...

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2OTA1MTUwOTU3NTQyNzAx&google_push=ATf1kGNboo6P5zIMZPuhwSWhblBzddqaS4r9IydfcRRhW5z_kccF25Bpt_agX7iyI27UwARiIZ3BB6o95g_BSqpHOBrqcSKdGgFuSIkW

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2OTA1MTUwOTU3NTQyNzAx&google_push=ATf1kGNboo6P5zIMZPuhwSWhblBzddqaS4r9IydfcRRhW5z_kccF25Bpt_agX7iyI27UwARiIZ3BB6o95g_BSqpHOBrqcSKdGgFuSIkW
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7149 0
12 B 30ms
27ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JEUO2lsHEbzLDSSuBlN422KCtSTcstFFwviYKa9Rn7_GUH6EyW0R019q_o0tUwV0DfLbc_

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 942C 0
0 95ms
63ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWHyADIo010qiBhwVP6lSo8_JIPp0zfYQRBQ97DhVcbcQr4-CX9gjuARTWjz7Cg1JDn5soWxKcyV0pJDNhKB7zT1wnAoweNDTbDBA-CL6X_fwQiiiq5o4F5w5RVkHk1iGV4nmTkBHrl8ZS2Ag0aAr5AgOrZ9gUxk2wnSi8NZz0uvvM2fR54y-dEo_ttjlc0-HcMsa-xsHit6VKD9cwo2D1qGYWIfUVWwZvTN3Naj6dxlgnu4HS1wDL-dwI1Xx0YBEhrYDF3QkButGfOMQE7YhHGU67MCMJokp-3eMtsivyPLC7j4MP-2L-bh5aAiDDLreflLH7d-6gvaDVQIGv1HaS7wu5cdlyiPIDMYRwuz0iVFABrNhZZ33Ov9aG&sai=AMfl-YTibLtYt4_iNnQtMrMW-CbIjTLZCf_pAbHI-DOAP_7o3SfnfHTNcDkq2mg_sJCZWvNnwvCv2ijJo29UprDTz7i2sp-RJ-OCNuWdCFYcGW0&sig=Cg0ArKJSzPhSV9cv8qA9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Jun 2023 22:49:37 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 942C 15 KB
11 KB 37ms
31ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230620&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36de75bd02ce5558320185a0130a692d36881ea372f1c24badaef00e30d4e8f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11308
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame A731 2 KB
434 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=20054700002822800951389012367020&a=e4dc257c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Jun 2023 22:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 22:02:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Jun 2023 22:49:37 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame A731 9 KB
9 KB 74ms
36ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_627x627.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=20054700002822800951389012367020&a=e4dc257c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3e79324060136d56dd5284191d7436cc9cca6c0b267a319dca0068160aaed044

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 22:49:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9325
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame A731 9 KB
9 KB 79ms
24ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=20054700002822800951389012367020&a=e4dc257c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 320c8a90b7645df34d162375610b84f7cc883e134e83dff35170d01ae2545503

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 22:49:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9249
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame A731 7 KB
8 KB 80ms
24ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/627x627.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=20054700002822800951389012367020&a=e4dc257c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e25535cd47b6e4b1c498c704e23e3a1a2f2aa8fcd987a3799232307652ea2dc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 22:49:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7634
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 942C 17 KB
6 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Jun 2023 22:49:37 GMT

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 153D 3 KB
4 KB 22ms
20ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 782
x-guploader-uploadid: ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtaTAiIHlGbrPqGnUeXNMc4UoIzhw3zwL0OKo9OnZikzIq0gDB4iMorRYGX4WbrfmYkgdPYDnnz0eljY0OfiwlaW4ByaPg7813x4dSVhQ2DfZYQP8JDc018iAIRNFYR4N0zEhKWnLSopjSAYmn91gQle"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7dd0c3c72c7e3a7f-FRA
expires: Sun, 25 Jun 2023 23:22:35 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 5BDC 6 KB
4 KB 55ms
51ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14019%2C19456&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGk&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2CxEbfQfAf39VtPHdHztDCRRgc7S6TqkxSBQ&c=468&d=60&e=&g=b38070d33a74ed6c905735402f161859%2F9574666730445966684&i=21596%2C20774&j=16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1687733377116&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jghpvesqkgzvmshcgh6gjft0ecxv106d16kqe8p36vdt4hkgafssbvncsh6gt7t0y4bd1m6pkq1x8yd8fx7rc4s6wf5nn9ygm0ztssmf8589f7681k3nnyp4hc8whvat8j6z2sezj8qc9aa5av77bvr7yx03yr1f5397fmkv540bsbh9gfnp9yag6s58nn6r6dhvnk056gs1f0dr1p2713xrpv0k4mpvd9n364eg5way02wews100v3rtw1w90frw1jea681fvwp06yx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAlUDf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT4AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyJ5ntNTLdqMOm2-nJA-U7MQApouvqTou24wcGTtxuSrB-z6jSUj9nn124AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1hDRV4_vQmv3UHCsKFNhLpYQDgFQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81a70095b3a5fa991379aed542b0c516d474db300a8839fbce87a233e3e628a7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1ktkgcy2c7p2bramrg0yfja4tz9rbtezmt635wgpbzd8ycyj5zyzfpk9amjwmfn4xtcj9f8gbb1njye2v2qd55f0avbt15dzrvz86z2j17qrrfkzxekdx8jp6cscq30jfww8d0jbk0t62sxnz9w7zb44jz5sr7qntgw7qjy2hnrrg3svpay27f2p3jga1tmh637ke7w7bcaz8vntaz7cqspgwrwpz8nfh7k2wth44pcg1phvb4e7be2mnedbtfdqabk7kzdjcywhj22pwvg3av6nyss1kmy8fxsfdqm80gwdtq4kyd46x6r9ed2m4ddsam1dfsag6k7aekeafjf0zk82see13sebhfp7j6zr39hesceg8czjkph23j3757h0aa03s0x836dntqr03mz76d98d14tqe04q6qx6t4c740skfm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAlUDf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT4AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyJ5ntNTLdqMOm2-nJA-U7MQApouvqTou24wcGTtxuSrB-z6jSUj9nn124AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hDRV4_vQmv3UHCsKFNhLpYQDgFQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7dd0c3c75ebe1e6a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:37 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 frame.html Show response
ad4m.at/ Frame C9BC 2 KB
1 KB 43ms
38ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1481102
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7dd0c3c75ec81e6a-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 25 Jun 2023 22:49:37 GMT
expires: Thu, 08 Jun 2023 00:41:56 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzaFw%2F1ha7dlbEDe8PzrSErbZelvkT3YZ%2B0OAmKtfwMLElwAZaPJayochk2RExS9l5rnDJgT1vBPql6Qv4o8g1%2Fq0ld8cH4yz8ttXotVP1khGmPDekpqjHBEVPfb4ZqwcZeFJzQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 5602 1 KB
2 KB 44ms
43ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c589cc9e7b88d8ecd38d0f387a9e064403ff636828500e2271594d3f2a80e6a

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jeNriQXt0iaEwRmU%2FtdJc73EjgAyRLFq4N4CWYZITiCMw8KeA5yyzmYOm8N5SH0nbKEEpYuuId%2ByWUSTYyGdMyWlXpBq4UInxotrDiH0dJEW%2BLd0nMtWkhFDnpRwp2VfJwTvbaM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7dd0c3c7a9e2917d-FRA
x-backend-server: aa-reachservice-group-europe-west1-400d
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 52ms
50ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7dd0c3c759aa917d-FRA
content-length: 24
content-type: text/plain
date: Sun, 25 Jun 2023 22:49:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKA7I%2Fs%2BvPdHI9W0nThfabsWGlDHWzS988%2BlDO23ekf3%2FVMK6dRdlRgis3SwsfBxGrRiE9Q4i6s%2Fnm3501m6SK1HH0dSZHR%2BS0gABfCSZMtUhgTji61%2FErkfroW4KMI5MeYF6pc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-400d

GET
H2 200 vt.php
cat.fr3.eu.criteo.com/delivery/ Frame B0B2 43 B
347 B 74ms
20ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/vt.php?cppv=3&cpp=Uni7u3F1hQ2No5eFSjlwo6mxKDgKSjXU5XRVWegFFj7BM6zidSeMP9IVWzQoVBx0FPB3Y0Lffj24TSHxmFQQAxbEfVCd4EhGAPHpEDn-RIIVj2i4oEj-ke6U_I3IjEsMuFwqaPVuQMM2pBuvBZfEFrbom8DgVyeKVnsGg6u2NYJgSaCdO349xhAQj087YA7X6tS9e-J6MxwOhrqGk_8NQGMbwKtnmEDHVdKNqQiMfXo9Bxf2dTwZOw0vTf0&err=[ERRORCODE]

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 129622
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame B0B2 42 B
64 B 36ms
34ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cn57af8SYZJT3I4iwgQe_05fAD8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBBakCNsTwkR9Hsj7gAgCoAwHIAwKqBPcBT9DggTC7kEtrEMbJR5wUiGy3R-s6KJd6GTMxeRQTnH_Wr9y3tCNAMiObLyTkW8NEP0xIrP_xmCYaxB-1aLtI4H_VaawEzmrkz8YUXQezDrsBJZFluWGM_GSUi5gamDu-I03jzjgAxnWsELvSi7Pl2HWLnws4PsiZClVdy8MZOQHDJgX3E1-ImvS6HzmVwkF4zQQR_ibA6h0DuFeVPLweMYrPDrqVeCx6IIofhvatew9OnpabH2_PEqrJ92I8dAvenl3YUJIEs--BiZOyWrobJ3skwULDY_zCb2zi57fDbtpJVkUE-WuteTN3N__gSnGgLL7lZq1uW-AEAYAG5dCu8Jq8u4hQoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB&sigh=7Z3EDMW1lxM&label=part2viewed&ad_mt=7&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15082%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D184687293%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A1,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1687733377170

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame B0B2 43 B
347 B 77ms
22ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=CcqmTaNkAR5fibcLpTBtIthljDWUwHenJlR9-rNVbAkEz9AVtOr1nU_dAypVjyP6DC4LdV5Weze4pmXzo40h2Ut7rnkAWNhzHXNtX4UQEnEIC7oowCnLedT5EpGqYj3GG6CZdc5iDxgC_y3l0lOr2vfFPGmWyn8olJtci9H7iZBijaw78ZJjIEWXFjjN3jHDDcjj9omJESn7zO8LvfIMcrWxWQ56wB_jLaZG99peDOacTQ1Y_TZik1XinH3dxIfmMLmRmR8-u210aTyrbyOCIRDnYminvZKISA_BDG7-uMmY1SbPFNDCIf4mN9ce6WQ4SXf-kPg2hwWjacIqgvmmKpCA9UF0vkq0FkerGo3ZLo_UgZjTUluJJzU1mBauE-ke-7jt3JXSIe9CT0UVQajs0buLJkgqysrJX-4XZ3dYbQxzrdc-zr2ajmqoH55KDR6PsxWq3A

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2079451
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B0B2 0
0 63ms
60ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsQgAf8SYZJT3I4iwgQe_05fAD8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBBakCNsTwkR9Hsj7gAgCoAwHIAwKqBPQBT9DggTC7kEtrEMbJR5wUiGy3R-s6KJd6GTMxeRQTnH_Wr9y3tCNAMiObLyTkW8NEP0xIrP_xmCYaxB-1aLtI4H_VaawEzmrkz8YUXQezDrsBJZFluWGM_GSUi5gamDu-I03jzjgAxnWsELvSi7Pl2HWLnws4PsiZClVdy8MZOQHDJgX3E1-ImvS6HzmVwkF4zQQR_ibA6h0DuFeVPLweMYrPDrqVeCx6IIofhvatew9OnpabH2_PEqrJ92I8dAvenl3YUJIEs--BiZOyWrpZJVq2Rs1fcENee88y2hE7Z85D4E8q4ekZsQ7RxUD-Zmklhjr22eAEAYAG5dCu8Jq8u4hQoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=JDvzqzTj9oA&uach_m=[UACH]&cid=CAQSbQBygQiD2ZottWNVc4KbSHoxczckmYZc5gg0v70d-e1enau3ilFgEg7YlRGUlnubr5ooIHU-28_mG9FaYhCyn_0NrB5s74fag-fMeZvulauhPt2vJRr_xm2o7uUz6gGNKt2jxoUDotziZiOLswoYAQ
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 google-vast-measurability
csm.eu.criteo.net/ Frame B0B2 43 B
246 B 101ms
34ms Image
image/gif 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://csm.eu.criteo.net/google-vast-measurability?cppv=3&cpp=YMBFcAdR6-vF0BvtJmqtzKl_RKa2gdoGy8qbEOhlwCyaNUMGHkkBgpwXijN4YYlLcjbk9MNbIG_OTtUWTFgcMrig94ViFT5fX1iZ3cNGK52pbge5URMG4wMtMdLmUYqOqNGEZSC_MyQ9LJniWhIxCxet1xZpV8u7F1aepS7t8IY6im44Okv_J5OV-L2NuB79dWFUxttGsUG7kiQOzw5Z-qcuiHIOHuz5xR4AJbXY9T6nPMPCNt5gPSYO36KN0xF7wHRR9g

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B0B2 42 B
64 B 55ms
51ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpiDnVZTug84lItERyIrdvrJS9baQDY8m_CW0V2nyWFy4Qrpgdr1hZHpZtNXD3CCSIKUwPjzXdfdzp4CfhljOSHrY&sig=Cg0ArKJSzB3_OCKmtU28EAE&id=lidarv&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15082%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D184687293%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A1,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1687733377170&avm=1

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame B0B2 42 B
64 B 35ms
32ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cn57af8SYZJT3I4iwgQe_05fAD8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBBakCNsTwkR9Hsj7gAgCoAwHIAwKqBPcBT9DggTC7kEtrEMbJR5wUiGy3R-s6KJd6GTMxeRQTnH_Wr9y3tCNAMiObLyTkW8NEP0xIrP_xmCYaxB-1aLtI4H_VaawEzmrkz8YUXQezDrsBJZFluWGM_GSUi5gamDu-I03jzjgAxnWsELvSi7Pl2HWLnws4PsiZClVdy8MZOQHDJgX3E1-ImvS6HzmVwkF4zQQR_ibA6h0DuFeVPLweMYrPDrqVeCx6IIofhvatew9OnpabH2_PEqrJ92I8dAvenl3YUJIEs--BiZOyWrobJ3skwULDY_zCb2zi57fDbtpJVkUE-WuteTN3N__gSnGgLL7lZq1uW-AEAYAG5dCu8Jq8u4hQoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB&sigh=7Z3EDMW1lxM&label=vast_creativeview&ad_mt=7&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15082%26vmtime%3D6%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D184687293%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A1,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1687733377170

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B0B2 0
55 B 380ms
376ms Ping
image/gif 2404:6800:4009:82d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~ljc0vjxz&c=169839974646&slotId=84919987323&qqid=CNSyz-LA3_8CFQhY4Aodv-kF-A&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=1000&mt=video%2Fmp4&vs=1080x1080&dm=15000&event_name=first_play&asset_bytes=149968&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=6&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1jl~videopreviewstarted.1jm
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:82d::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900020.redintelligence.net/ Frame A731 0
150 B 57ms
17ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/viewability?s=20054700002822800951389012367020&a=474fc1c5&vb=m
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=20054700002822800951389012367020&a=e4dc257c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/request_content.php?s=20054700002822800951389012367020&a=e4dc257c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 22:49:37 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 93DF 13 KB
5 KB 58ms
56ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 113514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 15:17:43 GMT
expires: Sun, 23 Jun 2024 15:17:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 68E9 783 B
535 B 129ms
129ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

65b96da852ea4de883fd2e49b48de5ad2d6c058e6b7c3121af414047235eb0bc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CEMEUR32PnA5t85awDSsFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-CEMEUR32PnA5t85awDSsFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:37 GMT
expires: Sun, 25 Jun 2023 22:49:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.42/one-ad/ Frame 5BDC 106 KB
13 KB 26ms
26ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C19456&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGk&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2CxEbfQfAf39VtPHdHztDCRRgc7S6TqkxSBQ&c=468&d=60&e=&g=b38070d33a74ed6c905735402f161859%2F9574666730445966684&i=21596%2C20774&j=16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1687733377116&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jghpvesqkgzvmshcgh6gjft0ecxv106d16kqe8p36vdt4hkgafssbvncsh6gt7t0y4bd1m6pkq1x8yd8fx7rc4s6wf5nn9ygm0ztssmf8589f7681k3nnyp4hc8whvat8j6z2sezj8qc9aa5av77bvr7yx03yr1f5397fmkv540bsbh9gfnp9yag6s58nn6r6dhvnk056gs1f0dr1p2713xrpv0k4mpvd9n364eg5way02wews100v3rtw1w90frw1jea681fvwp06yx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAlUDf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT4AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyJ5ntNTLdqMOm2-nJA-U7MQApouvqTou24wcGTtxuSrB-z6jSUj9nn124AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1hDRV4_vQmv3UHCsKFNhLpYQDgFQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14019%2C19456&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGk&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2CxEbfQfAf39VtPHdHztDCRRgc7S6TqkxSBQ&c=468&d=60&e=&g=b38070d33a74ed6c905735402f161859%2F9574666730445966684&i=21596%2C20774&j=16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1687733377116&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jghpvesqkgzvmshcgh6gjft0ecxv106d16kqe8p36vdt4hkgafssbvncsh6gt7t0y4bd1m6pkq1x8yd8fx7rc4s6wf5nn9ygm0ztssmf8589f7681k3nnyp4hc8whvat8j6z2sezj8qc9aa5av77bvr7yx03yr1f5397fmkv540bsbh9gfnp9yag6s58nn6r6dhvnk056gs1f0dr1p2713xrpv0k4mpvd9n364eg5way02wews100v3rtw1w90frw1jea681fvwp06yx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAlUDf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT4AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyJ5ntNTLdqMOm2-nJA-U7MQApouvqTou24wcGTtxuSrB-z6jSUj9nn124AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1hDRV4_vQmv3UHCsKFNhLpYQDgFQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1686312358
age: 211111
cf-polished: origSize=108907
x-guploader-uploadid: ADPycds4BaPB2cnNKfGCpO0DHbi1YsFTcCTGXC9fJnH_NboEzcGfHcnLXlcIvq2iasQ1ZmCVOJqaFT1yvUfFyfqQRQlEfuWooABE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 09 Jun 2023 12:06:25 GMT
server: cloudflare
etag: W/"913a188acf4937267d989357edafdccf"
vary: Accept-Encoding
x-goog-generation: 1686312385390155
content-type: text/css
x-goog-hash: crc32c=+kWf1Q==, md5=kToYis9JNyZ9mJNX7a/czw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFznXkRq%2FwFzGfRh9Gdx%2Fohiw6SuHQp%2BQGwwpQSC6EopjCjC75GjwodzZaExc6xp1%2F%2B%2BSJGHSTfp%2F%2B6glbDKZRMBqoAbdmf%2FEK4nrxeEScwIXrEMy05bjv9ore9Ulj3rlelOe%2FOc7K4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 108907
cf-ray: 7dd0c3c7bf1c1e6a-FRA
expires: Sun, 25 Jun 2023 23:49:37 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 5BDC 44 KB
44 KB 49ms
38ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C19456&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGk&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2CxEbfQfAf39VtPHdHztDCRRgc7S6TqkxSBQ&c=468&d=60&e=&g=b38070d33a74ed6c905735402f161859%2F9574666730445966684&i=21596%2C20774&j=16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1687733377116&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jghpvesqkgzvmshcgh6gjft0ecxv106d16kqe8p36vdt4hkgafssbvncsh6gt7t0y4bd1m6pkq1x8yd8fx7rc4s6wf5nn9ygm0ztssmf8589f7681k3nnyp4hc8whvat8j6z2sezj8qc9aa5av77bvr7yx03yr1f5397fmkv540bsbh9gfnp9yag6s58nn6r6dhvnk056gs1f0dr1p2713xrpv0k4mpvd9n364eg5way02wews100v3rtw1w90frw1jea681fvwp06yx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAlUDf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT4AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyJ5ntNTLdqMOm2-nJA-U7MQApouvqTou24wcGTtxuSrB-z6jSUj9nn124AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1hDRV4_vQmv3UHCsKFNhLpYQDgFQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 783363
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZ%2BeJ7sebSfNRnaaRyE1t45RpJY7PiUIHWxF%2BV96zUfT8kThjC0N9X3URwH4JYUyNLSXbGY7QBRWOuDXN3xV5R29GX%2FNhtL1ejDjqF4im2hh0Vb7EI9uhx%2FZN3z1FX62xsSVp1jLKcJOuNg0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7dd0c3c7dc353a5c-FRA
expires: Mon, 26 Jun 2023 22:49:37 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 5BDC 222 KB
222 KB 27ms
22ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C19456&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGk&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2CxEbfQfAf39VtPHdHztDCRRgc7S6TqkxSBQ&c=468&d=60&e=&g=b38070d33a74ed6c905735402f161859%2F9574666730445966684&i=21596%2C20774&j=16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1687733377116&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jghpvesqkgzvmshcgh6gjft0ecxv106d16kqe8p36vdt4hkgafssbvncsh6gt7t0y4bd1m6pkq1x8yd8fx7rc4s6wf5nn9ygm0ztssmf8589f7681k3nnyp4hc8whvat8j6z2sezj8qc9aa5av77bvr7yx03yr1f5397fmkv540bsbh9gfnp9yag6s58nn6r6dhvnk056gs1f0dr1p2713xrpv0k4mpvd9n364eg5way02wews100v3rtw1w90frw1jea681fvwp06yx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAlUDf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT4AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyJ5ntNTLdqMOm2-nJA-U7MQApouvqTou24wcGTtxuSrB-z6jSUj9nn124AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1hDRV4_vQmv3UHCsKFNhLpYQDgFQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 272575
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400
content-length: 226916
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjkzylXCx0sOUucy6BNl3RcpZfBr3whPttr9PjtFi6LknJ9H2CeX3NcKL0i%2BjsJxIg%2FGTnwuIwKWkjtay3Icp0ZetDb0grRD1uaExLv5YbR8b996Evdoin%2FjvOFF4hFNCubg2wX7%2FJeojxR0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7dd0c3c7dc393a5c-FRA
expires: Mon, 26 Jun 2023 22:49:37 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 5BDC
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidJBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1687733377_8fe12890-13aa-11ee-87f6-2265f034cf4c&insert=AW&&gdpr=0&gdpr_consent=

0
476 B

56ms
22ms

Image
text/plain

2606:4700::6812:7f05

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1687733377_8fe12890-13aa-11ee-87f6-2265f034cf4c&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C19456&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGk&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2CxEbfQfAf39VtPHdHztDCRRgc7S6TqkxSBQ&c=468&d=60&e=&g=b38070d33a74ed6c905735402f161859%2F9574666730445966684&i=21596%2C20774&j=16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1687733377116&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jghpvesqkgzvmshcgh6gjft0ecxv106d16kqe8p36vdt4hkgafssbvncsh6gt7t0y4bd1m6pkq1x8yd8fx7rc4s6wf5nn9ygm0ztssmf8589f7681k3nnyp4hc8whvat8j6z2sezj8qc9aa5av77bvr7yx03yr1f5397fmkv540bsbh9gfnp9yag6s58nn6r6dhvnk056gs1f0dr1p2713xrpv0k4mpvd9n364eg5way02wews100v3rtw1w90frw1jea681fvwp06yx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAlUDf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT4AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyJ5ntNTLdqMOm2-nJA-U7MQApouvqTou24wcGTtxuSrB-z6jSUj9nn124AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1hDRV4_vQmv3UHCsKFNhLpYQDgFQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7f05 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
cache-control: no-cache
cf-ray: 7dd0c3ca1dd430ee-FRA
content-length: 0
expires: -1

Redirect headers

Date: Sun, 25 Jun 2023 22:49:37 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1687733377_8fe12890-13aa-11ee-87f6-2265f034cf4c&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 5BDC 74 KB
74 KB 41ms
37ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C19456&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGk&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2CxEbfQfAf39VtPHdHztDCRRgc7S6TqkxSBQ&c=468&d=60&e=&g=b38070d33a74ed6c905735402f161859%2F9574666730445966684&i=21596%2C20774&j=16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1687733377116&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jghpvesqkgzvmshcgh6gjft0ecxv106d16kqe8p36vdt4hkgafssbvncsh6gt7t0y4bd1m6pkq1x8yd8fx7rc4s6wf5nn9ygm0ztssmf8589f7681k3nnyp4hc8whvat8j6z2sezj8qc9aa5av77bvr7yx03yr1f5397fmkv540bsbh9gfnp9yag6s58nn6r6dhvnk056gs1f0dr1p2713xrpv0k4mpvd9n364eg5way02wews100v3rtw1w90frw1jea681fvwp06yx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAlUDf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT4AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyJ5ntNTLdqMOm2-nJA-U7MQApouvqTou24wcGTtxuSrB-z6jSUj9nn124AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1hDRV4_vQmv3UHCsKFNhLpYQDgFQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2454009
cf-polished: origSize=115129, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 75430
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBIs5oYWQ4K917IeFSurZrfVNrkyDitq4nuLYB0%2F8Gpx1yYNmWPMTn53KUYUk%2BwToGfCAaKrRPvV3Ttf9ROFd6%2Bfj397rlX2lW%2F3ITYn%2F24Fi9qdr7zjgFp7jnuNvOM7ms2HUQqdEm48iURF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7dd0c3c7dc3a3a5c-FRA
expires: Mon, 26 Jun 2023 22:49:37 GMT

GET
H2 200 94776D1EA84A2C016C3E2F4F2FF5CAFAE59DCE9271B62B383432451DCE910FAAE81B73D3436E567532B91B0BB75A1A9BC40155D0E940C698B45E520EC40D2A19
assets.ad4m.at/product_image/ Frame 5BDC 10 KB
11 KB 42ms
37ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/94776D1EA84A2C016C3E2F4F2FF5CAFAE59DCE9271B62B383432451DCE910FAAE81B73D3436E567532B91B0BB75A1A9BC40155D0E940C698B45E520EC40D2A19
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C19456&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGk&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2CxEbfQfAf39VtPHdHztDCRRgc7S6TqkxSBQ&c=468&d=60&e=&g=b38070d33a74ed6c905735402f161859%2F9574666730445966684&i=21596%2C20774&j=16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1687733377116&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jghpvesqkgzvmshcgh6gjft0ecxv106d16kqe8p36vdt4hkgafssbvncsh6gt7t0y4bd1m6pkq1x8yd8fx7rc4s6wf5nn9ygm0ztssmf8589f7681k3nnyp4hc8whvat8j6z2sezj8qc9aa5av77bvr7yx03yr1f5397fmkv540bsbh9gfnp9yag6s58nn6r6dhvnk056gs1f0dr1p2713xrpv0k4mpvd9n364eg5way02wews100v3rtw1w90frw1jea681fvwp06yx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAlUDf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT4AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyJ5ntNTLdqMOm2-nJA-U7MQApouvqTou24wcGTtxuSrB-z6jSUj9nn124AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1hDRV4_vQmv3UHCsKFNhLpYQDgFQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aa4aec3bf9cf0b1c0b6ac8db92c9c0126c3642e0ceb730601a0d2db7083cac3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1797783
cf-polished: qual=85, origFmt=jpeg, origSize=57873
alt-svc: h3=":443"; ma=86400
content-length: 10528
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Oct 2021 12:57:42 GMT
server: cloudflare
etag: "cbdcca70875184d14fb32ad75cb24482"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SpHSlLKUk9G%2BzDHXeRXY%2F4FS%2BMe3FRWIhCA3R9l4ogt%2B7TqtL93CFIiuDW%2Bqz6dCxTngtpeiGthPbAYUKPLEclKP9DkoTNvdAu3%2Bbw31TGqmCT8hHoA4HK1Y%2BTSNUGNaXS9ke0MlwhXnvic"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7dd0c3c7dc373a5c-FRA
expires: Mon, 26 Jun 2023 22:49:37 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 5BDC
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNv8wePA3_8CFdzhuwgd8TALsA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGkoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGkoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023062600493786223012505X117679V1226132702MSviewoneidjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGkoneid__suite_N...

49 B
1 KB

78ms
28ms

Image
image/gif

167.233.13.224

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023062600493786223012505X117679V1226132702MSviewoneidjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGkoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&cons=0&spid=2023062600493786223012505X117679V1226132702MSviewoneidjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGkoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&wfid=117679&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C19456&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGk&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2CxEbfQfAf39VtPHdHztDCRRgc7S6TqkxSBQ&c=468&d=60&e=&g=b38070d33a74ed6c905735402f161859%2F9574666730445966684&i=21596%2C20774&j=16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1687733377116&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jghpvesqkgzvmshcgh6gjft0ecxv106d16kqe8p36vdt4hkgafssbvncsh6gt7t0y4bd1m6pkq1x8yd8fx7rc4s6wf5nn9ygm0ztssmf8589f7681k3nnyp4hc8whvat8j6z2sezj8qc9aa5av77bvr7yx03yr1f5397fmkv540bsbh9gfnp9yag6s58nn6r6dhvnk056gs1f0dr1p2713xrpv0k4mpvd9n364eg5way02wews100v3rtw1w90frw1jea681fvwp06yx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAlUDf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT4AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyJ5ntNTLdqMOm2-nJA-U7MQApouvqTou24wcGTtxuSrB-z6jSUj9nn124AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1hDRV4_vQmv3UHCsKFNhLpYQDgFQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 -, , ASN (),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 22:49:37 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023062600493786223012505X117679V1226132702MSviewoneidjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGkoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&cons=0&spid=2023062600493786223012505X117679V1226132702MSviewoneidjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGkoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&wfid=117679&partnerid=12218
date: Sun, 25 Jun 2023 22:49:37 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A956 0
19 B 65ms
62ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CR1c9gMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoErwFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWupY2RyCGyJttLOmA6rD-AUORN6eIjGpBDNzvHHB4oERBTfBI9wHgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY1OTM1MjMyMTAwMTAxNTQYAA&sigh=rPo7JYi3EuY&uach_m=[UACH]&cid=CAQSKQBygQiDyx-YFAg3qsuEDFBCTNsPRTkKj6wkiC2X6q-hGlW-q6dnPCX7GAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=100&slotname=3173123908&adk=2061921259&adf=3171362771&pi=t.ma~as.3173123908&w=320&fwrn=16&format=320x100&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733376180&bpp=1&bdt=434&idt=424&shv=r20230620&mjsv=m202306200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5495337629142&frm=8&ife=1&pv=1&ga_vid=2091669099.1687733377&ga_sid=1687733377&ga_hid=2006700439&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=100&ifk=3292667763&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075511%2C44788442&oid=2&pvsid=2924831764484956&tmod=1080248799&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.iouiqa6e8hh3&fsb=1&dtd=436
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 25 Jun 2023 22:49:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame A956 0
11 B 27ms
24ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jf8kw4yg3tbzc4j5m6t9zcr7cna679271r6yex2snvtkywhv0785gkrds41vv6nthj0cthag80jas3kngy5tjsdczxtv19d7e4bpgdgg2tfmg9qft6g7gzc719y6a08ksskj7hrz8vgj3jhrrmj60xpwwx6epb8jjd2ea0cbwx2npn64njtj6qafwkc12r1z67bc36tj1neyk0d0xghvh9n31ed4ptsse5k0rhq67vz6gnqbq7pmz1qny0ra9pfjn980md6mfjw3q51nnwb9eyn7nfkk2drejgtf8yxxcbyaajfex14zrejr3fb6ehkfwjxrwecmqgj4decczkg06xz1s4adyxxaqbc183jxf85w9m6926sqn725azd74x3k77csvm78gfeq6g&b=ZJjEgAAKHhIDoggZAAHZXDmgea4TnRcf_MZQMw&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=100&slotname=3173123908&adk=2061921259&adf=3171362771&pi=t.ma~as.3173123908&w=320&fwrn=16&format=320x100&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733376180&bpp=1&bdt=434&idt=424&shv=r20230620&mjsv=m202306200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5495337629142&frm=8&ife=1&pv=1&ga_vid=2091669099.1687733377&ga_sid=1687733377&ga_hid=2006700439&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=100&ifk=3292667763&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075511%2C44788442&oid=2&pvsid=2924831764484956&tmod=1080248799&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.iouiqa6e8hh3&fsb=1&dtd=436
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 25 Jun 2023 22:49:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 15EA 85 KB
31 KB 60ms
12ms Script
text/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=20054700002822800951389012367020&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 00:08:33 GMT
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 81665
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: AYXqjU8tIlTPGg-KgM3iEMvcw54FTbDMC8j1CBCrVvOoAu0qRKTArw==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 15EA 85 B
438 B 310ms
254ms Image
image/gif 108.138.36.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1687733677&Signature=bwODZa~q~wFusoebwNaXyXsfmP90HoE4AYorrsLSeigxN1nRySOBglwKJOBCuTT3qph5mrQi5PcXIwYH2nxfpO9VEpyNKACz9Rb3n8sCbqIeozIqB4~AoxHrSLPs6Mi-Rwzvp1Ehlqa~J7igelbDzf4z6jxizs~1foR1gGTBef4kSTfUGZ7C4gDxBK8OSMpYTFanxpaZx3GY0M66WC-lbWcORakJhmaie-TLZW1PXd96IrdpslxgX~61tEkTgRjMnErYM9jYLIMZokwmt2RsrPpcDJDfsTWla9qXrEjHOsS~bKhTzps5LTwO8xBfosr7UZb38De0umZtkUwBKBKMnQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
URL: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-11.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 25 Jun 2023 02:36:41 GMT
via: 1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 72777
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: ctLjAIF1Fh6-qVKETZn-XXvdGxnKDcJm50Le4Ramcr5KSAlQAxZqDg==

POST
H3 200 rs Show response
ad4m.at/ Frame 153D 1 KB
1 KB 34ms
33ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7072ad8417323619b72631c2901a4e17c4d2ff8e2996621b8d5ff19b4aa8062a

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNI23uLIo%2F5e14V7qQ5IQp8PwM%2FfpNtxMvNtgycCtkUf8CtLfalIqk3p6ak8hC30XiPGHI%2BOZXZcBtbNV%2FDN0w1gUoekXwx%2FWPYk9qm3Lh2OWavHPnydioEhWL8LyIp4fv6gv5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7dd0c3c81a48917d-FRA
x-backend-server: aa-reachservice-group-europe-west1-400d
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 37ms
35ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7dd0c3c7ea29917d-FRA
content-length: 24
content-type: text/plain
date: Sun, 25 Jun 2023 22:49:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3VbFh%2BW7usDv4boWzwbH%2F3x0Dx%2F%2BB5V5rxwkRuCYW0GsKMbombJvmfLSq4txE7fiJNoDmzH0N%2FgqTrTqZpH6g1PwyHHr96cUKRKrMVmIOwZK1dm0o7aFl1Q0IBHPTclREquyzqA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-400d

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 6830 9 KB
4 KB 90ms
89ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C13957%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=728&d=90&e=&g=441c0bafd52a8959e5d7fde5a7d751e8%2F14915146673650936238&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687733377244&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3pdv18z4a0epc2mgdpf4bg592v7cpqs8bfp7e1nd9s6xjwtz8awmj828dqx2y2av2sh8p113e62asr5sj6y7ffh5z77h2fbxkq9a36k5pr04st0zyqqmcezfxnmqfteawav1jwv3nt95r7m2mbzhkz4qydzftr73esd2mxxqtees36mtk2b1rk8psj13bz0dawef8jkbr3c9nqtydsecsm88h6cy2f4gap799ak58j4agsdghw7dc04demnf2ewbzabg8jjgxf33kq5y2wf9g7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53af5ed578565db9709063020e4ca1edad7f2690b750076c0dc377105c4b7ced

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kessmg29hxxy8zzv2a3py1zrpn08redf2z2rb00za4r165rmbfmg8a5hnw8zq2khsqdjyf6ysdpqtgxnphz3f2ya9n87dm02bdgh1yf5m6embw7xzzs6g7cbtk0nvvhzv5mchjrgf4fvtdhsbyyrjejsx28n7e0mk277xgjwdzn8eq4es5gnpb0qv59cnfap7xfwycfwjz10qqx2h3eb22xwd7svxvtv6m1q89xwwcy9wc1790wryye5tsmjv0a5gq5agap943gq428xzy770mckr9yy773nb789rtcmxp7yf5e555bghsn9z44cef265yjj2vm0wfwnd4eqkefghyqbpcxm1tt22851rnnkc128cq4tt913eb50b056c4gpmcx5r5rjbe0ad9syyfzpdbwqjxc20j7qqnx2q274qfjw1w76hdyh3tm0gj0c180t3bkwqwy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%26client%3Dca-pub-6593523210010154%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7dd0c3c80f5a1e6a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:37 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame 93DF 37 KB
14 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 16:26:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jun 2024 16:26:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2FDD 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLSu1KpRInuhDVReNGk0NopRtS1ecIMFEYh1SagD01U7dHP1iYF_w6EB6SpaMET98obDedERaLxLXYZpwIvB1Wiqyr9qONX46epC-lPxq0mr-2swKA9FgPdnnlIklrRL7Eq02CtIHMN5ML8KIzZPStxqYokiCgdNcY3V7MjM-pX5QKgR9puQepCawZt0z4Sy4XyPhgl-_yiAWkE7WOd9j5Gbxbph6aR1AArwttGSUIR0A6v-WlIq4PVNi5DkXjZydqiv-IggmW_SUgKlHEhJz3drxDB-z-8MNtBF2dvDYooS8S3CoJq-FONTbhwcnouVJLBMz5Bn366QRPHqH8nlDe6YBcGkCkyX68SwFtrJ0&sai=AMfl-YTaD23zFR6wuEs8IJOu6_6FEXOxNustUVgWGWdV-CjAlOYO_rZRpBmw9wLwafyIMg5lr4z-zISye2qpMxjTqAl-BwMMM75_RC3HFEKLVXLn90_z-n0p0r05QH_uFmlmkmtUKTsmnunnoanklj3Q2Wxu53LVXtmdre515KMhxicqx0VFp58CJdCrkKb6v5dh&sig=Cg0ArKJSzE-UvXVEjFosEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Jun 2023 22:49:37 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2FDD 15 KB
11 KB 35ms
35ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230620&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e29c5881ea9a9c846f377ba4f105387ec5a504601f5d14dd9be3adf9cca23a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11349
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame AF0A 5 KB
3 KB 72ms
70ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=7f42dee6652c2bf97f2dc1d611f99cf7%2F11058943393521182765&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1687733377312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k3d63bv9jn65rjcpmstyy4xqv18kbty1ghmkfb2j1p4x25dshw28b4921tacfv34hvz5f8zys7xk6d3fc99fqdc372kb7cvpjsgpp8aayfqakas9egz43t0y708gmx53e7122strss3t4gkczp2a53h1c6kdyzdc8hqqn0gv91m08wgn45b8sx3ag2ksb92ydrzqt2vcncjvqzsgm0g8wpq7r21yjc7sbyhqvpbv8qgpnm6p58aevyrdpkc2s3sh8hf04sv32gy6a9eebt7ejp8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeN9ZgMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsgFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWqha-I5V4qUtfDTulXCKavc3UNQzKB-x2bOx9eM5dp89HeIdvJzPVWwqgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_09YJvGUkp9hyjOb2SEMeGsYQzv0g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff5799b9f16df468a868896c09b6b669ca707910d33dbc26d455e757d5148ecd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jd5q3qv4btm61d8bpx0p37enbf3vm7jp0bq48hy7ckhcf243bdea9q8q3ar8pw6prwb3mh2kber42sye14sn38atpqcmteef1zgbf7srbjtssd0dfjj3kra4x36df6p1jnn29fgy8xr9sq18s9nz3axs5d08f1864sbn2ka228wx868x4ya20a697zp8nsmn5ky1j8fxvwgsj7aqvevnzj5kyp82r4q39h221gkbydcssmpxng7zwyb33w942kgvzt7bmfaf1grkq3bq0sscx704efkj6q0q3jz6nqp1pr7m9vb282h8qy2v6sgvd69dhgdppxtcy4b6zh9aa3jhp4wzk7036hsmhvvmnqndpvngcv7rjz6svct073h214g3tc1d01xhp9f1yyhw1w87yjsh6cjnwmsq2g33xxhw1x1wqw8nb9edezxayncqw79xhv6bcc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeN9ZgMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsgFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWqha-I5V4qUtfDTulXCKavc3UNQzKB-x2bOx9eM5dp89HeIdvJzPVWwqgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09YJvGUkp9hyjOb2SEMeGsYQzv0g%26client%3Dca-pub-6593523210010154%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7dd0c3c8a8011e6a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:37 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2FDD 17 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Jun 2023 22:49:37 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.42/one-ad/ Frame 6830 106 KB
13 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=728&d=90&e=&g=441c0bafd52a8959e5d7fde5a7d751e8%2F14915146673650936238&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687733377244&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3pdv18z4a0epc2mgdpf4bg592v7cpqs8bfp7e1nd9s6xjwtz8awmj828dqx2y2av2sh8p113e62asr5sj6y7ffh5z77h2fbxkq9a36k5pr04st0zyqqmcezfxnmqfteawav1jwv3nt95r7m2mbzhkz4qydzftr73esd2mxxqtees36mtk2b1rk8psj13bz0dawef8jkbr3c9nqtydsecsm88h6cy2f4gap799ak58j4agsdghw7dc04demnf2ewbzabg8jjgxf33kq5y2wf9g7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=728&d=90&e=&g=441c0bafd52a8959e5d7fde5a7d751e8%2F14915146673650936238&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687733377244&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3pdv18z4a0epc2mgdpf4bg592v7cpqs8bfp7e1nd9s6xjwtz8awmj828dqx2y2av2sh8p113e62asr5sj6y7ffh5z77h2fbxkq9a36k5pr04st0zyqqmcezfxnmqfteawav1jwv3nt95r7m2mbzhkz4qydzftr73esd2mxxqtees36mtk2b1rk8psj13bz0dawef8jkbr3c9nqtydsecsm88h6cy2f4gap799ak58j4agsdghw7dc04demnf2ewbzabg8jjgxf33kq5y2wf9g7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1686312358
age: 211111
cf-polished: origSize=108907
x-guploader-uploadid: ADPycds4BaPB2cnNKfGCpO0DHbi1YsFTcCTGXC9fJnH_NboEzcGfHcnLXlcIvq2iasQ1ZmCVOJqaFT1yvUfFyfqQRQlEfuWooABE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 09 Jun 2023 12:06:25 GMT
server: cloudflare
etag: W/"913a188acf4937267d989357edafdccf"
vary: Accept-Encoding
x-goog-generation: 1686312385390155
content-type: text/css
x-goog-hash: crc32c=+kWf1Q==, md5=kToYis9JNyZ9mJNX7a/czw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbghWeMotmUOTXPgUfDTxn5uJqOU8vt4%2BOQzOiAwIA2LGk%2FkGm2DwUr0p56jcCmFA6B9u5DHxdXuOSL2kkUwpVEHt80CMr3BwFwwa7Pti%2FGMyQbDU9sNouHTdpJZN4vlUKm%2BmRFKrvQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 108907
cf-ray: 7dd0c3c8aff61e6a-FRA
expires: Sun, 25 Jun 2023 23:49:37 GMT

GET
H3 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 6830 2 KB
3 KB 20ms
19ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=728&d=90&e=&g=441c0bafd52a8959e5d7fde5a7d751e8%2F14915146673650936238&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687733377244&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3pdv18z4a0epc2mgdpf4bg592v7cpqs8bfp7e1nd9s6xjwtz8awmj828dqx2y2av2sh8p113e62asr5sj6y7ffh5z77h2fbxkq9a36k5pr04st0zyqqmcezfxnmqfteawav1jwv3nt95r7m2mbzhkz4qydzftr73esd2mxxqtees36mtk2b1rk8psj13bz0dawef8jkbr3c9nqtydsecsm88h6cy2f4gap799ak58j4agsdghw7dc04demnf2ewbzabg8jjgxf33kq5y2wf9g7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303180
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtxJ5raA6Mu%2FnmQWZw8nCg5%2BExe8jvMPRfNYGBYyAX1sXjrsZ5v35wlVJKZov%2FarrR%2F1scJBs444AErU9RHl%2FrYvU%2F8w01iz9ZZ%2Fa0c7EmkPqjb27%2BTUqZVPKwVZgHL4YhnkGnFcXZGKhTLQ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7dd0c3c8aff91e6a-FRA
expires: Mon, 26 Jun 2023 22:49:37 GMT

GET
H3 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 6830 253 KB
254 KB 38ms
36ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=728&d=90&e=&g=441c0bafd52a8959e5d7fde5a7d751e8%2F14915146673650936238&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687733377244&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3pdv18z4a0epc2mgdpf4bg592v7cpqs8bfp7e1nd9s6xjwtz8awmj828dqx2y2av2sh8p113e62asr5sj6y7ffh5z77h2fbxkq9a36k5pr04st0zyqqmcezfxnmqfteawav1jwv3nt95r7m2mbzhkz4qydzftr73esd2mxxqtees36mtk2b1rk8psj13bz0dawef8jkbr3c9nqtydsecsm88h6cy2f4gap799ak58j4agsdghw7dc04demnf2ewbzabg8jjgxf33kq5y2wf9g7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262211
cf-polished: origFmt=png, origSize=431531
alt-svc: h3=":443"; ma=86400
content-length: 259252
cf-bgj: imgq:85,h2pri
last-modified: Fri, 16 Jun 2023 10:20:07 GMT
server: cloudflare
etag: "16f7fe8ce7119ba0f513f8179ecb2d3a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UFn%2F4cmdEmuTHsY0J4bA2FXBzRYiG5UV21GbAKPGj2A%2Fv7SDeleqrPRlrsctGsJhC3RNm%2BpBxzG2Q9gDfWLFxtizemuXdQ6iG5K5QiqwBQz6kRo1DhjLb2gqxmfhCeR6tHkrRl5a6K%2FFCYt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7dd0c3c8d81e1e6a-FRA
expires: Mon, 26 Jun 2023 22:49:37 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 6830 43 B
703 B 100ms
82ms Image
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=728&d=90&e=&g=441c0bafd52a8959e5d7fde5a7d751e8%2F14915146673650936238&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687733377244&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3pdv18z4a0epc2mgdpf4bg592v7cpqs8bfp7e1nd9s6xjwtz8awmj828dqx2y2av2sh8p113e62asr5sj6y7ffh5z77h2fbxkq9a36k5pr04st0zyqqmcezfxnmqfteawav1jwv3nt95r7m2mbzhkz4qydzftr73esd2mxxqtees36mtk2b1rk8psj13bz0dawef8jkbr3c9nqtydsecsm88h6cy2f4gap799ak58j4agsdghw7dc04demnf2ewbzabg8jjgxf33kq5y2wf9g7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Jun 2023 22:49:37 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 6830 74 KB
74 KB 138ms
137ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=728&d=90&e=&g=441c0bafd52a8959e5d7fde5a7d751e8%2F14915146673650936238&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687733377244&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3pdv18z4a0epc2mgdpf4bg592v7cpqs8bfp7e1nd9s6xjwtz8awmj828dqx2y2av2sh8p113e62asr5sj6y7ffh5z77h2fbxkq9a36k5pr04st0zyqqmcezfxnmqfteawav1jwv3nt95r7m2mbzhkz4qydzftr73esd2mxxqtees36mtk2b1rk8psj13bz0dawef8jkbr3c9nqtydsecsm88h6cy2f4gap799ak58j4agsdghw7dc04demnf2ewbzabg8jjgxf33kq5y2wf9g7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2083678
cf-polished: origSize=115129, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 75430
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGMuMLJ2Qp7FGw5D1kSaItRAaAwmj0hd6It9lEmWRbu9olNWYoYmP2%2B0snsS4zejRqms5eg%2BDzP3FYnyvyZIGxqLsSaYwIcsIA22yv8APQw1vaw3LdNUhcnLq7GF9NnyK%2B%2FjA5YNu3c%2FqDL5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7dd0c3c8d81f1e6a-FRA
expires: Mon, 26 Jun 2023 22:49:37 GMT

GET
H3 200 AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
assets.ad4m.at/product_image/ Frame 6830 33 KB
34 KB 131ms
130ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=728&d=90&e=&g=441c0bafd52a8959e5d7fde5a7d751e8%2F14915146673650936238&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687733377244&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3pdv18z4a0epc2mgdpf4bg592v7cpqs8bfp7e1nd9s6xjwtz8awmj828dqx2y2av2sh8p113e62asr5sj6y7ffh5z77h2fbxkq9a36k5pr04st0zyqqmcezfxnmqfteawav1jwv3nt95r7m2mbzhkz4qydzftr73esd2mxxqtees36mtk2b1rk8psj13bz0dawef8jkbr3c9nqtydsecsm88h6cy2f4gap799ak58j4agsdghw7dc04demnf2ewbzabg8jjgxf33kq5y2wf9g7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2186505
cf-polished: qual=85, origFmt=jpeg, origSize=156576
alt-svc: h3=":443"; ma=86400
content-length: 34068
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Oct 2021 12:48:35 GMT
server: cloudflare
etag: "451fa9b02ae7953b9311aefac697be7e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufVvrX%2FlszCk0Dq1tnNkEgYAkk9VWUqInIJ%2BVu7pv4s%2BsT46W%2FQT8u44dPOTXyxyoXJBSKRE%2BTACwDxwyoyJSVhDp46dG86FZce%2F2Ts%2Fgr6n%2FQhOew8iObK6SjSGdFlQbiIkf6uUvCeIjrZa"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7dd0c3c8d8201e6a-FRA
expires: Mon, 26 Jun 2023 22:49:37 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 6830
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLb-wePA3_8CFc3huwgdgUMEZg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023062600493786223012503X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite...

49 B
1 KB

68ms
19ms

Image
image/gif

167.233.13.224

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023062600493786223012503X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023062600493786223012503X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=728&d=90&e=&g=441c0bafd52a8959e5d7fde5a7d751e8%2F14915146673650936238&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687733377244&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3pdv18z4a0epc2mgdpf4bg592v7cpqs8bfp7e1nd9s6xjwtz8awmj828dqx2y2av2sh8p113e62asr5sj6y7ffh5z77h2fbxkq9a36k5pr04st0zyqqmcezfxnmqfteawav1jwv3nt95r7m2mbzhkz4qydzftr73esd2mxxqtees36mtk2b1rk8psj13bz0dawef8jkbr3c9nqtydsecsm88h6cy2f4gap799ak58j4agsdghw7dc04demnf2ewbzabg8jjgxf33kq5y2wf9g7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 -, , ASN (),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 22:49:37 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023062600493786223012503X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023062600493786223012503X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&partnerid=12218
date: Sun, 25 Jun 2023 22:49:37 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 6830 10 KB
10 KB 132ms
130ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=728&d=90&e=&g=441c0bafd52a8959e5d7fde5a7d751e8%2F14915146673650936238&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687733377244&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3pdv18z4a0epc2mgdpf4bg592v7cpqs8bfp7e1nd9s6xjwtz8awmj828dqx2y2av2sh8p113e62asr5sj6y7ffh5z77h2fbxkq9a36k5pr04st0zyqqmcezfxnmqfteawav1jwv3nt95r7m2mbzhkz4qydzftr73esd2mxxqtees36mtk2b1rk8psj13bz0dawef8jkbr3c9nqtydsecsm88h6cy2f4gap799ak58j4agsdghw7dc04demnf2ewbzabg8jjgxf33kq5y2wf9g7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2085853
cf-polished: qual=85, origFmt=jpeg, origSize=58124
alt-svc: h3=":443"; ma=86400
content-length: 9782
cf-bgj: imgq:85,h2pri
last-modified: Fri, 08 Jul 2022 10:19:52 GMT
server: cloudflare
etag: "b4342e277c43aad9c5020a04564bfd1e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MC2f6d3%2FtvXMyT8vSRJQ1PuaEJTb8k81w2eHzzkxVNtnTxR08pcGsK6Nx9DkE1oswa5hdT5ojULUHBqLN5aj02uKPYzcO6wfyOlJ8jvJgnqnqIAB6SRWF1CH2ykC4XxYuR2g2CoLcqXSPyI2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7dd0c3c8d8211e6a-FRA
expires: Mon, 26 Jun 2023 22:49:37 GMT

GET
H3 200 2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame 6830 83 KB
84 KB 18ms
17ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=728&d=90&e=&g=441c0bafd52a8959e5d7fde5a7d751e8%2F14915146673650936238&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687733377244&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3pdv18z4a0epc2mgdpf4bg592v7cpqs8bfp7e1nd9s6xjwtz8awmj828dqx2y2av2sh8p113e62asr5sj6y7ffh5z77h2fbxkq9a36k5pr04st0zyqqmcezfxnmqfteawav1jwv3nt95r7m2mbzhkz4qydzftr73esd2mxxqtees36mtk2b1rk8psj13bz0dawef8jkbr3c9nqtydsecsm88h6cy2f4gap799ak58j4agsdghw7dc04demnf2ewbzabg8jjgxf33kq5y2wf9g7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7992882aa0838cd9d41c9e9bcef9e10576c790b9a325c060e2a8ab00922876

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2254748
cf-polished: degrade=85, origSize=176144, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 85317
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Apr 2023 15:13:36 GMT
server: cloudflare
etag: "de500d9f72516b39943c63adb21d5ebe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOvhZzLB0csEnEDwvLGvxDC6J0tlFUAmCp7NM1w1fqq3N42QBE5CRBWclZYCGg2EdilM9HU6t7wHauwZVeAnMc13W0UIt4%2BiGQeKFQy9jpyLilUTRoFFU%2B8sk71odilfV3yKn9oSQDnf515O"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7dd0c3c8d8221e6a-FRA
expires: Mon, 26 Jun 2023 22:49:37 GMT

GET
H/1.1 200
OK 2aed39855b5f46b7651ba591340f258c
pv.medialead.de/trck/epv/ Frame 6830 0
366 B 87ms
86ms Image
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 22:49:37 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B2A2D186:9B8A_91EFC182:01BB_6498C481_3E3BCE0:1ECFC
X-IPLB-Instance: 40028
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 68E9 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230620&jk=2002279294703575&rc=
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.42/one-ad/ Frame AF0A 106 KB
13 KB 135ms
135ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=7f42dee6652c2bf97f2dc1d611f99cf7%2F11058943393521182765&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1687733377312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k3d63bv9jn65rjcpmstyy4xqv18kbty1ghmkfb2j1p4x25dshw28b4921tacfv34hvz5f8zys7xk6d3fc99fqdc372kb7cvpjsgpp8aayfqakas9egz43t0y708gmx53e7122strss3t4gkczp2a53h1c6kdyzdc8hqqn0gv91m08wgn45b8sx3ag2ksb92ydrzqt2vcncjvqzsgm0g8wpq7r21yjc7sbyhqvpbv8qgpnm6p58aevyrdpkc2s3sh8hf04sv32gy6a9eebt7ejp8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeN9ZgMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsgFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWqha-I5V4qUtfDTulXCKavc3UNQzKB-x2bOx9eM5dp89HeIdvJzPVWwqgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_09YJvGUkp9hyjOb2SEMeGsYQzv0g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=7f42dee6652c2bf97f2dc1d611f99cf7%2F11058943393521182765&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1687733377312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k3d63bv9jn65rjcpmstyy4xqv18kbty1ghmkfb2j1p4x25dshw28b4921tacfv34hvz5f8zys7xk6d3fc99fqdc372kb7cvpjsgpp8aayfqakas9egz43t0y708gmx53e7122strss3t4gkczp2a53h1c6kdyzdc8hqqn0gv91m08wgn45b8sx3ag2ksb92ydrzqt2vcncjvqzsgm0g8wpq7r21yjc7sbyhqvpbv8qgpnm6p58aevyrdpkc2s3sh8hf04sv32gy6a9eebt7ejp8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeN9ZgMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsgFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWqha-I5V4qUtfDTulXCKavc3UNQzKB-x2bOx9eM5dp89HeIdvJzPVWwqgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_09YJvGUkp9hyjOb2SEMeGsYQzv0g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1686312358
age: 211111
cf-polished: origSize=108907
x-guploader-uploadid: ADPycds4BaPB2cnNKfGCpO0DHbi1YsFTcCTGXC9fJnH_NboEzcGfHcnLXlcIvq2iasQ1ZmCVOJqaFT1yvUfFyfqQRQlEfuWooABE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 09 Jun 2023 12:06:25 GMT
server: cloudflare
etag: W/"913a188acf4937267d989357edafdccf"
vary: Accept-Encoding
x-goog-generation: 1686312385390155
content-type: text/css
x-goog-hash: crc32c=+kWf1Q==, md5=kToYis9JNyZ9mJNX7a/czw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jeYYEqhO5Ugymhc3JBD0itx%2B3rWng%2FPWpWSl1%2FVBpJG96uG3jaZoeAXgGP1yq49otWnriMjujcgXE8hAqw2l0zgUMDSX4ybUdBEDVEVZNKs6VowjNQ2xm85Ctv3LJv5w254W5rE0VI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 108907
cf-ray: 7dd0c3c8f8441e6a-FRA
expires: Sun, 25 Jun 2023 23:49:37 GMT

GET
H3 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame AF0A 5 KB
5 KB 136ms
136ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=7f42dee6652c2bf97f2dc1d611f99cf7%2F11058943393521182765&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1687733377312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k3d63bv9jn65rjcpmstyy4xqv18kbty1ghmkfb2j1p4x25dshw28b4921tacfv34hvz5f8zys7xk6d3fc99fqdc372kb7cvpjsgpp8aayfqakas9egz43t0y708gmx53e7122strss3t4gkczp2a53h1c6kdyzdc8hqqn0gv91m08wgn45b8sx3ag2ksb92ydrzqt2vcncjvqzsgm0g8wpq7r21yjc7sbyhqvpbv8qgpnm6p58aevyrdpkc2s3sh8hf04sv32gy6a9eebt7ejp8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeN9ZgMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsgFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWqha-I5V4qUtfDTulXCKavc3UNQzKB-x2bOx9eM5dp89HeIdvJzPVWwqgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_09YJvGUkp9hyjOb2SEMeGsYQzv0g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238406
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Prsz6tkdFvXzTAmER9FvGQfEdJwv2Jvi%2B3mrn71cJiBEcPE71uy2kqphD2EJyXmUlowdlUFztxGf7RoOppqRA46QkDO2wjEt9mr2FMrq93x4HpbzYa4PTKboQ%2BBHZ4Ae61dPbR3NPVp1Ytdd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7dd0c3c8f8451e6a-FRA
expires: Mon, 26 Jun 2023 22:49:37 GMT

GET
H3 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame AF0A 54 KB
55 KB 129ms
126ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=7f42dee6652c2bf97f2dc1d611f99cf7%2F11058943393521182765&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1687733377312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k3d63bv9jn65rjcpmstyy4xqv18kbty1ghmkfb2j1p4x25dshw28b4921tacfv34hvz5f8zys7xk6d3fc99fqdc372kb7cvpjsgpp8aayfqakas9egz43t0y708gmx53e7122strss3t4gkczp2a53h1c6kdyzdc8hqqn0gv91m08wgn45b8sx3ag2ksb92ydrzqt2vcncjvqzsgm0g8wpq7r21yjc7sbyhqvpbv8qgpnm6p58aevyrdpkc2s3sh8hf04sv32gy6a9eebt7ejp8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeN9ZgMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsgFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWqha-I5V4qUtfDTulXCKavc3UNQzKB-x2bOx9eM5dp89HeIdvJzPVWwqgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_09YJvGUkp9hyjOb2SEMeGsYQzv0g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1439951
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400
content-length: 55798
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUHWD%2Bdm15XTRDaLGBIKQ57j9jp9z3NJMvdff98uNi70sFTP5TTC6okNYj4HyYLzewxYr683ObTMPDf0mFlPqAvi%2Bq3oihx5E6sMKNQsES%2BS%2FpoebFm4%2BXj8zNCYOuXmgqqtCiSpVaTGzFnI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7dd0c3c9084f1e6a-FRA
expires: Mon, 26 Jun 2023 22:49:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 529A 13 KB
5 KB 22ms
13ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 113514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 15:17:43 GMT
expires: Sun, 23 Jun 2024 15:17:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E20C 783 B
533 B 70ms
62ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c00dde66d17088d471de8599acc4c1721f9416acc07c2f9fdb4d7103d1d731e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eytRdwxSECYRUTMpMAR-dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-eytRdwxSECYRUTMpMAR-dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:37 GMT
expires: Sun, 25 Jun 2023 22:49:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 996B 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvs81Ty2uLKZPYVS81oDJxYA7pCIF192i1Ms_hvf0OysalWylZpa7g08eEH-S8iN7sfijt1V7EBFEP0ctCfygqGuVJzOS1KfdIqBx_4v_1frZeujPdurAMgatMFQocIbmKiHcXJlpCkMnbWAi5DgISriPMUCzx3gpyZrd4Ryq6hBZBdzxGDgc-HGzETw5O9VzHmmz3k8rK2VKI-1JP2sGEKRmHiNrIaFrOuTCYk2AEEa5_vGktzaOLYtx5wWbvTB7cgWqDII7R1eEVh6irYZ74j3DXkLolx8lycEX20nw_PCMzbecHeYGQgmfo9KPOr_nk5wmn_HEPjt0oOZqRtTfVLZO5Tjd0ly3XKbkQ_9OytCmrjnkfTKbL5M5VTO5bHBqcLiZ1z2MCaB-UvyUfbbHCGNNSiIr_UMxLvteeWw-Tz3ZufWyTQYVs39L8E71IO4JkdySERda7U_fesw53BVxbXs8VZCegYs2UqAomZOS2w6Dd9jrxRZe9tSaXgWK-u5tGCguEQwXC8wU-4ZvB0YGPHiXswLKhElmuJPuVU0O09SdCP7b7Tt557ot0Ju8WwATzExoa9ADT230hLsS2PprrT81JtGotqdTPm32pdPT5m6XNVQK1y6Hdd5SctL6LLvf40pwCKVfUbjfCt3H0zK90BESUSnxN8cR3gRgBcWWrr1HWpL6ympCLlpYI2mjMSi6s-YiU9c4xTKPP730FGDt7LRcF9VYeKhnycimGxPpYvinP09gkFqYfOHCk8RCcJfLjUwIW4BucWenKYX47KZErsqC0boCs3ayGZMvV5TeJyvRa6L3OBpXScpk5hxXK8BEL59BXlfOFfhowWfPzP1oZS3oo8V3zHJtQhuwdJQzzc0MtPV-hIUnub1QmDHTGmynUQ52LwkILRFbQRoUdmDOrAae96RV8kyr2thVOzcvvMgZ_Ts-dijs1fBllF8hLutUH0nVaW-rkhyH5JLgeLnF1s0fuiqOmVI_1dqmnSbhjtD4ZlGuzHRz0IcgRvL5poSXz1m6xPJfdTikw80XOlLMLhKKTBSMmy0NrbbRknOJVmcRkBYIifQktU3068Os0HSbnmn9M3lDSSdEHZIdzcV4hqRXiPAQaxTXtJBiT9vz5J4RnaEl_DcDutOp1GnnbCy5E77NGkTPKjDJW5sdxPR21-Fyx-EHzM71o&sai=AMfl-YSZRpFlthLpjCS2wJCJuoNePXJ3BVjPv5bT_eIXJvcQLq4perGuevaYuTWQXepH6PUeWZOsBdPELCKCfXXr0eZkJXLPI6gPK65LaH9vaYJYL56uPBVrRy7mYdYf6LypmdbDGpc1cx9dxVD_5n8ERPqWcwOfG03ee42KB2pVNfxLlnaA4WUtnNepAF7k7iVNCXUpNhrOXRPShuQ&sig=Cg0ArKJSzCYGwYaFAzw3EAE&cid=CAQSbQBygQiDDLQkMpGweyUDZmKUgCOK7TWG9fbLjamwSdUEXWQqzaw4YCL-VgQYR73jYif_r4rQa5cdlGW0xEtpZn96M4Ru6mqKMS9-afL9EtvA45EtrfwmhcPTZ_7XPjQUyP3zcD4cfK9K6rxlgxgYAQ&id=lidar2&mcvt=1013&p=0,0,250,500&mtos=0,0,1013,1013,1013&tos=0,0,1013,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=0.6&if=1&vu=1&app=0&itpl=22&adk=1992264516&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687733375550&rpt=864&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 93DF 0
12 B 14ms
13ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nxvYkw
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame 529A 37 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 16:26:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jun 2024 16:26:16 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AAA1 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstORE79RfOTNZPIvqErZytDXnb-2nMUaFWZ7MtNxjl1Hpi6-NnlLUdqf4nRC26uFpDZYZ9jc_XtqXr0Tc_-xjbdKJUL2fvi__8l9CIhB7ECA-gZM5VU_ysRQUiWC0RNXUJoFLpcjEfa1uVf4LvOk2zS8QS9T7ef30A02PtUGA&sai=AMfl-YRBP8vwGkz0jmOo4_2ma3CS80bMIv_msWmDdv3ppTXQ6wXfoZwa_pqC_adR1XJfZi_0bHCybRUw3b_adHOL5C-PE7Z0I_iY1kVyOJqmPs01w0KvR90MsqsUNT8&sig=Cg0ArKJSzMxGmQozSPtzEAE&cid=CAQSOwBygQiDrb-ncVmy63xfIAfZ9LtWKaAw-e-VDiH2VMIfLKyWOQ5D0xfOL2xZ_MstTfwMw2AD2Gl8fCTOGAE&id=lidar2&mcvt=1006&p=0,0,600,160&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3203893797&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687733375764&rpt=730&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E20C 0
0 47ms
46ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230620&jk=2924831764484956&rc=
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 link.html Show response
track.webgains.com/ Frame AF0A 2 KB
2 KB 72ms
72ms Script
text/html 3.11.176.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1krd9nn5dc3ndw5xhcax8gcgx5apc7rp6m5w5gzww8sncwxyhcgms6sq6fp0hgzn8aqnt31rftn9b8v8etp3fajjn9m6ddg0rfyf3p6sh5asr33b2yjpfq95zpfeer6hfcmnb4f21gbzrkjdz26q5jnk96dvcbgsvdeqpjr4ne4jc1f5v4j78g9b7870w836zfrjfsgpj8hdjhz4z29m05racdx5hq8ybb0k8h7bqnf6et7r7j5m45x5zakhtrsv77wvw%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k3d63bv9jn65rjcpmstyy4xqv18kbty1ghmkfb2j1p4x25dshw28b4921tacfv34hvz5f8zys7xk6d3fc99fqdc372kb7cvpjsgpp8aayfqakas9egz43t0y708gmx53e7122strss3t4gkczp2a53h1c6kdyzdc8hqqn0gv91m08wgn45b8sx3ag2ksb92ydrzqt2vcncjvqzsgm0g8wpq7r21yjc7sbyhqvpbv8qgpnm6p58aevyrdpkc2s3sh8hf04sv32gy6a9eebt7ejp8%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCeN9ZgMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsgFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWqha-I5V4qUtfDTulXCKavc3UNQzKB-x2bOx9eM5dp89HeIdvJzPVWwqgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_09YJvGUkp9hyjOb2SEMeGsYQzv0g%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=7f42dee6652c2bf97f2dc1d611f99cf7%2F11058943393521182765&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1687733377312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k3d63bv9jn65rjcpmstyy4xqv18kbty1ghmkfb2j1p4x25dshw28b4921tacfv34hvz5f8zys7xk6d3fc99fqdc372kb7cvpjsgpp8aayfqakas9egz43t0y708gmx53e7122strss3t4gkczp2a53h1c6kdyzdc8hqqn0gv91m08wgn45b8sx3ag2ksb92ydrzqt2vcncjvqzsgm0g8wpq7r21yjc7sbyhqvpbv8qgpnm6p58aevyrdpkc2s3sh8hf04sv32gy6a9eebt7ejp8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeN9ZgMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsgFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWqha-I5V4qUtfDTulXCKavc3UNQzKB-x2bOx9eM5dp89HeIdvJzPVWwqgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_09YJvGUkp9hyjOb2SEMeGsYQzv0g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.176.98 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-176-98.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: c40ff6ff9b98734d7c65aeab0789dfbf66e6d02756c9a0c3bc1507faf3465e9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
last-modified: Sun, 25 Jun 2023 22:49:37 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 25 Jun 2023 22:50:37 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 529A 0
12 B 13ms
13ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0IID9g
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 89EE 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgi9sPa7BzZYMF3N6a5FamBFLNrXbx8anmJNwDofzsIQzTVEiuDsfhdmmlIInEBCUtgddaJrjrs18sN-WmqNBh3yfu4XAe0Q_1sfxUQm7YVRS2jDm3yd2xxVVqDTm1eS4jVlqJsu7c9mZOo3wcR4OIqiROZhrdOXtQFQg-kg&sai=AMfl-YTg1dXdimYXJNF0J5FPVCkY1uHbBpSNi--E2s0W0mrZXdfmvYgz_wbK9HxHCFXOzQWzkKIl1Z8n9_YZAl0cYppUNd-yYMNKWl4gtZ2GQW9I2fiX5R0gGnQrD1I&sig=Cg0ArKJSzELPpMmvh3i0EAE&cid=CAQSOwBygQiDkm2Cgy_8SwzcL6yzJfu3XwYnTbQYAMTUpST_FBZVM9lSOsi5VjQ0Ayue-5nd98C1rifmI318GAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3299242717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687733375650&rpt=947&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame AF0A 85 KB
31 KB 11ms
10ms Script
text/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1krd9nn5dc3ndw5xhcax8gcgx5apc7rp6m5w5gzww8sncwxyhcgms6sq6fp0hgzn8aqnt31rftn9b8v8etp3fajjn9m6ddg0rfyf3p6sh5asr33b2yjpfq95zpfeer6hfcmnb4f21gbzrkjdz26q5jnk96dvcbgsvdeqpjr4ne4jc1f5v4j78g9b7870w836zfrjfsgpj8hdjhz4z29m05racdx5hq8ybb0k8h7bqnf6et7r7j5m45x5zakhtrsv77wvw%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k3d63bv9jn65rjcpmstyy4xqv18kbty1ghmkfb2j1p4x25dshw28b4921tacfv34hvz5f8zys7xk6d3fc99fqdc372kb7cvpjsgpp8aayfqakas9egz43t0y708gmx53e7122strss3t4gkczp2a53h1c6kdyzdc8hqqn0gv91m08wgn45b8sx3ag2ksb92ydrzqt2vcncjvqzsgm0g8wpq7r21yjc7sbyhqvpbv8qgpnm6p58aevyrdpkc2s3sh8hf04sv32gy6a9eebt7ejp8%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCeN9ZgMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsgFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWqha-I5V4qUtfDTulXCKavc3UNQzKB-x2bOx9eM5dp89HeIdvJzPVWwqgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_09YJvGUkp9hyjOb2SEMeGsYQzv0g%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 00:08:33 GMT
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 81665
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: oplhdtzmqXkBZYx6npuTq2jtYBwSsgzjAStOUJcJ9CfruVQUluK2BQ==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame AF0A 15 KB
15 KB 16ms
16ms Image
image/png 108.138.36.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1687733677&Signature=qQbfOVGVILoxjW8TEJBsOseTldXxo6glLg2ICpGC9XjleYQuKCJiRaQlccBlcA0M9i1j1y-WlSHsC32eu6-02LjtB--i6dxFMxebx53VuJpJCgLoSI6h2yvkfMNKzad75kyoDBDJzMGVhCfTx8867FHKk9DCjQpbqPnmMiXdxtLDy6IY-9RAuSDeEyPjzRAGc6uxNFH7kJQhGD0xCOjmNvyVs54tON0ILUE-iLnCl6QTJFP0uC9ZigH6TAA6Sz0rj-eMff8eF1nvN8aGv8reJ7-~-m4mF-GZtYCC04jo7DX6XpQqhHr62M5MczuqhncTMzkhEoFwYT9w5F0oKddPqQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=7f42dee6652c2bf97f2dc1d611f99cf7%2F11058943393521182765&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1687733377312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k3d63bv9jn65rjcpmstyy4xqv18kbty1ghmkfb2j1p4x25dshw28b4921tacfv34hvz5f8zys7xk6d3fc99fqdc372kb7cvpjsgpp8aayfqakas9egz43t0y708gmx53e7122strss3t4gkczp2a53h1c6kdyzdc8hqqn0gv91m08wgn45b8sx3ag2ksb92ydrzqt2vcncjvqzsgm0g8wpq7r21yjc7sbyhqvpbv8qgpnm6p58aevyrdpkc2s3sh8hf04sv32gy6a9eebt7ejp8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeN9ZgMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsgFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWqha-I5V4qUtfDTulXCKavc3UNQzKB-x2bOx9eM5dp89HeIdvJzPVWwqgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_09YJvGUkp9hyjOb2SEMeGsYQzv0g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-11.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 25 Jun 2023 05:36:31 GMT
via: 1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 61990
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: bCD1B3UQmvzaCDu-GxEUczafXqf0iPLHRJyxp_FmkVZ41tvvvCxzig==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 96E7 15 KB
11 KB 28ms
28ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef324e454b89334f2187a973b392f41c77806d03c07ee04bda65a0598c110ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11232
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 96E7 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Jun 2023 22:49:37 GMT

GET
H2 200 5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame 96E7 0
210 B 48ms
47ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1687733374904&userId=vnet1dfca4b5-094e-4446-aa45-ceb1aa82778f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 25 Jun 2023 22:49:37 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DB54 13 KB
5 KB 19ms
16ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 113515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 15:17:43 GMT
expires: Sun, 23 Jun 2024 15:17:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 742E 783 B
534 B 66ms
63ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1b9a8338919e6e3eb18b68fcdb6a0d9768fa3374c1ab1e6d8150c88d350f9b0e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PiNk3Uw8ikOKiibLoVgorQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-PiNk3Uw8ikOKiibLoVgorQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 22:49:38 GMT
expires: Sun, 25 Jun 2023 22:49:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 15EA 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnVhgcC82-dsgVNLBQMpSPrRK0cf7lAo_1-yc1mNCiUkDxRfb5um-gwM7BW6S8WL2G6uhVGEYuNsbVeaTdW4QtBQBe&sig=Cg0ArKJSzEC1Ok7HyXg2EAE&id=lidar2&mcvt=1071&p=0,0,90,728&mtos=1071,1071,1071,1071,1071&tos=1071,0,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=456810305&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687733375575&rpt=1264&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6363a944e4b0125bde9e6739
ng.virgul.com/tck/i_vb2/ Frame 96E7 0
210 B 47ms
47ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/6363a944e4b0125bde9e6739?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1687733378092&userId=vnet1dfca4b5-094e-4446-aa45-ceb1aa82778f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 25 Jun 2023 22:49:38 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame 96E7 0
210 B 48ms
48ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1687733378093&userId=vnet1dfca4b5-094e-4446-aa45-ceb1aa82778f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 25 Jun 2023 22:49:38 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771bae4b07a92411bc04c
ng.virgul.com/tck/i_vb2/ Frame 96E7 0
210 B 48ms
48ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1687733378094&userId=vnet1dfca4b5-094e-4446-aa45-ceb1aa82778f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 25 Jun 2023 22:49:38 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771e3e4b07a92411bc04e
ng.virgul.com/tck/i_vb2/ Frame 96E7 0
210 B 48ms
47ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1687733378094&userId=vnet1dfca4b5-094e-4446-aa45-ceb1aa82778f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 25 Jun 2023 22:49:38 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 942C 0
0 49ms
49ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230620&jk=2002279294703575&bg=!V1SlVADNAAYQ3eRoMN07ADkAdvg8Wg2ejT-quc3o8v8hQNnhq7PIcy8-ktVMa88eNorKRwq_KVxuWH5Cd1XYrGb2q0GAZRb9OOsCAAAAl1IAAAADaAEHmQMQwts-5F8wK-IUgubgANSqN5MSgu4VVx7X1X9gTkNBOBdDP166Q7t5sblFj_C5JOL11hpLVd4ik_Nr0Rqa-amkchN7mpooq_JypRzKGV7lKJ5oPSUhgggKdvtOq9Hu7th4VhBvyxty0HIrkqB87P5OrMS18O5xLOs7OHc5oIpUhhDKg-CxgGnS4Jztliu1TlCvlMurkQBz5RQdohYj1tXzKb0_-DvjV1lUYAaBXWY8QJtl-lOUkoOq4bRp1PBpCb9HlvgFyNOr05BYc02UmXe0rNj_ULYFW6ISD3dc9z-FJxWunutqsYs16LmJ0VoAEssTu2zIDBmsukgEqEiwOtS54E8bK7jk0cA_PaNdju6JT5cRYQkRY1NiPn_MPMXxmE7PQ7OewS7HzVuH7nGbVMm0YDVzw9zzSTz9AlIfca--a7OmXHLnqfI9JJO5F5TNut8jrFEAhk0mO91k3_STnKJJi0TE4pZdgjSzBH2LwDKfSM45UQ2IqwuKCM1mJFgXD6wssqoKFyba-9DMqeP1WX3HJ7qZJjP_F-Bb51B9qEvj4t0Ea_L4zs6y5K9SC_wq4s7rlEuaiCyHAZOZn2gKipDjSdm2DIiuQ4mTOIDdgyGlrPGEI4y2m7v0v2-zjMQnxjmrEPsEtBTRVxZps0l-BV9BgpH4KEm3ANj9g0V4vRqenK2-BNbsRBx9DTv9oxj_SR7vorNaHnG9ptUgiqQggl_zYp4tea53zfw6iUasGdoIfj0rSbh4FeJHN6aH1tp641MXmOFybZRLGivq4jW3AjIHznXilar_SL6utflJKM0RFp5ByXd833VxChbu23w7v1iSEPr7TFkbn9Ot-QXpK7VmpvB9-J2OrvYtmw0q78PcH35Pckmuq0zRXTOVC_OkwjVDQ5R9NANStS8IjTo2ASHUjka3SK9nBeouLddaGzWpcjp6De6kEk-wzyaZCfRMb0vuXa2n9XF-D3tJvSXYB8vfN9CL2e0R5pFJKKV56ajU8lh1fxRiIW1AZ0U0Rz62cYaXAQ2jEWfPEZpNWN-XNhJEog
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 15EA 16 B
210 B 71ms
71ms Fetch
application/json 18.168.234.149

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.234.149 -, , ASN (),

Reverse DNS

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 25 Jun 2023 22:49:38 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 89ms
22ms Preflight 18.168.234.149

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.234.149 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 25 Jun 2023 22:49:38 GMT
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A956 42 B
64 B 49ms
48ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstY8ntmgoAInFRROBFeyNDfXwHeKJRDfJG95-62LqSGTafOnM1X_y1-5Gvh78ScsnbQp3ZaVvBegR4LKh9RELEQEKAD&sig=Cg0ArKJSzLvnoSBW1NNzEAE&id=lidar2&mcvt=1006&p=0,0,50,320&mtos=0,1006,1006,1006,1006&tos=0,1006,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=0.94&if=1&vu=1&app=0&itpl=20&adk=2061921259&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687733377009&rpt=100&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame DB54 37 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 16:26:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jun 2024 16:26:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 742E 0
0 47ms
46ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306200101&jk=3120190652059256&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2FDD 0
0 50ms
50ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230620&jk=2924831764484956&bg=!1dal1oLNAAYQ3eRoMN07ADkAdvg8WstelGPSg4zg-uDKmbddLoDrVrEbYYn0akH8MKyIvOFavfLn95Dxrycwtk5ztyQN1SwNq3YCAAAAiVIAAAACaAEHmQMYvSxpbnRUg7jR_lWnm_-wM44lVTfUdcpd8Xhu-qqyG3yPzqCuYf2bDpSHYFBYOT1M5bvuo_tKmxFQmYr2JcTUhGBY3dW63-YGqGEdO6O55Foc6m09sFVcWCYZeSc2SnmJD_05SSeRbgl-Iwt6WSSR8MCqxrX80ZyqAxYxjBdbVWp8JBG3Yx9NdoP4D_Gymi9_qtJKJ1KLjliyI7R-xwiPRG49R3NzH55ovlz2WjuCUEQbjPT64JmqzaFHRLx3IZEAQx0kzTZTFjtU_C-ReMpZt9thsNx88vu9hludhw2GdiitOrPUYg-pFTYD6dlrXwL9piJ1fNxCxa1mxOd6pOHOrh_BBKSpB5eLasAAaFCM5U7RLiccPYlKLnyAFV5B0Gj426uNUmg2mEnh8hBFe1zze6B_idhyLe_YE6VlVSY8sTtuMvsErxSaUm4xWJRfLFhp4h-VKYBvd52hFlhFBWpWMhK_XHVQG0P7YrmZPwOK6hjmt6mS2eGQiaiuyDkCFepwJ0nCJOpcpHOg_832jLkFlyY5yc3Xg_eLvaRpM7hFnxIhxxMree7OpdhrAS3A75r3NlKJUIpZKy8PU2VUh4FYUgB4v1fgjGg7uoNMAS6qkVfDwHb1vhA6AAtwPo-rKFduSfQkT3OwVvDNnJLxynpP9D5Xd2komlMYOALcLOkgl-jPDcuJJ_wDOjfiqzkCpHqd6xCgjYj7GgLNaZZDt1zYAs_JdKzAaZajhY9ucazuGcpIhlfrTnZvma8IKozO8HyWrp9XIikYD-cYtiiGH0M8PILjI729me4SftCvYOtf_aewwnoPpdvZxbWQUnuwDUVc8Lcu_JXs8pY09VFZphHKv1NB2hRJxlLgSi_lpmfpdHN_t77gb42XetrS6j3CPe7LDNU7ii9EeB69w8IzqLy-L-GbgsLJKYNqg6Wf2j0uc-gx8DjXphSlg7TAikIEgApbRf8V0QHw2rY6rehUZUqxiZM_XjXvhtuNIbtjCIcX1SbDQGZDsZ_u4OL-HLVq5ROfmYLVtsb8naJeJ6bLQ0enNC1kmHeelAJM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H/1.1 200
OK viewability Show response
hal900020.redintelligence.net/ Frame A731 0
150 B 14ms
14ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/viewability?s=20054700002822800951389012367020&a=474fc1c5&vb=v
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=20054700002822800951389012367020&a=e4dc257c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/request_content.php?s=20054700002822800951389012367020&a=e4dc257c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 22:49:38 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2FDD 42 B
64 B 49ms
48ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvj1UPaxWVv0LhIFUNjYfhbgOIQqfRl2VpMCPSPjpr1guLmx5kAfZ_Nu3ZXlE_t94fQMwgha6mlY1ouvLYV60iohcHeeipe58HnBm-KYtXeV-wHwLhg&sig=Cg0ArKJSzKCQu-JW_WqYEAE&id=lidar2&mcvt=1051&p=0,0,100,320&mtos=0,1051,1051,1051,1051&tos=0,1051,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=0.94&if=1&vu=1&app=0&itpl=19&adk=2327352581&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687733375660&rpt=1661&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 22:49:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame AF0A 16 B
210 B 76ms
76ms Fetch
application/json 18.168.234.149

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.234.149 -, , ASN (),

Reverse DNS

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 25 Jun 2023 22:49:38 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 22ms
21ms Preflight 18.168.234.149

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.234.149 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 25 Jun 2023 22:49:38 GMT
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DB54 0
12 B 13ms
12ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?afsByQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 22:49:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame 96E7 0
210 B 48ms
47ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1687733374904&userId=vnet1dfca4b5-094e-4446-aa45-ceb1aa82778f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 25 Jun 2023 22:49:38 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 96E7 0
0 50ms
49ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306200101&jk=3120190652059256&bg=!Tk2lTRnNAAYQ3eRoMN07ADkAdvg8Wo30msnBuraFNpwVIf2yHFEgn-tOrTFMzd24Nh9UXjYBp_cCXI5r2FVHPKs1u1RhYtizRNgCAAABY1IAAAACaAEHCgCvL6kYWy_JqPHKfUip6gfCzd5ZmtZWF7KB3-T3JtC4wHF3XEw9BhphHPQqpUlTiVMrhm9rg9gXNlf3LiFOP21x-OLzSm-vBpg0M1c4-GvgxCT5hy0N5qBfeu36FS_yt4eh84OnyzFUyo1QWGJDOPu3XZS7JDATlIeBDTFecuCpXSQgT3qxOCOzAke-AqXivGsIHmTYhnW9BSaSwfala0j5q7muSPU1yo6W9saxWReUW5kCy4bxAEcdjl5FJKYZ2Z9m2VdvHGSg507L70UpLt2nMs_Map1tlFyUujub_HY_-HD0VgPnknZlvBzO4-BanqKIu6vgUZhHvTpEzx3Ga6GFfUQ2-sjSGP_1JSc9qW7WwRUEwvL4sfhiJmKgf6MSp0aUT39Inlc2xlnw905eqV4dpqPyn4YWFqhvhxhFA8SGzUEJ8UQihKKsbJmZTM1mw4-yhL4JiLyrjtWDTXH4l_m-t3BR0KvOFxPjGZb_p1k5M6WcmgiUn4wbcZI54XlgzApTHKaf_96_yAczJFW8iniAt7A4x90Nsv3rJYSlTOIPP-lbRS27vvTZU-l4R2Okgm8KqTM5IBfwQ5chLaoVZjiPuqoTakEZPyQIh10kAMQYNzAyiGI_QXQ0qLRR6KwIsJFLjU-XfZqOsTJvDaMoCTpK4BTd2_u1O0nslAlnG6GVQLaC2eAjKidONUPt9IJ2yg2-P2AD1Hsy3oxyMUjQIQmvsxYXMbl-KLpLJ91gn5bEYxcImmUuaDwmGoigBDIdMduNaMAx-y2JdCZsfEWZtEXAEAXeuVCZKQSaRp_JrW7mFK1ahG7T3HXBnDtbtWnLbtGrM7ntacAWdlh7PPmh_bMa9ggVbMNJy7KnBrzZ2nS9ylb3lnbMK4jmyN4qvn8u6SKwCnqOCKFr1EDR8s6CRm_TOrCepzcvGuVactPndjYwls4huFaJo6x_aqFKZPqkXbDMc3XArmeADYIUr5L9SlGgfFl6Y5kQ23vo4TYowWVo3kWVNJb_1UewzWCW4hQtclmfUs8swc39AdgiE0hujvPQ2Y8BUxkCcmEwzKYw-LiN4gsXchY82Sofe9dGOy_iuHO_Tof5s3lAqiGqVcwOCU8ODvXPFx4NY951uVjg1ndDiYTIX7qfm087sxHvchU130_wtYti5KGxPez20sOiHVSJJ8e2GztRr1qVGkm8zW0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H/1.1

200
OK

firstevent
unilever.demdex.net/ Frame 96E7
Redirect Chain

https://unilever.demdex.net/event?d_sid=25453995&cs=1687733379110
https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1687733379110

42 B
952 B

39ms
39ms

Image
image/gif

63.34.168.218

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1687733379110

Protocol

HTTP/1.1

Server

63.34.168.218 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v049-0eb70cda3.edge-irl1.demdex.com 7 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: MbgkbWneRRY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v049-02c5ebe17.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: KI2aivapREA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1687733379110
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 22:10:29	Name: IDE Value: AHWqTUnPQBn0N_1BcSyzI3qkJ4-NbZu_dhP_9xD6Og9He2VWYsNgtN4RZjakSrfWgIo
.doubleclick.net/	1970-01-20 12:48:54	Name: test_cookie Value: CheckForPermission
.mathtag.com/	1970-01-20 21:34:29	Name: uuid Value: 68636498-c47f-4b01-a490-96e3c2712748
.simpli.fi/	1970-01-20 21:35:55	Name: suid Value: 2DF47DFD2FE5411289D6C968097DF179
.casalemedia.com/	1970-01-20 21:34:29	Name: CMID Value: ZJjEf0IcV8j4.h58qrAS.gAA
.casalemedia.com/	1970-01-20 14:58:29	Name: CMPS Value: 3303
.casalemedia.com/	1970-01-20 14:58:29	Name: CMPRO Value: 3303
.bidswitch.net/	1970-01-20 21:34:29	Name: tuuid Value: 9d648435-ef16-4b85-9b47-b84a30ebfd6c
.bidswitch.net/	1970-01-20 21:34:29	Name: c Value: 1687733376
.bidswitch.net/	1970-01-20 21:34:29	Name: tuuid_lu Value: 1687733376
.quantserve.com/	1970-01-20 14:58:29	Name: d Value: EBkBCQGoKYEA
.quantserve.com/	1970-01-20 22:19:07	Name: mc Value: 6498c480-3c8a3-61dc1-c2b6a
.adfarm1.adition.com/	1970-01-20 14:58:29	Name: UserID1 Value: 7248759654292715671
.retailads.net/	1970-01-20 13:32:05	Name: ppb2172 Value: 2818805775
.3lift.com/	1970-01-20 14:58:29	Name: tluid Value: 337682377585048491494
.turn.com/	1970-01-20 17:08:05	Name: uid Value: 2456979753482916649
.pubmatic.com/	1970-01-20 12:50:19	Name: KTPCACOOKIE Value: YES
.everesttech.net/	1970-01-20 21:34:29	Name: everest_g_v2 Value: g_surferid~ZJjEgAAUgCsi3gBL
.doubleclick.net/	1970-01-20 12:48:56	Name: DSID Value: NO_DATA
.adform.net/	1970-01-20 13:32:05	Name: C Value: 1
.pubmatic.com/	1970-01-20 21:34:29	Name: KADUSERCOOKIE Value: 6A028894-3754-42C0-9449-4886BC59F2F5
.1rx.io/	1970-01-20 21:34:29	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-8b50dc60-16c7-4210-9f73-bf7975b9fc7f-003%22%7D
.adform.net/	1970-01-20 14:15:17	Name: uid Value: 206905150957542701
.scoota.co/	1970-01-20 22:24:53	Name: tuuid Value: 93cc0099-1606-4ceb-a988-a5c3f8ad7864
.scoota.co/	1970-01-20 22:24:53	Name: c Value: 1687733376
.futalis.de/	1970-01-20 14:15:17	Name: raSIDb Value: 2818805775
.blismedia.com/	1970-01-20 21:34:33	Name: b Value: 6498C48084B5558825AA030FBLIS
.targeting.unrulymedia.com/	1970-01-20 21:34:29	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-8b50dc60-16c7-4210-9f73-bf7975b9fc7f-003%22%7D
.rfihub.com/	1970-01-20 22:10:29	Name: eud Value: H4sIAAAAAAAA_1vFwmtoZmFubmxsbG5maWEEAFgl9T8QAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwsjA1Mjc1NTcwMRbiM9Qtz_dNSSsM8XAvMwoDAEsJpXglAAAA
.rfihub.com/	1970-01-20 22:10:29	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwsjA1Mjc1NTcwMRbiM9Qtz_dNSSsM8XAvMwoDAEsJpXglAAAA
.office-partner.de/	1970-01-20 22:24:53	Name: source Value: {"webgains_webgains":{"timestamp":1687733377044,"clickCookie":false}}
.scoota.co/	1970-01-20 22:24:53	Name: tuuid_lu Value: 1687733377
.de17a.com/	1970-01-20 21:27:17	Name: guid Value: 1.6860707598970104899
.ctnsnet.com/	1970-01-20 21:34:29	Name: cid_cb81f336e64847f986187c2bd3236fc7 Value: 1
.ctnsnet.com/	1970-01-20 21:34:29	Name: gid_CAESEFN-tOUtlPROrbV3Q49NLbc Value: 1
.agkn.com/	1970-01-20 21:34:29	Name: ab Value: 0001%3AhsKSOIPg7T1stbhmGF1czp0lqjNmqpvU
.agkn.com/	1970-01-20 21:34:29	Name: u Value: C\|0CEAsK4EBLCuBAQAAAAAAAQ13AQCAAQpAAAAAAA
.tribalfusion.com/	1970-01-20 14:58:29	Name: ANON_ID Value: aLnu7qpkijcDifqAaDciUEWPnZaGoNZa7Ajw2tu4uT0cRKnxP1a2pZaUSXMHL9AZcvwv9K0pT6KFZbVldpZaFjd5ZcAZahYOnyUqRJPOb5xSFAa8
.mathtag.com/	1970-01-20 13:32:05	Name: mt_mop Value: 4:1687733376
.awin1.com/	1970-01-20 12:51:46	Name: awpv20044 Value: 412871\|1687733377\|8fe85480-13aa-11ee-87f6-2265f034cf4c
.awin1.com/	1970-01-20 12:53:12	Name: awpv11354 Value: 412871\|1687733377\|8fe12890-13aa-11ee-87f6-2265f034cf4c
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
www.conrad.de/	1970-01-20 12:53:12	Name: HTLP_timestamp Value: 1687733377622
www.conrad.de/	1970-01-20 12:53:12	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 12:48:55	Name: __cf_bm Value: YgvKpYYGD_W2sQkDflzxUJPIraj9T1OM5EPstC9Lr9U-1687733377-0-AVxwj9tV86b7UNlu9KezdKsIqZMsOPnUtH5CQfy/WHf0TkITQau162pJSTDpIdd2Z6hEvoepu7Nyx3eNYN+OPQQ=

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pcloak.blob.core.windows.net/web/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript	error	URL: https://ye-mek.net/(Line 39) Message: Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plaf=1%3A2%2C7%3A2&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687733375023&bpp=4&bdt=471&idt=170&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&nras=1&correlator=5280307616153&frm=24&ife=1&pv=2&ga_vid=1913456181.1687733375&ga_sid=1687733375&ga_hid=2097080441&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759837%2C31071756%2C31074584%2C31075309%2C31075431%2C31075473%2C44788441%2C44794790&oid=2&pvsid=3120190652059256&tmod=59414405&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.abp2ro4x0t11&fsb=1&dtd=181 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://as.ad4m.at/ad/dr?ed=1ktkgcy2c7p2bramrg0yfja4tz9rbtezmt635wgpbzd8ycyj5zyzfpk9amjwmfn4xtcj9f8gbb1njye2v2qd55f0avbt15dzrvz86z2j17qrrfkzxekdx8jp6cscq30jfww8d0jbk0t62sxnz9w7zb44jz5sr7qntgw7qjy2hnrrg3svpay27f2p3jga1tmh637ke7w7bcaz8vntaz7cqspgwrwpz8nfh7k2wth44pcg1phvb4e7be2mnedbtfdqabk7kzdjcywhj22pwvg3av6nyss1kmy8fxsfdqm80gwdtq4kyd46x6r9ed2m4ddsam1dfsag6k7aekeafjf0zk82see13sebhfp7j6zr39hesceg8czjkph23j3757h0aa03s0x836dntqr03mz76d98d14tqe04q6qx6t4c740skfm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAlUDf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT4AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyJ5ntNTLdqMOm2-nJA-U7MQApouvqTou24wcGTtxuSrB-z6jSUj9nn124AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1hDRV4_vQmv3UHCsKFNhLpYQDgFQ%26client%3Dca-pub-7983651257838282%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1kessmg29hxxy8zzv2a3py1zrpn08redf2z2rb00za4r165rmbfmg8a5hnw8zq2khsqdjyf6ysdpqtgxnphz3f2ya9n87dm02bdgh1yf5m6embw7xzzs6g7cbtk0nvvhzv5mchjrgf4fvtdhsbyyrjejsx28n7e0mk277xgjwdzn8eq4es5gnpb0qv59cnfap7xfwycfwjz10qqx2h3eb22xwd7svxvtv6m1q89xwwcy9wc1790wryye5tsmjv0a5gq5agap943gq428xzy770mckr9yy773nb789rtcmxp7yf5e555bghsn9z44cef265yjj2vm0wfwnd4eqkefghyqbpcxm1tt22851rnnkc128cq4tt913eb50b056c4gpmcx5r5rjbe0ad9syyfzpdbwqjxc20j7qqnx2q274qfjw1w76hdyh3tm0gj0c180t3bkwqwy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%26client%3Dca-pub-6593523210010154%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1jd5q3qv4btm61d8bpx0p37enbf3vm7jp0bq48hy7ckhcf243bdea9q8q3ar8pw6prwb3mh2kber42sye14sn38atpqcmteef1zgbf7srbjtssd0dfjj3kra4x36df6p1jnn29fgy8xr9sq18s9nz3axs5d08f1864sbn2ka228wx868x4ya20a697zp8nsmn5ky1j8fxvwgsj7aqvevnzj5kyp82r4q39h221gkbydcssmpxng7zwyb33w942kgvzt7bmfaf1grkq3bq0sscx704efkj6q0q3jz6nqp1pr7m9vb282h8qy2v6sgvd69dhgdppxtcy4b6zh9aa3jhp4wzk7036hsmhvvmnqndpvngcv7rjz6svct073h214g3tc1d01xhp9f1yyhw1w87yjsh6cjnwmsq2g33xxhw1x1wqw8nb9edezxayncqw79xhv6bcc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeN9ZgMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsgFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWqha-I5V4qUtfDTulXCKavc3UNQzKB-x2bOx9eM5dp89HeIdvJzPVWwqgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09YJvGUkp9hyjOb2SEMeGsYQzv0g%26client%3Dca-pub-6593523210010154%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=14019%2C19456&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CjpBHEfGfP71UYHEH2t6tRRGcZSzTDRGTGk&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2CxEbfQfAf39VtPHdHztDCRRgc7S6TqkxSBQ&c=468&d=60&e=&g=b38070d33a74ed6c905735402f161859%2F9574666730445966684&i=21596%2C20774&j=16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1687733377116&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jghpvesqkgzvmshcgh6gjft0ecxv106d16kqe8p36vdt4hkgafssbvncsh6gt7t0y4bd1m6pkq1x8yd8fx7rc4s6wf5nn9ygm0ztssmf8589f7681k3nnyp4hc8whvat8j6z2sezj8qc9aa5av77bvr7yx03yr1f5397fmkv540bsbh9gfnp9yag6s58nn6r6dhvnk056gs1f0dr1p2713xrpv0k4mpvd9n364eg5way02wews100v3rtw1w90frw1jea681fvwp06yx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAlUDf8SYZJ_6Fcnc7gOFqIXgCZDhgYRctqjCivACwI23ARABIABglZr-gZQHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgT4AU_QVlHXoPo2VpgD_C9uFySS6cAqRgd3_XOWQJOg97jQRATYM8ZzqDTzPkXQ6zh3TbBR0y2GR_DQV5vaQeArhTYw__6dS1mIfJ6NbuADcecEudoCifLHEkzyNBqR8pN1vkMp_t2wUtwRZ97dLQV-pI2eMuDOsT8d7ObLzRIoeMYdiatQXKUqwHRZ1dL9ljP6KeDJYKAGn_d3iRu1yCWouqgmUxBL7Y3XfqZnEzce54383xRtRizAB7iK3mR5Gxu-kyGvjWiAoCcyNv6mB4ZlyJ5ntNTLdqMOm2-nJA-U7MQApouvqTou24wcGTtxuSrB-z6jSUj9nn124AQBgAbYq_61i6fOg6QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1hDRV4_vQmv3UHCsKFNhLpYQDgFQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=728&d=90&e=&g=441c0bafd52a8959e5d7fde5a7d751e8%2F14915146673650936238&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1687733377244&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j3pdv18z4a0epc2mgdpf4bg592v7cpqs8bfp7e1nd9s6xjwtz8awmj828dqx2y2av2sh8p113e62asr5sj6y7ffh5z77h2fbxkq9a36k5pr04st0zyqqmcezfxnmqfteawav1jwv3nt95r7m2mbzhkz4qydzftr73esd2mxxqtees36mtk2b1rk8psj13bz0dawef8jkbr3c9nqtydsecsm88h6cy2f4gap799ak58j4agsdghw7dc04demnf2ewbzabg8jjgxf33kq5y2wf9g7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNrUygMSYZKzJB8uOiM0PkPC4sA6Q4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsQFP0CZNroWTasJcFurvR6UxWkj26dEEv8Ks0wubTe7LChxTimAsaJejD41tu1Pa50ykwaVg_0nIO6C4uIyYtusmTQQEvw4N8qe_YBfLfHpLWX9f4h3PI-F1FobIPXMKOf3rIcc3air9dAhUcwZudQQ6KIPEAvH6X046S2FIuiP9HC1M9ValWPN3cMaNCrVAHCr9fRXkieF38toFD9BCkmjP4-_mc8OSWMqFOiKXhl1nkkWABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0doVpN7Ue-dL_oir4bnV1by74Icw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=7f42dee6652c2bf97f2dc1d611f99cf7%2F11058943393521182765&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1687733377312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k3d63bv9jn65rjcpmstyy4xqv18kbty1ghmkfb2j1p4x25dshw28b4921tacfv34hvz5f8zys7xk6d3fc99fqdc372kb7cvpjsgpp8aayfqakas9egz43t0y708gmx53e7122strss3t4gkczp2a53h1c6kdyzdc8hqqn0gv91m08wgn45b8sx3ag2ksb92ydrzqt2vcncjvqzsgm0g8wpq7r21yjc7sbyhqvpbv8qgpnm6p58aevyrdpkc2s3sh8hf04sv32gy6a9eebt7ejp8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeN9ZgMSYZJK8KJmQiM0P3LKH8AOQ4YGEXLaoworwAsCNtwEQASAAYJWa_oGUB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQI2xPCRH0eyPqgDAcgDAqoEsgFP0NE1pUZudVHd23RlfAlvs-gZSkEZUKB7EwRr5oKm3LSNJP1TN5okhTQEyRYE3vF96n4QkibmkHjPpl-Uum2vc_HYaXctewXOay4TW39HzCcJZs9IV4CljFJqD2TMc8CcluMudPZIU4jctsUntEuyXIrbaFL3uSUJtZmbkyOJW6uULFxpYg8qWqha-I5V4qUtfDTulXCKavc3UNQzKB-x2bOx9eM5dp89HeIdvJzPVWwqgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_09YJvGUkp9hyjOb2SEMeGsYQzv0g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9884a87232c5fcefe81d30b26de95b01.safeframe.googlesyndication.com
a.tribalfusion.com
aax.amazon-adsystem.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.eu.criteo.com
adservice.google.com
adv.office-partner.de
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
cat.fr3.eu.criteo.com
cdn.retailads.net
cdn.track.production.webgains.team
cdn.ye-mek.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
csm.eu.criteo.net
d.agkn.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
futalis.de
gcm.ctnsnet.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900020.redintelligence.net
image6.pubmatic.com
images.dmca.com
imasdk.googleapis.com
ng.virgul.com
ng2.virgul.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.o2online.de
pcloak.blob.core.windows.net
pghub.io
pixel.mathtag.com
pixel.rubiconproject.com
prod-rtb.ad4mat.net
pv.medialead.de
r.scoota.co
r.turn.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s7.addthis.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
static.virgul.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
tags.mathtag.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
um.simpli.fi
unilever.demdex.net
ups.analytics.yahoo.com
www.awin1.com
www.cloakan.co
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
ye-mek.net
104.75.89.75
108.138.36.11
108.138.37.209
138.201.63.165
142.250.185.230
142.250.186.162
145.239.193.130
151.101.194.49
151.139.128.10
167.233.13.224
178.250.7.11
178.250.7.9
178.63.52.121
18.168.234.149
18.173.191.32
18.66.147.52
184.30.20.207
185.29.134.245
185.7.176.222
185.80.39.216
185.86.138.150
193.0.160.131
198.47.127.19
20.60.220.36
2001:678:cb4:bbbb::11
213.155.156.167
23.206.208.114
2404:6800:4009:82d::2003
2600:1901:0:76b9::
2600:9000:237d:600:1b:5138:8a40:93a1
2606:4700:20::681a:61b
2606:4700:20::ac43:4a81
2606:4700::6812:19ad
2606:4700::6812:7f05
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:800::200e
2a00:1450:4001:806::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:811::200e
2a00:1450:4001:812::200a
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a01:4f8:d0a:2321::2
2a02:2638:3::1a
2a02:2638:d::2
2a02:2638:d::4
2a02:6ea0:c700::17
2a03:2880:f083:9:face:b00c:0:3
2a0b:4d07:101::1
3.11.176.98
3.70.92.75
3.72.196.231
3.75.62.37
34.102.243.38
34.160.236.64
34.91.62.186
34.96.105.8
35.186.193.173
35.186.253.211
35.241.45.217
37.157.3.29
46.228.174.117
49.12.16.151
51.89.9.252
54.77.64.97
63.34.168.218
69.173.144.138
74.121.143.240
76.223.111.18
77.245.159.14
84.200.5.215
85.114.159.118
92.123.148.9
94.138.206.83
00b318d367780a24035143885d9ef75f11c4e1e456a20efbbbe34ead04098346
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00ed6bec3fac29221f31283fec86c6cd1e112fea8f06dcc00674ca9604a26d55
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d0cdac88311cef59cc43361e96870b5319e65e7807d6510c49d577270a9bd4
06d8f6a8f4c933e532841e7e518b4b9aee6865c77e915055f02b1f4a2fc11651
071e0b2510018c83fb8f81c44813ab1d38173b4df1d4b30b95e177a181a677ac
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
083455b37d5acec4df41ab90d9b2ce2783b16221edd0103c215a1ed7731739d1
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
08d75b5efe81a77e5662b604db053d1d0ff9e0d8e9625d480543e1c5b68afb49
09bc6f5fe9d77df8b5d63cf18019869153da22cce157fe512aed322903685b3a
0a4da92f4f7f1af10d9453a68d234cfb71d43fd5a83c5b251f69175c9ecf063b
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b44a96194b82e6d6379bfc9fda315abd6bd5d3f82757d732a1936b9c1690567
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0becc067af3efb0b3e42c3cadb863177c50c83426947d2cf2b20ab1a89bc1341
0cd3e20f32b0003a0426feba240180eb286ceebd0ba48bcfdb7b3f2b45eb2a09
0dfc54594423d966acd9818c9f917e9a09f0ae101d9d05e13a7bc9e3455a2d25
103633794a55ca326620203b8c516474932ed6f2585db98aae19458b648e9e35
11c5c6c1a3a50f78a352b3b15ce99e61342814eef13725d874c79bf370c07dc5
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a3f37468d71e7d2fefb26323e83b62d15c24ed3f07aea31c9ac14ee54ef6b7f
1adf637a791dd199225960a143ab19bbaa3ad803cd2893d5f3bff3a5e7f0594c
1b9a8338919e6e3eb18b68fcdb6a0d9768fa3374c1ab1e6d8150c88d350f9b0e
1c00dde66d17088d471de8599acc4c1721f9416acc07c2f9fdb4d7103d1d731e
1c5b4b6c48988a75d8b011d9324950a82da9b93f6efc82d390fa5f4ed58dd7a9
1c850554971fd0815ab530813c41947b41fd5485122fcc6ddad7e52554ca4c5f
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cea80ffc30d80158c46d24a373c07f3fd1f12b0964ec0960d54cc7476dbe5ae
1f2455813be8ff3d363e41018a7c00ec7932660ebdc17663f9b53081af2a5cde
211dc8588f711db179785e224fe895b50a4398e4c69ccfff61704fa2793f394d
220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9
22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2a7bb4a7dc1ca20c6fd785951a0e6881e83b8a10555bfc5b389c80ba72d236a8
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320c8a90b7645df34d162375610b84f7cc883e134e83dff35170d01ae2545503
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
3254b0c4685110561aece33f604a07923b63e4dfd91ea9bd691a65ca85455691
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36de75bd02ce5558320185a0130a692d36881ea372f1c24badaef00e30d4e8f2
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
39affe9402e1796f60ae6ea47415e8b515976cb76907c05778f96454e5eb9e9f
3a5b5a6cf23559a4bbdd47781d3113470871031199a11e6449cb4055ba4d63ba
3a7cdd2a8d457a3a736abdd116f27948e56ad18163f6f31bc4191240fe28e312
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab
3e520e6f9d499ce8fb77432f349c4a952aa098f3b76254de6d50504c4f51f730
3e79324060136d56dd5284191d7436cc9cca6c0b267a319dca0068160aaed044
3e9569df702eb478e6e7699775a0f555b64ef9e89d89a81742bc97c7803dba96
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
3f0d21ed99dd514e23c62900e74f9178645ff8e7df24471e1780d022fdf88af5
3f9660001e85696de25af9973353857f8890029cb744d86948018bb679d52c7a
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
4280cd4b56f2c32730c10b51d0f72b21d2a82f83104f1f450d3436d5166d692e
43cdc80307bb7996633d034718f6ac0aaa64ec111ba07b1bd54381c876b96b3f
463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4700eb8b971b735339c6d28127ff4da88fe0150ecaaea67a47c57eedd4837f1e
488ff211f9ef08255e3819c9f17fe2b3304302d9b50d95d5e2c34f357e503d6a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a592a0a94c5eb46d7460c27b035de7b282e7ff34782f439fe301971734dab31
4ada1ab36d79498691a5e1f161485d0aefa6f6611160e9183963d67e977a7690
4b97715f33424f5b90913a465dce8e16b844e7d7c7969f3499d9ff02b6121e86
4c589cc9e7b88d8ecd38d0f387a9e064403ff636828500e2271594d3f2a80e6a
4c72b1c67735919b96e020312fc966fb3228468048e68b105b5a186d9509435c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e58bf4f63bd87d87eacbf152657fef7120915f96dc3808ef9d021d108572919
4f1949e21d597e282a24f9a971964cc38fea30c795c1b02d864f8e22988d4571
4ff8200b5eae6b894e48e320b778d8066a942f00fab78157f655870f5dbc9833
5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
532aca381e108ff78e1f3ecc2f7d5da8aec40ce95e7e86268225be74cfe6bb0e
53af5ed578565db9709063020e4ca1edad7f2690b750076c0dc377105c4b7ced
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
598a8457413e85866a6501f257f380354f5dfb6f11ba2995668dc55d5c237bf5
5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d867d8101d7d263052fd7656e7e10f585b485c3c38cb96e2c7bca172f579491
5e957fa3b58e29758a1479660620644c2b29203302d32be915d693652e7a71f7
60553b12e1cecec323684ec8158d0fdcc8cc22ae5ee712fc104390e70637df74
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63d0d932deda2775e286593cb44f808b318a8b045485956e65ab96ab913f0772
6422dc989c7ed2f0e36102e17d4207dc8374dc040183e8b752e21f77f8e3a31c
65b96da852ea4de883fd2e49b48de5ad2d6c058e6b7c3121af414047235eb0bc
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66413d92e3b48b21f37de7968a4c6ee6dafb956f4963d0557959a3d10db2c492
6aa4aec3bf9cf0b1c0b6ac8db92c9c0126c3642e0ceb730601a0d2db7083cac3
6b91c314a391f29f536508c1d0fe320e16a71c187c49a6e56b70f5d5f46baeef
6da539f07c3d8cc7223365f1b263e0f4c4fd087648d245ce26b82a95c8d0574f
6e517f1f2da440c36103d61ae698974db84ded6b3ac8635a8c24d8ac8652c10d
7072ad8417323619b72631c2901a4e17c4d2ff8e2996621b8d5ff19b4aa8062a
71d289a4354a65025282f3bdcc13de8ba5582e41fb575830d0bdd774c257266d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74ae75f2a0b5bfeb97eda530c9edcc70313b2b094a9ca644d364b6b5152cfef9
79cb6ad70fe727e71d8973eba82c18b1b65652ea34507aa486729951ed9f84fa
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
7de327885eb13552b4d8343d92108ecd9f34c139b358c2e2e4573227be944949
7f4e942b89543c917fca335351a2bd1d968c5415f04b2054d01348bed12dd644
7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0
81a70095b3a5fa991379aed542b0c516d474db300a8839fbce87a233e3e628a7
81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7
82b26c270816480cac7ae6e6b713f4aa513bbfa78e68d5b6d2230ba9eb055519
83e33457cf3f5f17669a9c61326502f97e6aed5bead555f9842d783771391e43
845eb9ea29b7a5637e5caa0a807e46db1ad49dd0bfd4dd1145a6ea3e6895555f
867012b8a1d06615a588bd03812248123cf62fab0a2a7dea528379b2e48f61b2
87043a5c58ea9bb13cadca622b6e15c0308e580c628deef94c560ed885481777
87cdee81d90c79b44e31bfe161aeb99f4daf2e4f5925921707193950887873e1
8d64bacb8e64c89a9a6a53a577c6e6160a32284997086031d7e4ff6d1530c143
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e
8ef632787197eed4d48c94b8bf69add99b244a562f4927b491f8ec1f4d27e8e2
916f321e4a18a7ce0ffd5932be42b4f06cca5038c2c889adfd2c19b465fb3849
923ac60ae2b51d9cb2025f34d30e8188c5bdfb61e04f7d5c88908b56800c7ed0
936b50b08938f7307a68a6ee3066d2877b1327670461e8ddb46b3a062bb0c1ec
94190abd8e1637609b95ed3d56617defab97a7d0e91b29c07215c375e8cf7fd7
94dc350acb3e491e883e23665acdfe801c1559d67026fbcd533dfce70d5a6270
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b7217947ed1b02dede4d55614d127b3d7363fd7333579e2dc0568b6610867e3
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9e34b7da1840ce783b956d557b469c44e07bfc91b67088e0715fc2ae2a50b9ef
9e586a5a904fb4b87361c72262143f394cb513dab2bc1ece1a230a686def3505
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a1863860f40862a7df0b5316bc3805f213fa1c9fb01060bbd994d91dc140ee
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e20e17e33fe6f4b0488f8547af1e685ff73b8ece971d6c780db52c6391ab38
a7062bbc1bd1c251ef6a695a15890f217eeac5a19cf3f0f024d4a2702980dd2b
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a829930b8ab95c07ef602df21f922d5e2b13621d2499eaedcbc717bc8f01ac1a
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff
a87115a15c920c65256aba1ec1ae22d5d5bfad9a29a29b45365ef47f8894815c
a9813636d064a6c030d55ade3e86f5de6475ea07aa4bb75d2197f653bd8f60d9
a9af82253af29f75a7029a637ad811cf2ff6853a5a83f6594f89823dec5295a8
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac6d869df20b0af22707393356591215d6cef9ead59654ab8f7082c8cd40f6cd
acb44d3e0809d52dd8af3dc579ac584e30cd3b786b929908a3e38f6f9dd18d0d
ad264f14f1c41cb1ce408eda183c7f0efab4cb1f2d2e51a3c8afaa09867f3bf6
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b0a9edd9406b9e846d2613b16def49dca3d2307816622cb274acc4d0d2314245
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28212f4baadf3c72472e06c83eeb9f674659bc3390f8279644cc35c2b3cca60
b3fce6c522254e35e5dbbdd484afaacc4007ffc56c7cb235b9a6e7b15d3d6f5a
b419bc31d076c8dfb5c8423f024c9efa32e1c64d1d35fd36dce64d23ba5c0b51
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
bb8669fe8be7ece861db10641722bf450eb2531c334c8c9effcaf36e042d4ce4
bd3ca16bab51d6d28db453bceea8192a2f085b76ae1c065ad2771f437dbfab90
bd3f5325edc56946cd3b4a6b91db978707a82a52605e2cc70bb2e6ba4f60268f
bd9b3105907a46f1a808c0fc4b8223e88064cbb5a3606ad642b34b8168388566
be39d51a3750f8e0f401a2728d53878d56fda876dcea1adc842bf82320fa0797
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c
c0d8f3ac9fc525760b939918e38642ea90c0583b6432c9f955fdbaed0f32b19b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c2b14f3faab1ff78bc25ec1143035f67f3653c08c243adfa3772e33e52502a1a
c40ff6ff9b98734d7c65aeab0789dfbf66e6d02756c9a0c3bc1507faf3465e9e
c45f7962e7f9373e784ae65ffd3db85ee40a6d669fcabfe7cc8fed1cee57928e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ce1d83c141c0efd469c46097a827914115fb3f663b722b4ac8923d00234552c8
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d0fe3ad86715a79c216a36308c199b9aa0226286cde2bea5f2af79eb423aecd2
d31269b170b66c0893aabc6c7543e3391b73c67c8a5f47a99e4928baa021e2ad
d35c67d542078ebe3ed291cc13c0e270d15d7a3243db9397930b6d75364e568d
d7056179b94ee750ec70b4c01ac9ff7f6a06a3e48695847782d75abcf69cad3d
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065
d966ecd46380ed5fdc36aadcd4b5a4bbd65ba852833ce5e834a4e37380ac9535
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
dacdec6aa88bb9571d309c295248ee5b202de625eba8aaa232f863ad9ba9fed5
dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc
dd6e01f64a5f7bf74ca6382669abb62026e97b345f1998af768a301dbdd1322e
de33c2f61b55cd9016acde7f717bdaacdf9bf6913202e05a109a567db6a67a8d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df150d79798d66ff674d883d61686b8f05c6a4a1a577db593be6ea6958e0f14e
df44afd9580ba1b37743d8b9604e0f11fb0daabea9eeea20b0361aff8f1b068d
e041f359812b31ffb3d561c106435550a58d86540a0262a93e6e462624fada6f
e25535cd47b6e4b1c498c704e23e3a1a2f2aa8fcd987a3799232307652ea2dc6
e29c5881ea9a9c846f377ba4f105387ec5a504601f5d14dd9be3adf9cca23a02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e8227d4866b82bae76754a05c52ac806a3991d596ccca143193b855aace7dcda
e9673ca3b0535583388ed1d9ef9155833cc4fea22742618a10718d4b38a633aa
eb7992882aa0838cd9d41c9e9bcef9e10576c790b9a325c060e2a8ab00922876
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
ee9d41464ff0659fd5f2e67beaeff888ac540f69221099b55239b07939175a1a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef324e454b89334f2187a973b392f41c77806d03c07ee04bda65a0598c110ef8
ef89cf8be9babf5adc16097b5e2f7648c36bb75ae2da31b5323b121e5b483abb
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f65fd50c237ec7c056be9935030d62e9ab345ac7e426aaf5bec163746e4453b0
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7b0d40cf51e81dd002a6c80ea4dbbc30233e3db9b64f4a7ea3cc697f84787d5
f8436ca69ffda252efeca3241e9f358998cec316eff0daa622e947cc943d9a22
fe603a462731c86402f907607b6ee2a6674f0ebeb1a1a3ebc79c89fb327cad4a
fe665a455aceb9598500cae8ccd808cbffe5a3525c32cdc7bcbaa0e83a58ac0c
ff5799b9f16df468a868896c09b6b669ca707910d33dbc26d455e757d5148ecd
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

pcloak.blob.core.windows.net Open in urlscan Pro 20.60.220.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

433 Requests

90 %HTTPS

40 %IPv6

64 Domains

94 Subdomains

68 IPs

12 Countries

7357 kBTransfer

31882 kBSize

46 Cookies

0 Outgoing links

Redirected requests

433 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Screenshot
Live screenshot

Full Image

433
Requests

90 %
HTTPS

40 %
IPv6

64
Domains

94
Subdomains

68
IPs

12
Countries

7357 kB
Transfer

31882 kB
Size

46
Cookies

433 HTTP transactions
12 data transactions