urlscan.io logo urlscan.io
SecurityTrails logo

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36  Public Scan

Go To Rescan Add Verdict Report
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Submission: On June 06 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 102 IPs in 12 countries across 82 domains to perform 565 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.
This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 20.60.220.36 8075 (MICROSOFT...)
2 77.245.159.14 42868 (NIOBEBILI...)
3 94.138.206.83 49126 (AS49126)
1 2a00:1450:400... 15169 (GOOGLE)
40 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2a00:1450:400... 15169 (GOOGLE)
2 151.139.128.10 20446 (STACKPATH...)
1 23.206.208.114 16625 (AKAMAI-AS)
20 185.7.176.223 42910 (PREMIERDC...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
71 2a00:1450:400... 15169 (GOOGLE)
3 99.84.87.107 16509 (AMAZON-02)
14 2a00:1450:400... 15169 (GOOGLE)
1 35.241.45.217 15169 (GOOGLE)
1 34.102.243.38 396982 (GOOGLE-CL...)
2 185.7.176.222 42910 (PREMIERDC...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 18.66.190.43 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 3 216.52.2.48 30282 (AS-INAPCD...)
1 18.185.19.103 16509 (AMAZON-02)
5 2602:803:c003... 26667 (RUBICONPR...)
1 6 185.89.210.212 29990 (ASN-APPNEX)
3 85.111.6.48 9121 (TTNET)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 2.18.232.7 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 37.157.6.243 198622 (ADFORM)
1 2a00:1450:400... 15169 (GOOGLE)
38 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 35.157.134.200 16509 (AMAZON-02)
2 192.229.233.53 15133 (EDGECAST)
2 2600:9000:237... 16509 (AMAZON-02)
2 154.58.197.185 174 (COGENT-174)
8 2a00:1450:400... 15169 (GOOGLE)
30 52.19.198.230 16509 (AMAZON-02)
2 2600:1901:0:7... 15169 (GOOGLE)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
2 74.121.143.241 30419 (MEDIAMATH...)
18 70 142.250.186.98 15169 (GOOGLE)
3 5 185.80.39.216 27381 (CASALE-MEDIA)
1 5 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 213.155.156.184 1299 (TWELVE99 ...)
3 4 185.64.189.115 62713 (AS-PUBMATIC)
2 2 2600:9000:20c... 16509 (AMAZON-02)
3 185.86.138.155 201081 (SMARTADSE...)
7 10 51.89.9.253 16276 (OVH)
11 11 54.93.152.195 16509 (AMAZON-02)
2 35.244.159.8 15169 (GOOGLE)
1 4 104.111.217.42 16625 (AKAMAI-AS)
3 4 185.94.180.125 35220 (SPOTX-AMS)
3 3 3.75.62.37 16509 (AMAZON-02)
4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
6 3.33.220.150 16509 (AMAZON-02)
1 98.98.134.242 21859 (ZEN-ECN)
1 2 34.96.105.8 396982 (GOOGLE-CL...)
2 2 193.0.160.130 54312 (ROCKETFUEL)
3 3 2a05:d018:d29... 16509 (AMAZON-02)
2 2 76.223.111.18 16509 (AMAZON-02)
2 185.86.138.151 201081 (SMARTADSE...)
1 2 35.204.158.49 396982 (GOOGLE-CL...)
3 35.186.253.211 15169 (GOOGLE)
43 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 3 3.126.192.167 16509 (AMAZON-02)
2 2 151.101.2.49 54113 (FASTLY)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
8 142.250.185.66 15169 (GOOGLE)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
3 3 185.29.132.245 30419 (MEDIAMATH...)
7 7 37.157.6.242 198622 (ADFORM)
2 178.250.7.11 44788 (ASN-CRITE...)
1 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 3.122.8.193 16509 (AMAZON-02)
2 2 34.254.167.178 16509 (AMAZON-02)
4 138.201.63.117 24940 (HETZNER-AS)
1 2.18.233.201 16625 (AKAMAI-AS)
3 78.46.90.238 24940 (HETZNER-AS)
1 141.101.90.98 13335 (CLOUDFLAR...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 145.239.193.130 16276 (OVH)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
1 2 2a01:4f8:d0a:... 24940 (HETZNER-AS)
1 167.233.14.134 24940 (HETZNER-AS)
2 35.176.6.129 ()
1 2 142.250.186.166 15169 (GOOGLE)
1 1 94.23.99.218 ()
1 54.76.176.197 ()
1 2a00:1450:400... ()
1 3 23.56.205.163 ()
1 1 35.186.193.173 ()
2 2 54.228.185.250 ()
3 3 213.19.147.44 ()
2 108.138.36.15 ()
2 108.138.36.69 ()
1 2606:4700::68... ()
4 4 172.217.18.6 ()
4 4 84.200.5.215 ()
2 167.233.13.224 ()
1 23.35.236.188 ()
1 104.21.69.217 ()
2 23.56.202.187 ()
2 23.35.236.201 ()
5 35.241.34.106 ()
3 5 52.95.126.138 ()
3 5 69.173.144.138 ()
2 3 52.46.143.56 ()
4 4 69.173.144.139 ()
1 2620:1ec:21::14 ()
2 185.64.190.80 ()
4 185.64.189.110 ()
1 34.252.159.132 ()
2 2 34.111.129.221 ()
1 34.111.131.239 ()
3 4 54.84.97.211 ()
1 2 52.215.85.23 ()
4 3.8.42.199 ()
565 102
4    20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pcloak.blob.core.windows.net
2    77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com
www.cloakan.co
3    94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)
ye-mek.net
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
40    2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.ye-mek.net
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
images.dmca.com
1    23.206.208.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-114.deploy.static.akamaitechnologies.com
s7.addthis.com
20    185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
static.virgul.com
ng.virgul.com
ng2.virgul.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
17    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
71    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    99.84.87.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-87-107.muc50.r.cloudfront.net
c.amazon-adsystem.com
14    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
1    34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com
feed.pghub.io
2    185.7.176.222 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
c1.imgiz.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    18.66.190.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-190-43.muc50.r.cloudfront.net
aax.amazon-adsystem.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
10    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
3    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    18.185.19.103 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-19-103.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
5    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
3    85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns1.ttidc.com.tr
cpm.programattik.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
2    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
38    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    35.157.134.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-134-200.eu-central-1.compute.amazonaws.com
i.w55c.net
2    192.229.233.53 (Granada Hills, United States)

ASN15133 (EDGECAST, US)
cti.w55c.net
2    2600:9000:237d:a400:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)
ads.w55c.net
2    154.58.197.185 (United States)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com
t.hspvst.com
8    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
30    52.19.198.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
s.h.w55c.net
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
24    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    74.121.143.241 (United States)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
70    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
5    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
5    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
4    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2600:9000:20c3:b200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
10    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
11    54.93.152.195 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-152-195.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
4    104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com
sync.teads.tv
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
3    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
6    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    2a05:d018:d29:3605:4761:f2ea:372c:aa4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
43    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
3    3.126.192.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-192-167.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
8    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
7    37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
2    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    3.122.8.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-8-193.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
2    34.254.167.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-167-178.eu-west-1.compute.amazonaws.com
match.360yield.com
4    138.201.63.117 (Esslingen am Neckar, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de
hal9000.redintelligence.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
3    78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de
hal900019.redintelligence.net
1    141.101.90.98 (United States)

ASN13335 (CLOUDFLARENET, US)
portal.o2online.de
4    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    2a01:4f8:d0a:2321::2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
1    167.233.14.134 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de
futalis.de
2    35.176.6.129 (None, )

ASN- ()
track.webgains.com
2    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
5994599.fls.doubleclick.net
1    94.23.99.218 (None, )

ASN- ()
medialead.de
1    54.76.176.197 (None, )

ASN- ()
ad-server.eu
1    2a00:1450:4001:827::200a (None, )

ASN- ()
fonts.googleapis.com
3    23.56.205.163 (None, )

ASN- ()
www.awin1.com
1    35.186.193.173 (None, )

ASN- ()
gcm.ctnsnet.com
2    54.228.185.250 (None, )

ASN- ()
r.scoota.co
3    213.19.147.44 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
2    108.138.36.15 (None, )

ASN- ()
analytics.webgains.io
2    108.138.36.69 (None, )

ASN- ()
cdn.track.production.webgains.team
1    2606:4700::6812:7e05 (None, )

ASN- ()
www.conrad.de
4    172.217.18.6 (None, )

ASN- ()
ad.doubleclick.net
4    84.200.5.215 (None, )

ASN- ()
www.telefonica-partner.de
www.lead-alliance.net
2    167.233.13.224 (None, )

ASN- ()
partner.o2online.de
partner.blau.de
1    23.35.236.188 (None, )

ASN- ()
acdn.adnxs.com
1    104.21.69.217 (None, )

ASN- ()
biddr.brealtime.com
2    23.56.202.187 (None, )

ASN- ()
eus.rubiconproject.com
2    23.35.236.201 (None, )

ASN- ()
ads.pubmatic.com
5    35.241.34.106 (None, )

ASN- ()
c.4dex.io
5    52.95.126.138 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
5    69.173.144.138 (None, )

ASN- ()
pixel.rubiconproject.com
3    52.46.143.56 (None, )

ASN- ()
s.amazon-adsystem.com
4    69.173.144.139 (None, )

ASN- ()
token.rubiconproject.com
1    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
2    185.64.190.80 (None, )

ASN- ()
simage2.pubmatic.com
4    185.64.189.110 (None, )

ASN- ()
image2.pubmatic.com
1    34.252.159.132 (None, )

ASN- ()
sync.crwdcntrl.net
2    34.111.129.221 (None, )

ASN- ()
cr.frontend.weborama.fr
1    34.111.131.239 (None, )

ASN- ()
idsync.frontend.weborama.fr
4    54.84.97.211 (None, )

ASN- ()
a.audrte.com
2    52.215.85.23 (None, )

ASN- ()
unilever.demdex.net
4    3.8.42.199 (None, )

ASN- ()
api.webgains.io
Apex Domain
Subdomains		 Transfer
119 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
937 KB
114 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 221
googleads.g.doubleclick.net — Cisco Umbrella Rank: 51
cm.g.doubleclick.net — Cisco Umbrella Rank: 231
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 351
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 373137
ad.doubleclick.net
433 KB
43 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 324
1 MB
43 ye-mek.net
ye-mek.net — Cisco Umbrella Rank: 437805
cdn.ye-mek.net
653 KB
39 w55c.net
i.w55c.net — Cisco Umbrella Rank: 2168
cti.w55c.net — Cisco Umbrella Rank: 3710
ads.w55c.net — Cisco Umbrella Rank: 11648
s.h.w55c.net — Cisco Umbrella Rank: 10481
pm.w55c.net — Cisco Umbrella Rank: 896
256 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 27106
ad4m.at — Cisco Umbrella Rank: 9491
assets.ad4m.at
1 MB
20 virgul.com
static.virgul.com — Cisco Umbrella Rank: 56516
ng.virgul.com — Cisco Umbrella Rank: 49823
ng2.virgul.com — Cisco Umbrella Rank: 54223
233 KB
17 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 975
fastlane.rubiconproject.com — Cisco Umbrella Rank: 523
eus.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
23 KB
13 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 541
image6.pubmatic.com — Cisco Umbrella Rank: 762
ads.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
27 KB
12 google.com
adservice.google.com — Cisco Umbrella Rank: 103
www.google.com — Cisco Umbrella Rank: 3
1 KB
12 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 348
aax.amazon-adsystem.com — Cisco Umbrella Rank: 440
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
66 KB
11 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 340
4 KB
10 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 826
3 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
541 KB
9 adform.net
adx.adform.net — Cisco Umbrella Rank: 4102
c1.adform.net — Cisco Umbrella Rank: 598
dmp.adform.net
6 KB
8 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1494
mp.4dex.io — Cisco Umbrella Rank: 2461
c.4dex.io
25 KB
7 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 39018
hal900019.redintelligence.net — Cisco Umbrella Rank: 288083
53 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 239
acdn.adnxs.com
45 KB
6 webgains.io
analytics.webgains.io
api.webgains.io
63 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 365
2 KB
6 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 315
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 452
3 KB
6 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 4700
sync.mathtag.com — Cisco Umbrella Rank: 518
pixel.mathtag.com — Cisco Umbrella Rank: 1111
5 KB
5 openx.net
us-u.openx.net — Cisco Umbrella Rank: 474
rtb.openx.net — Cisco Umbrella Rank: 1176
824 B
5 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 802
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 595
551 B
5 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 808
s.tribalfusion.com — Cisco Umbrella Rank: 2005
3 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 475
4 KB
5 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1450
sync.teads.tv — Cisco Umbrella Rank: 1314
1 KB
4 audrte.com
a.audrte.com
3 KB
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3164
413 B
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 741
2 KB
4 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5220
1 KB
4 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 149238
static-de.ad4mat.net — Cisco Umbrella Rank: 199940
8 KB
4 windows.net
pcloak.blob.core.windows.net
3 KB
3 weborama.fr
cr.frontend.weborama.fr
idsync.frontend.weborama.fr
897 B
3 awin1.com
www.awin1.com
2 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 59316
medialead.de
1 KB
3 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 748
dis.criteo.com — Cisco Umbrella Rank: 587
914 B
3 programattik.com
cpm.programattik.com — Cisco Umbrella Rank: 52678
424 B
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 718
2 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8155
818 B
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 398
imasdk.googleapis.com — Cisco Umbrella Rank: 486
fonts.googleapis.com
155 KB
2 demdex.net
unilever.demdex.net
2 KB
2 lead-alliance.net
www.lead-alliance.net
685 B
2 telefonica-partner.de
www.telefonica-partner.de
441 B
2 webgains.team
cdn.track.production.webgains.team
18 KB
2 1rx.io
sync.1rx.io
2 KB
2 scoota.co
r.scoota.co
1 KB
2 webgains.com
track.webgains.com
4 KB
2 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 210306
6 KB
2 o2online.de
portal.o2online.de — Cisco Umbrella Rank: 68686
partner.o2online.de
2 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2279
810 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4662
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 952
r.turn.com — Cisco Umbrella Rank: 3464
869 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 569
59 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 702
903 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 870
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 402
950 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 859
2 KB
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2034
570 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 764
879 B
2 hspvst.com
t.hspvst.com — Cisco Umbrella Rank: 133454
2 KB
2 imgiz.com
c1.imgiz.com — Cisco Umbrella Rank: 93434
131 KB
2 pghub.io
pghub.io — Cisco Umbrella Rank: 1962
feed.pghub.io — Cisco Umbrella Rank: 8248
6 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
88 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 12805
6 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
90 KB
2 cloakan.co
www.cloakan.co
1 KB
1 crwdcntrl.net
sync.crwdcntrl.net
265 B
1 linkedin.com
px.ads.linkedin.com
650 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 blau.de
partner.blau.de
1 KB
1 conrad.de
www.conrad.de
473 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
574 B
1 ctnsnet.com
gcm.ctnsnet.com
609 B
1 ad-server.eu
ad-server.eu
312 B
1 futalis.de
futalis.de — Cisco Umbrella Rank: 414546
401 B
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 247327
931 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1588
586 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
187 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
21 KB
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 2020
0 emxdgt.com Failed
hb.emxdgt.com Failed
565 82
Domain Requested by
71 pagead2.googlesyndication.com static.virgul.com
pagead2.googlesyndication.com
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
s0.2mdn.net
ye-mek.net
70 cm.g.doubleclick.net 18 redirects googleads.g.doubleclick.net
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
ye-mek.net
eus.rubiconproject.com
43 s0.2mdn.net pcloak.blob.core.windows.net
s0.2mdn.net
ye-mek.net
40 cdn.ye-mek.net ye-mek.net
cdn.ye-mek.net
38 tpc.googlesyndication.com 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
pcloak.blob.core.windows.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
ye-mek.net
30 s.h.w55c.net cti.w55c.net
s.h.w55c.net
17 securepubads.g.doubleclick.net static.virgul.com
securepubads.g.doubleclick.net
pcloak.blob.core.windows.net
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
www.googletagservices.com
13 googleads.g.doubleclick.net pagead2.googlesyndication.com
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
12 assets.ad4m.at as.ad4m.at
11 x.bidswitch.net 11 redirects
10 onetag-sys.com 7 redirects 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
10 www.googletagservices.com 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
10 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
9 ng.virgul.com static.virgul.com
ye-mek.net
8 googleads4.g.doubleclick.net pcloak.blob.core.windows.net
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
as.ad4m.at
googleads.g.doubleclick.net
ad4m.at
8 www.google.com 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
7 static.virgul.com ye-mek.net
static.virgul.com
pcloak.blob.core.windows.net
6 c1.adform.net 6 redirects
6 match.adsrvr.org 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
static.virgul.com
eus.rubiconproject.com
ads.pubmatic.com
6 ib.adnxs.com 1 redirects static.virgul.com
googleads.g.doubleclick.net
acdn.adnxs.com
5 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
5 aax-eu.amazon-adsystem.com 3 redirects eus.rubiconproject.com
ads.pubmatic.com
5 c.4dex.io pcloak.blob.core.windows.net
5 fastlane.rubiconproject.com static.virgul.com
4 api.webgains.io analytics.webgains.io
4 a.audrte.com 3 redirects ads.pubmatic.com
4 image2.pubmatic.com ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 ad.doubleclick.net 4 redirects
4 hal9000.redintelligence.net pcloak.blob.core.windows.net
hal900019.redintelligence.net
4 ng2.virgul.com ye-mek.net
4 dclk-match.dotomi.com 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 sync.teads.tv 1 redirects googleads.g.doubleclick.net
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
4 image6.pubmatic.com 3 redirects ads.pubmatic.com
4 d5p.de17a.com 4 redirects
4 a.tribalfusion.com 1 redirects googleads.g.doubleclick.net
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5994599.fls.doubleclick.net
4 pcloak.blob.core.windows.net pcloak.blob.core.windows.net
3 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 www.awin1.com 1 redirects as.ad4m.at
3 hal900019.redintelligence.net hal9000.redintelligence.net
hal900019.redintelligence.net
3 sync.mathtag.com 3 redirects
3 pm.w55c.net 3 redirects
3 rtb.openx.net 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
3 pr-bh.ybp.yahoo.com 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 ssbsync.smartadserver.com 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
3 cpm.programattik.com static.virgul.com
3 ap.lijit.com 2 redirects static.virgul.com
3 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 c.amazon-adsystem.com static.virgul.com
c.amazon-adsystem.com
3 ye-mek.net www.cloakan.co
ye-mek.net
2 unilever.demdex.net 1 redirects ye-mek.net
2 cr.frontend.weborama.fr 2 redirects
2 simage2.pubmatic.com ads.pubmatic.com
2 ads.pubmatic.com static.virgul.com
ads.pubmatic.com
2 eus.rubiconproject.com static.virgul.com
eus.rubiconproject.com
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 cdn.track.production.webgains.team 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
as.ad4m.at
2 analytics.webgains.io track.webgains.com
2 sync.1rx.io 2 redirects
2 r.scoota.co 2 redirects
2 5994599.fls.doubleclick.net 1 redirects pcloak.blob.core.windows.net
2 track.webgains.com pcloak.blob.core.windows.net
as.ad4m.at
2 cdn.retailads.net 1 redirects futalis.de
2 pv.medialead.de 1 redirects hal900019.redintelligence.net
2 match.360yield.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 dis.criteo.com googleads.g.doubleclick.net
ads.pubmatic.com
2 static.criteo.net static.virgul.com
static.criteo.net
2 sync-tm.everesttech.net 2 redirects
2 static-de.ad4mat.net as.ad4m.at
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 eb2.3lift.com 2 redirects
2 p.rfihub.com 2 redirects
2 tr.blismedia.com 1 redirects 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
2 us-u.openx.net googleads.g.doubleclick.net
2 s.ad.smaato.net 2 redirects
2 tags.mathtag.com 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
tags.mathtag.com
2 prod-rtb.ad4mat.net pcloak.blob.core.windows.net
googleads.g.doubleclick.net
2 t.hspvst.com 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
2 ads.w55c.net 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
2 cti.w55c.net 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
2 i.w55c.net pcloak.blob.core.windows.net
2 adx.adform.net static.virgul.com
2 script.4dex.io static.virgul.com
script.4dex.io
2 c1.imgiz.com static.virgul.com
c1.imgiz.com
2 connect.facebook.net ye-mek.net
connect.facebook.net
2 images.dmca.com ye-mek.net
2 www.googletagmanager.com ye-mek.net
adv.office-partner.de
2 www.cloakan.co pcloak.blob.core.windows.net
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 biddr.brealtime.com static.virgul.com
1 acdn.adnxs.com static.virgul.com
1 partner.blau.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.conrad.de as.ad4m.at
1 sync.targeting.unrulymedia.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 fonts.googleapis.com hal900019.redintelligence.net
1 ad-server.eu 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
1 medialead.de 1 redirects
1 futalis.de hal900019.redintelligence.net
1 adv.office-partner.de hal900019.redintelligence.net
1 portal.o2online.de ye-mek.net
1 pixel.mathtag.com tags.mathtag.com
1 ssum-sec.casalemedia.com 1 redirects
1 r.turn.com 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 pixel-sync.sitescout.com 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
1 s.tribalfusion.com 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
1 imasdk.googleapis.com c1.imgiz.com
1 mp.4dex.io static.virgul.com
1 a.teads.tv static.virgul.com
1 bidder.criteo.com static.virgul.com
1 hbopenbid.pubmatic.com static.virgul.com
1 prebid-server.rubiconproject.com static.virgul.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 feed.pghub.io pghub.io
1 pghub.io static.virgul.com
1 www.google-analytics.com www.googletagmanager.com
1 s7.addthis.com ye-mek.net
1 ajax.googleapis.com ye-mek.net
0 hb.emxdgt.com Failed static.virgul.com
565 134

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2023-03-22 -
2024-03-22		 a year crt.sh
cpanel.cloakan.co
R3		 2023-05-03 -
2023-08-01		 3 months crt.sh
www.ye-mek.net
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-11-29 -
2023-07-07		 7 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
1099124734.rsc.cdn77.org
R3		 2023-04-04 -
2023-07-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
images.dmca.com
R3		 2023-05-13 -
2023-08-11		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
*.virgul.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-24 -
2023-09-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-15 -
2023-06-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-08		 a year crt.sh
*.imgiz.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-27 -
2023-09-09		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.programattik.com
GeoTrust RSA CA 2018		 2022-10-25 -
2023-10-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
teads.tv
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-31 -
2023-08-31		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.w55c.net
Amazon RSA 2048 M02		 2023-05-30 -
2024-06-27		 a year crt.sh
ads.w55c.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-30 -
2024-06-29		 a year crt.sh
*.hspvst.com
Gandi Standard SSL CA 2		 2022-12-12 -
2023-12-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
h.w55c.net
R3		 2023-06-03 -
2023-09-01		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-06-04 -
2023-09-02		 3 months crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-04-12 -
2023-07-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
redintelligence.net
R3		 2023-04-10 -
2023-07-09		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
portal.o2online.de
E1		 2023-05-25 -
2023-08-23		 3 months crt.sh
pv.medialead.de
R3		 2023-04-15 -
2023-07-14		 3 months crt.sh
adv.office-partner.de
R3		 2023-05-01 -
2023-07-30		 3 months crt.sh
*.futalis.de
R3		 2023-04-17 -
2023-07-16		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G2		 2023-05-18 -
2024-05-17		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2023-01-23 -
2024-02-24		 a year crt.sh
c.4dex.io
GTS CA 1D4		 2023-05-04 -
2023-08-02		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh

This page contains 67 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Frame ID: 7FB8F79BB4B4911087E87EDEC5009AD6
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: 371CF80AFA67FE00CC1BE60EB532D2F4
Requests: 125 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 8E7252D86C044311891353A604571DCF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html
Frame ID: CE45780184C60E685C6435D6FB1BB41E
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 601231A143496893F2C964656E7F9A24
Requests: 1 HTTP requests in this frame

Frame: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 222FCE83283D88D22475ABC7DAD25BE4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011143305&bpp=4&bdt=473&idt=168&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&nras=1&correlator=3070194810937&frm=24&ife=1&pv=2&ga_vid=507540644.1686011143&ga_sid=1686011143&ga_hid=1107654582&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31075067%2C44772268%2C44788441&oid=2&pvsid=1123457220321230&tmod=2103150481&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ljfsm6kqz6gh&fsb=1&dtd=182
Frame ID: B723CC3199A409D8D252E311E2745DFB
Requests: 1 HTTP requests in this frame

Frame: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 91850F19A6FDD5E0F5158EB85044455F
Requests: 13 HTTP requests in this frame

Frame: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B01F0EF7459E534C5B8315A425241699
Requests: 29 HTTP requests in this frame

Frame: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 58C46CC633880DE3281C0CFEB8FF4D82
Requests: 29 HTTP requests in this frame

Frame: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C106B2A548E2A9652341AFB304FDBAD1
Requests: 9 HTTP requests in this frame

Frame: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: CEF4D0FB1A7A1B5FB327ECD81B9094A8
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E19D13A4EEA1EAA8DE671904981ADB7A
Requests: 9 HTTP requests in this frame

Frame: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: BE1B1DAFD61B33445D6021A798A2D0EF
Requests: 19 HTTP requests in this frame

Frame: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 9038CFDEDE227283F6024CEA7385AB7E
Requests: 20 HTTP requests in this frame

Frame: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: AD7AFAF7B5AACFB75CA1F19E30A1AF6D
Requests: 20 HTTP requests in this frame

Frame: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 52E1C0B058A57E7E02258F1E5DFEE623
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6E7D625976689072137BC69F7B588B3F
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hcjd31yrza1r1bdnqf7rq0adh7qnady4dtnest6p1vxzg39964gmp7q4actcefghas8h1j8ctt8g7ygxrs3mwgdtn06qvh5v6s7tv9hjgjbr3c66sznn559v102btr8ctnyywjcfkzgkny10zsgmqtr17wjgtgf873y0hpqght2x2w7xtpk0kc7r5808k0arnar6wy66nggw0sc8w8f2v5f9k7bs32b8z1nvx6erg3e9p3r2cvf2s1c6hbj8jn4xbg09jw7p3wbtak7wf3s0xw9wna68vzfn1g1f9ge22gdw1s3a94a84avqgvc7t2fz8fqjh2q5rq36nvhv2mr267cs818f92yfvbdrkez21jjh1v2wpkjjhwefvsj9bhk567am6grbhzrg74wddnxg2j5q8bccvvbczer1281qadb84zwvgsqa6xkfgspp12wyccsamwg1w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Frame ID: D07C0BB69CD069E13632200BA93D3444
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CAE88C543CE11D57B3A6EC054D19AF1F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjW2LLlATAB&v=APEucNXJwrbw-fgnhsY4CEfv78pVgwP-2gpvgPqjA-fZS7RIT0cEySSg5RWPiYnsCHYpQ4tHeRptMLHGMGR7B3cZTRyl0_pnNAI3zQNzAgQHfNoCYmW-6rMos8_vGEooAsum7nX8ZkoJNDz3V86OrnsUJfKZF6WYQ5zUCMi-cmEfE-Kri3qGInQ
Frame ID: 51B0743043349FD610337C8E99456B5D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjtnrXcATAB&v=APEucNU5S1MLOm7P94nhl0CDzrtaKdjq68xPPU1n7_ARZ_nu-5uiLZa6y2YpRBb0bH0qSwJCqvB5kQ1A9KnkZpj6cJk1cZcrNCVzVg-q5LNdV4cG4NAzzHK83dI3rzSRDOJPITz2phZA2RI6wxfDuRs8YSaDHbBbmRW5q-M_zEazj2vCqQlhqiA
Frame ID: 10763808BF66E72F2656636D71574756
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARj8x7LlATAB&v=APEucNURQ4Ld13H704HYXZn8_WEnjRsxvDTzA5ITTWu_wIrcyjAoTzEMhj36fm4O0As4Z4VzKU96WgszVvM-0MciPCrUe4GDFELL8BEw4Mbr3YqQDyFPvWu4ApBIjG1hsgOWSgQeHEShIQQbg4_1NGY6d8VjjjP7Y9BK9eaYzqIB9cAny7lORe4
Frame ID: C8BF2875F0153FD796ED5255A40169DC
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARj8x7LlATAB&v=APEucNUDslr2HpBzEZIF_EBlbISqH4iqy2BIKEYkx_UhSPouvrA2tbNhPEVKZcH50jbU9DSPLWkcEmXBOqYZMEyxZU76adKOvj4elv4mmHsMlKnQDaHJ7CCubWdHtYah3mAWuK-bMZuV07QL1x_vX6XyUPUyEhkL-V6qXsedSC2XQFUTAKzqnAQ
Frame ID: D368ECDAC3FB5F60365D3B53E64EF97B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144137&bpp=14&bdt=274&idt=328&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&nras=1&correlator=801930230126&frm=8&ife=1&pv=2&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ix2png1mcbo&fsb=1&dtd=351
Frame ID: 87503D9C57E084203273C5DCA0B04BF7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
Frame ID: 036E8B3D298CC8E9FF165AE6D7A7BE49
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 43413556D4B98D3FD3AB00AEE1222515
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k4pasxdxbbk21k35bcspnp9szxbvb1d22ewq7zyg0e7mahk85x1c0jbjesx6rbgvp09nmcpzdvk9zhe6q8222e8j1kffjsddqa1yxnp27xqskgp4zg9pzbxv9hqty2eca68sat7b3rf0mzajrr287v79k3s42e2ej222tqa44h7z6q343ee47cqqqv8aqssqyf8jceywe6hyy3cgr1a6g2z5sjmsqz00t5409e5pc5695qamf9qf8epd3mfwrrxydk61d0zqbpjk7fxfew90z60vac3hwqc0s0ht5579h8q9tjqe32yw0kwevkj8893dt7shpxazj57pa9qh9wmr352568nayf40cp37vr2h90zd8xyt9x34c4vp9skywb8w72rh2dvxa4b8zam68f5pqa2fed7djx4etssh0xbdgwys4rdyvz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%26client%3Dca-pub-6593523210010154%26adurl%3D
Frame ID: BB7B5BA04D3722D549352FAE54FC04C9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B4568EF91ABAC3C61DC063D8F6760813
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 717A1D6C3C2E6734390FC28C2FAD70D1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FF54F1A516050E89DF44B6A816FB0A8B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 47249971494B6C18E985339C74CCF131
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8DD8BB91E1A6035E670C453E96CC83E7
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=Jh16DUuzep&t=1&renderingType=2&ev=01_250
Frame ID: 347D5778AE06DC3439B0AAE9EA7F2599
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=zAegWTeLAt&t=1&renderingType=2&ev=01_250
Frame ID: 6550F99003EC15CAF5ABB97760F21F0B
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=y252AtZlG8&t=1&renderingType=2&ev=01_250
Frame ID: 4D96168661978A7864BCA00E3B5E8D7B
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 127A33E1E90C38378437E2248300077B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=Wmdgo3dw3L&t=1&renderingType=2&ev=01_250
Frame ID: CB2F1F00D3096DF417A4F208BAAD832C
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9163225C669D90D2B47FA99D591B83DC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 34D9A2A364DBAE05FA56BC39A902CFBF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8D86AFEA4B4E760CF548357FEEB7BA64
Requests: 3 HTTP requests in this frame

Frame: blob://https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/7ff603f7-461e-4820-8619-d65dbebb58d3
Frame ID: D33A4C847FEF20B40F270F11DE223040
Requests: 1 HTTP requests in this frame

Frame: blob://https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/ac2c9ff6-58cc-426d-b157-dd6d14422842
Frame ID: C5238C7B5C77F6580E94E16CCC920D11
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4021A6D296667EED696C06DCC493E9FF
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=73181600004838100951389012347019&gdpr=1&consent=1&gdpr_consent=li
Frame ID: A4F543A8CF2375B0F1C82C6789912508
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: F6813BE812747A4FE94C613A069DA6B0
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2769703075
Frame ID: DA1B9E5B6F85DB721E08C48BC47C0ECE
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNriuPuwrf8CFSMdBgAdCr0M9A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2683329017935.081
Frame ID: 6B40EA19FCFEA53CFA56A359F29EAFA0
Requests: 2 HTTP requests in this frame

Frame: https://hal900019.redintelligence.net/request_content.php?s=73181600004838100951389012347019&a=de5979d5
Frame ID: A1A954E8776CC25F6C05ABCE46FD5B56
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D8E4D5073BD79F807294C0D9E67EB50A
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=919617d6710dead59f2912fabff3d1ca%2F12388881068457119529&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686011145721&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j6e702kjcjt54137b6hdq9h2ezh4drb1recj72nxdda3wdhkxxkn6zrj2wbtz19t9y4xmyn620yt3b1m3wfcz20cnfdk3wzpd1c2xvarbkeqd4zwrassj07vp38efw334smmz5fgndc1sscv8jt52npkbw6a6t1yme293c73rmhmjnqh3wehekrdzsp3fep9vm4902rrm875y68ezyp0b3esc70akpp4zwyzy0nkjrr7wzs437tamdqm1j779zdx2q9rrghkgm60hwd5yp5a77yd4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Frame ID: 9F200D428F04AE6976764782731EEAE1
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Frame ID: 84935D4A36E2AB80381014DABAA6212E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Frame ID: 031051464C9C7A1BBC261786A9DB80A9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Frame ID: 983700BB6118682A15FCB36D48A861C8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 17AF61FB0A88C75729C8879070AEC500
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 830D34A7F9D4255CB63842598F7181AB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Frame ID: 77095336AC179F4FCDAB89FDB657AEB2
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=141546094973574f76a6a2258b313ed6%2F5876744579672059674&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1686011146167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hhgwqmx1b34getmeh4gc01fp8nrfdp0dqgcmht00hbgdv2ffn0yhtgggx56snpeeqkrcnced8esyqtb17pmw2mh6sr4d36qgqh8tet3xrffkqr5cky8cwk06s0beety7w9jc8ac54azq28sn1kgqsy9v8srv5n4a051hc5k131gnkz84r2m4660e67mas3z4eataqf8ksztmfk55wm9sfds338y221vrp7atpeb2s0pc1wfe7468zz1vyskqyxw2j6kewvn9jcv9rw0p2sg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Frame ID: 7FFF5A4854E83F0D0007F445EBD67111
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 850FE83426C6CCB3484163D7AA01F9C9
Requests: 3 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: A4CABBC2140221A2DC7410463F6D567D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 70DB38D0A07FB0EC5FDD34F598F8592B
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Frame ID: 9C975741621C8117436726ACBE9B2A2D
Requests: 11 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee4f647e-7d08-4701-8048-f4585cfb89e9&gdpr=0&gdpr_consent=
Frame ID: 3B63EE4BE30784FBBAAB9B459F89A0B2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526031689692
Frame ID: B058CDEA50095DAE420FF58D569DE8F5
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 031C92257BF32723059D356972B8F377
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6630368038902902732
Frame ID: 62D98A1E400B50F38D3E258E81B6093E
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5714AADD-CF7B-487F-9FF4-A18548D62033&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 7A1F3ED078F07BEF4CA028029DF748DC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

565
Requests

86 %
HTTPS

29 %
IPv6

82
Domains

134
Subdomains

102
IPs

12
Countries

6177 kB
Transfer

13322 kB
Size

43
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAHS1eqbaTYQpPAZLkfh0W0&google_cver=1
Request Chain 206
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH59CDnJEKWdTUIPerALDAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAHS1eqbaTYQpPAZLkfh0W0&google_cver=1
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECN5DMW9x0UUl3TGrunZuQo&google_cver=1
Request Chain 208
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2NDYwMzMwNjczMjM0ODkzMA%3D%3D
Request Chain 209
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFtO-38ed7dvVcC5KdIgHV0&google_cver=1&google_push=ATf1kGOgk8nxfQx7urhQ8CC5hpCoSuxrz3LPmULKj2jFCH4QgyoB6nj9MpJQqFq4H7widI86ZbIBTEvNKfl5aSo1tgER5FngVg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOgk8nxfQx7urhQ8CC5hpCoSuxrz3LPmULKj2jFCH4QgyoB6nj9MpJQqFq4H7widI86ZbIBTEvNKfl5aSo1tgER5FngVg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFtO-38ed7dvVcC5KdIgHV0&google_cver=1&google_push=ATf1kGOgk8nxfQx7urhQ8CC5hpCoSuxrz3LPmULKj2jFCH4QgyoB6nj9MpJQqFq4H7widI86ZbIBTEvNKfl5aSo1tgER5FngVg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOgk8nxfQx7urhQ8CC5hpCoSuxrz3LPmULKj2jFCH4QgyoB6nj9MpJQqFq4H7widI86ZbIBTEvNKfl5aSo1tgER5FngVg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 210
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEAfDoOxcm-T5717R2Av1JPs&google_cver=1&google_push=ATf1kGPoYL8E-B9oMTQwoQACbg1ihCRsxDaT29A5lGkRU5ElGO5tvQbrBBhvItVIS4SqEgng1Xuldpt67PxAZvNeMSAAvwkAIV4 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAfDoOxcm-T5717R2Av1JPs&google_cver=1&google_push=ATf1kGPoYL8E-B9oMTQwoQACbg1ihCRsxDaT29A5lGkRU5ElGO5tvQbrBBhvItVIS4SqEgng1Xuldpt67PxAZvNeMSAAvwkAIV4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPoYL8E-B9oMTQwoQACbg1ihCRsxDaT29A5lGkRU5ElGO5tvQbrBBhvItVIS4SqEgng1Xuldpt67PxAZvNeMSAAvwkAIV4
Request Chain 211
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEypFe5uHryY_7bbuqtvsSE&google_cver=1&google_push=ATf1kGNcuO60kvDvx_ZSK7AHS_EPsbUt9VE1LZG-xcyUodx-3f-d8kSQwZEjkcHvpTrZTR-9dNmWmePnIY86VjoqBlirTQkT_AA HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEypFe5uHryY_7bbuqtvsSE&google_cver=1&google_push=ATf1kGNcuO60kvDvx_ZSK7AHS_EPsbUt9VE1LZG-xcyUodx-3f-d8kSQwZEjkcHvpTrZTR-9dNmWmePnIY86VjoqBlirTQkT_AA&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VxSq3c97SH-f9KGFSNYgMw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNcuO60kvDvx_ZSK7AHS_EPsbUt9VE1LZG-xcyUodx-3f-d8kSQwZEjkcHvpTrZTR-9dNmWmePnIY86VjoqBlirTQkT_AA
Request Chain 212
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFhzBK4-nlnVqspKxbmCBHA&google_cver=1&google_push=ATf1kGO1OQWZ-uCL0qv1ZL7lFecOSpIV_g6aamnsxEGuQLtJRwgYfUaJ8YJ-ZDtfvhtQfanzX6Vn7I5BlJpyhBYAyubT31grig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGO1OQWZ-uCL0qv1ZL7lFecOSpIV_g6aamnsxEGuQLtJRwgYfUaJ8YJ-ZDtfvhtQfanzX6Vn7I5BlJpyhBYAyubT31grig
Request Chain 214
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAqUAIdJh1j-I1_qN8fFW8k&google_cver=1&google_push=ATf1kGMg6yPBj_spQAFQtnbq2QpIL78FQH_nzw9oAHudOHXWuf-8S_4L25ILq2lVe9AADPcJ0Ep7itHGonj7y1XhdLN-75cdxRk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMg6yPBj_spQAFQtnbq2QpIL78FQH_nzw9oAHudOHXWuf-8S_4L25ILq2lVe9AADPcJ0Ep7itHGonj7y1XhdLN-75cdxRk HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 215
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJ9t0svxJJ4ET1ug0tzFl_w&google_cver=1&google_push=ATf1kGOPWR_e4atjGG9ld3zYqLZ2OGTLR4k5Z_FhaaTgzbhOBRE-gmIPp6Q-8nkAuIPSnQtVLP0SQ_PHPZ6wR7lzKEgp_L4cySuk HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJ9t0svxJJ4ET1ug0tzFl_w&google_cver=1&google_push=ATf1kGOPWR_e4atjGG9ld3zYqLZ2OGTLR4k5Z_FhaaTgzbhOBRE-gmIPp6Q-8nkAuIPSnQtVLP0SQ_PHPZ6wR7lzKEgp_L4cySuk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2491c702-9fd3-45cc-8641-cf941e071983&%%GOOGLE_PUSH_PAIR%%
Request Chain 222
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKVoy8E2CZr28PCOUPIGUnw&google_cver=1
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEE5BLCIvk9QVOgR9F8Tt_1Q&google_cver=1
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECQ-O8a1pzY7Xbtq44Q7eLY&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECQ-O8a1pzY7Xbtq44Q7eLY&google_cver=1&__user_check__=1&sync_id=ad27f4fd-0400-11ee-899a-1d21b9eb0506
Request Chain 230
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=ad2239e7-0400-11ee-9a8f-1eddb0c50206 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YWQyMjM5OTgtMDQwMC0xMWVlLTlhOGYtMWVkZGIwYzUwMjA2
Request Chain 231
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1DUHJMeUFwRTJ1RVNnTE00OXZhaTlOd2YxRllaV0J2bn5B
Request Chain 236
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKIRyWkobNipCqAXWNFLgRM&google_cver=1&google_push=ATf1kGMcbS0P3AVwMgkX4DX5bQMIA-axdhxgvWB_AYAPYHpZlKOITY1wl9HifQpyKTSeyKwNGcArSWaXzCmnB-kHREB3rKbGpsc HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329526031689692&expires=30&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMcbS0P3AVwMgkX4DX5bQMIA-axdhxgvWB_AYAPYHpZlKOITY1wl9HifQpyKTSeyKwNGcArSWaXzCmnB-kHREB3rKbGpsc&google_hm=JJHHAp_TRcyGQc-UHgcZgw==
Request Chain 237
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMbUGrPnh5WLtuFDdz86deY&google_cver=1&google_push=ATf1kGOws8-1vgQM0b3kngtn5zjf02CPua3yvVhd1EW-EPEbon1HMzMOxRnw2fBjbR-fIOAn7ztYD3yTFTN8l2PFJQ2-Tg64wLc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOws8-1vgQM0b3kngtn5zjf02CPua3yvVhd1EW-EPEbon1HMzMOxRnw2fBjbR-fIOAn7ztYD3yTFTN8l2PFJQ2-Tg64wLc&google_hm=eS1RendxbTlGRTJwRVhQM1VwbFl0VklsT1JMQUJxUTFWSX5B
Request Chain 238
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJifla21yqHt-19awDXwnU0&google_cver=1&google_push=ATf1kGOWrbvPwRaad4reH7OwAOr0yizSs3BD01VT0fmgAujxf97tufbSrzlkR22-Rk4c-6ulDaJXLLqrVGtXiwIVsWYDkDPzdg HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGOWrbvPwRaad4reH7OwAOr0yizSs3BD01VT0fmgAujxf97tufbSrzlkR22-Rk4c-6ulDaJXLLqrVGtXiwIVsWYDkDPzdg&google_gid=CAESEJifla21yqHt-19awDXwnU0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEwMTMxNzE3ODkzMjAxMzA5OTczNQ%3D%3D&google_push=ATf1kGOWrbvPwRaad4reH7OwAOr0yizSs3BD01VT0fmgAujxf97tufbSrzlkR22-Rk4c-6ulDaJXLLqrVGtXiwIVsWYDkDPzdg
Request Chain 240
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEC69Owv91CwSXqbXYakQp2o&google_cver=1
Request Chain 248
  • https://um.simpli.fi/gp_match?google_gid=CAESEIxeVPWCiFskltln0_PV-gg&google_cver=1&google_push=ATf1kGO2ucc7Qz_tBnE-D1H_ENL82JmB6paFZmYl3NGaLclgTrmTzVYUoAETEjg6_lWTEnP1Y0hYGWlvmeJy5ZbuWy8E4g3y0HEI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DE18247059094916B42138F2ADD0FE5B&google_push=ATf1kGO2ucc7Qz_tBnE-D1H_ENL82JmB6paFZmYl3NGaLclgTrmTzVYUoAETEjg6_lWTEnP1Y0hYGWlvmeJy5ZbuWy8E4g3y0HEI
Request Chain 251
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAqUAIdJh1j-I1_qN8fFW8k&google_cver=1&google_push=ATf1kGOGTlGq--rIXM5A9giNm8-v17DQtq7mQdSzK1cQKYAGGJZVTniOUbK2sxRGKqSi09hsm7YnTSXEiEaTtIq5vihCkCf7_jj0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOGTlGq--rIXM5A9giNm8-v17DQtq7mQdSzK1cQKYAGGJZVTniOUbK2sxRGKqSi09hsm7YnTSXEiEaTtIq5vihCkCf7_jj0
Request Chain 252
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAqUAIdJh1j-I1_qN8fFW8k&google_cver=1&google_push=ATf1kGPwi6Ru7ITMW9QZ9pzT94lJU3K0KFJb5fIz89oeyVbhzXRYNM6gmOGo_-NuZxisssiBDhGh9jfO0mjR6qmbSNm5yEvEjFu9zQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPwi6Ru7ITMW9QZ9pzT94lJU3K0KFJb5fIz89oeyVbhzXRYNM6gmOGo_-NuZxisssiBDhGh9jfO0mjR6qmbSNm5yEvEjFu9zQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 253
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJ9t0svxJJ4ET1ug0tzFl_w&google_cver=1&google_push=ATf1kGOA8nNZrypgBrpCfC2Isl7tmwDLs1lAR_9rgO8lKQFOXbuo1QlCiOs__AMsZTIvuIIFNphfwbf4gZx6ImcRYWO9bIX2lTppTw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2491c702-9fd3-45cc-8641-cf941e071983&%%GOOGLE_PUSH_PAIR%%
Request Chain 305
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOsGYw58c_BqbO2s0a3GWnI&google_cver=1&google_push=ATf1kGOkgb4k3AWkDQjDG89r1QxoWZiXUNhJFjXtS8b0I2Vi1FBNJWLsPumNu9C-izT3rnTB6QeTeOM8dQKqzlDoN0p3dkh3uohX7g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0x6dHlDVkIxUTZrdzg1&google_gid=CAESEOsGYw58c_BqbO2s0a3GWnI&google_cver=1&google_push=ATf1kGOkgb4k3AWkDQjDG89r1QxoWZiXUNhJFjXtS8b0I2Vi1FBNJWLsPumNu9C-izT3rnTB6QeTeOM8dQKqzlDoN0p3dkh3uohX7g
Request Chain 306
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEO4S9IqVxAUFVyp2Rmod5Ek&google_cver=1&google_push=ATf1kGMt_0HYyGDrU2KwfI6s9vYmICJ81gvLMC0iziOzMhyFCU2lPnp5sw_sXHM1uhNV-yN_rbybWBdOfEDCwem9XooeaSzS5t75bg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEO4S9IqVxAUFVyp2Rmod5Ek&google_push=ATf1kGMt_0HYyGDrU2KwfI6s9vYmICJ81gvLMC0iziOzMhyFCU2lPnp5sw_sXHM1uhNV-yN_rbybWBdOfEDCwem9XooeaSzS5t75bg
Request Chain 308
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELyoJYm-cpQa6YcLHoiP0d4&google_cver=1&google_push=ATf1kGO6sZo_wZ6JFnxOvrYuJR9Ncf2H_2ljhEQ-XDhZzdGSL-SORDeM_UIMG-avGhryb2iy_ogySKecWoXs1oqQ0UD8SD_9LGcNPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MTM2MjcyODQ2NzgyMjc0Nw%3D%3D&google_push=ATf1kGO6sZo_wZ6JFnxOvrYuJR9Ncf2H_2ljhEQ-XDhZzdGSL-SORDeM_UIMG-avGhryb2iy_ogySKecWoXs1oqQ0UD8SD_9LGcNPA
Request Chain 309
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFhzBK4-nlnVqspKxbmCBHA&google_cver=1&google_push=ATf1kGMa_1uU0vMgt7wJPUC-lZ93oOhDxSVacisDxQrK4QHdCAsKQhSHTqVBDwUTwHQT3YDaAEiQuzO6r1xLkbr8YQcePQJomqWo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMa_1uU0vMgt7wJPUC-lZ93oOhDxSVacisDxQrK4QHdCAsKQhSHTqVBDwUTwHQT3YDaAEiQuzO6r1xLkbr8YQcePQJomqWo
Request Chain 310
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAqUAIdJh1j-I1_qN8fFW8k&google_cver=1&google_push=ATf1kGPpXvR9Plx-MaMmWEUbmrjHjepTS9KiGEqrGwM4b_RXuQsmiM-vjFTLCMcTA0HzqLcNoEi7-5pOdhtHh3oBH5FkclOWyzft HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPpXvR9Plx-MaMmWEUbmrjHjepTS9KiGEqrGwM4b_RXuQsmiM-vjFTLCMcTA0HzqLcNoEi7-5pOdhtHh3oBH5FkclOWyzft
Request Chain 323
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOcKcIUq9wt6tvrsHpAtdU4&google_cver=1&google_push=ATf1kGMWq7BjOccKk-X409itQZZk3iG7tTmv1R2pWShHi4TVgnD9KcPL8MPi-qChtu9twJ1NmOEfDIWM71kY29VtP1vlrUfBHGMVeo4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0x6dHlDVkIxUTZrdzg1&google_gid=CAESEOcKcIUq9wt6tvrsHpAtdU4&google_cver=1&google_push=ATf1kGMWq7BjOccKk-X409itQZZk3iG7tTmv1R2pWShHi4TVgnD9KcPL8MPi-qChtu9twJ1NmOEfDIWM71kY29VtP1vlrUfBHGMVeo4
Request Chain 324
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOp03QgHsme8skPCitUXMTs&google_cver=1&google_push=ATf1kGOzlqCSwWVlYlPfk1XbntVNW3jFXcUPleSzd57HP8lUl76JQqovVgN1xoYL-Vw_fkXwBqBCeulVMyQGD7m7Sj6UDzDAICzdNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=7k9kfn0IRwGASPRYXPuJ6Q&google_push=ATf1kGOzlqCSwWVlYlPfk1XbntVNW3jFXcUPleSzd57HP8lUl76JQqovVgN1xoYL-Vw_fkXwBqBCeulVMyQGD7m7Sj6UDzDAICzdNw
Request Chain 326
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEO3_lm6Xd5ovmLlJjivJZow&google_cver=1&google_push=ATf1kGOUUWL6OwgY7SpD8jXy5g2xiQefakgVLvP1XjxnqbvFFGSvxnizqU9vVImNXaILMl95GFFnonikcywFxXOoN-13wbQGjnRXRw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEO3_lm6Xd5ovmLlJjivJZow&google_push=ATf1kGOUUWL6OwgY7SpD8jXy5g2xiQefakgVLvP1XjxnqbvFFGSvxnizqU9vVImNXaILMl95GFFnonikcywFxXOoN-13wbQGjnRXRw
Request Chain 327
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJInDi2rf8vuuyE-HKq40fI&google_cver=1&google_push=ATf1kGPHRfPVsWiiLSceao2OizIutH1apoxafZvaKVQuR3cuWj_SZcIqAxIc3ItOCwsUVAQCw-ZXUMe1zkrdJEoG6H3ugpoKEvoJLO4 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJInDi2rf8vuuyE-HKq40fI&google_cver=1&google_push=ATf1kGPHRfPVsWiiLSceao2OizIutH1apoxafZvaKVQuR3cuWj_SZcIqAxIc3ItOCwsUVAQCw-ZXUMe1zkrdJEoG6H3ugpoKEvoJLO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM4MjE3MjI3MDk0NDg0NzMzMg&google_push=ATf1kGPHRfPVsWiiLSceao2OizIutH1apoxafZvaKVQuR3cuWj_SZcIqAxIc3ItOCwsUVAQCw-ZXUMe1zkrdJEoG6H3ugpoKEvoJLO4
Request Chain 329
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJAaTww4xBE-xcIFHU9m7TA&google_cver=1&google_push=ATf1kGPFIMzbb7ddWRpMPbLoAKXnY9RfC9xpQilJIsx1atCNFmQ8VSl2c28EyciUCiCTKcWZyyNDoqBmKCBkREGfEkW6IVdDGlGJJA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPFIMzbb7ddWRpMPbLoAKXnY9RfC9xpQilJIsx1atCNFmQ8VSl2c28EyciUCiCTKcWZyyNDoqBmKCBkREGfEkW6IVdDGlGJJA
Request Chain 337
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOqjFa5I0evgq1XOPzI-q1s&google_cver=1&google_push=ATf1kGOvH1QKxTyGya86efXBMy9M-X4cUsCgzy1zuqrfgAh3HISL5Wnnow03XmRVgfVmI7YgU7O0SfbKA6XJ9er8gTugW4vjz56K HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ATf1kGOvH1QKxTyGya86efXBMy9M-X4cUsCgzy1zuqrfgAh3HISL5Wnnow03XmRVgfVmI7YgU7O0SfbKA6XJ9er8gTugW4vjz56K&google_hm=hmR-fQgX7sSJKbkRiA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D647E7D0817EEC48929B91188BLIS
Request Chain 338
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEku5iDyiLE72R4IMF-tHrY&google_cver=1&google_push=ATf1kGOZdosCJMgR2H4LOEUTKnAJTPkQqOn24eNLlzeR0YSlrpFk1aHiBE1xzmmcioIFxbUgnSv7QcfUWg5WzGTqkm4Zigh1tbxm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOZdosCJMgR2H4LOEUTKnAJTPkQqOn24eNLlzeR0YSlrpFk1aHiBE1xzmmcioIFxbUgnSv7QcfUWg5WzGTqkm4Zigh1tbxm&google_hm=JJHHAp_TRcyGQc-UHgcZgw==
Request Chain 339
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEI-ZG7Jt8ttV6IK7PQuDRs8&google_cver=1&google_push=ATf1kGOCjMN0kQXqs8CLCbDxVxqSU2V3DkexPL7OdBQWP710EmNoShwahhivWMqobYT_Tor9DjrBCitEQ_iO87M2bPV5n3ryfhsI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOCjMN0kQXqs8CLCbDxVxqSU2V3DkexPL7OdBQWP710EmNoShwahhivWMqobYT_Tor9DjrBCitEQ_iO87M2bPV5n3ryfhsI
Request Chain 341
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEId-EXJOA728Zd2JWF3xZOA&google_cver=1&google_push=ATf1kGMBZOXL0EVVkK9XEEgMrvVy_CMe75rB6Gzc1gVQUujKP7mUivFuz3mijhX72mTg-E_DQy-VBGDTA_znqchCyfmOyXxCErdLgg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGMBZOXL0EVVkK9XEEgMrvVy_CMe75rB6Gzc1gVQUujKP7mUivFuz3mijhX72mTg-E_DQy-VBGDTA_znqchCyfmOyXxCErdLgg HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 342
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEE1LN2Un07HOm1GFHfMx-kc&google_cver=1&google_push=ATf1kGPCzjB4XnSn6CYMUMw5cKrhwPvKTZRL86wtn7YMoq0G7GL8Vw0EnhYcrhNIr2hij_NaGbNLt5T_QKaYnEZ8ONlYJMD45NY3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2491c702-9fd3-45cc-8641-cf941e071983&%%GOOGLE_PUSH_PAIR%%
Request Chain 346
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELXMyZ6sVaS5CeYqA2VGhLo&google_cver=1&google_push=ATf1kGOSLfZ3TtmVqA1_RMOO22okaTqMoGw1utuG1cmXs55oE-MUuCn2NsPxZShHK7iuE1CTQXQSLnbnv4xJ_wCTx6_WlAEt6dv5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc1ODYyNzU3OTk4NzUxNTQxNg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJyV3rxaNRWbp9LfmdqoeNo&google_cver=1
Request Chain 348
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJNxT7BZfAaTTid_-Vbh8BI&google_cver=1&google_push=ATf1kGNcmEdMp9APRr1zLnzsOIH-TfTxYM6Q3I32JD8bb5_S6IXOeKBFD28f1Xf8wO4WD7fdFf_u5e8y8VukaKKgf4Q3kHLOHDJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=7k9kfn0IRwGASPRYXPuJ6Q&google_push=ATf1kGNcmEdMp9APRr1zLnzsOIH-TfTxYM6Q3I32JD8bb5_S6IXOeKBFD28f1Xf8wO4WD7fdFf_u5e8y8VukaKKgf4Q3kHLOHDJ4
Request Chain 349
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGLgPzUaOoZC-Mip_2cNL5E&google_cver=1&google_push=ATf1kGPY3dLfJsN_ZfIzZ1q1OZoK0cPo6KzjLjua3mMDyvheBtjn1mJyx6islKq4RrEIDe0yhhTZHttM7dZxN4IZcJvEgqZPs52E HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=2491c702-9fd3-45cc-8641-cf941e071983&gdpr=&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=2491c702-9fd3-45cc-8641-cf941e071983&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=10ec42ed-a125-4367-b737-025b041a0fff&ssp=google&expires=30&user_group=5&bsw_param=2491c702-9fd3-45cc-8641-cf941e071983 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPY3dLfJsN_ZfIzZ1q1OZoK0cPo6KzjLjua3mMDyvheBtjn1mJyx6islKq4RrEIDe0yhhTZHttM7dZxN4IZcJvEgqZPs52E&google_hm=JJHHAp_TRcyGQc-UHgcZgw==
Request Chain 350
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEsapiLd3M6CBaLQWE77Fwc&google_cver=1&google_push=ATf1kGPmEVQM5sVY-4jHJonSwGycAnMMGLVsGe9QFw1CAohgOkjtDP0e3ChK29kpIq_WYgoo5DnHl_eAJT7ay9ZQx8qNTIFVrL8 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEsapiLd3M6CBaLQWE77Fwc&google_cver=1&google_push=ATf1kGPmEVQM5sVY-4jHJonSwGycAnMMGLVsGe9QFw1CAohgOkjtDP0e3ChK29kpIq_WYgoo5DnHl_eAJT7ay9ZQx8qNTIFVrL8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIyMjY5MTQ0NDYzNTY1MTMwNA&google_push=ATf1kGPmEVQM5sVY-4jHJonSwGycAnMMGLVsGe9QFw1CAohgOkjtDP0e3ChK29kpIq_WYgoo5DnHl_eAJT7ay9ZQx8qNTIFVrL8
Request Chain 352
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGNLwQllXgftYdSx5C7eOgk&google_cver=1&google_push=ATf1kGOMgGJeWVOhGFu1LOdHDl9DH2xwQeaLezCwBdJNgVnt-iCjiBthg3xo5bpm7JSwv-LcbVU4gZ2GPEhZ5UKtrf6rI2PZbOG8wA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iMVF1OC41RTJ1SGNTUDFHenJrQ2xQbWs4Z1BLSjJGUH5B&google_push=ATf1kGOMgGJeWVOhGFu1LOdHDl9DH2xwQeaLezCwBdJNgVnt-iCjiBthg3xo5bpm7JSwv-LcbVU4gZ2GPEhZ5UKtrf6rI2PZbOG8wA
Request Chain 359
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOsGYw58c_BqbO2s0a3GWnI&google_cver=1&google_push=ATf1kGPM8Hc2-rzR8o9e2up09EYjZBoS-1gR491NJcASBDZSxjvuzvSy3x3dhsCG4CkyyhgO7TfsK--ZaPLRmps2loSEuHI1UgZT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0x6dHlDVkIxUTZrdzg1&google_gid=CAESEOsGYw58c_BqbO2s0a3GWnI&google_cver=1&google_push=ATf1kGPM8Hc2-rzR8o9e2up09EYjZBoS-1gR491NJcASBDZSxjvuzvSy3x3dhsCG4CkyyhgO7TfsK--ZaPLRmps2loSEuHI1UgZT
Request Chain 361
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO-ABM_0X4oa8o6v90v3sYU&google_cver=1&google_push=ATf1kGODjQLUSAS7qpc0ZupvPB81J-SL4X1Ljly8Etrx-fpCpRcvJnIoZJmex6JWmlzK3dj45ZAMFlpBhfRCCEOfc7AqCIR5-Hs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO-ABM_0X4oa8o6v90v3sYU&google_hm=ZH59CDnJEKWdTUIPerALDAAADGkAAAAB&google_nid=index&google_push=ATf1kGODjQLUSAS7qpc0ZupvPB81J-SL4X1Ljly8Etrx-fpCpRcvJnIoZJmex6JWmlzK3dj45ZAMFlpBhfRCCEOfc7AqCIR5-Hs
Request Chain 362
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHwHt4mjAfKJbwMgrkX1c5w&google_cver=1&google_push=ATf1kGPEZVvxu8Qu3yzzLXa0bXfbGgVJc5BCbefkmxTp6yRsQDqhxn5Qbb08KFyL4gkSNrF_xkYG9Nn3v-er38BbH6R-TTuiTTBu HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHwHt4mjAfKJbwMgrkX1c5w&google_cver=1&google_push=ATf1kGPEZVvxu8Qu3yzzLXa0bXfbGgVJc5BCbefkmxTp6yRsQDqhxn5Qbb08KFyL4gkSNrF_xkYG9Nn3v-er38BbH6R-TTuiTTBu&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPEZVvxu8Qu3yzzLXa0bXfbGgVJc5BCbefkmxTp6yRsQDqhxn5Qbb08KFyL4gkSNrF_xkYG9Nn3v-er38BbH6R-TTuiTTBu&google_hm=GxIZtGZHngOdlq9LQIOEANL3
Request Chain 363
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAqUAIdJh1j-I1_qN8fFW8k&google_cver=1&google_push=ATf1kGNGcC4jPAlHCvGR3xrgw6gaozQ8RMdM7Qx5-mzmAAEDjEY0xw4o4MJBeW2AAfpr7ufVdHU9u2-GSKGiWtho6yKvvJwPs7p- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNGcC4jPAlHCvGR3xrgw6gaozQ8RMdM7Qx5-mzmAAEDjEY0xw4o4MJBeW2AAfpr7ufVdHU9u2-GSKGiWtho6yKvvJwPs7p-
Request Chain 364
  • https://match.360yield.com/match/ebda?google_gid=CAESEDSihbxlOVNx_2iNlUBj0w0&google_cver=1&google_push=ATf1kGNImqYpCbk7igxeg2PnkX2vLBMV8zx6qLun-QkEyC_iHYgYo-Cvm2oY7u0Kjk5puzilvqTcMAqYFHKI0ZhzQJbHaEO052Y HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDSihbxlOVNx_2iNlUBj0w0&google_cver=1&google_push=ATf1kGNImqYpCbk7igxeg2PnkX2vLBMV8zx6qLun-QkEyC_iHYgYo-Cvm2oY7u0Kjk5puzilvqTcMAqYFHKI0ZhzQJbHaEO052Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=hURRytm5RIee9EZZV9pJXw&google_push=ATf1kGNImqYpCbk7igxeg2PnkX2vLBMV8zx6qLun-QkEyC_iHYgYo-Cvm2oY7u0Kjk5puzilvqTcMAqYFHKI0ZhzQJbHaEO052Y
Request Chain 365
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAqUAIdJh1j-I1_qN8fFW8k&google_cver=1&google_push=ATf1kGOh8e5IeLcgwFuUhI9outQEAsVIjfbi2huAyJ1pAEzUp20GHuMRlbpUqJX42RIFg6NMWbGDfxUv6jwySIG4wytZWZ3zJBoTpw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOh8e5IeLcgwFuUhI9outQEAsVIjfbi2huAyJ1pAEzUp20GHuMRlbpUqJX42RIFg6NMWbGDfxUv6jwySIG4wytZWZ3zJBoTpw HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 434
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=73181600004838100951389012347019&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2769703075
Request Chain 436
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2683329017935.081 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CNriuPuwrf8CFSMdBgAdCr0M9A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2683329017935.081
Request Chain 438
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=73181600004838100951389012347019&gdpr=1&consent=1&gdpr_consent=li HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=73181600004838100951389012347019&gdpr=1&consent=1&gdpr_consent=li HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 468
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBU56B98CzIArskVR504JgY&google_cver=1&google_push=ATf1kGNMyzwPZvILVyCPcL2PBMMmSoh_QDcIqq4dlxb1bwxgVmSAS0oz6nfzOeIPJeTmshHEcCm33SlD6ubH2fQEaxfVw37I80sZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGNMyzwPZvILVyCPcL2PBMMmSoh_QDcIqq4dlxb1bwxgVmSAS0oz6nfzOeIPJeTmshHEcCm33SlD6ubH2fQEaxfVw37I80sZ&google_hm=yi2dKhHkRmud5-dtl8nnb3g
Request Chain 469
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGLgPzUaOoZC-Mip_2cNL5E&google_cver=1&google_push=ATf1kGPfrRiMXL1-6sp0s0ZzOkRlxeUIyVYrntDk4e9NT5BPMLsZbD1HEzi535awCw3KS_GX2BjJP_XqpEywPtpx9fVtn57BGnc HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=7bcb476b-b45e-4c2b-bba4-7221b6b6902f&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPfrRiMXL1-6sp0s0ZzOkRlxeUIyVYrntDk4e9NT5BPMLsZbD1HEzi535awCw3KS_GX2BjJP_XqpEywPtpx9fVtn57BGnc&google_hm=JJHHAp_TRcyGQc-UHgcZgw==
Request Chain 470
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMRMXMVQOkDNUnGhFHLypWM&google_cver=1&google_push=ATf1kGNmXtZyuTHFDTjmYAnnAQoi2Twm7g9drIv8WC4hyNNF6pp6ECL2Rf8HTxfr9PsG5n3jFKb2jYXxd9R4GYsLpXIDKPXXe_Ca HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNmXtZyuTHFDTjmYAnnAQoi2Twm7g9drIv8WC4hyNNF6pp6ECL2Rf8HTxfr9PsG5n3jFKb2jYXxd9R4GYsLpXIDKPXXe_Ca&google_hm=eS10V1JDcGhsRTJwSGguRnRiQ0tWb2d3ekJlanNMaTlQen5B
Request Chain 471
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEsapiLd3M6CBaLQWE77Fwc&google_cver=1&google_push=ATf1kGOOCG5xkXznKadzh7Bi0ECxZHCx26Mkd14d3JHHwHjQ_HnBFhoOQEKlWJo9f14wdutLTvDdzBvsdXlNQaGz7gshJ8W184F3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM4MjE3MjI3MDk0NDg0NzMzMg&google_push=ATf1kGOOCG5xkXznKadzh7Bi0ECxZHCx26Mkd14d3JHHwHjQ_HnBFhoOQEKlWJo9f14wdutLTvDdzBvsdXlNQaGz7gshJ8W184F3
Request Chain 472
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESENDQ469qEJoxywhN9hAkUsU&google_cver=1&google_push=ATf1kGP8c30fwtnic4B9VLSS-Ax19EcQwpeXb6iYgDHQb0O8ZFEqtqyk_5tNK3gLb3ZjDP1TmB0w6C_UZlZMF4k1sPTG5lCsLro0 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGP8c30fwtnic4B9VLSS-Ax19EcQwpeXb6iYgDHQb0O8ZFEqtqyk_5tNK3gLb3ZjDP1TmB0w6C_UZlZMF4k1sPTG5lCsLro0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1686011146106 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b2a3d478-1d7d-4fb5-8f2d-cc6c2f97332b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGP8c30fwtnic4B9VLSS-Ax19EcQwpeXb6iYgDHQb0O8ZFEqtqyk_5tNK3gLb3ZjDP1TmB0w6C_UZlZMF4k1sPTG5lCsLro0%26google_hm%3DA7Kj1HgdfU-1jy3MbC-XMys HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP8c30fwtnic4B9VLSS-Ax19EcQwpeXb6iYgDHQb0O8ZFEqtqyk_5tNK3gLb3ZjDP1TmB0w6C_UZlZMF4k1sPTG5lCsLro0&google_hm=A7Kj1HgdfU-1jy3MbC-XMys
Request Chain 498
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1686011146_ae6c2c60-0400-11ee-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 501
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLmn9_uwrf8CFefauwgdBI4Ntw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023060602254785641842167X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023060602254785641842167X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Request Chain 504
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dmm_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CJmp9_uwrf8CFarvEQgdvF4COg;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dmm_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=mm_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=mm_SUBIDTEST_view HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023060602254785641842169X117663V1225131106MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Request Chain 529
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vgwEOqu4Rbuhk4s4UZqTDw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=vgwEOqu4Rbuhk4s4UZqTDw
Request Chain 530
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0VMTlwcTQ56icewBz6h0ZQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0VMTlwcTQ56icewBz6h0ZQ
Request Chain 531
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElKSkk0RDMtNS1NR0VV HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL03EepedO2qBJTVSUm4Q6k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElKSkk0RDMtNS1NR0VV&google_push=
Request Chain 532
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDg5ZTZkZmVlZDMxY2U5ODU0YTBjOTA3MTNlYmMwNjY2MzhhZGYyMA
Request Chain 533
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/P_v91URuTabPLa93BisVDQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4funNf5E2oJ9JKhj5DxfuXw90blon_V50MKPMg--~A
Request Chain 535
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIJJI4D3-5-MGEU
Request Chain 536
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOedvdudpJKhsGr14Wq0t8o&google_cver=1
Request Chain 537
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee4f647e-7d08-4701-8048-f4585cfb89e9&gdpr=0&gdpr_consent=
Request Chain 538
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526031689692
Request Chain 540
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6630368038902902732
Request Chain 541
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5714AADD-CF7B-487F-9FF4-A18548D62033&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5714AADD-CF7B-487F-9FF4-A18548D62033&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 542
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VxSq3c97SH-f9KGFSNYgMw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 544
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1110108337 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=5714AADD-CF7B-487F-9FF4-A18548D62033
Request Chain 545
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=5714AADD-CF7B-487F-9FF4-A18548D62033 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MDc3eFc1YVZWakdSM0tOVVR2Z1RPeHVPQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7382172270944847332&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 546
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTcxNEFBREQtQ0Y3Qi00ODdGLTlGRjQtQTE4NTQ4RDYyMDMz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 547
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAa4AhwI3CFavd2U7Zu1VjE&google_cver=1
Request Chain 549
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7382172270944847332
Request Chain 556
  • https://unilever.demdex.net/event?d_sid=25453995&cs=1686011147528 HTTP 302
  • https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1686011147528

565 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6x69807j0b5.html
pcloak.blob.core.windows.net/web/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d469330093a2cebd898628a339df6abaf5edcb89e85769ff79840371195a7d1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
1318
Content-MD5
+Dz/d7Mp2GQfilgWrAkqiw==
Content-Type
text/html
Date
Tue, 06 Jun 2023 00:25:41 GMT
ETag
0x8DB5ED0599CC10C
Last-Modified
Sat, 27 May 2023 16:35:15 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
a34fed21-a01e-0045-3e0d-9897ee000000
x-ms-version
2009-09-19
jquery.min.js
pcloak.blob.core.windows.net/web/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-request-id
a34fed87-a01e-0045-1f0d-9897ee000000
Date
Tue, 06 Jun 2023 00:25:41 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
cloakan.js
pcloak.blob.core.windows.net/web/ 		308 B
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 06 Jun 2023 00:25:41 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zPiKctHo6j8i1UGOFPpInw==
ETag
0x8DA4D4A263C11C2
Content-Type
text/javascript
x-ms-request-id
a34fee25-a01e-0045-310d-9897ee000000
x-ms-version
2009-09-19
Content-Length
308
style.css
pcloak.blob.core.windows.net/web/ 		166 B
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/style.css
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 06 Jun 2023 00:25:41 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
9ruAIrm4XHnQO3/sM8J0AQ==
ETag
0x8DA4D4A26527CA0
Content-Type
text/css
x-ms-request-id
a34fedca-a01e-0045-5c0d-9897ee000000
x-ms-version
2009-09-19
Content-Length
166
px.php
www.cloakan.co/ 		743 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/px.php?id=6x69807j0b5
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:39 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
404
nv.php
www.cloakan.co/ 		232 B
385 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/nv.php?id=6x69807j0b5-m
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:39 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
112
/
ye-mek.net/ Frame 371C 		77 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/
Requested by
Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x69807j0b5-m
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
692093ef20830aec5e55efde27578dc706a1e8526b77aba20df78ba94bcfec89

Request headers

Referer
https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-length
78889
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 00:25:42 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 371C 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 16:49:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jun 2024 16:49:11 GMT
yemeknet.js
ye-mek.net/js/ Frame 371C 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/js/yemeknet.js?v=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 06 Jun 2023 00:25:42 GMT
last-modified
Tue, 20 Aug 2019 13:15:54 GMT
server
Microsoft-IIS/10.0
etag
"0a144655957d51:0"
x-powered-by
ASP.NET
content-type
application/javascript
cache-control
max-age=691200
accept-ranges
bytes
content-length
10691
maincss.css
cdn.ye-mek.net/ Frame 371C 		40 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ye-mek.net/maincss.css?v=434
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
4201700
x-accel-date
1681809442
x-77-nzt
AZySIYghae3/5BxAAA
x-accel-expires
@1713345442
last-modified
Tue, 24 Nov 2020 00:00:32 GMT
server
CDN77-Turbo
etag
W/"5fbc4d20-9e5b"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e645d869034
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/ Frame 371C 		119 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-38733763-1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5776bffed7ddf8e7d01fd494cab06180cf52bc16edcebb94b20035a2a4148d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47380
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Jun 2023 00:25:42 GMT
WebResource.axd
ye-mek.net/ Frame 371C 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/WebResource.axd?d=YeedoL8dFzo5gymDuarFXngFaaXpLN8jYlixY-HzMyr_r8lEwXsCQefYQgi2kFzYfrVacpu_9us1eVTBWQamZuI0ynrH9LDfafZF-A5wZF41&t=637811837229275428
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 06 Jun 2023 00:25:42 GMT
last-modified
Wed, 23 Feb 2022 00:28:42 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/x-javascript
cache-control
public
content-length
23063
expires
Sat, 04 May 2024 23:14:43 GMT
searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame 371C 		542 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201752
x-accel-date
1681809390
content-length
542
x-77-nzt
AZySIYh9+LP/GB1AAA
x-accel-expires
@1713345390
last-modified
Sat, 22 Oct 2022 20:00:57 GMT
server
CDN77-Turbo
etag
"63544bf9-21e"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e6437346b38
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ara.png
cdn.ye-mek.net/App_UI/Img/ Frame 371C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201700
x-accel-date
1681809442
content-length
1651
x-77-nzt
AZySIYhRBDX/5BxAAA
x-accel-expires
@1713345442
last-modified
Mon, 14 May 2018 22:41:08 GMT
server
CDN77-Turbo
etag
"5afa1084-673"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e647167d438
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
buzlukta-ic-bakla-saklama-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 371C 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/buzlukta-ic-bakla-saklama-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
60d1b27fae6b92ce48badf66a677c1170a9ae6e97fa91a5e1c21c4ebe59fc811

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
7858
x-accel-date
1686003284
content-length
16181
x-77-nzt
AZySIYijxMb/sh4AAA
x-accel-expires
@1717539284
last-modified
Sun, 04 Jun 2023 22:51:37 GMT
server
CDN77-Turbo
etag
"647d1579-3f35"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e642587f538
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kuru-domates-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 371C 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/kuru-domates-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
40e79ea3833e391579a893edcb1311f9d82372fcf6ad18ebd245b7535bc2eef1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
96000
x-accel-date
1685915142
content-length
13287
x-77-nzt
AZySIYiJJLz/AHcBAA
x-accel-expires
@1717451142
last-modified
Sun, 04 Jun 2023 20:08:17 GMT
server
CDN77-Turbo
etag
"647cef31-33e7"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e64ecd9fe38
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
semizotu-yogurtlamasi-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 371C 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/semizotu-yogurtlamasi-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
39ddfa0e149ffe66b2480afecb8501822ac2d7aba2f841103eb7caab5ab7fe2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
178213
x-accel-date
1685832929
content-length
16694
x-77-nzt
AZySIYgwg6r/JbgCAA
x-accel-expires
@1717368929
last-modified
Sat, 03 Jun 2023 22:46:59 GMT
server
CDN77-Turbo
etag
"647bc2e3-4136"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e6435ec0539
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
mantarli-ispanakli-yumurta-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 371C 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/mantarli-ispanakli-yumurta-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b626cb98565e377b5fbb449fcb91acaaa421a333bcea9850b70ac58cf9fc4432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
262685
x-accel-date
1685748457
content-length
15966
x-77-nzt
AZySIYgIqr3/HQIEAA
x-accel-expires
@1717284457
last-modified
Fri, 02 Jun 2023 23:01:10 GMT
server
CDN77-Turbo
etag
"647a74b6-3e5e"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e6421670b39
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavuk-gogsu-kizartmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/07/ Frame 371C 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/07/tavuk-gogsu-kizartmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e8f206722d43879dc706b4270e95add2fb8ff20785b9ff7c2bf2bab8f4012435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201709
x-accel-date
1681809433
content-length
15544
x-77-nzt
AZySIYin3xv/7RxAAA
x-accel-expires
@1713345433
last-modified
Thu, 08 Jul 2021 13:19:59 GMT
server
CDN77-Turbo
etag
"60e6fb7f-3cb8"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e64c88c0f39
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tencerede-tavuk-pirzola-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/02/ Frame 371C 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/02/tencerede-tavuk-pirzola-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9aa15f3d270011a0d81029fc96091ebec29d9cd93a32ffb12eda6e0db7649665

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201120
x-accel-date
1681810022
content-length
13004
x-77-nzt
AZySIYjk1Zj/oBpAAA
x-accel-expires
@1713346022
last-modified
Sun, 21 Feb 2021 23:47:08 GMT
server
CDN77-Turbo
etag
"6032f0fc-32cc"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e64fe801339
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
macar-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/04/ Frame 371C 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/04/macar-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
68bbcab002cfe978fe70454b240f442046de6170bdef247b98f4819f1e7f2417

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201556
x-accel-date
1681809586
content-length
14810
x-77-nzt
AZySIYhoHG3/VBxAAA
x-accel-expires
@1713345586
last-modified
Fri, 24 Apr 2020 23:44:43 GMT
server
CDN77-Turbo
etag
"5ea379eb-39da"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e640d4a1739
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
pilic-tava-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/12/ Frame 371C 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/12/pilic-tava-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2c481ccdb6e10e0136132ac25c732c873df15b1cf23a063a714f63606159551e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4197796
x-accel-date
1681813346
content-length
15498
x-77-nzt
AZySIYhPmPzvpA1AAA
x-accel-expires
@1713349346
last-modified
Fri, 30 Dec 2022 22:50:02 GMT
server
CDN77-Turbo
etag
"63af6b1a-3c8a"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e645a941c39
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
topalak-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame 371C 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/topalak-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9b38d88b1023d2badd893cbb744210baf4a8f01a2c36f2efa8799dd86440cf2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201459
x-accel-date
1681809683
content-length
15156
x-77-nzt
AZySIYhLSx//8xtAAA
x-accel-expires
@1713345683
last-modified
Sun, 03 Apr 2022 23:51:26 GMT
server
CDN77-Turbo
etag
"624a32fe-3b34"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e6488472539
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
dovga-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/04/ Frame 371C 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/04/dovga-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e09c62274a0d96f7c1bb7c530df7fe9cfabdf263685d1112e6f0b99e60e442b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201160
x-accel-date
1681809982
content-length
13127
x-77-nzt
AZySIYimhr3/yBpAAA
x-accel-expires
@1713345982
last-modified
Sat, 01 Apr 2023 13:04:53 GMT
server
CDN77-Turbo
etag
"64282bf5-3347"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e6456a32939
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
karmaca-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/11/ Frame 371C 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/11/karmaca-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2eb2914e0253d3d949c2aad28f6f109c7b3a67ef37696a4496592837c0f9d7a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201222
x-accel-date
1681809920
content-length
15740
x-77-nzt
AZySIYhxUZ7/BhtAAA
x-accel-expires
@1713345920
last-modified
Mon, 15 Nov 2021 22:38:31 GMT
server
CDN77-Turbo
etag
"6192e167-3d7c"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e64a6a62d39
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
guluklu-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/04/ Frame 371C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2019/04/guluklu-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c3269d90b3fdb58e163c5d9a037b8d8873beb5688f1b00506ad9cf28c1c65892

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201160
x-accel-date
1681809982
content-length
11186
x-77-nzt
AZySIYglX6j/yBpAAA
x-accel-expires
@1713345982
last-modified
Wed, 01 May 2019 23:47:25 GMT
server
CDN77-Turbo
etag
"5cca300d-2bb2"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e6477963139
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-et-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/03/ Frame 371C 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/03/firinda-et-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4c5deb00f38b73c0882d773ade1a2084150544c3129128fc0655f419ef157e93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4199390
x-accel-date
1681811752
content-length
17033
x-77-nzt
AZySIYgIhRH/3hNAAA
x-accel-expires
@1713347752
last-modified
Sat, 19 Mar 2022 23:39:57 GMT
server
CDN77-Turbo
etag
"623669cd-4289"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e64e3a93539
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-orman-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/05/ Frame 371C 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2018/05/firinda-orman-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d5544013c9c882cd032a4ed06f6f8338f6fce934e82311a1267f59b5e717c4c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4199292
x-accel-date
1681811850
content-length
12058
x-77-nzt
AZySIYjtGeb/fBNAAA
x-accel-expires
@1713347850
last-modified
Wed, 01 May 2019 23:34:49 GMT
server
CDN77-Turbo
etag
"5cca2d19-2f1a"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e64b6853939
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
isvec-koftesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/10/ Frame 371C 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/10/isvec-koftesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
64af7a328ead4e6e3e77587ae81c88a4156eea6f476df565496f8f46d89d255f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201131
x-accel-date
1681810011
content-length
12325
x-77-nzt
AZySIYg5iwL/qxpAAA
x-accel-expires
@1713346011
last-modified
Fri, 09 Oct 2020 23:18:38 GMT
server
CDN77-Turbo
etag
"5f80efce-3025"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e649f053d39
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kusbasi-et-terbiyesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2014/10/ Frame 371C 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2014/10/kusbasi-et-terbiyesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9fcb1f44c662d22fb6145cba631fe848dc79bc290cc3fd00dac9c4f2c8ac69bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4199426
x-accel-date
1681811716
content-length
15760
x-77-nzt
AZySIYho0+v/AhRAAA
x-accel-expires
@1713347716
last-modified
Wed, 01 May 2019 22:30:26 GMT
server
CDN77-Turbo
etag
"5cca1e02-3d90"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e64a4704039
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
soslu-tavuk-kizartmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/02/ Frame 371C 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/02/soslu-tavuk-kizartmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9ceb7464fd907c8a73e70b85c142e987072812977b9a17e742a734b50be481ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201003
x-accel-date
1681810139
content-length
14314
x-77-nzt
AZySIYjl2Xr/KxpAAA
x-accel-expires
@1713346139
last-modified
Sat, 26 Feb 2022 22:43:44 GMT
server
CDN77-Turbo
etag
"621aad20-37ea"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e64b4664439
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
terbiyeli-tavuk-pirzola-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/08/ Frame 371C 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/08/terbiyeli-tavuk-pirzola-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a8f7c822ad63a849206f187b5b4d812340f1b9a6b276d4b65d5510d7eea52657

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4200727
x-accel-date
1681810415
content-length
14639
x-77-nzt
AZySIYiQqRz/FxlAAA
x-accel-expires
@1713346415
last-modified
Thu, 26 Aug 2021 20:42:20 GMT
server
CDN77-Turbo
etag
"6127fcac-392f"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e64417f4739
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-tavuk-but-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/11/ Frame 371C 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/11/firinda-tavuk-but-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
96aa3667db041dd0f9351d85ca19b7485bf1dad1832ae2099c65cd5a11841275

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201160
x-accel-date
1681809982
content-length
17402
x-77-nzt
AZySIYhK7Kz/yBpAAA
x-accel-expires
@1713345982
last-modified
Tue, 09 Nov 2021 21:00:38 GMT
server
CDN77-Turbo
etag
"618ae176-43fa"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e644ce84b39
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavuklu-sultan-kebabi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/05/ Frame 371C 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/05/tavuklu-sultan-kebabi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2214a9c42ac416d027c9814595f62b198356d64ee8eebd6cef1ab5ba1def247d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201007
x-accel-date
1681810135
content-length
11963
x-77-nzt
AZySIYgxp23/LxpAAA
x-accel-expires
@1713346135
last-modified
Wed, 01 May 2019 22:58:17 GMT
server
CDN77-Turbo
etag
"5cca2489-2ebb"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e642b444f39
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
falafel-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/10/ Frame 371C 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/10/falafel-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
25b0fc18fa46dfcb28fdab9b486f78a11dc35790fdfc410b1af2c062410e14d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201458
x-accel-date
1681809684
content-length
13336
x-77-nzt
AZySIYg5aaX/8htAAA
x-accel-expires
@1713345684
last-modified
Wed, 07 Oct 2020 22:28:47 GMT
server
CDN77-Turbo
etag
"5f7e411f-3418"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e64fb735339
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
etli-nohut-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2014/09/ Frame 371C 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2014/09/etli-nohut-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7619efea4ccd65a5edde7db90013478309541941826ee2aacacaf95614043b87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201345
x-accel-date
1681809797
content-length
11666
x-77-nzt
AZySIYitNaD/gRtAAA
x-accel-expires
@1713345797
last-modified
Wed, 01 May 2019 22:29:51 GMT
server
CDN77-Turbo
etag
"5cca1ddf-2d92"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e64a05c5739
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-baharatli-karnabahar-kizartmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/11/ Frame 371C 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/11/firinda-baharatli-karnabahar-kizartmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1aebfe69d3a53d318fffd81363cf8b90c3e9619def25e28f10e88c34e712d793

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201257
x-accel-date
1681809885
content-length
13226
x-77-nzt
AZySIYixRfH/KRtAAA
x-accel-expires
@1713345885
last-modified
Mon, 23 Nov 2020 23:12:16 GMT
server
CDN77-Turbo
etag
"5fbc41d0-33aa"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e646dc65a39
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
zeytinyagli-ic-bakla-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 371C 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/zeytinyagli-ic-bakla-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ea8f240546897acbfea3e09edecabc3ae63892d59dd7ae5416ec1813f8278a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1651244
x-accel-date
1684359898
content-length
18510
x-77-nzt
AZySIYieumjvLDIZAA
x-accel-expires
@1715895898
last-modified
Wed, 17 May 2023 20:56:06 GMT
server
CDN77-Turbo
etag
"64653f66-484e"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e643bfe5e39
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
girar-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/03/ Frame 371C 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/03/girar-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
038c545ef084b3fe9e6c446e8080e4d6be85650256a782e67219ab547aa65c82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4200486
x-accel-date
1681810656
content-length
13420
x-77-nzt
AZySIYijiFn/JhhAAA
x-accel-expires
@1713346656
last-modified
Fri, 17 Mar 2023 20:01:37 GMT
server
CDN77-Turbo
etag
"6414c721-346c"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e648c206439
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
hanimaga-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/06/ Frame 371C 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2018/06/hanimaga-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a401ab3b7ec5aad2e82fd1df7e4b4c9eb24ea37d3689ffd3384ceaafd4571226

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201013
x-accel-date
1681810129
content-length
13961
x-77-nzt
AZySIYg0H6b/NRpAAA
x-accel-expires
@1713346129
last-modified
Wed, 01 May 2019 23:36:26 GMT
server
CDN77-Turbo
etag
"5cca2d7a-3689"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e640f9e6739
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
hidiv-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/02/ Frame 371C 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/02/hidiv-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
842c88bbde71118e56fc313dbe3ad3d9e5dd9b3b9913960838734a29e5982b7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201013
x-accel-date
1681810129
content-length
11592
x-77-nzt
AZySIYjkpn//NRpAAA
x-accel-expires
@1713346129
last-modified
Wed, 22 Feb 2023 19:26:52 GMT
server
CDN77-Turbo
etag
"63f66c7c-2d48"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e647e9d6b39
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
yogurtlu-misir-unu-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/12/ Frame 371C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/12/yogurtlu-misir-unu-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f417034e954f35355ab26de74d5f0345e87815c5b5ca8e3963be6fb4377c78bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3434013
x-accel-date
1682577129
content-length
11301
x-77-nzt
AZySIYg6F8//HWY0AA
x-accel-expires
@1714113129
last-modified
Sun, 05 Dec 2021 23:24:36 GMT
server
CDN77-Turbo
etag
"61ad4a34-2c25"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e64bf327039
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
babata-keki-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/01/ Frame 371C 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/01/babata-keki-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6abeac389ce1fbbf8140ce124532a733ec8bcb9b518cd57a0b75136a7c41a0eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201457
x-accel-date
1681809685
content-length
17257
x-77-nzt
AZySIYgfWR//8RtAAA
x-accel-expires
@1713345685
last-modified
Fri, 07 Jan 2022 22:32:22 GMT
server
CDN77-Turbo
etag
"61d8bf76-4369"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e64ed3f7439
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
mozaik-toplari-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/04/ Frame 371C 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2019/04/mozaik-toplari-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
878de60769bec438439f67e4a6facea40f500e79c90118ab9137415159f0f003

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4198760
x-accel-date
1681812382
content-length
15973
x-77-nzt
AZySIYgOiKj/aBFAAA
x-accel-expires
@1713348382
last-modified
Wed, 01 May 2019 23:47:04 GMT
server
CDN77-Turbo
etag
"5cca2ff8-3e65"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e64a3f57739
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
limonlu-muhallebi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/10/ Frame 371C 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/10/limonlu-muhallebi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
904d57c2734478af402ac7c17566dc17fd1821e78055940daa321792b800a214

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4199796
x-accel-date
1681811346
content-length
11496
x-77-nzt
AZySIYiE4vT/dBVAAA
x-accel-expires
@1713347346
last-modified
Mon, 25 Oct 2021 21:51:37 GMT
server
CDN77-Turbo
etag
"617726e9-2ce8"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e64977a7c39
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
aside-tatlisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/10/ Frame 371C 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2019/10/aside-tatlisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
747dafb0b3858b83992fdaedac2b930a92004d4add4914151c7cf05be61ebcea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201456
x-accel-date
1681809686
content-length
10290
x-77-nzt
AZySIYh8gsv/8BtAAA
x-accel-expires
@1713345686
last-modified
Wed, 02 Oct 2019 22:18:53 GMT
server
CDN77-Turbo
etag
"5d95224d-2832"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e64ca7d9639
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
yufkadan-yalanci-boyoz-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/09/ Frame 371C 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/09/yufkadan-yalanci-boyoz-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8e5551335c8d5643935c3058958d8f6085ddbbadd9bea2a6a6be382aadd93e8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201453
x-accel-date
1681809689
content-length
13231
x-77-nzt
AZySIYgqbmz/7RtAAA
x-accel-expires
@1713345689
last-modified
Fri, 16 Sep 2022 23:16:02 GMT
server
CDN77-Turbo
etag
"632503b2-33af"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e64828f9a39
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sivi-yagli-mayasiz-pogaca-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/07/ Frame 371C 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2019/07/sivi-yagli-mayasiz-pogaca-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
945c1791f9111652026e898861d692d6943525bbe49fb5e2b33bdd29140ed2d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4193527
x-accel-date
1681817615
content-length
12766
x-77-nzt
AZySIYi+66T/9/w/AA
x-accel-expires
@1713353615
last-modified
Wed, 03 Jul 2019 21:33:21 GMT
server
CDN77-Turbo
etag
"5d1d1f21-31de"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e6477c89e39
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
yag-cekmeyen-hamur-kizartmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/03/ Frame 371C 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/03/yag-cekmeyen-hamur-kizartmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6ddb9b04afe63453d2fafd12ea0bdcad9132d1368642cb2cdec3b5340351b468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4199786
x-accel-date
1681811356
content-length
12730
x-77-nzt
AZySIYh2aLj/ahVAAA
x-accel-expires
@1713347356
last-modified
Thu, 11 Mar 2021 23:00:41 GMT
server
CDN77-Turbo
etag
"604aa119-31ba"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e648727a339
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
siyah-zeytin-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/11/ Frame 371C 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/11/siyah-zeytin-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0c23f6a48bd83f8880c0b081d28bb96a001e5af3fab7edf77c9a79dc0d96e188

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4199621
x-accel-date
1681811521
content-length
12681
x-77-nzt
AZySIYhimIv/xRRAAA
x-accel-expires
@1713347521
last-modified
Thu, 24 Nov 2022 22:40:17 GMT
server
CDN77-Turbo
etag
"637ff2d1-3189"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e64184da739
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
_dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame 371C 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
Microsoft-IIS/10.0
etag
"8ae3cdbd420cc1:0"
x-powered-by
ASP.NET
x-hw
1686011143.cds286.lo4.hn,1686011143.cds041.lo4.c
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length
5605
addthis_widget.js
s7.addthis.com/js/300/ Frame 371C 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
DMCABadgeHelper.min.js
images.dmca.com/Badges/ Frame 371C 		465 B
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
Microsoft-IIS/10.0
etag
"26b181f16d28d51:0"
x-powered-by
ASP.NET
x-hw
1686011143.cds286.lo4.hn,1686011143.cds281.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length
395
outside.js
static.virgul.com/theme/mockups/adcode/ Frame 371C 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19514
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e83a6e6d3b514c443964ced040878fe12d03f326240804355adc29084ed7ca8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 17:43:14 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
sdk.js
connect.facebook.net/tr_TR/ Frame 371C 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4919c0899a5c816320524b44d3512cadb733c4bf0b3592f2f802566902b4341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Jun 2023 00:25:42 GMT
content-md5
5ukgkEhff2bMD6q53JQqkw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
1aGea/DbFyqXOV/LAagRLZ/4ZpdpW33UZfOmF2Gg7AnhmBhhebdVrFC5Q3cHb4EIBs03XsDgcS8voNBDQGA9gQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
8f1115d439b58c27432a9aec099c6fdf
cross-origin-opener-policy
same-origin-allow-popups
etag
"26a68ff9f8fdbeca6d04bf1fdaffa469"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:31:11 GMT
sprite_3.png
cdn.ye-mek.net/grafik/ Frame 371C 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by
Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ye-mek.net/maincss.css?v=434
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 06 Jun 2023 00:25:42 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4201700
x-accel-date
1681809442
content-length
21525
x-77-nzt
AZySIYhFTED/5BxAAA
x-accel-expires
@1713345442
last-modified
Mon, 14 May 2018 20:55:05 GMT
server
CDN77-Turbo
etag
"5af9f7a9-5415"
x-77-nzt-ray
f6587a1d6ba71cbd067d7e6421c5ab39
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sdk.js
connect.facebook.net/tr_TR/ Frame 371C 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js?hash=a92d0e455161a19587d1fcf4d89cf841
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c9e844af4410cf57f0d04198c29d49588aa62ffa9f17905b3123005191d6dc7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Jun 2023 00:25:42 GMT
content-md5
kbEXGJcIqhL8n9b3pGsntA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87298
x-fb-rlafr
0
x-fb-debug
NWEv2+lGUgfcR6xpZn5r1Vdq2gH8bMU3vA5GuchMoqPbeSqNuSIhq0eu84qSg6uYS73514dCTSFm2Bd/WaPJWA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
c6bc850d055e723036375cbb0d3c29ba
cross-origin-opener-policy
same-origin-allow-popups
etag
"89dce6d7325d1261f79adb70fb6dda0f"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 04 Jun 2024 22:23:11 GMT
analytics.js
www.google-analytics.com/ Frame 371C 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 05 Jun 2023 23:04:48 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4855
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 06 Jun 2023 01:04:48 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 371C 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e23d026372bbff6824bf24732f4d37102c28471a8b7c4521e2e371707434cbf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25224
x-xss-protection
0
server
cafe
etag
113 / 19514 / m202306010101 / config-hash: 435238587681776568
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:43 GMT
ads.js
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame 371C 		120 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19514
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
last-modified
Wed, 21 Dec 2022 18:47:42 GMT
server
openresty/1.15.8.3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
120
str.html
static.virgul.com/theme/mockups/outside/ Frame 8E72 		891 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19514
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=5184000
content-length
891
content-type
text/html
date
Tue, 06 Jun 2023 00:25:43 GMT
last-modified
Wed, 28 Sep 2022 10:07:57 GMT
server
openresty/1.15.8.3
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 371C 		137 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c7af93df3e471d069c625fd6b01c9623ffce3e10f81a040bf9b9b2c0945401c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47556
x-xss-protection
0
server
cafe
etag
8821876577996671369
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:43 GMT
prebid7.38.0.js
static.virgul.com/theme/mockups/outside/ Frame 371C 		489 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19514
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
last-modified
Mon, 27 Mar 2023 14:56:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
apstag.js
c.amazon-adsystem.com/aax2/ Frame 371C 		228 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.87.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-87-107.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 23:47:42 GMT
content-encoding
gzip
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront), 1.1 167c735142bc0b0bedf2cca27d970088.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 19:17:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-C1
age
2282
x-amz-server-side-encryption
AES256
etag
W/"d18b57a80b57082ffb531a2e077b3016"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
0BiWyplj1N2jLbwjaOqF1f5Ew_VPybtHOsSeBFGE66P4DkpsoEuG-Q==
pageview
ng.virgul.com/ Frame 371C 		38 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/pageview?c=site_geneli&mt=1686011143198&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.8767204819688665
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19514
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
9a5c9814ff59d799f8501c1a636a556c0c42b529445e9897729e94314b14f9b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://ye-mek.net
content-type
application/javascript
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
yemek_net.js
static.virgul.com/theme/mockups/fallback/ Frame 371C 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19514
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19514
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
last-modified
Wed, 31 May 2023 14:14:23 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
hb
ng.virgul.com/ Frame 371C 		49 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=468336
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19514
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
73950740472b6965bd4ea8e08993d1abce3447c4a12d6cac6ddeefde3a698f50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://ye-mek.net
content-type
application/javascript
cache-control
max-age=3600
access-control-allow-credentials
true
config
c.amazon-adsystem.com/cdn/prod/ Frame 371C 		0
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.87.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-87-107.muc50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 21:05:07 GMT
via
1.1 167c735142bc0b0bedf2cca27d970088.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-C1
age
12035
x-cache
Hit from cloudfront
access-control-allow-origin
https://ye-mek.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
rSxvFMexKe2KwAVhhNRecsRoqopPtQmo7APVLgxNGKezb4cP9UCfQA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 371C 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.87.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-87-107.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding
gzip
via
1.1 ac90d46be219b2aa8a23e6982405715c.cloudfront.net (CloudFront)
date
Mon, 05 Jun 2023 01:39:37 GMT
x-amz-cf-pop
MUC50-C1
age
81967
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 26 May 2023 01:35:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
Wqy3uIWNENTgZqCOoaD5l-cjUGtasijexkIwJz0HOG433GrgIyHEDA==
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ Frame 371C 		351 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
206d936128d5106e1b85b8f3fcbcbc138c5c6eb107c5f427bff0fc34f4040374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120659
x-xss-protection
0
server
cafe
etag
1907090250378296377
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:43 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/ Frame CE45 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26488
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Jun 2023 17:04:15 GMT
etag
15057649708203361565
expires
Mon, 19 Jun 2023 17:04:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
empowerwebplayer3.js
static.virgul.com/theme/mockups/outside/ Frame 371C 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
35b21209877b5b74adcb3a1bd21f8fd45a5ee0ea13d754f7d69bad34147800bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
last-modified
Mon, 05 Jun 2023 18:40:24 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
yemek_net.js
static.virgul.com/theme/mockups/sites/ Frame 371C 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=468336
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19514
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 09:08:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
pandg-sdk.js
pghub.io/js/ Frame 371C 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 23:33:36 GMT
content-encoding
gzip
age
3127
x-guploader-uploadid
ADPycdt1wy7LddOT6BwYunX9NynvVjsHVROLT-wRzYAuwfp0xU9pK9rrAndIzCKTzTNZeVbguoC-1GCwb-oQ4ROrKQN-jbkq5DkS
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5009
last-modified
Mon, 05 Jun 2023 16:36:50 GMT
server
UploadServer
etag
"47a886353056caf33a998c6041e20896"
vary
Accept-Encoding
x-goog-generation
1685983010517890
x-goog-hash
crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
5009
accept-ranges
bytes
content-type
application/javascript
zoneview
ng.virgul.com/ Frame 371C 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1686011143335&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnet61d564df-8b29-4f2b-b20a-95a90770533e&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.10517405070010932
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 06 Jun 2023 00:25:43 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/ Frame 371C 		406 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 10:51:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
48837
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128351
x-xss-protection
0
server
cafe
etag
10410007902637205610
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 04 Jun 2024 10:51:46 GMT
tag
feed.pghub.io/ Frame 6012 		13 B
257 B 		Document
General
Check archive.org
Download Go to
Full URL
https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Tue, 06 Jun 2023 00:25:43 GMT
strict-transport-security
max-age=31536000
via
1.1 google
NoktaNpmPlayerApi.js
c1.imgiz.com/player_others/html5/ Frame 371C 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19514
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 11:58:21 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Tue, 13 Jun 2023 00:25:43 GMT
zoneview
ng.virgul.com/ Frame 371C 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1686011143407&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnet61d564df-8b29-4f2b-b20a-95a90770533e&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.6053429737245035
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 06 Jun 2023 00:25:43 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
localstore.js
script.4dex.io/ Frame 371C 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:43 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2428103
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mgj08UU2%2B3Sw8DCOjfOoFFLEmc%2FcFILM7kqPnZhI3zW%2F9mZ53ati%2FlW%2FCtIdQbfkxgWYq3j31ucJQ7OTSnsyPq67n849jivUcWy%2BP8P%2Bzk9LwoORgUEbX5a4L%2FT%2Fi2y2o2SKLBpwyS%2FYdkty"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7d2c850eac3b1e4f-FRA
bid
aax.amazon-adsystem.com/e/dtb/ Frame 371C 		23 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=8dTJd1dLOHgqc&cb=0&ws=1600x1200&v=23.517.1921&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.190.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-190-43.muc50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ec12d3de4ccd821a7e749609dcc62010.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P1
x-amz-rid
JAHRQZC3YMJBGC2E5VSY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
vPuC5BaYPLVQjtBsm7AMO6ys2yCi6-z_TqfM_OuQ5H-K_cxotUrigg==
integrator.js
adservice.google.de/adsid/ Frame 371C 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 371C 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 371C 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1123457220321230&correlator=402510169574824&eid=31072020%2C31074694&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686011143198%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet61d564df-8b29-4f2b-b20a-95a90770533e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet61d564df8b294f2bb20a95a90770533e&sc=1&cdm=ye-mek.net&abxe=1&dt=1686011143455&lmt=1686011143&dlt=1686011142833&idt=580&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=oq97sgdj367&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=507540644.1686011143&ga_sid=1686011143&ga_hid=1107654582&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cee24400374220190dbbe92c4936239fb6b23604dad30937caa1d9e2e2b6cad7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11327
x-xss-protection
0
google-lineitem-id
6241543851
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425219174
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 222F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:43 GMT
expires
Wed, 05 Jun 2024 00:25:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B723 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011143305&bpp=4&bdt=473&idt=168&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&nras=1&correlator=3070194810937&frm=24&ife=1&pv=2&ga_vid=507540644.1686011143&ga_sid=1686011143&ga_hid=1107654582&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31075067%2C44772268%2C44788441&oid=2&pvsid=1123457220321230&tmod=2103150481&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ljfsm6kqz6gh&fsb=1&dtd=182
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bid
ap.lijit.com/rtb/ Frame 371C 		24 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.38.0
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
62f71ee8352ec04befb52f4526446329daf8f614719c248a4d1296dc01781505

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Jun 2023 00:25:43 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ye-mek.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 371C 		173 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.19.103 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-19-103.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3d10738d0985aa0c149a83f9a4dfb4ba694247917ece47662da88bf811c37b58

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
x-prebid
pbs-java/1.119.0
content-type
application/json
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 371C 		416 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862172&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=b0aecaef-9f45-4f49-b340-6030419650d8%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&tk_flint=pbjs_lite_v7.38.0&x_source.tid=a9cf8da8-eaf5-471e-8f88-7a23e60eb7ee&l_pb_bid_id=56eb8aa877f6c5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8512683379444355
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
29baddd2317a5ecb3e583247931b8433a51135a2decfab0e8d3b7cf8b53e76fa

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
416
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 371C 		410 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862174&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=b0aecaef-9f45-4f49-b340-6030419650d8%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&tk_flint=pbjs_lite_v7.38.0&x_source.tid=f0d482fb-2913-4a82-99ce-cc39e2d533a0&l_pb_bid_id=6312c94f27c3d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.0615140459910013
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d95c58ca837df68de7be1fbf761df4e9fe88e5983357baccde4ddddaf7aa2b16

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
410
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 371C 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746730&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=b0aecaef-9f45-4f49-b340-6030419650d8%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=4618bd57-af7e-4581-b8f8-aafe15708f5a&l_pb_bid_id=7f6868752252dc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.643992909511228
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
19ea605e3d74ff18b6cb722e699de7cc47d7f01afa7bae0b25dc39f9141d5552

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 371C 		397 B
945 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746580&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=b0aecaef-9f45-4f49-b340-6030419650d8%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=c6da90aa-709b-421f-bb60-d6f4e1fb2f58&l_pb_bid_id=8bf04baf15d957&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.46769033225611456
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a23fa775e1ab1d33c8c8182f665ee481ed538bb588846dff48380cb5c35cb8a3

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 371C 		408 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862158&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=b0aecaef-9f45-4f49-b340-6030419650d8%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&tk_flint=pbjs_lite_v7.38.0&x_source.tid=a1cc2bf8-b797-4e8a-8bfb-c9f8e7429bb2&l_pb_bid_id=10882571db6df1e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.30520160369619753
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d8b88e546c86f01f35e95c04abb21cab9bf6ee21145ad7827eebb0364c6e9787

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
408
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 371C 		43 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f466f019fb298001391f4aa4bfd22b8fb45f356f4eaafe28e8bfa7b551656408
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Jun 2023 00:25:43 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.120; 146.70.117.120; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2af23800-3b65-4d84-85d8-04ae339917cb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ye-mek.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
hb.emxdgt.com/ Frame 371C 		0
0
hb
cpm.programattik.com/ Frame 371C 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=45&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns1.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Tue, 06 Jun 2023 00:25:43 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
hb
cpm.programattik.com/ Frame 371C 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=44&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns1.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Tue, 06 Jun 2023 00:25:43 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
hb
cpm.programattik.com/ Frame 371C 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=80&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns1.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Tue, 06 Jun 2023 00:25:43 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
prebid
ib.adnxs.com/ut/v3/ Frame 371C 		23 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6e8bade7432811a06da96799253de1b01c4715f190088d310cafa8bfeff32347
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Jun 2023 00:25:43 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.120; 146.70.117.120; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5e14ddd6-44d6-4e03-9749-761b7864cedf
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ye-mek.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 371C 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 06 Jun 2023 00:25:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 371C 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.38.0&cb=6906403983&lsavail=0
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 06 Jun 2023 00:25:42 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid-request
a.teads.tv/hb/ Frame 371C 		16 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 06 Jun 2023 00:25:43 GMT
prebid
mp.4dex.io/ Frame 371C 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:43 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7d2c850f3a803737-FRA
expires
0
openrtb
adx.adform.net/adx/ Frame 371C 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
openrtb
adx.adform.net/adx/ Frame 371C 		0
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
securepubads.g.doubleclick.net/gampad/ Frame 371C 		35 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1123457220321230&correlator=2186752571692067&eid=31072020%2C31074694&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=3&adks=4211136529&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686011143198%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet61d564df-8b29-4f2b-b20a-95a90770533e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D1%26amznp%3D1&ppid=vnet61d564df8b294f2bb20a95a90770533e&sc=1&cdm=ye-mek.net&abxe=1&dt=1686011143574&lmt=1686011143&dlt=1686011142833&idt=580&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=31naleh3386u&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=507540644.1686011143&ga_sid=1686011143&ga_hid=1107654582&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c41d442fbd4f5a62c31d4d210c888415b13db4abeac987ecb7156929146006
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14559
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 371C 		34 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1123457220321230&correlator=2186752571692067&eid=31072020%2C31074694&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=4&adks=1462316560&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686011143198%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet61d564df-8b29-4f2b-b20a-95a90770533e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D1%26amznp%3D1&ppid=vnet61d564df8b294f2bb20a95a90770533e&sc=1&cdm=ye-mek.net&abxe=1&dt=1686011143579&lmt=1686011143&dlt=1686011142833&idt=580&adxs=349&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=qau69c1nrzxr&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=507540644.1686011143&ga_sid=1686011143&ga_hid=1107654582&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bea8d71fab49f78e36cedf624ad1adfe53342d31d819e598948280425cbd7de5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14111
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 371C 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1123457220321230&correlator=2186752571692067&eid=31072020%2C31074694&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=5&adks=2489655037&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686011143198%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet61d564df-8b29-4f2b-b20a-95a90770533e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D%26amznbid%3D1%26amznp%3D1&ppid=vnet61d564df8b294f2bb20a95a90770533e&sc=1&cdm=ye-mek.net&abxe=1&dt=1686011143585&lmt=1686011143&dlt=1686011142833&idt=580&adxs=985&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=3r6t727arrln&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=507540644.1686011143&ga_sid=1686011143&ga_hid=1107654582&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d204c1db9d0b9f4e3c0e89b93253f44357689f6bd9b887752e08cbd77fcf3f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11147
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adagio.js
script.4dex.io/ Frame 371C 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:43 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2494604
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2Phj%2BjlMCvAO3JuSEztykZDJfzlNMiZWPJfwEmLWov6e%2Bzxwzd4t3tVOk9w1YMLwxW2WFg7suHnjXq7RQSBUoOtKxMFffANXPC%2BBaqu%2Foi0FviGA5y4TD0A35MCMmGpWBhDKgeVLwMQFkr6"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7d2c850faa3d2c7e-FRA
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 371C 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160d1864783c67f39eb03bef232d860b57aba8f26003317974a774a3d5146345
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123219
x-xss-protection
0
expires
Tue, 06 Jun 2023 00:25:43 GMT
NoktaPlayer.js
c1.imgiz.com/player_others/html5/ Frame 371C 		398 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=6/6/2023
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19514
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
last-modified
Mon, 29 May 2023 18:51:56 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Tue, 13 Jun 2023 00:25:43 GMT
container.html
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9185 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:43 GMT
expires
Wed, 05 Jun 2024 00:25:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B01F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:43 GMT
expires
Wed, 05 Jun 2024 00:25:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 371C 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 371C 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 371C 		32 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1123457220321230&correlator=4458367162247156&eid=31072020%2C31074694&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=6&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686011143198%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet61d564df-8b29-4f2b-b20a-95a90770533e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet61d564df8b294f2bb20a95a90770533e&sc=1&cdm=ye-mek.net&abxe=1&dt=1686011143912&lmt=1686011143&dlt=1686011142833&idt=580&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=5vhvbd3hlhw8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvhhcRcslN5PJZBovHXORVd9y4BI5O9AiQE8KZWNNku2Sxd9zebZAWraKOIakipeSoUD5EiwuxjZtZecMZHlfg&ga_vid=507540644.1686011143&ga_sid=1686011143&ga_hid=1107654582&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2da82b9515badabe46928ce6c1a0811a05116daf6d19ce85ef940270c040109
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13591
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 371C 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1123457220321230&correlator=3289050185625554&eid=31072020%2C31074694&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=7&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686011143198%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet61d564df-8b29-4f2b-b20a-95a90770533e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet61d564df8b294f2bb20a95a90770533e&sc=1&cdm=ye-mek.net&abxe=1&dt=1686011143917&lmt=1686011143&dlt=1686011142833&idt=580&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=paotba4nqi71&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvhhcRcslN5PJZBovHXORVd9y4BI5O9AiQE8KZWNNku2Sxd9zebZAWraKOIakipeSoUD5EiwuxjZtZecMZHlfg&ga_vid=507540644.1686011143&ga_sid=1686011143&ga_hid=1107654582&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f6807cb9aeeaf47ed6d98f39015d941001a5308cf4f2590b81a4d3b65728ca2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10758
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 371C 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1123457220321230&correlator=1742316911084127&eid=31072020%2C31074694&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=8&adks=3299242717&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D1.25%26hb_adid%3D62a6ec186ffe133%26hb_bidder%3Dprojectagora%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.66%26hb_adid_appnexus%3D58746ec78c43c73%26hb_bidder_appnexus%3Dappnexus%26hb_format_projectago%3Dbanner%26hb_size_projectagora%3D160x600%26hb_pb_projectagora%3D1.25%26hb_adid_projectagora%3D62a6ec186ffe133%26hb_bidder_projectago%3Dprojectagora%26hg_pb%3D1.25&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686011143198%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet61d564df-8b29-4f2b-b20a-95a90770533e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet61d564df8b294f2bb20a95a90770533e&sc=1&cdm=ye-mek.net&abxe=1&dt=1686011143921&lmt=1686011143&dlt=1686011142833&idt=580&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=lg9lv2rm1oxf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCvhhcRcslN5PJZBovHXORVd9y4BI5O9AiQE8KZWNNku2Sxd9zebZAWraKOIakipeSoUD5EiwuxjZtZecMZHlfg&ga_vid=507540644.1686011143&ga_sid=1686011143&ga_hid=1107654582&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f51705addd284a43543035d26d3a9bb0b9941e499583afa5c18b924a1aec453
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10809
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 371C 		33 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1123457220321230&correlator=140991868667190&eid=31072020%2C31074694&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=9&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686011143198%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet61d564df-8b29-4f2b-b20a-95a90770533e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet61d564df8b294f2bb20a95a90770533e&sc=1&cdm=ye-mek.net&abxe=1&dt=1686011143924&lmt=1686011143&dlt=1686011142833&idt=580&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=irlk556myesm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvhhcRcslN5PJZBovHXORVd9y4BI5O9AiQE8KZWNNku2Sxd9zebZAWraKOIakipeSoUD5EiwuxjZtZecMZHlfg&ga_vid=507540644.1686011143&ga_sid=1686011143&ga_hid=1107654582&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
222e839deae40bf57b859b6fcce58ee35d0e9e4e418ab9473bac43772b4945cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14114
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 371C 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1123457220321230&correlator=1142571988378311&eid=31072020%2C31074694&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=10&adks=3203893797&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D1.28%26hb_adid%3D61d23d41eed4c94%26hb_bidder%3Dprojectagora%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D160x600%26hb_pb_rubicon%3D0.31%26hb_adid_rubicon%3D5608827e759fb6d%26hb_bidder_rubicon%3Drubicon%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.96%26hb_adid_appnexus%3D57bacd0369203bf%26hb_bidder_appnexus%3Dappnexus%26hb_format_projectago%3Dbanner%26hb_size_projectagora%3D160x600%26hb_pb_projectagora%3D1.28%26hb_adid_projectagora%3D61d23d41eed4c94%26hb_bidder_projectago%3Dprojectagora%26hg_pb%3D1.28&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686011143198%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet61d564df-8b29-4f2b-b20a-95a90770533e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet61d564df8b294f2bb20a95a90770533e&sc=1&cdm=ye-mek.net&abxe=1&dt=1686011143929&lmt=1686011143&dlt=1686011142833&idt=580&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=bjptzs5n6yc3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCvhhcRcslN5PJZBovHXORVd9y4BI5O9AiQE8KZWNNku2Sxd9zebZAWraKOIakipeSoUD5EiwuxjZtZecMZHlfg&ga_vid=507540644.1686011143&ga_sid=1686011143&ga_hid=1107654582&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29171ddb1bc1d6cd70b4f75fa8a66c58b843542ec15e10c1047db5c41f5886dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10519
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9185 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 08:18:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
576435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 May 2024 08:18:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9185 		137 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f92913aa57f03ca29c3abb2e250286bf31567308566d8c9d82862013d6816f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Origin
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47376
x-xss-protection
0
server
cafe
etag
3472733244676829142
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9185 		173 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:43 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B01F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=COccoB31-ZK2oJteK7_UP2MiUmAm6iLSPXJzX7u6pCMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT0AU_QhCyh6GqwdTNLW2RusJrGdBUv9IxW0c2-OjAsAlFMRsd6gmXPIHJcr2MdZvvv8OCaA1vsdmeYJjLgf-n7iY7q1PhM6AMgFYB4L6DpqVAf2a1gp_-3i_vUguSWpt4xxAO06uKECtnKKF_2oxOf1IcvRxCrB1NuiKw9351mD-yon6Ph-EpmeV8uCyNTD7eX5Uxb12OsnARr1BktJ2oXCbxAvYpOuk4GTy1tlDY7gkPv1_EdE2GTn6NS_QFepQmUhbDR03bs3Ss2tbV9SEL4cbqGDVTRhW9-Yf-9LYI6TLpcYleFw69OVrbdSgQ3PFtNBv_vuu7gBAGABqrQs-PQkfePuQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTc5ODM2NTEyNTc4MzgyODIY6sFt&sigh=x5XM1bLW6Lg&uach_m=[UACH]&cid=CAQSOwBygQiD7hWYmpKb-B8rytK7JSPKjEKs4B5IqJC0JKDa6UV8HJ3D2xkTDgDBOjARE61aMEp-iQWbsz3oGAE
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
a.gif
i.w55c.net/ Frame B01F 		42 B
582 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=Nzc3OTg1RDlEMkJCMUVDQUMyRkIxRDA5NjlBMUM2NkR8R0ZBWXVKMGJ1WXwxNjg2MDExMTQzNjk3fDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfDE0OTAxMTc3OTVfRVh8NTg5NjF8fHx8LjBQfFVTRA&ei=GOOGLE&wp_exchange=ZH59BwAJlC0Iu8VXAAUkWFgTEnq53odluc1mgg&ac=WFM2YVdYQTl2bjpYU1pHTkNKTWpzfDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCOCMwLjcyMjgxMjJ8SUFCOC04IzAuNTQzNjE0MnxJQUI4LTcjMC4wODk0NDE2M3xJQUI4LTkjMC4wNTkyOTk0OXxJQUIxIzAuMDQ5MTU3MzY&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=ye-mek.net&s=https%3A%2F%2Fye-mek.net&ts=1686011143700&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-HE&rnd=6668172321066659&epid=R0wxNTIyMg&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1udVZVV21Ndg&l=dHJ8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=0&euid=Q0FFU0VPc0dZdzU4Y19CcWJPMnMwYTNHV25J&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=wUJFuIG82STxagGWBIOvOQ&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEOsGYw58c_BqbO2s0a3GWnI&spidu=GOOGLE&pidu=15222&hmpvu=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XROhqscfgR&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.134.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-134-200.eu-central-1.compute.amazonaws.com
Software
PixelTracking/v2.0.30-777-g304ac51#rel-ec2-master i-03b3f67f69a828fdc@eu-central-1b@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 00:25:43 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PixelTracking/v2.0.30-777-g304ac51#rel-ec2-master i-03b3f67f69a828fdc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
creative_add_on.js
cti.w55c.net/ct/ Frame B01F 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cti.w55c.net/ct/creative_add_on.js?w=300&h=250&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTIyMg&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XROhqscfgR&btid=Nzc3OTg1RDlEMkJCMUVDQUMyRkIxRDA5NjlBMUM2NkR8R0ZBWXVKMGJ1WXwxNjg2MDExMTQzNjk3fDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfDE0OTAxMTc3OTVfRVh8NTg5NjF8fHx8LjBQfFVTRA&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEOsGYw58c_BqbO2s0a3GWnI&spidu=GOOGLE&pidu=15222&hmpvu=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XROhqscfgR&
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.53 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7B) /
Resource Hash
6a88e0d82ba2998038cc86adc47bfb48d21e6114e18d97f0ecd05f5df519a95f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000; includeSubDomains
last-modified
Wed, 23 Feb 2022 16:57:18 GMT
server
ECS (amb/6B7B)
age
458739
etag
"3321997696"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
no-cache, must-revalidate
accept-ranges
bytes
content-length
2391
expires
Fri, 01 Jan 1990 00:00:00 GMT
XassetCEYbEcSW.png
ads.w55c.net/t/d/ Frame B01F 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.w55c.net/t/d/XassetCEYbEcSW.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=Nzc3OTg1RDlEMkJCMUVDQUMyRkIxRDA5NjlBMUM2NkR8R0ZBWXVKMGJ1WXwxNjg2MDExMTQzNjk3fDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfDE0OTAxMTc3OTVfRVh8NTg5NjF8fHx8LjBQfFVTRA&ei=GOOGLE&ac=WFM2YVdYQTl2bjpYU1pHTkNKTWpzfDB8MHxFVVI7&js=0&ob=0&ccw=SUFCOCMwLjcyMjgxMjJ8SUFCOC04IzAuNTQzNjE0MnxJQUI4LTcjMC4wODk0NDE2M3xJQUI4LTkjMC4wNTkyOTk0OXxJQUIxIzAuMDQ5MTU3MzY&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fye-mek.net&ts=1686011143700&c=DE&r=G-HE&epid=R0wxNTIyMg&mi=d2Vi&wp_exchange=NWP
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:a400:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cc53b9adf139d3c48666f76e1d316281c5e9065f7eeaa3fb329057c397f83e5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
pTSK_3aD6MH1NhuW2vrruciFx4wLs9g_
date
Mon, 05 Jun 2023 00:54:23 GMT
via
1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
strict-transport-security
max-age=2592000; includeSubDomains
x-amz-cf-pop
MUC50-P2
age
84683
x-amz-server-side-encryption
AES256
x-amz-meta-width
300
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-filesize
65085
x-amz-meta-height
250
content-length
65085
last-modified
Wed, 03 May 2023 17:26:36 GMT
server
AmazonS3
etag
"38988cf71c0e9e66d0bb0693f05250c3"
vary
Accept-Encoding
content-type
image/png
cache-control
must-revalidate
accept-ranges
bytes
x-amz-cf-id
_U3nxI8PR6mknfCqtaBd8R5EPxQzk0LlDIp1EPXM8FC9BQjP21u8cw==
pixel.php
t.hspvst.com/ Frame B01F 		95 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.hspvst.com/pixel.php?id=2677&t=P&cb=6668172321066659
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.58.197.185 , United States, ASN174 (COGENT-174, US),
Reverse DNS
staticip-hv4m185.hispavista.com
Software
Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:43 GMT
Server
Apache
X-Powered-By
PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding
chunked
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
image/png
Cache-Control
max-age=315360000
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=3, max=1000
Expires
Fri, 03 Jun 2033 00:25:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame B01F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 17:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
25763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 17:16:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame B01F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 12:05:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
44411
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 12:05:32 GMT
l
www.google.com/ads/measurement/ Frame B01F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT80EJvkbggImKEHemOjctbMTLnqWzr6FIkeG2dM9Xp4QJAla6mxoxSoianBhSXfBChjuInDchcF47kstj9ygrH39UtBw
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B01F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 08:18:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
576435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 May 2024 08:18:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B01F 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:44 GMT
container.html
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 58C4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:43 GMT
expires
Wed, 05 Jun 2024 00:25:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 58C4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ch5uFB31-ZIfeMICP7_UPjfasmAK6iLSPXJzX7u6pCMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMByAMCqgT0AU_QzB5ouFXVdMNrsEbkOJRLmKVd3MwO_RwSVYTA2x92Xc7RsTNNV-HNMyYYNzUcyhuKzDcONzsnT6bP4GosJUjVJQoA1X_bYFdvLk6FI1JDtezCCzBtHdd8o2CinvCt_RRAC9Z6mGyzxXSJTSihs6ZS6Pk6f4ZxGElgtpbQfAiML6FRmfTHfrPZM-Y58jgG3QviyHk8CFncLWor40OXfMdHjH0itKd07liLnJqXhqKaV3GE0v40BGdg8LmsopZ1M7D4_OTs4efJpBTDItpbAaHCQYEIotNz7Abvudh7WBEcQVNXs3d0EbsmNSTlhmoxtHxBrFbgBAGABqrQs-PQkfePuQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTc5ODM2NTEyNTc4MzgyODIY6sFt&sigh=JwKXba5awyg&uach_m=[UACH]&cid=CAQSOwBygQiDMnrNjxDCvJlZl0NjnxfLpivii1EbARblTFuU7uB9wouE--e8fmCeVv4PAvM2zVJ2pUmJ1OUQGAE
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
a.gif
i.w55c.net/ Frame 58C4 		42 B
582 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=MDBBMjIwMzY3OTVEQTlBMUVGQTI4RkY5QTlEOUE5NTN8R0ZEM0kzR2tHSXwxNjg2MDExMTQzODY5fDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfC0xODQwNzkzMDMxX0VYfDU4OTgwfHx8fC4wUHxVU0Q&ei=GOOGLE&wp_exchange=ZH59BwAMLwcIu8eAAAs7DdMOxlXGBB5A5BmxtQ&ac=WFM2YVdYQTl2bjpYU1pHTkNKTWpzfDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCOCMwLjcyMjgxMjJ8SUFCOC04IzAuNTQzNjE0MnxJQUI4LTcjMC4wODk0NDE2M3xJQUI4LTkjMC4wNTkyOTk0OXxJQUIxIzAuMDQ5MTU3MzY&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=ye-mek.net&s=https%3A%2F%2Fye-mek.net&ts=1686011143876&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-HE&rnd=4775343096673656&epid=R0wxNTIyMg&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1udVZVV21Ndg&l=dHJ8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=0&euid=Q0FFU0VHVDQ3VUtNWm96WWpHNGUtMW9mRmhN&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=lMmOeSAtMdsDzv4i5S2OWA&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEGT47UKMZozYjG4e-1ofFhM&spidu=GOOGLE&pidu=15222&hmpvu=8bdccc95-f51c-4594-9153-bfd55b000008&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XROhqscfgR&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.134.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-134-200.eu-central-1.compute.amazonaws.com
Software
PixelTracking/v2.0.30-777-g304ac51#rel-ec2-master i-0943143fd00beb9c6@eu-central-1b@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 00:25:44 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PixelTracking/v2.0.30-777-g304ac51#rel-ec2-master i-0943143fd00beb9c6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
creative_add_on.js
cti.w55c.net/ct/ Frame 58C4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cti.w55c.net/ct/creative_add_on.js?w=300&h=250&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTIyMg&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XROhqscfgR&btid=MDBBMjIwMzY3OTVEQTlBMUVGQTI4RkY5QTlEOUE5NTN8R0ZEM0kzR2tHSXwxNjg2MDExMTQzODY5fDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfC0xODQwNzkzMDMxX0VYfDU4OTgwfHx8fC4wUHxVU0Q&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEGT47UKMZozYjG4e-1ofFhM&spidu=GOOGLE&pidu=15222&hmpvu=8bdccc95-f51c-4594-9153-bfd55b000008&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XROhqscfgR&
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.53 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7B) /
Resource Hash
6a88e0d82ba2998038cc86adc47bfb48d21e6114e18d97f0ecd05f5df519a95f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000; includeSubDomains
last-modified
Wed, 23 Feb 2022 16:57:18 GMT
server
ECS (amb/6B7B)
age
458739
etag
"3321997696"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
no-cache, must-revalidate
accept-ranges
bytes
content-length
2391
expires
Fri, 01 Jan 1990 00:00:00 GMT
XassetCEYbEcSW.png
ads.w55c.net/t/d/ Frame 58C4 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.w55c.net/t/d/XassetCEYbEcSW.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=MDBBMjIwMzY3OTVEQTlBMUVGQTI4RkY5QTlEOUE5NTN8R0ZEM0kzR2tHSXwxNjg2MDExMTQzODY5fDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfC0xODQwNzkzMDMxX0VYfDU4OTgwfHx8fC4wUHxVU0Q&ei=GOOGLE&ac=WFM2YVdYQTl2bjpYU1pHTkNKTWpzfDB8MHxFVVI7&js=0&ob=0&ccw=SUFCOCMwLjcyMjgxMjJ8SUFCOC04IzAuNTQzNjE0MnxJQUI4LTcjMC4wODk0NDE2M3xJQUI4LTkjMC4wNTkyOTk0OXxJQUIxIzAuMDQ5MTU3MzY&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fye-mek.net&ts=1686011143876&c=DE&r=G-HE&epid=R0wxNTIyMg&mi=d2Vi&wp_exchange=NWP
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:a400:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cc53b9adf139d3c48666f76e1d316281c5e9065f7eeaa3fb329057c397f83e5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
pTSK_3aD6MH1NhuW2vrruciFx4wLs9g_
date
Mon, 05 Jun 2023 00:54:23 GMT
via
1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
strict-transport-security
max-age=2592000; includeSubDomains
x-amz-cf-pop
MUC50-P2
age
84683
x-amz-server-side-encryption
AES256
x-amz-meta-width
300
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-filesize
65085
x-amz-meta-height
250
content-length
65085
last-modified
Wed, 03 May 2023 17:26:36 GMT
server
AmazonS3
etag
"38988cf71c0e9e66d0bb0693f05250c3"
vary
Accept-Encoding
content-type
image/png
cache-control
must-revalidate
accept-ranges
bytes
x-amz-cf-id
bLpLMD1wx2a_GZ85yZBRy0_dqt040NEKgGxE1w3qWqyOGqK3E8XOrw==
pixel.php
t.hspvst.com/ Frame 58C4 		95 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.hspvst.com/pixel.php?id=2677&t=P&cb=4775343096673656
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.58.197.185 , United States, ASN174 (COGENT-174, US),
Reverse DNS
staticip-hv4m185.hispavista.com
Software
Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:44 GMT
Server
Apache
X-Powered-By
PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding
chunked
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
image/png
Cache-Control
max-age=315360000
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=3, max=1000
Expires
Fri, 03 Jun 2033 00:25:44 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 58C4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 17:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
25763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 17:16:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 58C4 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 12:05:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
44412
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 12:05:32 GMT
l
www.google.com/ads/measurement/ Frame 58C4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQu0jCm5v8bAzYJzdbsj7-6r8iBgeIXfrJmhre9pVFe_MH3H67yeWC8gcvkFWr3gPkMG6TsT1V5BayhRctvqdwNbKPMWQ
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 58C4 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 08:18:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
576436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 May 2024 08:18:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 58C4 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9185 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiFx9f0Lr6JlsGtLi21mjy_D9f7IwIe6zTRb9p70MyLfGwdpU2nH7pzpsHfXA1MEnwSRhU4B38So8InE8jJXl-PJHdVOn_AU2t7qF7Hrk-PdYDXIz1ZIwiADXr--4JrXkbOe5SwchMAu7h_SNofNOvl2nL5BeDf6gC4IVMwe4bsB6xg5TB9EcpR61x-mA8YUXNn3Fe7nIircd5reTDzJ-d451LQEhaRSfZi6pZrtkRnGXwBvcJadWxHE3yPRBqKkirL94bmxJlwQxUwebNf6vzL-Hyb5yD0H9d6wk8vzbNHjvEL9rHIqjxUCia9aU-cCm3GL4Uh4AfMWbTd1bXZPPL0_8nW3bqtFfd4J79E89AdPiUnHc&sai=AMfl-YTHEjubuq8juKVGg4J1tfqEeFGAH2MW72tDeTsETfXXuyeqZG0PqHbsbJX878eikI-XgC0IzNB7LRjguAhRe7_ZUjoqskdrkU_CG4R_VF8&sig=Cg0ArKJSzLd8SGpY-8teEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ Frame 9185 		351 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
206d936128d5106e1b85b8f3fcbcbc138c5c6eb107c5f427bff0fc34f4040374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120659
x-xss-protection
0
server
cafe
etag
1907090250378296377
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:44 GMT
analytics.js
s.h.w55c.net/2/948461/ Frame B01F 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE&pp=15222&ti=&pv=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&to=3&de=2&md=1&si=&dm=300x250&pi=XROhqscfgR&gt=DE&ac=Xmwo1n97Q8
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/creative_add_on.js?w=300&h=250&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTIyMg&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XROhqscfgR&btid=Nzc3OTg1RDlEMkJCMUVDQUMyRkIxRDA5NjlBMUM2NkR8R0ZBWXVKMGJ1WXwxNjg2MDExMTQzNjk3fDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfDE0OTAxMTc3OTVfRVh8NTg5NjF8fHx8LjBQfFVTRA&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEOsGYw58c_BqbO2s0a3GWnI&spidu=GOOGLE&pidu=15222&hmpvu=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XROhqscfgR&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cce86358aefed3ef34b6bef869dcc25ccae198205118ac0a680aaf84bd93eb42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 00:25:44 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
2866
Expires
0
container.html
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C106 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:43 GMT
expires
Wed, 05 Jun 2024 00:25:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CEF4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:43 GMT
expires
Wed, 05 Jun 2024 00:25:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
s.h.w55c.net/2/948461/ Frame 58C4 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE&pp=15222&ti=&pv=8bdccc95-f51c-4594-9153-bfd55b000008&to=3&de=2&md=1&si=&dm=300x250&pi=XROhqscfgR&gt=DE&ac=Xmwo1n97Q8
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/creative_add_on.js?w=300&h=250&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTIyMg&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XROhqscfgR&btid=MDBBMjIwMzY3OTVEQTlBMUVGQTI4RkY5QTlEOUE5NTN8R0ZEM0kzR2tHSXwxNjg2MDExMTQzODY5fDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfC0xODQwNzkzMDMxX0VYfDU4OTgwfHx8fC4wUHxVU0Q&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEGT47UKMZozYjG4e-1ofFhM&spidu=GOOGLE&pidu=15222&hmpvu=8bdccc95-f51c-4594-9153-bfd55b000008&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XROhqscfgR&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
716a8626ab6358ce82bc4e809d46120fa9981951ce6718b860523189aeb18bf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 00:25:44 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
2869
Expires
0
truncated
/ Frame 9185 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6594fd4d569d83128239d65be3c71777426a58805bce24785eae672180bf0cd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E19D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22233
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Jun 2023 18:15:11 GMT
etag
48472445140208031
expires
Tue, 06 Jun 2023 18:15:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B01F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53d6ea5eca53713dec5cfc9ac5eb5684756835e59aeb55b76a6ff80239893da3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
container.html
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BE1B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:43 GMT
expires
Wed, 05 Jun 2024 00:25:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9038 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:43 GMT
expires
Wed, 05 Jun 2024 00:25:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AD7A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:43 GMT
expires
Wed, 05 Jun 2024 00:25:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 52E1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:43 GMT
expires
Wed, 05 Jun 2024 00:25:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6E7D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22233
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Jun 2023 18:15:11 GMT
etag
48472445140208031
expires
Tue, 06 Jun 2023 18:15:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
6363a944e4b0125bde9e6739
ng.virgul.com/tck/imp/ Frame 371C 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/imp/6363a944e4b0125bde9e6739?g=1&t=cpc_annotation&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1686011143198&userId=vnet61d564df-8b29-4f2b-b20a-95a90770533e
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 06 Jun 2023 00:25:44 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
adview
securepubads.g.doubleclick.net/pagead/ Frame C106 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CCLmCB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoE_QFP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp_ZF_cODZG5APvwK75aymTo510TSYiZPelp3GsuQsVyeOT0vVzjX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=zrTp2A1JsjY&uach_m=[UACH]&cid=CAQSOwBygQiDV6fXjVQzcVixEAY17jaeToaima7OQJjqJsF8aVuJXsT7OllLb_DCmILHV_8OU2sZvWYFFLp1GAE
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame C106 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gyzrxf85dytxz9j0e2ngbswsqnyad0yadv2bhp1gqj2krq5yjmgktnyc9fy9c2dvk1z73w9vz8azvan5h69262zhc6cnpc27dxxfajhtdefvt40aj8529ydnp1y6zr59zxcz175yz18rhdn7390ya9hdmyde8c0nezvajape41wh4fzgq8kw5yasxq4jgtm877xrmy01gy4gd8ffz6qxj4e2ejeh2jzy2t3vjgqdb1dsjdsba7zb11ykx0wmd5ngrne15ytrat4fxs1jannq7p3d6g5ccfvwk9b8xsm4cjfmhv70nk8mpb59dmtj12brgp9dd2yrdmpm01dcnybqjjz13v1mx0h1vdh5y9je64t8dhqkdxxmpwzcxsdqz99zqb483xsx8fzbsw4&b=ZH59BwAOwn8Iu8rvAA1mmQFkZn0MiC8wko8Kug
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 06 Jun 2023 00:25:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame D07C 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hcjd31yrza1r1bdnqf7rq0adh7qnady4dtnest6p1vxzg39964gmp7q4actcefghas8h1j8ctt8g7ygxrs3mwgdtn06qvh5v6s7tv9hjgjbr3c66sznn559v102btr8ctnyywjcfkzgkny10zsgmqtr17wjgtgf873y0hpqght2x2w7xtpk0kc7r5808k0arnar6wy66nggw0sc8w8f2v5f9k7bs32b8z1nvx6erg3e9p3r2cvf2s1c6hbj8jn4xbg09jw7p3wbtak7wf3s0xw9wna68vzfn1g1f9ge22gdw1s3a94a84avqgvc7t2fz8fqjh2q5rq36nvhv2mr267cs818f92yfvbdrkez21jjh1v2wpkjjhwefvsj9bhk567am6grbhzrg74wddnxg2j5q8bccvvbczer1281qadb84zwvgsqa6xkfgspp12wyccsamwg1w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa022b304cdbc35574b2b59a0de7bc991c1c1bdebdf0ae2e20ff79ff6121552f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7d2c85148bff9170-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:44 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame C106 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 17:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
25763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 17:16:21 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CAE8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22233
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Jun 2023 18:15:11 GMT
etag
48472445140208031
expires
Tue, 06 Jun 2023 18:15:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame C106 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 12:05:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
44412
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 12:05:32 GMT
l
www.google.com/ads/measurement/ Frame C106 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKnPTGJJ4H4T4I0Mt-JebUxGNUIYxDil64M3bcHc57ssxBEbDVZ7L3Vq2bZgXy1FgzbnDDyNfWgwLG5FBO1MQINvYJ5w
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C106 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 08:18:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
576436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 May 2024 08:18:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C106 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:44 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 51B0 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjW2LLlATAB&v=APEucNXJwrbw-fgnhsY4CEfv78pVgwP-2gpvgPqjA-fZS7RIT0cEySSg5RWPiYnsCHYpQ4tHeRptMLHGMGR7B3cZTRyl0_pnNAI3zQNzAgQHfNoCYmW-6rMos8_vGEooAsum7nX8ZkoJNDz3V86OrnsUJfKZF6WYQ5zUCMi-cmEfE-Kri3qGInQ
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame CEF4 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CEF4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AXZIQ8Xce1RoR5miMdhA4uZr6F0wh8v0jOpFDSlM-NPTFffCDJ7hxgIPZkwGF6QfvANCwY_LzJrZnJBAyjr4bE_DQTwpKwDZepd_uUbTVuMp4l20M
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CEF4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2237742837388520519&x=1&ct=76
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame CEF4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 17:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
25763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 17:16:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame CEF4 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 12:05:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
44412
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 12:05:32 GMT
l
www.google.com/ads/measurement/ Frame CEF4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSin3wlLT7BTC7zcS9tLbKPI0gF50zm8VUN9zgMUsw3tRIWPNiZp7Ryi0wgcfATf_Hn2FvzDm-05GZ2XLsvd0efhJYDsA
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CEF4 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:44 GMT
truncated
/ Frame 58C4 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fc9cd0ebc8513e8a6188191ca83e134d2ce8bc8c86474bb972c2c568f23c527

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1076 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjtnrXcATAB&v=APEucNU5S1MLOm7P94nhl0CDzrtaKdjq68xPPU1n7_ARZ_nu-5uiLZa6y2YpRBb0bH0qSwJCqvB5kQ1A9KnkZpj6cJk1cZcrNCVzVg-q5LNdV4cG4NAzzHK83dI3rzSRDOJPITz2phZA2RI6wxfDuRs8YSaDHbBbmRW5q-M_zEazj2vCqQlhqiA
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame BE1B 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BE1B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B0L8ntwDEP91nyXe2gW-4DVI2iex8GVcVs5HSS6RzmTu_yIXBT__GtGb4BCs24rNTA641PNnk7CkoDVbH_Ou71Dk56aKXg6m8veFTy6Q3Tx4q6MJE
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BE1B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3828106269032251078&x=1&ct=76
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame BE1B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 17:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
25763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 17:16:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame BE1B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 12:05:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
44412
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 12:05:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BE1B 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:44 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C8BF 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARj8x7LlATAB&v=APEucNURQ4Ld13H704HYXZn8_WEnjRsxvDTzA5ITTWu_wIrcyjAoTzEMhj36fm4O0As4Z4VzKU96WgszVvM-0MciPCrUe4GDFELL8BEw4Mbr3YqQDyFPvWu4ApBIjG1hsgOWSgQeHEShIQQbg4_1NGY6d8VjjjP7Y9BK9eaYzqIB9cAny7lORe4
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 9038 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9038 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C2AkT8IWLycBoeeu5ubDAI5ycFF3BKT-_oWvnHPaJzfjZK_u-KDJ4h6673B9AsCylEgFII-7VU_K-mpmbkCPOGjVIIuykK8nfD7fLFRi-ufK5ND9w
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9038 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5687695187570811539&x=1&ct=76
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 9038 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 17:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
25763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 17:16:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 9038 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 12:05:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
44412
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 12:05:32 GMT
l
www.google.com/ads/measurement/ Frame 9038 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQMdBq2uKQX9dCYO_f1AqnDgu2iahPM-_s6g0kJK0HLS-MF92Ver8xacrpnTPAh5mlG40DPdf1_vUKR0ILh7fxHzsIRJg
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9038 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:44 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D368 		398 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARj8x7LlATAB&v=APEucNUDslr2HpBzEZIF_EBlbISqH4iqy2BIKEYkx_UhSPouvrA2tbNhPEVKZcH50jbU9DSPLWkcEmXBOqYZMEyxZU76adKOvj4elv4mmHsMlKnQDaHJ7CCubWdHtYah3mAWuK-bMZuV07QL1x_vX6XyUPUyEhkL-V6qXsedSC2XQFUTAKzqnAQ
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame AD7A 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AD7A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cwt4j-_pnLLykHSly4X80TVSgrf8LGh9MDMQjJdkoWYsR9pRuSHUdyVpOaDwvH_feFeybC9C2iiULx7okawof7SEotAgOyofZF4x9UURrcvnThNhQ
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AD7A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9931757394151975317&x=1&ct=76
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame AD7A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 17:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
25763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 17:16:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame AD7A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 12:05:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
44412
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 12:05:32 GMT
l
www.google.com/ads/measurement/ Frame AD7A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSHJ1P42dl5onjZM72ALop4zXT21NT_ePdGVfYnc5jfVu61PxP6qmfol3d0YSyhZ5QWet0bgIaOnTpbKkS4uvUZ8kX3dw
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AD7A 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:44 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 52E1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwHySB31-ZJXQO4Og9u8P-pCEoAfPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT1AU_QTj0sZQLtJi0GDFzUi65a7AEvAPjIJBScXIIh1-r8tgScX3PYZpjdKTakYZkuLV9e7DukGhk6tvh0t38DrANE-gQqlV6FNeKsbgS1YU1i41Zbo1aBkdwNWLMQVd-gPexF8AcUts0YgkZk56ZE5LtO1P5EF929zN4LIa00Q7GrfVp_9iV6Twvye5O4CDG_VzgIuYhBpH-u9YG-FF_1KJ7WNOijALWuIUowYOPKzhrB7Elp1xbuEgfq9m9jXRIWY3EklCH6z-0aPs6dWKtzWRMTPRvZMwYu-hQTmU13tgaMrTHYyWHcCLdgbzl030eTD5BsozO14AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=nYciH3Z03GA&uach_m=[UACH]&cid=CAQSOwBygQiD0NbAh5-PC_O_A6UlZAblbsUwPGoxwRVybX6p_N1vHE2-eOxGlBFF0kiPqVSNrHUIq49bAlcSGAE&tpd=AGWhJmvsAGrqcwI0nLKz9JNI0nazUO20CHJdQE_XUIpiS8KVIhasec0b7XqrFxwKwSXr79LPdCpOdrpeHxQLrbdWG93jP3f28czDD6XD14ndVltWsAdSTEZQdUfb_UylW64umBlH3xVDTmrO8ElHz5jFhP10tANKrMMkWo5MYqDADUjseZEiIoO-4FK-O3Qn3N2opJrfiUQSf1SoA3vgbtEkKHyK_wz4QHMegyIKl3PowlOEAk_jeQN34cjYYJvrYsixc7fE5KG9iwEQgD8I5ibMcRcrXRFN_6fKPtm7KCsIYWaYnAr7-uLQAx9V9w0V-jgmXTpdeT6HhtlVh9vr8ASQ3euNH2a_zn5RVsNevrwbfNMz6uWuuEQbru4qnF6F07psRtJyauwskUE3_8vOUwDwwpPTvznVeQHz7Zkw1rn5107FoYgpJe9tAJjspHHnGvBZwNit63bRm1KMtouFi-iKCMYQPV834dMvJhJFujey0RseAFA5QBEwEN5qNYkTg0SR6J9SLNsFIcgwqTQuPoqcRB8bxRYuDswOjqxNCgogzt_zegl06B2QtvsvUW0g3tjaOll7Ow2h7XOtny6nxvQyqBocVGs0PAZ_VgwKHTfBQwossR1yp4V76TaZSZ9xC0ndQxgDEe6jRq0zwebEhWjrAc4G09eD0tuD4kMSGgPFyiPjLHWE1FquLsrn-qHor54Tu7lATllgXwUHDHeQDDtVvP1CuHJtPl6doyrfbgN5AHQ9TJUaiSuXAqeWUZ6fwetiCTuiQ1MOErPvhquZzsQC-jONpFqewGV8K70VZlWR4Q0fwsIvtTuU8WK_w03557QRRsgi93i9r2zNTUR48-GVfsF6Bpf1ln_76Pt_DA03L7BoS388HyBtsoBGTIhV026Ynh_SfwJs1MlyIftHIerGWnAwGy3IpPEylDLfzPLsI4wWs3WuT2cvoqJdaL6_6zmZ-qVptM4L3BZw5KG2ZNnz7qustRPq4fPoanHDJOJX2SoXlG_kJFalHxpOoixi8T22NVS9ZhaHEnnZy2BN85VPOmFFAyE7cY5SBktoAfQEbnXIn4RVmzbRYVPku4yybVBbO75xyIQJfwX0-fwNNaHU8DJmEZVBCZWP_DdxVQoiosfoubjrAQ
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
js
tags.mathtag.com/notify/ Frame 52E1 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkROak1tVmtOV0l0WkRNMVppMDVabU14TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMjU2NTEzMzg0OTkyNDE4NjAvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1Nl9oSHg0bjNjV0hMOUdOZEUtUVlfay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTI1NjUxMzM4NDk5MjQxODYwL3pyaC8wLzEwNS8xMC85OTkvMTYyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY4NjAxMTE0NC8xNjg2MDIzNzQ0LzQvcHViLTc5ODM2NTEyNTc4MzgyODIv/n_z-dIqTScmv9i6zsBHWjuuND4Y&nodeid=4837&group=zrh&auctionid=4125651338499241860&pbs_auctionid=4125651338499241860&shardkey=4125651338499241860&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.156&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRs4B31-ZJXQO4Og9u8P-pCEoAfPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT4AU_QTj0sZQLtJi0GDFzUi65a7AEvAPjIJBScXIIh1-r8tgScX3PYZpjdKTakYZkuLV9e7DukGhk6tvh0t38DrANE-gQqlV6FNeKsbgS1YU1i41Zbo1aBkdwNWLMQVd-gPexF8AcUts0YgkZk56ZE5LtO1P5EF929zN4LIa00Q7GrfVp_9iV6Twvye5O4CDG_VzgIuYhBpH-u9YG-FF_1KJ7WNOijALWuIUowYOPKzhrB7Elp1xbuEgfq9m9jXRIWY3EklCH6z-0aPs6dWKtzWVERHIl1j6Ipd7BbMpU3GfaRuTtkw0_E6QqgL5aOflm_Fz71HzQ4oC-g4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2C8jdqrQML_b0lPwdI0hIzNf0UqQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.241 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.389.1 /
Resource Hash
f47da0b8eecd2764b1e23bce508f8654b4d50c84ca0344b65235ac3d954cff5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:45 GMT
x-mm-nodeid
4837
Content-Encoding
gzip
x-mm-bid-request-time
1686011144
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
close
x-mm-handled-by-owner
true
Last-Modified
Tue, 06 Jun 2023 00:25:44 GMT
Server
MMBD/3.389.1
x-mm-latency
159 (0)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
pao-router-x44, zrh-bidder-x172
x-mm-lag
0
Expires
Tue, 06 Jun 2023 00:25:44 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 52E1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 17:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
25763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 17:16:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 52E1 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 12:05:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
44412
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 12:05:32 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 52E1 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 08:18:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
576436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 May 2024 08:18:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 52E1 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:44 GMT
rum
dsum-sec.casalemedia.com/ Frame 51B0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAHS1eqbaTYQpPAZLkfh0W0&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAHS1eqbaTYQpPAZLkfh0W0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjW2LLlATAB&v=APEucNXJwrbw-fgnhsY4CEfv78pVgwP-2gpvgPqjA-fZS7RIT0cEySSg5RWPiYnsCHYpQ4tHeRptMLHGMGR7B3cZTRyl0_pnNAI3zQNzAgQHfNoCYmW-6rMos8_vGEooAsum7nX8ZkoJNDz3V86OrnsUJfKZF6WYQ5zUCMi-cmEfE-Kri3qGInQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 00:25:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAHS1eqbaTYQpPAZLkfh0W0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 51B0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH59CDnJEKWdTUIPerALDAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAHS1eqbaTYQpPAZLkfh0W0&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAHS1eqbaTYQpPAZLkfh0W0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjW2LLlATAB&v=APEucNXJwrbw-fgnhsY4CEfv78pVgwP-2gpvgPqjA-fZS7RIT0cEySSg5RWPiYnsCHYpQ4tHeRptMLHGMGR7B3cZTRyl0_pnNAI3zQNzAgQHfNoCYmW-6rMos8_vGEooAsum7nX8ZkoJNDz3V86OrnsUJfKZF6WYQ5zUCMi-cmEfE-Kri3qGInQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 00:25:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAHS1eqbaTYQpPAZLkfh0W0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 51B0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECN5DMW9x0UUl3TGrunZuQo&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECN5DMW9x0UUl3TGrunZuQo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjW2LLlATAB&v=APEucNXJwrbw-fgnhsY4CEfv78pVgwP-2gpvgPqjA-fZS7RIT0cEySSg5RWPiYnsCHYpQ4tHeRptMLHGMGR7B3cZTRyl0_pnNAI3zQNzAgQHfNoCYmW-6rMos8_vGEooAsum7nX8ZkoJNDz3V86OrnsUJfKZF6WYQ5zUCMi-cmEfE-Kri3qGInQ
Protocol
HTTP/1.1
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 00:25:44 GMT
AN-X-Request-Uuid
6ad951db-fe96-42dd-b556-bdd38271326f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.120; 146.70.117.120; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECN5DMW9x0UUl3TGrunZuQo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 51B0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2NDYwMzMwNjczMjM0ODkzMA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2NDYwMzMwNjczMjM0ODkzMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjW2LLlATAB&v=APEucNXJwrbw-fgnhsY4CEfv78pVgwP-2gpvgPqjA-fZS7RIT0cEySSg5RWPiYnsCHYpQ4tHeRptMLHGMGR7B3cZTRyl0_pnNAI3zQNzAgQHfNoCYmW-6rMos8_vGEooAsum7nX8ZkoJNDz3V86OrnsUJfKZF6WYQ5zUCMi-cmEfE-Kri3qGInQ
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 06 Jun 2023 00:25:44 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.120; 146.70.117.120; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1b302b5c-27f2-48eb-8a26-cab05577b1bd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2NDYwMzMwNjczMjM0ODkzMA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame E19D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFtO-38ed7dvVcC5KdIgHV0&google_cver=1&google_push=ATf1kGOgk8nxfQx7urhQ8CC5hpCoSuxrz3LPmULKj2jFCH4QgyoB6nj9MpJQqFq4H7widI86ZbIBTEvNKfl5aSo1tgER5FngVg&re...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFtO-38ed7dvVcC5KdIgHV0&google_cver=1&google_push=ATf1kGOgk8nxfQx7urhQ8CC5hpCoSuxrz3LPmULKj2jFCH4QgyoB6nj9MpJQqFq4H7widI86ZbIBTEvNKfl5aSo1tgER5FngVg&...
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFtO-38ed7dvVcC5KdIgHV0&google_cver=1&google_push=ATf1kGOgk8nxfQx7urhQ8CC5hpCoSuxrz3LPmULKj2jFCH4QgyoB6nj9MpJQqFq4H7widI86ZbIBTEvNKfl5aSo1tgER5FngVg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOgk8nxfQx7urhQ8CC5hpCoSuxrz3LPmULKj2jFCH4QgyoB6nj9MpJQqFq4H7widI86ZbIBTEvNKfl5aSo1tgER5FngVg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7d2c85168df719a9-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
230
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFtO-38ed7dvVcC5KdIgHV0&google_cver=1&google_push=ATf1kGOgk8nxfQx7urhQ8CC5hpCoSuxrz3LPmULKj2jFCH4QgyoB6nj9MpJQqFq4H7widI86ZbIBTEvNKfl5aSo1tgER5FngVg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOgk8nxfQx7urhQ8CC5hpCoSuxrz3LPmULKj2jFCH4QgyoB6nj9MpJQqFq4H7widI86ZbIBTEvNKfl5aSo1tgER5FngVg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7d2c8514fd0319a9-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E19D
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEAfDoOxcm-T5717R2Av1JPs&google_cver=1&google_push=ATf1kGPoYL8E-B9oMTQwoQACbg1ihCRsxDaT29A5lGkRU5ElGO5tvQbrBBhvItVIS4SqEgng1Xuldpt67PxAZvNeMSAAvwk...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAfDoOxcm-T5717R2Av1JPs&google_cver=1&google_push=ATf1kGPoYL8E-B9oMTQwoQACbg1ihCRsxDaT29A5lGkRU5ElGO5tvQbrBBhvItVIS4SqEgng1Xuldpt67PxAZvNeMSAAv...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPoYL8E-B9oMTQwoQACbg1ihCRsxDaT29A5lGkRU5ElGO5tvQbrBBhvItVIS4SqEgng1Xuldpt67PxAZvNeMSAAvwkAIV4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPoYL8E-B9oMTQwoQACbg1ihCRsxDaT29A5lGkRU5ElGO5tvQbrBBhvItVIS4SqEgng1Xuldpt67PxAZvNeMSAAvwkAIV4
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPoYL8E-B9oMTQwoQACbg1ihCRsxDaT29A5lGkRU5ElGO5tvQbrBBhvItVIS4SqEgng1Xuldpt67PxAZvNeMSAAvwkAIV4
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame E19D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VxSq3c97SH-f9KGFSNYgMw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VxSq3c97SH-f9KGFSNYgMw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNcuO60kvDvx_ZSK7AHS_EPsbUt9VE1LZG-xcyUodx-3f-d8kSQwZEjkcHvpTrZTR-9dNmWmePnIY86VjoqBlirTQkT_AA
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VxSq3c97SH-f9KGFSNYgMw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNcuO60kvDvx_ZSK7AHS_EPsbUt9VE1LZG-xcyUodx-3f-d8kSQwZEjkcHvpTrZTR-9dNmWmePnIY86VjoqBlirTQkT_AA
date
Tue, 06 Jun 2023 00:25:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E19D
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFhzBK4-nlnVqspKxbmCBHA&google_cver=1&google_push=ATf1kGO1OQWZ-uCL0qv1ZL7lFecOSpIV_g6aamnsxEGuQLtJRwgYfUaJ8YJ-ZDtfvhtQfanzX6Vn7I5BlJpyhBYA...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGO1OQWZ-uCL0qv1ZL7lFecOSpIV_g6aamnsxEGuQLtJRwgYfUaJ8YJ-ZDtfvhtQfanzX6Vn7I5BlJpyhBYAyubT31grig
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGO1OQWZ-uCL0qv1ZL7lFecOSpIV_g6aamnsxEGuQLtJRwgYfUaJ8YJ-ZDtfvhtQfanzX6Vn7I5BlJpyhBYAyubT31grig
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 06 Jun 2023 00:25:44 GMT
via
1.1 47b2ce4c0cbd550c326fba9b552b2176.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGO1OQWZ-uCL0qv1ZL7lFecOSpIV_g6aamnsxEGuQLtJRwgYfUaJ8YJ-ZDtfvhtQfanzX6Vn7I5BlJpyhBYAyubT31grig
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
1xDqTPPuUb5sHnpR6k202-w-rr3_b4DFVNpsYxdb06rW0ol_I8UqcQ==
sync
ssbsync.smartadserver.com/api/ Frame E19D 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEQexQDkBRxXGgswiLb0dVM&google_cver=1&google_push=ATf1kGOZNIkU8p37a86qLIQZCNk-A-aj9bR1zR9sR6QyWmgpc8Rle06dWYKQ-gjOvAdRtHoAH89G85WWHJzlvqclK0T-IpPgvEI
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-length
0
/
onetag-sys.com/match/ Frame E19D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAqUAIdJh1j-I1_qN8fFW8k&google_cver=1&google_push=ATf1kGMg6yPBj_spQAFQtnbq2QpIL78FQH_nzw9oAHudOHXWuf-8S_4L25ILq2lVe9AADPcJ0Ep7itHGonj...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMg6yPBj_spQAFQtnbq2QpIL78FQH_nzw9oAHudOHXWuf-8S_4L25ILq2lVe9AADPcJ0Ep7itHGonj7y1XhdLN-75cdxRk
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E19D
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJ9t0svxJ...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2491c702-9fd3-45cc-8641-cf941e071983&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2491c702-9fd3-45cc-8641-cf941e071983&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2491c702-9fd3-45cc-8641-cf941e071983&%%GOOGLE_PUSH_PAIR%%
date
Tue, 06 Jun 2023 00:25:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame E19D 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LLzXIQawBZAETaFIIP8fVh7w9zXkvGblILBbnOWS5HDntFYDFwWECKSVA6hBGG0l7ITX0sreY
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
integrator.js
adservice.google.de/adsid/ Frame 9185 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9185 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8750 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144137&bpp=14&bdt=274&idt=328&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&nras=1&correlator=801930230126&frm=8&ife=1&pv=2&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ix2png1mcbo&fsb=1&dtd=351
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame D07C 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hcjd31yrza1r1bdnqf7rq0adh7qnady4dtnest6p1vxzg39964gmp7q4actcefghas8h1j8ctt8g7ygxrs3mwgdtn06qvh5v6s7tv9hjgjbr3c66sznn559v102btr8ctnyywjcfkzgkny10zsgmqtr17wjgtgf873y0hpqght2x2w7xtpk0kc7r5808k0arnar6wy66nggw0sc8w8f2v5f9k7bs32b8z1nvx6erg3e9p3r2cvf2s1c6hbj8jn4xbg09jw7p3wbtak7wf3s0xw9wna68vzfn1g1f9ge22gdw1s3a94a84avqgvc7t2fz8fqjh2q5rq36nvhv2mr267cs818f92yfvbdrkez21jjh1v2wpkjjhwefvsj9bhk567am6grbhzrg74wddnxg2j5q8bccvvbczer1281qadb84zwvgsqa6xkfgspp12wyccsamwg1w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hcjd31yrza1r1bdnqf7rq0adh7qnady4dtnest6p1vxzg39964gmp7q4actcefghas8h1j8ctt8g7ygxrs3mwgdtn06qvh5v6s7tv9hjgjbr3c66sznn559v102btr8ctnyywjcfkzgkny10zsgmqtr17wjgtgf873y0hpqght2x2w7xtpk0kc7r5808k0arnar6wy66nggw0sc8w8f2v5f9k7bs32b8z1nvx6erg3e9p3r2cvf2s1c6hbj8jn4xbg09jw7p3wbtak7wf3s0xw9wna68vzfn1g1f9ge22gdw1s3a94a84avqgvc7t2fz8fqjh2q5rq36nvhv2mr267cs818f92yfvbdrkez21jjh1v2wpkjjhwefvsj9bhk567am6grbhzrg74wddnxg2j5q8bccvvbczer1281qadb84zwvgsqa6xkfgspp12wyccsamwg1w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%26client%3Dca-pub-7983651257838282%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
31586
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2XWIFaJ1OcjQ2SE4MCuJnfzTdqgoWcYZ9EmWbacqTNvfhDI03zituJwOOm2KVLRbLtVKgbRMh%2BewJE8iscBsyH9nHahuwa5KzjdIQKfJU3o3wc2hkGUxYxS%2B0A7OkGIcMQq%2BixLxLM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7d2c85151c5d9170-FRA
expires
Tue, 06 Jun 2023 01:25:44 GMT
r62eglto.js
ad4m.at/ Frame D07C 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hcjd31yrza1r1bdnqf7rq0adh7qnady4dtnest6p1vxzg39964gmp7q4actcefghas8h1j8ctt8g7ygxrs3mwgdtn06qvh5v6s7tv9hjgjbr3c66sznn559v102btr8ctnyywjcfkzgkny10zsgmqtr17wjgtgf873y0hpqght2x2w7xtpk0kc7r5808k0arnar6wy66nggw0sc8w8f2v5f9k7bs32b8z1nvx6erg3e9p3r2cvf2s1c6hbj8jn4xbg09jw7p3wbtak7wf3s0xw9wna68vzfn1g1f9ge22gdw1s3a94a84avqgvc7t2fz8fqjh2q5rq36nvhv2mr267cs818f92yfvbdrkez21jjh1v2wpkjjhwefvsj9bhk567am6grbhzrg74wddnxg2j5q8bccvvbczer1281qadb84zwvgsqa6xkfgspp12wyccsamwg1w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
25328
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nah3tIp8vAu5xBev1KWwZ%2FD%2BFQSu54G5%2F8CCz061WFjdcivNpwYYLly1oH87tpxd%2BjOEvliD%2FloLMLmV%2F6LpcoyFYELkil%2Fx9egOyK6Y1GAEkd%2FPGstTRr1TpyR75RDNhHU9E2E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7d2c85152c679170-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 May 2023 13:46:11 GMT
sd
us-u.openx.net/w/1.0/ Frame 1076
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKVoy8E2CZr28PCOUPIGUnw&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKVoy8E2CZr28PCOUPIGUnw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjtnrXcATAB&v=APEucNU5S1MLOm7P94nhl0CDzrtaKdjq68xPPU1n7_ARZ_nu-5uiLZa6y2YpRBb0bH0qSwJCqvB5kQ1A9KnkZpj6cJk1cZcrNCVzVg-q5LNdV4cG4NAzzHK83dI3rzSRDOJPITz2phZA2RI6wxfDuRs8YSaDHbBbmRW5q-M_zEazj2vCqQlhqiA
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKVoy8E2CZr28PCOUPIGUnw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 1076 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjtnrXcATAB&v=APEucNU5S1MLOm7P94nhl0CDzrtaKdjq68xPPU1n7_ARZ_nu-5uiLZa6y2YpRBb0bH0qSwJCqvB5kQ1A9KnkZpj6cJk1cZcrNCVzVg-q5LNdV4cG4NAzzHK83dI3rzSRDOJPITz2phZA2RI6wxfDuRs8YSaDHbBbmRW5q-M_zEazj2vCqQlhqiA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 1076
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEE5BLCIvk9QVOgR9F8Tt_1Q&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEE5BLCIvk9QVOgR9F8Tt_1Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjtnrXcATAB&v=APEucNU5S1MLOm7P94nhl0CDzrtaKdjq68xPPU1n7_ARZ_nu-5uiLZa6y2YpRBb0bH0qSwJCqvB5kQ1A9KnkZpj6cJk1cZcrNCVzVg-q5LNdV4cG4NAzzHK83dI3rzSRDOJPITz2phZA2RI6wxfDuRs8YSaDHbBbmRW5q-M_zEazj2vCqQlhqiA
Protocol
H2
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires
Tue, 06 Jun 2023 00:25:44 GMT
pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEE5BLCIvk9QVOgR9F8Tt_1Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 1076 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjtnrXcATAB&v=APEucNU5S1MLOm7P94nhl0CDzrtaKdjq68xPPU1n7_ARZ_nu-5uiLZa6y2YpRBb0bH0qSwJCqvB5kQ1A9KnkZpj6cJk1cZcrNCVzVg-q5LNdV4cG4NAzzHK83dI3rzSRDOJPITz2phZA2RI6wxfDuRs8YSaDHbBbmRW5q-M_zEazj2vCqQlhqiA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires
Tue, 06 Jun 2023 00:25:44 GMT
pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame CEF4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3448584114429&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CEF4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3448584114429&version=m202301230201&ct=76&x=1&cor=2237742837388520400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame CEF4 		85 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C04ala6E8R_JYJuCZGJxObcVeLqqz--MBPKbOa37LLlE2mVEliG7kn55KaCPNzfx8dhvWn8yDZhbY3Y6rsh_73_gLvzu2zP-fU-fnhSlNrNDg82zFr1P9MLA6UIr16UoChfD7tzOHq51ttBWsZmtuCHgd4ehL1hmW9pqfWlufjEVemBCs&dbm_d=AKAmf-DdqHFoD_TS1jA-Mk7uitcTLaogo7wCiQLSgvvZKZ_fmm2WZEFNpRNjOlIdbrUYe3Ui2KOfUURRTUJtX0EuvXh5hTPUr8QxS0_c9UEqnERBerWa-H4S_2D7EQ_2MSndFCIIA49wUIY18OsDTfS4svvTOJBrCClbTo9-wioryto6WEulZMDrjXqD0un4JtNAc6DUpujZi_a000uMiJyqFGdFNSRJ4tEfqS7ijrVK-x_Tpfdg2EmQbVrLIisX5IjE06UqGiQVVZHVHaIOZJQh_l3eF8lUrrCAYc-T0Aveo0oS7bC_jlvwL6UYh8etK1bCUPHeHAHw7l6ElQf85uJS3gZpcmVKuRzSh59Lr01fk8QoJOA-Dak5UPddASxb3txfal36T3CgyMscU3FYPFfCNIhgIEsahfru9UCi_jbGFmIIA_lg0o7nAsE_fCnAxr9Z4ivcpj2LrA8JqDczzIEw5-iskvoMERecr8BAkGWskBVdq2sfZ0eRY6d9_RArzPewZLTsaYEw_mzFK3OwMwPF9b8hsTgBn4JMtl9C6WQNVF10jxFuV1MPSiEXyz4PkTSzzH0JjQwBYfNMAFNUKTbt2tzbTvrLkj56_Bcy0gMO1mPD-pIToVrwNPng5t8zEcHpT_K4xeunfkGIKEZFZnP4NfggGyHtHSZ7JL7DgqWPiluvXGtwMsSK0LBAbxWIrgegwE-p4M-QGY8PSiqO-24h1JDUWwgyuhpYqtv4TERbC8pmb5S5CjMaGkETeqDNRrnnU4HUXHJYFegYqrJlp2FVRS5FylwZs3m02tR0p5AP1CY1KgqUvTSErfH8TEOiLfJrIUCVNDhS7h1SCIrGaneihapqMwnZaMLxe37WCcfBIaQd45TIZdBvThCcOe_gDlQr3jarj6ZB8w0bk_QlIIs3ux4k1XedNgBkySDEFcapBuUxt21ZP9MIvY5kCdRwLXr7hnpzDtxgQFAAb4A9bJjCtTTzctPEQ_ZahBebn1Cj6gM0ZvfPPyMnQIflt74QmtuJKXP-7SB-tY43aOGiEAEYG-BMzJSuJrEnLwQhp76R7Sqlvs-XUwBYorF4cj_VsowFHw1Q6nppt6gekXPAOJE2YNOxXWtdHDWp2h27EivyrBTV04G0PuDc2fEYBJIneXFUTWRd46fpzRhpeLnnlJY3nB01bLXQOS6NnRSC32W49aGwnFw3hrrwYn9eXlTqWnQU-Y4n0hO6RqbL5KmYib_yyMok5AVUTDXL4qebGKQEKuPBAHlmSPHPnmNBe20cZmZkFk04OErLY-u3CdunQsyhFu9c9UF4aouzlRb4O85C9wH55uJ5Pr9cBAFGiOd7OkzwdwkyXUkRkFUuBjKNgcuz3w6ysJd_5UVKps6QnF7_t2IXN3vn9n8ntpbqWmvbirTkDtrkyNtvAFjidGoWkW61Ue7cFRqIbbeo_4O7Ylx0U52W45H9YDg-1UErrAQSh6aiP2-aMkaaHziykah1BmiSHIeB8kmts53YF7M0cW15SoPt4jXaV_oiGpYw_81TACgW9dXI8EE6mLd_q0xo6jLNX_-ef7_ExhYD8CbK7wJEyxgduDYSRLF8XPfBi9dmvv5drTMEYZ8rmMLUB_WUbJi_vZXPMFVOGL6_gZ6Z54w8Q1f1GLjZrYAx75LAmd10suKSJNR_5OsiKcw-qZ-AS40idtzXSha3lKiYdl3n298zO8c5YfH2kA-2O464w0p_23WMvNbNJMyv4mk3tbG-yHX3mgGn3pwBYbgmlmhEbF5JXntRoTo0fBuabUUMFv40qIBEitAGAdYhAzviKH4cR4psImmBrsl0EK_bNc8jrI7TSabFBL_Xh-kXjAOtzaxDvkj0yOyRBFeNTR8-ggiMkx9KHX_TM3MKOJSkQFXPUDQCJV7LCPGjUJ6CE9Lf0fSIymF3zixIT0kSxEiL0P4gB5YPeVfN2AHTWncPNmUDGnr6yaZ1SdQZqSQ_JKpfQA7fe-jiTUWwrR5gZF034OI0EZPrXamIYw6zvoaBhu2fkD3YC4-pBUnXx3cyufggwk3iukqFKu9Z1-Ct_8qbQNxcPHb3Otj7Sr4Vtniamzz5_9l5TpcmZXreuP0NG3LO_azXe9d5B3MSNJEr8CCG1K_N9Q3fBTssjBQGUkAL4fg_cE_99I68u0E_Z0sWjbR65xXXHWOA4blXv9FVrw6pXRKD6PdS1UWYpvO1wwUFTgJkeqBsPp4KJ8YkeCL1mJ8PuH8Ituewr-Z45Jb-MVXan7IBdrjxi2pLdkzMn9xLebQQNjshkyRfmyLIps-O_hIUJt0wxNRlskgbHI089SUdS5z2H5_masSqc0-MO0AHPzDuKnZILL5Y2Psc6zfMs1BhtlksltW_Ao8aswjoUPr2bs7ffMS1l5dmuBFR70kv9X9oX_2i-80ZLsxF4JF8BwCLTUfiaJvObdUMovsPTBblWUB9TLbTaoEUAxHMyjppWTcnG6owLn3Jf_KiI1FsbLjc69hveX72xockzSjmBIXRdfMb2IliDP3W3zfrRvjNaPQM2qwVaJoFxY4tN0_sqMWq9jD3edHWGlVJpMWoWym-ZpIRxFp7bRpS3EwwrX406ok3TA61cvlR5O6VYPjpXlgI6RnoMSOF7F621lWhLVjAV6Jm3Ho-JYNS8LF8ZVjtU-Guueinj9fC9Bk34M_Sr8rB1-CxF69c9Md0ejGEzS7HTZl4BUfOnRPUkGEhOHkvx3ctqgndmyR90YZ6DAzzCvCllp4M0USOJoiyvThBF-N5EOVyUyEEtA8lNPMFiotxP7e8PjLN8pdT24O8T9xPnnAgkKrJHbt7wvKgwCPuE0ghUEoh2HgHiKAQim-T72AjAMxnABc2hxEzuPm8fq7cidS-eXcjK9W6TrndeacDbHas9TcVYVcZmZRmzhN8eW8M6X3NWt6QZzS3o09ubQpGi8dhkDpQarAw7QHurc2I9wkj65D6H6yVf0W_lkD08MclO5jX23dzi6-65gtZnTfamKWYOtTJ2OmQOCOjAWlnlVXZQ7_fuLcyKReX_dFlWtOg0Fy6lmQyMdvacCUh9ZgQGX6JLgF2RRmhUgqYLDKcQF45-EpclALPyrBFuZR0x2RoPDUK3MBEzPhl6zNuotpXEm1WoWhh3yTrCPmfzNHtlKkAuF3TP8nLyaSaOChi0KU6volYQisosl-1ZnFbSf6mqn7dJwcNDpZyttfExoOvDg8Lc1VJxFTq41wb0tXGpyHHJJsXrQU6NNXKfPhiiCxmu6cmG1x2-Y84gOdfGngPA-qdsF18VsCAOzX3tMqYxySxK9jar3Gz7cx7kz_TaS4&cid=CAQSOwBygQiD7la4DNBQSEqEeN6K703YbIA1cQ0LM0iBTH84jL3y2yW86gcgbf1veQcCSfxIKlGmbMezL_0jGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2237742837388520400&adk=212707235&idt=25&cac=0&dtd=44
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4b502beaef6be86daf64aca46fa4f4314de9db352fa312cde8a5d015ee85c22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36303
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame C8BF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECQ-O8a1pzY7Xbtq44Q7eLY&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECQ-O8a1pzY7Xbtq44Q7eLY&google_cver=1&__user_check__=1&sync_id=ad27f4fd-0400-11ee-899a-1d21b9eb0506
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECQ-O8a1pzY7Xbtq44Q7eLY&google_cver=1&__user_check__=1&sync_id=ad27f4fd-0400-11ee-899a-1d21b9eb0506
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARj8x7LlATAB&v=APEucNURQ4Ld13H704HYXZn8_WEnjRsxvDTzA5ITTWu_wIrcyjAoTzEMhj36fm4O0As4Z4VzKU96WgszVvM-0MciPCrUe4GDFELL8BEw4Mbr3YqQDyFPvWu4ApBIjG1hsgOWSgQeHEShIQQbg4_1NGY6d8VjjjP7Y9BK9eaYzqIB9cAny7lORe4
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:44 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
114
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 06 Jun 2023 00:25:44 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=7025&uid=CAESECQ-O8a1pzY7Xbtq44Q7eLY&google_cver=1&__user_check__=1&sync_id=ad27f4fd-0400-11ee-899a-1d21b9eb0506
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
73
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame C8BF
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YWQyMjM5OTgtMDQwMC0xMWVlLTlhOGYtMWVkZGIwYzUwMjA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YWQyMjM5OTgtMDQwMC0xMWVlLTlhOGYtMWVkZGIwYzUwMjA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARj8x7LlATAB&v=APEucNURQ4Ld13H704HYXZn8_WEnjRsxvDTzA5ITTWu_wIrcyjAoTzEMhj36fm4O0As4Z4VzKU96WgszVvM-0MciPCrUe4GDFELL8BEw4Mbr3YqQDyFPvWu4ApBIjG1hsgOWSgQeHEShIQQbg4_1NGY6d8VjjjP7Y9BK9eaYzqIB9cAny7lORe4
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 06 Jun 2023 00:25:44 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YWQyMjM5OTgtMDQwMC0xMWVlLTlhOGYtMWVkZGIwYzUwMjA2
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
28
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame C8BF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1DUHJMeUFwRTJ1RVNnTE00OXZhaTlOd2YxRllaV0J2bn5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1DUHJMeUFwRTJ1RVNnTE00OXZhaTlOd2YxRllaV0J2bn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARj8x7LlATAB&v=APEucNURQ4Ld13H704HYXZn8_WEnjRsxvDTzA5ITTWu_wIrcyjAoTzEMhj36fm4O0As4Z4VzKU96WgszVvM-0MciPCrUe4GDFELL8BEw4Mbr3YqQDyFPvWu4ApBIjG1hsgOWSgQeHEShIQQbg4_1NGY6d8VjjjP7Y9BK9eaYzqIB9cAny7lORe4
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1DUHJMeUFwRTJ1RVNnTE00OXZhaTlOd2YxRllaV0J2bn5B
date
Tue, 06 Jun 2023 00:25:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
dclk-match.dotomi.com/match/bounce/ Frame 6E7D 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEA7Z9SgAwMzpqa6YX3Y1WeU&google_cver=1&google_push=ATf1kGMV2aU4glUqDDHVbUFhNppRwDd47vP_YpjjLIWgcWfJznzzT9zsS3NCZYSLTCzESESc7nAzCUnraCSSJbPdYdIbgasJlaE
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame 6E7D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESELN_p8pLaSkvXoO4YNbSnsA&google_cver=1&google_push=ATf1kGOCJB34t8OpTwFOWBwhtap3IZ2__VAjEOdESfsYZhUrCEQ2ziOFCJtA6Ky2wfls_M5hVrlkDyPK7KxWKITGpd6i0V5yCcM
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6E7D 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEP7Z7e9zkI8vEpOKu7snkcU&google_cver=1&google_push=ATf1kGOkGwMpYRiFHOyLLWXImwzhJ0ssqC-XIDj2zSpmnyB4CqLkqnAjk-WTd9ohNMK7HQGDXUzh-ZokpqQodV_lNmZUpsghiBw
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 06 Jun 2023 00:25:43 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 6E7D 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJYXK_URcxD8wFMMve3mPJo&google_cver=1&google_push=ATf1kGMMRnjv3nxrdg8JTQvyhg_gn3uOgCBMFbaz6I1-VAa9pyDkDhiS4It5Uujb23UcaQu0noo0EshgM96BBYZn46GeUK6Z88o
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 6E7D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKIRyWkobNipCqAXWNFLgRM&google_cver=1&google_push=ATf1kGMcbS0P3AVwMgkX4DX5bQMIA-axdhxgvWB_AYAPYHpZlKOITY1wl9HifQpyKTSeyKwNGcArSWaXzCmnB-kHREB3...
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329526031689692&expires=30&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMcbS0P3AVwMgkX4DX5bQMIA-axdhxgvWB_AYAPYHpZlKOITY1wl9HifQpyKTSeyKwNGcArSWaXzCmnB-kHREB3rKbGpsc&google_hm=JJHHAp_TRcyGQc-UHgcZgw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMcbS0P3AVwMgkX4DX5bQMIA-axdhxgvWB_AYAPYHpZlKOITY1wl9HifQpyKTSeyKwNGcArSWaXzCmnB-kHREB3rKbGpsc&google_hm=JJHHAp_TRcyGQc-UHgcZgw==
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMcbS0P3AVwMgkX4DX5bQMIA-axdhxgvWB_AYAPYHpZlKOITY1wl9HifQpyKTSeyKwNGcArSWaXzCmnB-kHREB3rKbGpsc&google_hm=JJHHAp_TRcyGQc-UHgcZgw==
date
Tue, 06 Jun 2023 00:25:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6E7D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMbUGrPnh5WLtuFDdz86deY&google_cver=1&google_push=ATf1kGOws8-1vgQM0b3kngtn5zjf02CPua3yvVhd1EW-EPEbon1HMzMOxRnw2fBjbR-fIOAn7ztYD3yTFTN8l2PFJQ2-Tg6...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOws8-1vgQM0b3kngtn5zjf02CPua3yvVhd1EW-EPEbon1HMzMOxRnw2fBjbR-fIOAn7ztYD3yTFTN8l2PFJQ2-Tg64wLc&google_hm=eS1RendxbTlGRTJwRVhQM1V...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOws8-1vgQM0b3kngtn5zjf02CPua3yvVhd1EW-EPEbon1HMzMOxRnw2fBjbR-fIOAn7ztYD3yTFTN8l2PFJQ2-Tg64wLc&google_hm=eS1RendxbTlGRTJwRVhQM1VwbFl0VklsT1JMQUJxUTFWSX5B
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 06 Jun 2023 00:25:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOws8-1vgQM0b3kngtn5zjf02CPua3yvVhd1EW-EPEbon1HMzMOxRnw2fBjbR-fIOAn7ztYD3yTFTN8l2PFJQ2-Tg64wLc&google_hm=eS1RendxbTlGRTJwRVhQM1VwbFl0VklsT1JMQUJxUTFWSX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6E7D
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJifla21yqHt-19awDXwnU0&google_cver=1&google_push=ATf1kGOWrbvPwRaad4reH7OwAOr0yizSs3BD01VT0fmgAujxf97tufbSrzlkR22-Rk4c-6ulDaJXLLqrVGtXiwIVsWYDkDPzdg
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGOWrbvPwRaad4reH7OwAOr0yizSs3BD01VT0fmgAujxf97tufbSrzlkR22-Rk4c-6ulDaJXLLqrVGtXiwIVsWYDkDPzdg&...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEwMTMxNzE3ODkzMjAxMzA5OTczNQ%3D%3D&google_push=ATf1kGOWrbvPwRaad4reH7OwAOr0yizSs3BD01VT0fmgAujxf97tufbS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEwMTMxNzE3ODkzMjAxMzA5OTczNQ%3D%3D&google_push=ATf1kGOWrbvPwRaad4reH7OwAOr0yizSs3BD01VT0fmgAujxf97tufbSrzlkR22-Rk4c-6ulDaJXLLqrVGtXiwIVsWYDkDPzdg
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEwMTMxNzE3ODkzMjAxMzA5OTczNQ%3D%3D&google_push=ATf1kGOWrbvPwRaad4reH7OwAOr0yizSs3BD01VT0fmgAujxf97tufbSrzlkR22-Rk4c-6ulDaJXLLqrVGtXiwIVsWYDkDPzdg
date
Tue, 06 Jun 2023 00:25:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 6E7D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXp2DIpG_6mLDTdnjSKuUbhEGdfQ7AzQtryPXodjeJAmDCFT1j8IBBeMR-bChJFV-643hF
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
rtb-csync.smartadserver.com/redir/ Frame D368
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEC69Owv91CwSXqbXYakQp2o&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEC69Owv91CwSXqbXYakQp2o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARj8x7LlATAB&v=APEucNUDslr2HpBzEZIF_EBlbISqH4iqy2BIKEYkx_UhSPouvrA2tbNhPEVKZcH50jbU9DSPLWkcEmXBOqYZMEyxZU76adKOvj4elv4mmHsMlKnQDaHJ7CCubWdHtYah3mAWuK-bMZuV07QL1x_vX6XyUPUyEhkL-V6qXsedSC2XQFUTAKzqnAQ
Protocol
HTTP/1.1
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEC69Owv91CwSXqbXYakQp2o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame D368 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARj8x7LlATAB&v=APEucNUDslr2HpBzEZIF_EBlbISqH4iqy2BIKEYkx_UhSPouvrA2tbNhPEVKZcH50jbU9DSPLWkcEmXBOqYZMEyxZU76adKOvj4elv4mmHsMlKnQDaHJ7CCubWdHtYah3mAWuK-bMZuV07QL1x_vX6XyUPUyEhkL-V6qXsedSC2XQFUTAKzqnAQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
transfer-encoding
chunked
content-type
image/gif
ads
googleads.g.doubleclick.net/pagead/ Frame 036E 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
748e8228aca30d52882fef7f711864f04d3901f8ec4e445fba8974a9491050b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
13690
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
postback
s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/ Frame B01F 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/postback?oz_pl=1&di=https%3A%2F%2Fye-mek.net&dm=300x250&pi=XROhqscfgR&ac=Xmwo1n97Q8&to=3&dt=9484611597092707615000&pd=avt&ui=&ap=&sr=GOOGLE&ti=&pv=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&md=1&si=&ci=948461&pp=15222&de=2&gt=DE&psv=2.94.1&_x=1
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE&pp=15222&ti=&pv=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&to=3&de=2&md=1&si=&dm=300x250&pi=XROhqscfgR&gt=DE&ac=Xmwo1n97Q8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:44 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.h.w55c.net/2/2.94.1/ Frame B01F 		180 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/main.js
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE&pp=15222&ti=&pv=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&to=3&de=2&md=1&si=&dm=300x250&pi=XROhqscfgR&gt=DE&ac=Xmwo1n97Q8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1e3a7651e485bbd08be45c3794ce29db6668bd23f89ef0f62d86ac8f6488378e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:44 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
55459
Expires
Thu, 11 Feb 2055 17:28:42 GMT
postback
s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/ Frame 58C4 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/postback?oz_pl=1&to=3&de=2&md=1&si=&dm=300x250&di=https%3A%2F%2Fye-mek.net&ui=&pp=15222&pi=XROhqscfgR&ac=Xmwo1n97Q8&ci=948461&pd=avt&ap=&ti=&sr=GOOGLE&dt=9484611597092707615000&pv=8bdccc95-f51c-4594-9153-bfd55b000008&gt=DE&psv=2.94.1&_x=1
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE&pp=15222&ti=&pv=8bdccc95-f51c-4594-9153-bfd55b000008&to=3&de=2&md=1&si=&dm=300x250&pi=XROhqscfgR&gt=DE&ac=Xmwo1n97Q8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:44 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.h.w55c.net/2/2.94.1/ Frame 58C4 		180 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/main.js
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE&pp=15222&ti=&pv=8bdccc95-f51c-4594-9153-bfd55b000008&to=3&de=2&md=1&si=&dm=300x250&pi=XROhqscfgR&gt=DE&ac=Xmwo1n97Q8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1e3a7651e485bbd08be45c3794ce29db6668bd23f89ef0f62d86ac8f6488378e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:44 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
55459
Expires
Thu, 11 Feb 2055 17:28:42 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame CAE8 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENslpijJvv0dzJ-anY5wx4c&google_cver=1&google_push=ATf1kGO9VYR2LIypBkMcPQZY6v1SfSA6yVwoIqO_uxVYs5A8XLSeFGyhABDYGrYATDZu84OQ2BYsbYOZDTx75RPqZPZ4XqvZtr83
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame CAE8
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEIxeVPWCiFskltln0_PV-gg&google_cver=1&google_push=ATf1kGO2ucc7Qz_tBnE-D1H_ENL82JmB6paFZmYl3NGaLclgTrmTzVYUoAETEjg6_lWTEnP1Y0hYGWlvmeJy5ZbuWy8E4g3y0HEI
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DE18247059094916B42138F2ADD0FE5B&google_push=ATf1kGO2ucc7Qz_tBnE-D1H_ENL82JmB6paFZmYl3NGaLclgTrmTzVYUoAETEjg6_lWTEnP1Y0hYGWlvmeJy5Zb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DE18247059094916B42138F2ADD0FE5B&google_push=ATf1kGO2ucc7Qz_tBnE-D1H_ENL82JmB6paFZmYl3NGaLclgTrmTzVYUoAETEjg6_lWTEnP1Y0hYGWlvmeJy5ZbuWy8E4g3y0HEI
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 06 Jun 2023 00:25:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DE18247059094916B42138F2ADD0FE5B&google_push=ATf1kGO2ucc7Qz_tBnE-D1H_ENL82JmB6paFZmYl3NGaLclgTrmTzVYUoAETEjg6_lWTEnP1Y0hYGWlvmeJy5ZbuWy8E4g3y0HEI
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 05 Jun 2023 00:25:44 GMT
google
match.adsrvr.org/track/cmf/ Frame CAE8 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJvz1lTIXMnXa98cEm3ZhFU&google_cver=1&google_push=ATf1kGNFNNMj6giJ4qLSWdb_JYq4_jKGqqF1pxGduX3fN_vdTZvTU8lS-Til4cQWprVkd9u1iMZ9CAl34w16szzrTIkRAnpYImtW
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dds
rtb.openx.net/sync/ Frame CAE8 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEIYNsF4Vvj5-srGeJqIQ79M&google_cver=1&google_push=ATf1kGNCdzH7mLHsBq75-EtLtz1zVKG4NCoFboJUD-hIf9az5-JM8qJ-PF1M6i9U3N8JzzTCxUE9QFAgZd4wv7ZzpSwdrGugUYBI
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame CAE8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAqUAIdJh1j-I1_qN8fFW8k&google_cver=1&google_push=ATf1kGOGTlGq--rIXM5A9giNm8-v17DQtq7mQdSzK1cQKYAGGJZVTniOUbK2sxRGKqSi09hsm7YnTSXEiEaT...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOGTlGq--rIXM5A9giNm8-v17DQtq7mQdSzK1cQKYAGGJZVTniOUbK2sxRGKqSi09hsm7YnTSXEiEaTtIq5vihCkCf7_jj0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOGTlGq--rIXM5A9giNm8-v17DQtq7mQdSzK1cQKYAGGJZVTniOUbK2sxRGKqSi09hsm7YnTSXEiEaTtIq5vihCkCf7_jj0
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOGTlGq--rIXM5A9giNm8-v17DQtq7mQdSzK1cQKYAGGJZVTniOUbK2sxRGKqSi09hsm7YnTSXEiEaTtIq5vihCkCf7_jj0
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame CAE8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAqUAIdJh1j-I1_qN8fFW8k&google_cver=1&google_push=ATf1kGPwi6Ru7ITMW9QZ9pzT94lJU3K0KFJb5fIz89oeyVbhzXRYNM6gmOGo_-NuZxisssiBDhGh9jfO0mj...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPwi6Ru7ITMW9QZ9pzT94lJU3K0KFJb5fIz89oeyVbhzXRYNM6gmOGo_-NuZxisssiBDhGh9jfO0mjR6qmbSNm5yEvEjFu9zQ
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CAE8
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJ9t0svxJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2491c702-9fd3-45cc-8641-cf941e071983&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2491c702-9fd3-45cc-8641-cf941e071983&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2491c702-9fd3-45cc-8641-cf941e071983&%%GOOGLE_PUSH_PAIR%%
date
Tue, 06 Jun 2023 00:25:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame CAE8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LmLwgZCaollLnJgLT7FzDuNgWiQO-inM5t2XSUqXG3N8Nu4o_xJdvg7r_l8UIvr6Q5Mu-CcOM
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame BE1B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=67869052294&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BE1B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=67869052294&version=m202301230201&ct=76&x=1&cor=3828106269032251000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame BE1B 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZxTMTGtTHkXnvjuXrH-Ry0Nd5ZJWniDAYNKiyAQaGUH_EBv4UbTxDzF2ara_EtgxVRYvOVAXp55RCE_opLztty0y8wnfBHl5JP5TerR-ws6s0zqw&cry=1&dbm_d=AKAmf-ATuLqpwVkhimj9JNzUp7o02RS8q7ubNTHJQZkUNiK4lDkWprALJ1qf3E_YTCWuUpxGFVF1n3DHfRcBgDKJEe8EIyAKNu6jV_vxbPsFi0Z3M3NelaYfVxcAoUReMGd-g1ah6zO7Kn_rgvMJYwyzgeNfmKRYQ3F0IE0AsIQzJEXKpSMbA6jxS_RMpQSI9n2TkGK6vux4G3PBnxYlaI3z9FWUQtNXLyGTjKV-4Ug980Aao6yv6txVNvLCuZ_J_GISm6AefARz5My2Zvev0jgmBSnTS0FHG3o2n1ruMeVur6vGFJru7I5j7okDCd7ZmUtKjLqQ40FdQ7G5jwitLK3wBSMGR5CwavncLzi0mTfzK2rR7jmCsFXTUZtNDFRl3MtFQTMMmXsQGPF9QaSY5XTGdkTwwd5E5aHEXYEjjv55pnpUgXKuYS8WgGYZFpjAip3W2WhtfrUxoQCQn5MgJmw8fA_uZOa-owkHgXwYmSv1S7gxyi_IC0MHgvK-X_LgJP0P7qU0EzoqI7j3PfX5Stgy5RBhigzDvBMwaNt08D0IwwCgkunGb7nkP3Pi171HILOEpx1vGQDsCt-qOCEQF0UGtD8_2yp1uE4gEmlAPXMZ8syFPBusHmq-7UancFc6uLBiqN9UPnVSJA_KX3vnCGQxyAL3NdFg4qdJm92cjVGskRK1YTfQQZPib74qbuXPs-qPH-z-B6rd_zAuATi20hB2vAAT2_sQq8DA4TkbcglAtUwpByzElcOXRaryosL8wlYtGlHv-YjY8SYDcVhEA5xgTOo1bgZoM-Nnaw3OVedsudpXqiJaJsRzqUrkc0cdLTz5Dififjy6e8Ha8Mm5UPx829ayq8RcIH3Ga5OFYePOzq9yQzA1zWkII2ldR9pc99y3x91h0dDRaM2Ub-9vNgkm0RvM4KHZkZQwTxPxWwPbLWfUMM7HQgUMgMGiYJOGfIF3HJySyJ3Y1IrMYUtEXp_EFfb1Ovetfz7rp53R_svJD92YMwk79l6WYaNsmXlZcSmy0FfMJYWzvx-CvQgWAAjTJYEiA7d_gRYo3TsuiFrzHbUOcwdvMiCD4jYCHyrCRbT8pHLKGZad2ct5_kA818m-CFkWTg_MMrZFkWsOKxnrkcqKwNpU1hRTnxO3uMr6A20lhzfI7D_vVmTgGLqvip5pZz9mwu6STKQ4iARPGljWVVdLJxdiyV-yCNILaGttGmiNxlnIiJ63bFHrCTFtsfN-XmyKDUUgWnOEOTFoa_i0i3vtjWc7MH_eIU-_nEJb2cbtA5L_l9DZ8mqo6ImgdBSvEA9__RdcFhMgDedo1IGjL0XcXkNrFrge5szIX-jvel647nzN9irv1L0xoxxexN1wIcQdXjZHXkJ5KfVBuquNIzcHjy7EDp8P2Svyl0r_oijYa0fp0F16g8cSY94KIMjUBDPEJbdFhrmV2k3TzE5HRaJqaMSA-5NlByg_cxb5aAbOM7-M7ef6ZWX_ZMic9lMhvEEiRLGKPTzFr5A8yk_TawonR8bmauFhVsLvHvhQwaXRzN3NHWsM-UqxFFFwv67i2GKQB04nLhTpHLTUBGsgzZ7oTCifg73MTOiS_oB0g-ot9ooyUgjp6_myzQNWw4PGsOSVZlkzc3MeT3AMPlb4WkRJHLbQVrkMSKb6yCnPvCdaBWzT5Cj_rdnaL00-ugpCYevqoZ0bW6G3nTVKsrYfA08v0-5JjY5EZ3DHg01oXJYLQq-h0UckDj3U3JPVndbFtNO0OtNy6AnQ0xKXi22WqepAVdVwgFrXSnOZU5Fz8jYN1mTPgm8hxC5NGmEupKPAZ0H6QnVrSNoPFCru-2Hj2_UEGrtxk5jnsWI7x8ZfyurSmM67nbpBh3NP8kq-zsg1q8w0Xrh6_qyb3sg1i1W8byLVy8EdBf8D53rdvuy-u1CTswdIlOS7GpxWuku06aC6o-iiXVON-v7Puz9VtfbvdxEIfzNgGwETbTZjy2IKRLFWtwi7kGw5biVyUlSE_sOLPh2x1PSIkuyTpT_vkBuLf6QYYTHY0ynvr1RaRqe7c-d6lak6_vNteoMlT4IXnwWfXZ86VFiPs2BeaS6W6HDf1XlUlEf-c8hbtzUTxj6Qi8FF0v2sR755BKP3-o4W6leJcpBmjbQhUNMZtGQR4IelauYyeHV5mRnHxypHNdEMzhWYfmC7c2qgk9K5i56n3cNp3ZPZO9Dqy9UdFrLA7XwY9qxbXVTKB1232Qo_KW33KJoomVkxgkc1vS1UuSSXqIH4LXgTs08wUwSIcv7-aFcsSNVd1Ks-pSy0w4RZLf-Ll9oBC-OP66erdA4Kb-nIUWXqUocRqWVrAShDYk2Gs5s8sgnV3p7JkrmX2LPfUNguFb2-KI7UhlXThx1dSkgNATqCuFqnBixFvEnEITLdJbBuQbw6qAdYSWRMcFnjJN4HEuxMTafmnm7pMw3XC8FyaHNs0PyEKq3G34zbccDPj-aKQtOGUlAHCu31Fo5xWn0cG-_LSeBulMvxTjMuaicrsx2jTncUZWSbG3JxuzR5PqEiMWaKhR6Whqwp6lTeV7rRmOhCFm2ZSgkzOZ7VHpR9Lu61_Wyr-EAESL067nltwVXiVZy2HCa_1Fkg6lz1nGPyfi9-MeM43rcFB8MhUnhK_UdVuOi1_90PgnYp7EkgtmjqtwPC5cokn-3FiM0l4v8t6an7qrJgaeC3Rxfsgs2ShrJWZCx9sR2ipGvuvsgBTPcaNKswVrF_HLGiyW5hdz7G8L-VYepdV-f7BXNBLSfQCQEW6jp1QYnb6D97GXsUD9aXmMw6Cfurl-lJ68CLnyJAnPeoqlTWrhE3db5DAQUrI8fgF8gc3EGmdx8oOldIXGIJ-Xh4JYrOhGyONjWQIB0RyDRCJ3w81spfZj8kq-0oTSVANAhQO_8IuqdKNWdAzMVsM1vCsZmJ1T7rBMWrNHFSUMnSARoGzGjjS6BoLS3Sg6Fw2QCMf4OVKOEUs7kUXAVbtVc2A2sI-I1x9GoHYhHO7n0cs4O0cV-O_YsV4U5imXUC2JXRR9_32ihMdW_ekacUDjL-xvJWQFivsz2xSVfgwEGXCpEQCRO3wSQwrZOv9eetae_o2jO7Xo3o-0hxDdfKFDQVFYcg3kTo7JPX0Cb-iStsKcUmsJYELSYf-0wXh0DKi0WwAS-CDhBuNM_7pZlen_SL3Lt7Iph4lMxOR3Bb-uTdizT44YYaWDiXczzLhjtVmfvu3ZfUrTcEZU-5Io314Ub0exKvfzLyBPw_YAsNcG493E7Cm2_QbG_EHXCkVIdEAPfjCVJpbOTMV1Tiz1_86Kx8ugQyZKMGgiFqseKo8tX2A0m3bs4tC24zF-VpMs6KqGAIx-Ii-oLE9ozoh-iD2-S3498YbliwBTVBOTKH4DMV3i5EDj04QpsSGLjzvJRjvxl-WzOsv6XYaUA_azXnG8cPzwOPKBacY3V0J-qQF8hSIFnV9OqkY3Svz85yiuTc0cKnFkY5au3BjRe8cPkIWGd8uY4WsrdB2cj9RoVVlVB2kZpS0x0G1lj0PwqtFU4WpXRvyidZBl7dO1EK3CH-T8oRbqzNgBwxS5XD_lOOWH80FidqKc9Hunh96wL6WFD1GzTFyOY8Ad7Tm8OcTk2twuAW1Ka1749SjJ8HBL9h4Gu-4REM_ex62I8Tg1zb-4sc302f2LR8jpLBEShYOKnlUfgYmVGuBw5aikC64Q2pY8yqHC-WWDFz26BC4TODfNVsKDLEetRexaleahpcs8nZ1mhLuSTarGncYNBjaS9QNbTJGOqnlmAk&cid=CAQSOwBygQiD7yEIMhftgRpVln70w3IX9drQcYXhyw7TqE_eNbDTM22tqHBFBM1NpjUCeW-tqCV8SfOOSnfLGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=3828106269032251000&adk=3587751834&idt=35&cac=0&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b2efcc15b3c3cbb0013d0b563b89640d9a58946a714664fe835463dd4fab2a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37211
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9038 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5930690410745&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9038 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5930690410745&version=m202301230201&ct=76&x=1&cor=5687695187570812000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9038 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLo55hlHNpLF3QeSxJHrIajWsJ841NCsGjkyDGcO7PbmB9n3-tH8ZIOv5Ab1LYhH4-xOJ6tWPPizyzaJLlboHKdQ-7HhPnCuRS-8l1rnWDUEgT7mINtQbd-cPceCHL6Tqe73E0sZw0i5AtwvOI8g4QjWR56X1F5y7a7Xvegq0QxYVz94s&dbm_d=AKAmf-C7ogeZqEFZutxlFbt5HmENK5UsXHsBLtp8yZ5TCg1O8b30JKuXDKPeVZJixX0Xt4IvThf6LSgS59BGaAfumMB3XrB8FluMOlWunJd8yVdUw3cR_lP4TzSbrx76INpXPYD-P3bIRxuJUFLTW07_LaD-EOSkEJOa26KZ-U9MD4D_9tQDVf7PIvU0UFYr5SlXVZnnCuEhHw2_gBUBWLaO57hAyQlbjWyASCLO8Fu5uFUvawmP7G-77J0ZqQqiJ71t4_J1baDGLFK36d1Or4TACUmt7aWe2kGOo2WwLgmw_zpfStBX6W6w2GHvfYfvR0amBZsAtdj4EEf123K9-PJG444YRppBXUUD2P-YVhdieIq3eTFALEc1i3uQcGtAZGVb_YH_0WUjuo70-s88hF2kCTtbuXFHzWyEHjqrm45ARoImAAFkRxYF6ArGg4SaIS1b4U36kI2R2hcxGHpoZ0rf7_mwQIAAxeDqwkMks24k5hS7h9QtwMFN4heNPcAT3FHKE3xrBsKZyKsnvknBc6bfUThVZOodpZioqLUvBEP9lyuu6DeJIgu3R_aljVRPyB__F8GQR7HrqVHucg_3mtEXIB62tF06qdBPvZfs4WFUr3JjuVBMlS8hTYsWudME3DWglagn1OT7A6EEB3FsEM3AWVSzdhskKUOKA7k3BiI_CgpTKJN06MvQLs6ytoah_M1IL_9qjtleEzpcsTZDwvHHg6Eo6VJq5k3KpEfC7fmqfdQTUPCMuh2y4cjb_OInNjnLuGVAkexwR1VXs2UHrIl-daJdkBXDlkGUsHqj17rzeB5CKTgynPYjoCmDkwxJGj0-loPyeb4_UkOdXYaP6ygMgp4KeL3oH-O_oevG8_yP-DjLuFHpvbHCdTiR3Am1E3GGEATmTxP384p-QqREzOEt6wo3gjs_gPEmULzV7Tm08-pEBLLMrEghvEpR2CSOCxEteKS06lJdNLE_8SZ0uhPTdP46vbmy5dAB1zDfCTgsfgWKkJPzUJgsCzd_lYnpltwDa0__CNA01ypH-tI7wXjprGp5av8UqXEt6Bk8KUcABSbBTpzhTdf4aZwuL71027drsOx5cJovheIMUq_JTB356SFuHGS-EVeMssN8Uc0DLqp_jMWajfLP804M2h0WsgT0TJn8pBKd5Wo4HofqILF6pgltkP9B1GWPmjCRlx18pxlPbQSXX69yYbCr8Gr8tssF6Wrdh3twJmZSrtybXlf_shUrL7tuNVbZNpRkfNlucYNWMjMb6eNE-02WY3apfxiHJMCIbV0IeWYp-XB10wltEnU5v9EcrJTJnBk9og6EUYWOVLsALEtfVN0d5DdWrD5_7hMqo4nWfjpwcozgkLmcRsQCOyxCGEsXPciWqCg-EYdoMn7Ec-elviPJRnrlX0rU_TrSl89HYBst-Wf7VsTZBIleU2t1yAsACITix4sI9TEOE02MX4teH1ECvGFGyzlu4ETuH4OQjTOo5zdOklcLQnfe8nRZe-xJIET5wQRe7Ef4gbk5kghLMoDFoDMek9FA6VB37xGco8L1OK-Nvu_xnFJraBfKk0acQlBlcHMaka8Wx7K-MbyxAwetIN1YAu9v_fYd6FlaeMCWYvjDPjmTCUQtDMH2HMk0lH5L6sjqOhVE_dMjjPz4u2y27zj1MkXMJ6Nu9phzu8pumI4V8B7vA7_3AKaG49Lq-1FI1JZKSVEmjfvXyCSIsoeQprzYpxLYIPbMAQgybgkBXXYFlY76dxCSsZo2axSb2-0OG29nrDynQrzzYBFqfJrFRlfbykOMSRXN_yhwqGIS_nqpqzBaVsXtOtDMDEZQCPS28G6lfkMaWIpKa8Z9JTSi5A9NMdLZ3Dp4hiZsqHLp7260bA8TNuwQ-e2KkTm0WDP1ot9nhZMm2VMt8sOTnf7mjS-msySXVBFU2FetacwBLmbLZzW9VWR2Q55BarLPLVz77tut5e_eHspybLfBunOboJFcIGB04AuYJGal_xPHrQ39HBaHuutoMGULFtc1QQSSBZnKFeeTNdA3PRZQZh1bu-Nw01piVAcjFJ9DmA4u2IBw4GrEHwS--saVupEpZ0zsS5IwWWaOpJnCZBZIcBUPbhjZRvibRaHey34MavrqoYVya1l1WEhSdRZrtfg_dd403eAUAANJBAfqrEO2wIyxnIUiDCPJ8tfXBaNWtTtlP5t72-SSD8xa6ye7eQdsfe_gD8XEKE77dZvp3P3tYI11nYzfVdJ88ZEV-1kd6b94bn8t7tcTX8vRzN2QOiOC-wiiPpipFAJ2TJdqZpvrnpBRRWFu_Z1MWoEKNlJlAU1zZbDJvETpZrA6CPm8NTDl_GlcK02F194yF4vKrZRd_M6rPZmK5gY2mbY7YQtpZsjlpFAQ5zCi7lmq3AXSRYvaqaHkaFK9DUdFb43u08tEAGN3i20A5yXhhobrzfjRJn5bsd_TCNC07cJFP42T8nRYM7lDGDn7-qgjFWkOokMRs_ohr_d3AKzHTVrwneg8eo7wkLxqPaI2gUc83ezkYNkp9lz8k1QGSxKSMu3Nb4COlHKEYi6kRa9y5swNGtnNgSiqyn8JOe8gG01VCcuOFQ2rd2aQRSImzNOIDK6TWBim5E9sGCOfyNT0_hrHcduUtWat-R-OLbIL_fvCQPdNaMKfsFcjD4Ro4AAYp719iMzhsVd5edu0n9RK-Q8lrdjGgfvpufKWe1gj9r3pFOVEYNcEbCARe7iAOfV-W_FXp6F2kBrSccfsfBdszdUEww12_SUZDa1bVCsW_LddzieGbEPimBT589L6MRPWifN76aDf3umzFYz0xd0PCjU7RGgOslWiPMOGXZT7I1e2AEqvVdytHL-B6H06EmF__NFM_GPYfYpdCKsDauQPefi7DDZYvairEkhtM_4BZPdO2mklWnh8hJSlGbCc2bT15K-K5RjfQhaUSX25pokhggu01pdiisvnfBjQ_G2VoLTSwgxVfVPQ0fFNOOfwFvFFThNPIg5muilT6N9Anh40PzzNbwYtQrZJx2NDLRgtI-J74GLmhRV5cUEe8HbkOMcGerzpxhkGlqdJBzFZNY0TVxYqZvPaSZtlzMQVo84ophYFedUWTujAfPJA_lIWjJ3aUMvNs6VOKWq7mK7HlWYy57xQsmQ_uvIa_uBAl46Ah7sJniU-enVVXLqbcEpYXM-R9DV72HabT5XA796DfkMoCPVVkA6p7_0EiBOcm0PBokBFaCZKnn1ggMA1Yjm9JsVzZdgog7mRgcxu-xjK1epRUeBszKvlNEN4eCMdGU5p35YQgzBOvRkRuzYYltXwpbTEy-EgJ5okOwcx5e0_84cRBzN5cVSZ&cid=CAQSOwBygQiDOgFK8sJRL19Ozwp_G43F0CSJ49ZuGJ1rS1V9CmkU5LaAWWUZmMa1HUgu3DX2jyU1Mcb9cXovGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=5687695187570812000&adk=578009112&idt=34&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2d792f308a098933d39680dde3bed5589d7d3dce592faf4cd823dca9fbc9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36373
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AD7A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6018713160892&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AD7A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6018713160892&version=m202301230201&ct=76&x=1&cor=9931757394151975000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame AD7A 		85 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CMcwKjX-lQdzLJ1XALjQnbmeL_Z3dHRSzR4FwTs3suMV5964mtvYqevpRtCDNerMGo4w98hfJNAshNqgPcsvitHi-pVwfzeB-J-WYwwPxsnbd6X1tosopfdt-djjkEvxyjo1LttBIUOU5mgb56XQW5_3pZeifxVH3uDu0sFJYmoKXyN5M&dbm_d=AKAmf-CO7j06Ly9WCA91Gs9Bm8bs5bKL0SKjFIQVMfvNLyVoaIITOnknZXjIOIzb_MY5psnwDqO4z4VHobVavD232h440ynjOZTA1NRtoVgyH0WaJSpHdXEK8s_VMt7sxycbHkwHYo5zQmlpQg6asZNa3jiSmXdKH61byAvjhXzorlg4Xk7TbhMVc8kqMzBnqkC1x_rhKRmZ16fXK2wwISgWxAU7NTkgaqOMfMCT7aCu_YQqtby2PLOmTWsI6KJQvI097xtuMh8z9eXGyRNaTB-dHDttqXJnMX0s2f5LSkuwkB0aW039TDT53Il1nTaWRgARQpc_2pK_HC8IW5KIoxHkUrd6FoEdpz6w8vNlXousBYDcK-_GiTfixazKQU_xvG7REHqpksojqtLlyqExZzJteX-OivcSwmSXmINQGHTEBlXE_JM5RvWGWXwnjK0JPKZJsbrwMkaCeV_Si6cq6Sc1uYx0MfGfFeVgzXPrXVNuvfeS8Om1NC3JDkpIFzieQfkus5M3YParnmdD5nhj84KN_6gt2e8KFVVyKDFe0Ns1nBPbhXVqy5zHdtd7T8vnnDT3QWA_EJjFdj2sXaf8hbYvPwcIRboRXR930pxqkvRtaWbeKtjuO_Aa1Z4987HLVTXssSU-WfwXa3BigPN6CxnhtDXrP13Ucl0qdUKvc5MBi3NyjoF4hgXEfd8qfbBSLPFntSijVEO2VVKPw7baTLDLoafOnDs7EMuwGBhFm81N0SoCd1yFrG9ekdkJrEB3xqlrxL82UDWXzUHTKzlt0TG6WQwrSQIm9VzgW6GlekR2KCwF7rlgCf9pUCyE-i9KZvAnwryDPlEEB0QqrGqMsooVD4c7nD8J69n3Xd5sHdCj9qYP09UG-SuSjGHfXKi9OT_m-gF_j10e5xukwTE_F04xnLXOQEa3AuuGlBN_66YIlw5hclLak766E0J0KrX7F3yeK8lXKKszaqqekR_hTXOEcKCrQ1GBV9NF21uJRdH7y_KScO1zd1KBFWCwijIOK7CjJc8FFAw8SUQ2P2n6pVnxujbQjFkEPcs9fRUMMrJIpvcnbM15wpoh8ea5nEqce9WCrH1OHtiQNJoYInF7z_Z8J87zvf27bBgLRFar_db9wMHk51ur8xFvjLepqE-aPjLS58B5Y9absjCWFZ7CUBYgiIv2HnuqzNlP2PHFyC6RRHiU5YQ6bdgxPTOIsEZT7POBkvcx00AjobzR8Ew2gCrzcPY0Ml2ZUBFrSc6fJUkpeEkBGiRAECXhy0lqDNpAZwkC9Udj6AueSncOHvVw_g7YwrfBu3j0xS-k_2208ZfildO1Y8PMXaYMAZShOwfZxCaGJ_DHfe793xwntiiqcP2vjnKGMTrWW-1cACIgdNmbHYEtK6VJCh8Nb0ER63Wrf8JiIUsnc9D0NNaJ9kIjKFId3WVcH5ZvF9vpelK88Ci_oX12za8CRj0zsmEcHNnFAT2eZKQpi7XjMyM1qIwmo8g0SK9FJJjhCqnrJmbWyz0_-0STOXcPk1T4nL7VSbJlbI4NEIvZGMJYkDv5GG7ESQGSGX7zV7zP7_2DTNVjzJTV5liLgMMzpcz7VlSyFz7hoXZyzGsr629k_FCUJ-IY8CQNMwp5mEYUh2b0K4Auf7d70rbzonxag5HrSYlOh87yTkk0FlNowHnEukH3GkGul7j_tgZYIamlcphvI2LnpxTyIHEzX4Iskz2OraOxLiFXE2RJQoEYMPk0Mk1IjhnjEaxJiJF3FEu0lx0dhj_-_WDpqWMe4f_sNVWNsKNi0_XXx9U8UbzRoWnXTckO0WF8Di79uwtyaXE-8nPstMKtGI04RR_6vdbQ9MxAJQHX1S6B3tZFJ6LZ5lNOLEcWFw90yasWsHUCGdqdb4fE9jg2bWn3qDVFI4GechZ7bIjWPTQgtA48jUkEcIy-FV5nsV8NyHsKR3eOQVvqKKwOsZ708kJgnMZMk487K8RG2IQsMizCp5MwOj72-pZ9jHtFFCnWcdTKxQ8O60PvEp2jV6-G_myqsDKqKOh4H90K8_9lvxXu8FCN5tZ_VpoThnw2b9R8szuAxC9P8V800tQdWfZ-DqHCVnwlD_VeC_tm5Lh2J2kHzaWfkZvndhJRMcltu4ip6X74TC9LzfLR684c-RwsXN7_kaRREG5oIPXFC2Rhm5cR6YXQhFb1Yu1GfWLKRH121sCYuDrwVMOPqzwl2T2BxS3LWzbnE6kQBJPicU-oncrdSfUN4td9BVZLw3rW3hwgK7N0uv8Ikbd4o-u9PrSnyN59P8cELTabzv8LMJqmN6YgsNTYGOfIYtkKPA3EMvh0-OAfr52r-_0D8FM713_GMzpwM57DE8q3KvRQudurRZzpFIa6zCqWsCEyrl5WbLgBTp-MoBdiayutHAdewXZOuisBd5dfHEO3CjYi5QYoJ-MgMXPP3IGF-ncAILSxNiSVsfV0KfyI2uuRv3VwchY4maDp6QjCFMO614tMRJTf2Sw07_7t7rCZ4qJYR4TOhb2NW3BWQMwoKTGXlzBPtA0Q8BR7ZDrK0DjoqaGYTBhIDkDAPkqbyfvS9zweKbsZ1U7xr8Rh_gWKLSn1CydRiSrTy6SoVHP9alHM5aYsT0MchmGJR4cqKe8q4vZqDnydKHhGFHWPIbBCJfYgZXRktYBaGhxuoUKfY2z2Z2vszNxzPmLf6HFU8Iwy8lmv2LQuZ8l0GoN7dLIw0tJFLUXcJTSdGEv3v3IH7p4kqreVGzZOCJFmVGvE2NvPA39YBfelXFeO3qBMgM-AzVL8yZB07kZF8mXDpbxURjpXoNLODJI6EovxDwr1pgirnFW3JeFb0I3cjGQQXikN9r1TJO3tsouY2imc0i9KeRihIF93AP8jbuhxoj60HWNv2EkpR0gkHrjhX153fd3G4jCSIFZ9ylHlr4l6xH8aF73sjnayzsH26cQsbRGdibUIJK2qSBEIJgJtCKVWusFFIb8JTt0BWquVS-3GPYw69ZJDiO3S8MX4xtP6ddhA4eJTo7nt7mQC6m3R3qjB-1l-KJF4_MifQ5j9SpHSN_TBYzfvBYIxK1bmhs54YSw-6421RVSWscb_D5K2C1dCwYIQDaM-KOZICYSxUC_sciwngUxOfZrSMLuPAK4IiTp4nHR5n6WiXyEhrXx3e2brIiH2z4Kmmpyq_4hb-Whxp-gtVpjgS2xp0uYxFxDgEWJ__IFu3iFtG1At2yCQQw5AFJG2Eaiip10oU11z7Q7T0tGFwTuBulv52JVdRL62U_byyXt3FericbeAS3k6ba68ubAQ_fOasR7bxu1EtjdmXwLD-TlrpT-gApa5d3k_VXMi8wEZDleT&cid=CAQSOwBygQiDvlt_JB1QlaKHARgwqAxRn6yRryC45M93Av-97IU3w-STNWpmMjtyscktLV4Tc9kzCAdJXMNLGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=9931757394151975000&adk=3860319555&idt=39&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e56aac528376e68aa022b8644fe38365668080de50bf4158ed8f89d7ec8438e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame C106 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d055867437abda4ae890a687a7b12a2451dbadaad7c7ed70ac114b4cde95f160

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame CEF4 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Origin
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61618
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 07:18:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame CEF4 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C04ala6E8R_JYJuCZGJxObcVeLqqz--MBPKbOa37LLlE2mVEliG7kn55KaCPNzfx8dhvWn8yDZhbY3Y6rsh_73_gLvzu2zP-fU-fnhSlNrNDg82zFr1P9MLA6UIr16UoChfD7tzOHq51ttBWsZmtuCHgd4ehL1hmW9pqfWlufjEVemBCs&dbm_d=AKAmf-DdqHFoD_TS1jA-Mk7uitcTLaogo7wCiQLSgvvZKZ_fmm2WZEFNpRNjOlIdbrUYe3Ui2KOfUURRTUJtX0EuvXh5hTPUr8QxS0_c9UEqnERBerWa-H4S_2D7EQ_2MSndFCIIA49wUIY18OsDTfS4svvTOJBrCClbTo9-wioryto6WEulZMDrjXqD0un4JtNAc6DUpujZi_a000uMiJyqFGdFNSRJ4tEfqS7ijrVK-x_Tpfdg2EmQbVrLIisX5IjE06UqGiQVVZHVHaIOZJQh_l3eF8lUrrCAYc-T0Aveo0oS7bC_jlvwL6UYh8etK1bCUPHeHAHw7l6ElQf85uJS3gZpcmVKuRzSh59Lr01fk8QoJOA-Dak5UPddASxb3txfal36T3CgyMscU3FYPFfCNIhgIEsahfru9UCi_jbGFmIIA_lg0o7nAsE_fCnAxr9Z4ivcpj2LrA8JqDczzIEw5-iskvoMERecr8BAkGWskBVdq2sfZ0eRY6d9_RArzPewZLTsaYEw_mzFK3OwMwPF9b8hsTgBn4JMtl9C6WQNVF10jxFuV1MPSiEXyz4PkTSzzH0JjQwBYfNMAFNUKTbt2tzbTvrLkj56_Bcy0gMO1mPD-pIToVrwNPng5t8zEcHpT_K4xeunfkGIKEZFZnP4NfggGyHtHSZ7JL7DgqWPiluvXGtwMsSK0LBAbxWIrgegwE-p4M-QGY8PSiqO-24h1JDUWwgyuhpYqtv4TERbC8pmb5S5CjMaGkETeqDNRrnnU4HUXHJYFegYqrJlp2FVRS5FylwZs3m02tR0p5AP1CY1KgqUvTSErfH8TEOiLfJrIUCVNDhS7h1SCIrGaneihapqMwnZaMLxe37WCcfBIaQd45TIZdBvThCcOe_gDlQr3jarj6ZB8w0bk_QlIIs3ux4k1XedNgBkySDEFcapBuUxt21ZP9MIvY5kCdRwLXr7hnpzDtxgQFAAb4A9bJjCtTTzctPEQ_ZahBebn1Cj6gM0ZvfPPyMnQIflt74QmtuJKXP-7SB-tY43aOGiEAEYG-BMzJSuJrEnLwQhp76R7Sqlvs-XUwBYorF4cj_VsowFHw1Q6nppt6gekXPAOJE2YNOxXWtdHDWp2h27EivyrBTV04G0PuDc2fEYBJIneXFUTWRd46fpzRhpeLnnlJY3nB01bLXQOS6NnRSC32W49aGwnFw3hrrwYn9eXlTqWnQU-Y4n0hO6RqbL5KmYib_yyMok5AVUTDXL4qebGKQEKuPBAHlmSPHPnmNBe20cZmZkFk04OErLY-u3CdunQsyhFu9c9UF4aouzlRb4O85C9wH55uJ5Pr9cBAFGiOd7OkzwdwkyXUkRkFUuBjKNgcuz3w6ysJd_5UVKps6QnF7_t2IXN3vn9n8ntpbqWmvbirTkDtrkyNtvAFjidGoWkW61Ue7cFRqIbbeo_4O7Ylx0U52W45H9YDg-1UErrAQSh6aiP2-aMkaaHziykah1BmiSHIeB8kmts53YF7M0cW15SoPt4jXaV_oiGpYw_81TACgW9dXI8EE6mLd_q0xo6jLNX_-ef7_ExhYD8CbK7wJEyxgduDYSRLF8XPfBi9dmvv5drTMEYZ8rmMLUB_WUbJi_vZXPMFVOGL6_gZ6Z54w8Q1f1GLjZrYAx75LAmd10suKSJNR_5OsiKcw-qZ-AS40idtzXSha3lKiYdl3n298zO8c5YfH2kA-2O464w0p_23WMvNbNJMyv4mk3tbG-yHX3mgGn3pwBYbgmlmhEbF5JXntRoTo0fBuabUUMFv40qIBEitAGAdYhAzviKH4cR4psImmBrsl0EK_bNc8jrI7TSabFBL_Xh-kXjAOtzaxDvkj0yOyRBFeNTR8-ggiMkx9KHX_TM3MKOJSkQFXPUDQCJV7LCPGjUJ6CE9Lf0fSIymF3zixIT0kSxEiL0P4gB5YPeVfN2AHTWncPNmUDGnr6yaZ1SdQZqSQ_JKpfQA7fe-jiTUWwrR5gZF034OI0EZPrXamIYw6zvoaBhu2fkD3YC4-pBUnXx3cyufggwk3iukqFKu9Z1-Ct_8qbQNxcPHb3Otj7Sr4Vtniamzz5_9l5TpcmZXreuP0NG3LO_azXe9d5B3MSNJEr8CCG1K_N9Q3fBTssjBQGUkAL4fg_cE_99I68u0E_Z0sWjbR65xXXHWOA4blXv9FVrw6pXRKD6PdS1UWYpvO1wwUFTgJkeqBsPp4KJ8YkeCL1mJ8PuH8Ituewr-Z45Jb-MVXan7IBdrjxi2pLdkzMn9xLebQQNjshkyRfmyLIps-O_hIUJt0wxNRlskgbHI089SUdS5z2H5_masSqc0-MO0AHPzDuKnZILL5Y2Psc6zfMs1BhtlksltW_Ao8aswjoUPr2bs7ffMS1l5dmuBFR70kv9X9oX_2i-80ZLsxF4JF8BwCLTUfiaJvObdUMovsPTBblWUB9TLbTaoEUAxHMyjppWTcnG6owLn3Jf_KiI1FsbLjc69hveX72xockzSjmBIXRdfMb2IliDP3W3zfrRvjNaPQM2qwVaJoFxY4tN0_sqMWq9jD3edHWGlVJpMWoWym-ZpIRxFp7bRpS3EwwrX406ok3TA61cvlR5O6VYPjpXlgI6RnoMSOF7F621lWhLVjAV6Jm3Ho-JYNS8LF8ZVjtU-Guueinj9fC9Bk34M_Sr8rB1-CxF69c9Md0ejGEzS7HTZl4BUfOnRPUkGEhOHkvx3ctqgndmyR90YZ6DAzzCvCllp4M0USOJoiyvThBF-N5EOVyUyEEtA8lNPMFiotxP7e8PjLN8pdT24O8T9xPnnAgkKrJHbt7wvKgwCPuE0ghUEoh2HgHiKAQim-T72AjAMxnABc2hxEzuPm8fq7cidS-eXcjK9W6TrndeacDbHas9TcVYVcZmZRmzhN8eW8M6X3NWt6QZzS3o09ubQpGi8dhkDpQarAw7QHurc2I9wkj65D6H6yVf0W_lkD08MclO5jX23dzi6-65gtZnTfamKWYOtTJ2OmQOCOjAWlnlVXZQ7_fuLcyKReX_dFlWtOg0Fy6lmQyMdvacCUh9ZgQGX6JLgF2RRmhUgqYLDKcQF45-EpclALPyrBFuZR0x2RoPDUK3MBEzPhl6zNuotpXEm1WoWhh3yTrCPmfzNHtlKkAuF3TP8nLyaSaOChi0KU6volYQisosl-1ZnFbSf6mqn7dJwcNDpZyttfExoOvDg8Lc1VJxFTq41wb0tXGpyHHJJsXrQU6NNXKfPhiiCxmu6cmG1x2-Y84gOdfGngPA-qdsF18VsCAOzX3tMqYxySxK9jar3Gz7cx7kz_TaS4&cid=CAQSOwBygQiD7la4DNBQSEqEeN6K703YbIA1cQ0LM0iBTH84jL3y2yW86gcgbf1veQcCSfxIKlGmbMezL_0jGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2237742837388520400&adk=212707235&idt=25&cac=0&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 14:15:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
36633
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
6053914914909336730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 14:15:11 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame CEF4 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C04ala6E8R_JYJuCZGJxObcVeLqqz--MBPKbOa37LLlE2mVEliG7kn55KaCPNzfx8dhvWn8yDZhbY3Y6rsh_73_gLvzu2zP-fU-fnhSlNrNDg82zFr1P9MLA6UIr16UoChfD7tzOHq51ttBWsZmtuCHgd4ehL1hmW9pqfWlufjEVemBCs&dbm_d=AKAmf-DdqHFoD_TS1jA-Mk7uitcTLaogo7wCiQLSgvvZKZ_fmm2WZEFNpRNjOlIdbrUYe3Ui2KOfUURRTUJtX0EuvXh5hTPUr8QxS0_c9UEqnERBerWa-H4S_2D7EQ_2MSndFCIIA49wUIY18OsDTfS4svvTOJBrCClbTo9-wioryto6WEulZMDrjXqD0un4JtNAc6DUpujZi_a000uMiJyqFGdFNSRJ4tEfqS7ijrVK-x_Tpfdg2EmQbVrLIisX5IjE06UqGiQVVZHVHaIOZJQh_l3eF8lUrrCAYc-T0Aveo0oS7bC_jlvwL6UYh8etK1bCUPHeHAHw7l6ElQf85uJS3gZpcmVKuRzSh59Lr01fk8QoJOA-Dak5UPddASxb3txfal36T3CgyMscU3FYPFfCNIhgIEsahfru9UCi_jbGFmIIA_lg0o7nAsE_fCnAxr9Z4ivcpj2LrA8JqDczzIEw5-iskvoMERecr8BAkGWskBVdq2sfZ0eRY6d9_RArzPewZLTsaYEw_mzFK3OwMwPF9b8hsTgBn4JMtl9C6WQNVF10jxFuV1MPSiEXyz4PkTSzzH0JjQwBYfNMAFNUKTbt2tzbTvrLkj56_Bcy0gMO1mPD-pIToVrwNPng5t8zEcHpT_K4xeunfkGIKEZFZnP4NfggGyHtHSZ7JL7DgqWPiluvXGtwMsSK0LBAbxWIrgegwE-p4M-QGY8PSiqO-24h1JDUWwgyuhpYqtv4TERbC8pmb5S5CjMaGkETeqDNRrnnU4HUXHJYFegYqrJlp2FVRS5FylwZs3m02tR0p5AP1CY1KgqUvTSErfH8TEOiLfJrIUCVNDhS7h1SCIrGaneihapqMwnZaMLxe37WCcfBIaQd45TIZdBvThCcOe_gDlQr3jarj6ZB8w0bk_QlIIs3ux4k1XedNgBkySDEFcapBuUxt21ZP9MIvY5kCdRwLXr7hnpzDtxgQFAAb4A9bJjCtTTzctPEQ_ZahBebn1Cj6gM0ZvfPPyMnQIflt74QmtuJKXP-7SB-tY43aOGiEAEYG-BMzJSuJrEnLwQhp76R7Sqlvs-XUwBYorF4cj_VsowFHw1Q6nppt6gekXPAOJE2YNOxXWtdHDWp2h27EivyrBTV04G0PuDc2fEYBJIneXFUTWRd46fpzRhpeLnnlJY3nB01bLXQOS6NnRSC32W49aGwnFw3hrrwYn9eXlTqWnQU-Y4n0hO6RqbL5KmYib_yyMok5AVUTDXL4qebGKQEKuPBAHlmSPHPnmNBe20cZmZkFk04OErLY-u3CdunQsyhFu9c9UF4aouzlRb4O85C9wH55uJ5Pr9cBAFGiOd7OkzwdwkyXUkRkFUuBjKNgcuz3w6ysJd_5UVKps6QnF7_t2IXN3vn9n8ntpbqWmvbirTkDtrkyNtvAFjidGoWkW61Ue7cFRqIbbeo_4O7Ylx0U52W45H9YDg-1UErrAQSh6aiP2-aMkaaHziykah1BmiSHIeB8kmts53YF7M0cW15SoPt4jXaV_oiGpYw_81TACgW9dXI8EE6mLd_q0xo6jLNX_-ef7_ExhYD8CbK7wJEyxgduDYSRLF8XPfBi9dmvv5drTMEYZ8rmMLUB_WUbJi_vZXPMFVOGL6_gZ6Z54w8Q1f1GLjZrYAx75LAmd10suKSJNR_5OsiKcw-qZ-AS40idtzXSha3lKiYdl3n298zO8c5YfH2kA-2O464w0p_23WMvNbNJMyv4mk3tbG-yHX3mgGn3pwBYbgmlmhEbF5JXntRoTo0fBuabUUMFv40qIBEitAGAdYhAzviKH4cR4psImmBrsl0EK_bNc8jrI7TSabFBL_Xh-kXjAOtzaxDvkj0yOyRBFeNTR8-ggiMkx9KHX_TM3MKOJSkQFXPUDQCJV7LCPGjUJ6CE9Lf0fSIymF3zixIT0kSxEiL0P4gB5YPeVfN2AHTWncPNmUDGnr6yaZ1SdQZqSQ_JKpfQA7fe-jiTUWwrR5gZF034OI0EZPrXamIYw6zvoaBhu2fkD3YC4-pBUnXx3cyufggwk3iukqFKu9Z1-Ct_8qbQNxcPHb3Otj7Sr4Vtniamzz5_9l5TpcmZXreuP0NG3LO_azXe9d5B3MSNJEr8CCG1K_N9Q3fBTssjBQGUkAL4fg_cE_99I68u0E_Z0sWjbR65xXXHWOA4blXv9FVrw6pXRKD6PdS1UWYpvO1wwUFTgJkeqBsPp4KJ8YkeCL1mJ8PuH8Ituewr-Z45Jb-MVXan7IBdrjxi2pLdkzMn9xLebQQNjshkyRfmyLIps-O_hIUJt0wxNRlskgbHI089SUdS5z2H5_masSqc0-MO0AHPzDuKnZILL5Y2Psc6zfMs1BhtlksltW_Ao8aswjoUPr2bs7ffMS1l5dmuBFR70kv9X9oX_2i-80ZLsxF4JF8BwCLTUfiaJvObdUMovsPTBblWUB9TLbTaoEUAxHMyjppWTcnG6owLn3Jf_KiI1FsbLjc69hveX72xockzSjmBIXRdfMb2IliDP3W3zfrRvjNaPQM2qwVaJoFxY4tN0_sqMWq9jD3edHWGlVJpMWoWym-ZpIRxFp7bRpS3EwwrX406ok3TA61cvlR5O6VYPjpXlgI6RnoMSOF7F621lWhLVjAV6Jm3Ho-JYNS8LF8ZVjtU-Guueinj9fC9Bk34M_Sr8rB1-CxF69c9Md0ejGEzS7HTZl4BUfOnRPUkGEhOHkvx3ctqgndmyR90YZ6DAzzCvCllp4M0USOJoiyvThBF-N5EOVyUyEEtA8lNPMFiotxP7e8PjLN8pdT24O8T9xPnnAgkKrJHbt7wvKgwCPuE0ghUEoh2HgHiKAQim-T72AjAMxnABc2hxEzuPm8fq7cidS-eXcjK9W6TrndeacDbHas9TcVYVcZmZRmzhN8eW8M6X3NWt6QZzS3o09ubQpGi8dhkDpQarAw7QHurc2I9wkj65D6H6yVf0W_lkD08MclO5jX23dzi6-65gtZnTfamKWYOtTJ2OmQOCOjAWlnlVXZQ7_fuLcyKReX_dFlWtOg0Fy6lmQyMdvacCUh9ZgQGX6JLgF2RRmhUgqYLDKcQF45-EpclALPyrBFuZR0x2RoPDUK3MBEzPhl6zNuotpXEm1WoWhh3yTrCPmfzNHtlKkAuF3TP8nLyaSaOChi0KU6volYQisosl-1ZnFbSf6mqn7dJwcNDpZyttfExoOvDg8Lc1VJxFTq41wb0tXGpyHHJJsXrQU6NNXKfPhiiCxmu6cmG1x2-Y84gOdfGngPA-qdsF18VsCAOzX3tMqYxySxK9jar3Gz7cx7kz_TaS4&cid=CAQSOwBygQiD7la4DNBQSEqEeN6K703YbIA1cQ0LM0iBTH84jL3y2yW86gcgbf1veQcCSfxIKlGmbMezL_0jGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2237742837388520400&adk=212707235&idt=25&cac=0&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 21:03:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
12125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11027
x-xss-protection
0
server
cafe
etag
5492578185836041520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 21:03:39 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CEF4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 07:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
578771
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 May 2024 07:39:33 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 036E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 17:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
25763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 17:16:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 036E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 12:05:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
44412
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 12:05:32 GMT
l
www.google.com/ads/measurement/ Frame 036E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXpALhNxa1L5NvOrvIY7SiHholAro-DZUXP0rjpM6WKVKbAha56wXnuAklsO8xcacBwj9Xuu3aFcfOTZ9iucg1zt48YA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 036E 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:44 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame D07C 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1233
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FidHYyJrKfr8%2BdP7d2ddwN3CtIrZhRm%2FMiUtwXzPEqwYSu1Uu34z5I6dxH%2F%2F9RwwDrVKP5aQdg03WpN6ylzCcwjXJG%2FUZ0i2jL9ilpwjvMeUii6KM%2BiUww98Vr2nTnI81aWsS1IP8Fqe4CfRBzzJFtU"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7d2c8516ceb49a17-FRA
expires
Tue, 06 Jun 2023 00:11:24 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4341 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22233
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Jun 2023 18:15:11 GMT
etag
48472445140208031
expires
Tue, 06 Jun 2023 18:15:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CEF4 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66c959f9c66c9d93e6e80b887a34c0d39f206dcf48d1006352878eb03ad8b729

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame BE1B 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Origin
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61618
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 07:18:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame BE1B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZxTMTGtTHkXnvjuXrH-Ry0Nd5ZJWniDAYNKiyAQaGUH_EBv4UbTxDzF2ara_EtgxVRYvOVAXp55RCE_opLztty0y8wnfBHl5JP5TerR-ws6s0zqw&cry=1&dbm_d=AKAmf-ATuLqpwVkhimj9JNzUp7o02RS8q7ubNTHJQZkUNiK4lDkWprALJ1qf3E_YTCWuUpxGFVF1n3DHfRcBgDKJEe8EIyAKNu6jV_vxbPsFi0Z3M3NelaYfVxcAoUReMGd-g1ah6zO7Kn_rgvMJYwyzgeNfmKRYQ3F0IE0AsIQzJEXKpSMbA6jxS_RMpQSI9n2TkGK6vux4G3PBnxYlaI3z9FWUQtNXLyGTjKV-4Ug980Aao6yv6txVNvLCuZ_J_GISm6AefARz5My2Zvev0jgmBSnTS0FHG3o2n1ruMeVur6vGFJru7I5j7okDCd7ZmUtKjLqQ40FdQ7G5jwitLK3wBSMGR5CwavncLzi0mTfzK2rR7jmCsFXTUZtNDFRl3MtFQTMMmXsQGPF9QaSY5XTGdkTwwd5E5aHEXYEjjv55pnpUgXKuYS8WgGYZFpjAip3W2WhtfrUxoQCQn5MgJmw8fA_uZOa-owkHgXwYmSv1S7gxyi_IC0MHgvK-X_LgJP0P7qU0EzoqI7j3PfX5Stgy5RBhigzDvBMwaNt08D0IwwCgkunGb7nkP3Pi171HILOEpx1vGQDsCt-qOCEQF0UGtD8_2yp1uE4gEmlAPXMZ8syFPBusHmq-7UancFc6uLBiqN9UPnVSJA_KX3vnCGQxyAL3NdFg4qdJm92cjVGskRK1YTfQQZPib74qbuXPs-qPH-z-B6rd_zAuATi20hB2vAAT2_sQq8DA4TkbcglAtUwpByzElcOXRaryosL8wlYtGlHv-YjY8SYDcVhEA5xgTOo1bgZoM-Nnaw3OVedsudpXqiJaJsRzqUrkc0cdLTz5Dififjy6e8Ha8Mm5UPx829ayq8RcIH3Ga5OFYePOzq9yQzA1zWkII2ldR9pc99y3x91h0dDRaM2Ub-9vNgkm0RvM4KHZkZQwTxPxWwPbLWfUMM7HQgUMgMGiYJOGfIF3HJySyJ3Y1IrMYUtEXp_EFfb1Ovetfz7rp53R_svJD92YMwk79l6WYaNsmXlZcSmy0FfMJYWzvx-CvQgWAAjTJYEiA7d_gRYo3TsuiFrzHbUOcwdvMiCD4jYCHyrCRbT8pHLKGZad2ct5_kA818m-CFkWTg_MMrZFkWsOKxnrkcqKwNpU1hRTnxO3uMr6A20lhzfI7D_vVmTgGLqvip5pZz9mwu6STKQ4iARPGljWVVdLJxdiyV-yCNILaGttGmiNxlnIiJ63bFHrCTFtsfN-XmyKDUUgWnOEOTFoa_i0i3vtjWc7MH_eIU-_nEJb2cbtA5L_l9DZ8mqo6ImgdBSvEA9__RdcFhMgDedo1IGjL0XcXkNrFrge5szIX-jvel647nzN9irv1L0xoxxexN1wIcQdXjZHXkJ5KfVBuquNIzcHjy7EDp8P2Svyl0r_oijYa0fp0F16g8cSY94KIMjUBDPEJbdFhrmV2k3TzE5HRaJqaMSA-5NlByg_cxb5aAbOM7-M7ef6ZWX_ZMic9lMhvEEiRLGKPTzFr5A8yk_TawonR8bmauFhVsLvHvhQwaXRzN3NHWsM-UqxFFFwv67i2GKQB04nLhTpHLTUBGsgzZ7oTCifg73MTOiS_oB0g-ot9ooyUgjp6_myzQNWw4PGsOSVZlkzc3MeT3AMPlb4WkRJHLbQVrkMSKb6yCnPvCdaBWzT5Cj_rdnaL00-ugpCYevqoZ0bW6G3nTVKsrYfA08v0-5JjY5EZ3DHg01oXJYLQq-h0UckDj3U3JPVndbFtNO0OtNy6AnQ0xKXi22WqepAVdVwgFrXSnOZU5Fz8jYN1mTPgm8hxC5NGmEupKPAZ0H6QnVrSNoPFCru-2Hj2_UEGrtxk5jnsWI7x8ZfyurSmM67nbpBh3NP8kq-zsg1q8w0Xrh6_qyb3sg1i1W8byLVy8EdBf8D53rdvuy-u1CTswdIlOS7GpxWuku06aC6o-iiXVON-v7Puz9VtfbvdxEIfzNgGwETbTZjy2IKRLFWtwi7kGw5biVyUlSE_sOLPh2x1PSIkuyTpT_vkBuLf6QYYTHY0ynvr1RaRqe7c-d6lak6_vNteoMlT4IXnwWfXZ86VFiPs2BeaS6W6HDf1XlUlEf-c8hbtzUTxj6Qi8FF0v2sR755BKP3-o4W6leJcpBmjbQhUNMZtGQR4IelauYyeHV5mRnHxypHNdEMzhWYfmC7c2qgk9K5i56n3cNp3ZPZO9Dqy9UdFrLA7XwY9qxbXVTKB1232Qo_KW33KJoomVkxgkc1vS1UuSSXqIH4LXgTs08wUwSIcv7-aFcsSNVd1Ks-pSy0w4RZLf-Ll9oBC-OP66erdA4Kb-nIUWXqUocRqWVrAShDYk2Gs5s8sgnV3p7JkrmX2LPfUNguFb2-KI7UhlXThx1dSkgNATqCuFqnBixFvEnEITLdJbBuQbw6qAdYSWRMcFnjJN4HEuxMTafmnm7pMw3XC8FyaHNs0PyEKq3G34zbccDPj-aKQtOGUlAHCu31Fo5xWn0cG-_LSeBulMvxTjMuaicrsx2jTncUZWSbG3JxuzR5PqEiMWaKhR6Whqwp6lTeV7rRmOhCFm2ZSgkzOZ7VHpR9Lu61_Wyr-EAESL067nltwVXiVZy2HCa_1Fkg6lz1nGPyfi9-MeM43rcFB8MhUnhK_UdVuOi1_90PgnYp7EkgtmjqtwPC5cokn-3FiM0l4v8t6an7qrJgaeC3Rxfsgs2ShrJWZCx9sR2ipGvuvsgBTPcaNKswVrF_HLGiyW5hdz7G8L-VYepdV-f7BXNBLSfQCQEW6jp1QYnb6D97GXsUD9aXmMw6Cfurl-lJ68CLnyJAnPeoqlTWrhE3db5DAQUrI8fgF8gc3EGmdx8oOldIXGIJ-Xh4JYrOhGyONjWQIB0RyDRCJ3w81spfZj8kq-0oTSVANAhQO_8IuqdKNWdAzMVsM1vCsZmJ1T7rBMWrNHFSUMnSARoGzGjjS6BoLS3Sg6Fw2QCMf4OVKOEUs7kUXAVbtVc2A2sI-I1x9GoHYhHO7n0cs4O0cV-O_YsV4U5imXUC2JXRR9_32ihMdW_ekacUDjL-xvJWQFivsz2xSVfgwEGXCpEQCRO3wSQwrZOv9eetae_o2jO7Xo3o-0hxDdfKFDQVFYcg3kTo7JPX0Cb-iStsKcUmsJYELSYf-0wXh0DKi0WwAS-CDhBuNM_7pZlen_SL3Lt7Iph4lMxOR3Bb-uTdizT44YYaWDiXczzLhjtVmfvu3ZfUrTcEZU-5Io314Ub0exKvfzLyBPw_YAsNcG493E7Cm2_QbG_EHXCkVIdEAPfjCVJpbOTMV1Tiz1_86Kx8ugQyZKMGgiFqseKo8tX2A0m3bs4tC24zF-VpMs6KqGAIx-Ii-oLE9ozoh-iD2-S3498YbliwBTVBOTKH4DMV3i5EDj04QpsSGLjzvJRjvxl-WzOsv6XYaUA_azXnG8cPzwOPKBacY3V0J-qQF8hSIFnV9OqkY3Svz85yiuTc0cKnFkY5au3BjRe8cPkIWGd8uY4WsrdB2cj9RoVVlVB2kZpS0x0G1lj0PwqtFU4WpXRvyidZBl7dO1EK3CH-T8oRbqzNgBwxS5XD_lOOWH80FidqKc9Hunh96wL6WFD1GzTFyOY8Ad7Tm8OcTk2twuAW1Ka1749SjJ8HBL9h4Gu-4REM_ex62I8Tg1zb-4sc302f2LR8jpLBEShYOKnlUfgYmVGuBw5aikC64Q2pY8yqHC-WWDFz26BC4TODfNVsKDLEetRexaleahpcs8nZ1mhLuSTarGncYNBjaS9QNbTJGOqnlmAk&cid=CAQSOwBygQiD7yEIMhftgRpVln70w3IX9drQcYXhyw7TqE_eNbDTM22tqHBFBM1NpjUCeW-tqCV8SfOOSnfLGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=3828106269032251000&adk=3587751834&idt=35&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 14:15:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
36633
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
6053914914909336730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 14:15:11 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame BE1B 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZxTMTGtTHkXnvjuXrH-Ry0Nd5ZJWniDAYNKiyAQaGUH_EBv4UbTxDzF2ara_EtgxVRYvOVAXp55RCE_opLztty0y8wnfBHl5JP5TerR-ws6s0zqw&cry=1&dbm_d=AKAmf-ATuLqpwVkhimj9JNzUp7o02RS8q7ubNTHJQZkUNiK4lDkWprALJ1qf3E_YTCWuUpxGFVF1n3DHfRcBgDKJEe8EIyAKNu6jV_vxbPsFi0Z3M3NelaYfVxcAoUReMGd-g1ah6zO7Kn_rgvMJYwyzgeNfmKRYQ3F0IE0AsIQzJEXKpSMbA6jxS_RMpQSI9n2TkGK6vux4G3PBnxYlaI3z9FWUQtNXLyGTjKV-4Ug980Aao6yv6txVNvLCuZ_J_GISm6AefARz5My2Zvev0jgmBSnTS0FHG3o2n1ruMeVur6vGFJru7I5j7okDCd7ZmUtKjLqQ40FdQ7G5jwitLK3wBSMGR5CwavncLzi0mTfzK2rR7jmCsFXTUZtNDFRl3MtFQTMMmXsQGPF9QaSY5XTGdkTwwd5E5aHEXYEjjv55pnpUgXKuYS8WgGYZFpjAip3W2WhtfrUxoQCQn5MgJmw8fA_uZOa-owkHgXwYmSv1S7gxyi_IC0MHgvK-X_LgJP0P7qU0EzoqI7j3PfX5Stgy5RBhigzDvBMwaNt08D0IwwCgkunGb7nkP3Pi171HILOEpx1vGQDsCt-qOCEQF0UGtD8_2yp1uE4gEmlAPXMZ8syFPBusHmq-7UancFc6uLBiqN9UPnVSJA_KX3vnCGQxyAL3NdFg4qdJm92cjVGskRK1YTfQQZPib74qbuXPs-qPH-z-B6rd_zAuATi20hB2vAAT2_sQq8DA4TkbcglAtUwpByzElcOXRaryosL8wlYtGlHv-YjY8SYDcVhEA5xgTOo1bgZoM-Nnaw3OVedsudpXqiJaJsRzqUrkc0cdLTz5Dififjy6e8Ha8Mm5UPx829ayq8RcIH3Ga5OFYePOzq9yQzA1zWkII2ldR9pc99y3x91h0dDRaM2Ub-9vNgkm0RvM4KHZkZQwTxPxWwPbLWfUMM7HQgUMgMGiYJOGfIF3HJySyJ3Y1IrMYUtEXp_EFfb1Ovetfz7rp53R_svJD92YMwk79l6WYaNsmXlZcSmy0FfMJYWzvx-CvQgWAAjTJYEiA7d_gRYo3TsuiFrzHbUOcwdvMiCD4jYCHyrCRbT8pHLKGZad2ct5_kA818m-CFkWTg_MMrZFkWsOKxnrkcqKwNpU1hRTnxO3uMr6A20lhzfI7D_vVmTgGLqvip5pZz9mwu6STKQ4iARPGljWVVdLJxdiyV-yCNILaGttGmiNxlnIiJ63bFHrCTFtsfN-XmyKDUUgWnOEOTFoa_i0i3vtjWc7MH_eIU-_nEJb2cbtA5L_l9DZ8mqo6ImgdBSvEA9__RdcFhMgDedo1IGjL0XcXkNrFrge5szIX-jvel647nzN9irv1L0xoxxexN1wIcQdXjZHXkJ5KfVBuquNIzcHjy7EDp8P2Svyl0r_oijYa0fp0F16g8cSY94KIMjUBDPEJbdFhrmV2k3TzE5HRaJqaMSA-5NlByg_cxb5aAbOM7-M7ef6ZWX_ZMic9lMhvEEiRLGKPTzFr5A8yk_TawonR8bmauFhVsLvHvhQwaXRzN3NHWsM-UqxFFFwv67i2GKQB04nLhTpHLTUBGsgzZ7oTCifg73MTOiS_oB0g-ot9ooyUgjp6_myzQNWw4PGsOSVZlkzc3MeT3AMPlb4WkRJHLbQVrkMSKb6yCnPvCdaBWzT5Cj_rdnaL00-ugpCYevqoZ0bW6G3nTVKsrYfA08v0-5JjY5EZ3DHg01oXJYLQq-h0UckDj3U3JPVndbFtNO0OtNy6AnQ0xKXi22WqepAVdVwgFrXSnOZU5Fz8jYN1mTPgm8hxC5NGmEupKPAZ0H6QnVrSNoPFCru-2Hj2_UEGrtxk5jnsWI7x8ZfyurSmM67nbpBh3NP8kq-zsg1q8w0Xrh6_qyb3sg1i1W8byLVy8EdBf8D53rdvuy-u1CTswdIlOS7GpxWuku06aC6o-iiXVON-v7Puz9VtfbvdxEIfzNgGwETbTZjy2IKRLFWtwi7kGw5biVyUlSE_sOLPh2x1PSIkuyTpT_vkBuLf6QYYTHY0ynvr1RaRqe7c-d6lak6_vNteoMlT4IXnwWfXZ86VFiPs2BeaS6W6HDf1XlUlEf-c8hbtzUTxj6Qi8FF0v2sR755BKP3-o4W6leJcpBmjbQhUNMZtGQR4IelauYyeHV5mRnHxypHNdEMzhWYfmC7c2qgk9K5i56n3cNp3ZPZO9Dqy9UdFrLA7XwY9qxbXVTKB1232Qo_KW33KJoomVkxgkc1vS1UuSSXqIH4LXgTs08wUwSIcv7-aFcsSNVd1Ks-pSy0w4RZLf-Ll9oBC-OP66erdA4Kb-nIUWXqUocRqWVrAShDYk2Gs5s8sgnV3p7JkrmX2LPfUNguFb2-KI7UhlXThx1dSkgNATqCuFqnBixFvEnEITLdJbBuQbw6qAdYSWRMcFnjJN4HEuxMTafmnm7pMw3XC8FyaHNs0PyEKq3G34zbccDPj-aKQtOGUlAHCu31Fo5xWn0cG-_LSeBulMvxTjMuaicrsx2jTncUZWSbG3JxuzR5PqEiMWaKhR6Whqwp6lTeV7rRmOhCFm2ZSgkzOZ7VHpR9Lu61_Wyr-EAESL067nltwVXiVZy2HCa_1Fkg6lz1nGPyfi9-MeM43rcFB8MhUnhK_UdVuOi1_90PgnYp7EkgtmjqtwPC5cokn-3FiM0l4v8t6an7qrJgaeC3Rxfsgs2ShrJWZCx9sR2ipGvuvsgBTPcaNKswVrF_HLGiyW5hdz7G8L-VYepdV-f7BXNBLSfQCQEW6jp1QYnb6D97GXsUD9aXmMw6Cfurl-lJ68CLnyJAnPeoqlTWrhE3db5DAQUrI8fgF8gc3EGmdx8oOldIXGIJ-Xh4JYrOhGyONjWQIB0RyDRCJ3w81spfZj8kq-0oTSVANAhQO_8IuqdKNWdAzMVsM1vCsZmJ1T7rBMWrNHFSUMnSARoGzGjjS6BoLS3Sg6Fw2QCMf4OVKOEUs7kUXAVbtVc2A2sI-I1x9GoHYhHO7n0cs4O0cV-O_YsV4U5imXUC2JXRR9_32ihMdW_ekacUDjL-xvJWQFivsz2xSVfgwEGXCpEQCRO3wSQwrZOv9eetae_o2jO7Xo3o-0hxDdfKFDQVFYcg3kTo7JPX0Cb-iStsKcUmsJYELSYf-0wXh0DKi0WwAS-CDhBuNM_7pZlen_SL3Lt7Iph4lMxOR3Bb-uTdizT44YYaWDiXczzLhjtVmfvu3ZfUrTcEZU-5Io314Ub0exKvfzLyBPw_YAsNcG493E7Cm2_QbG_EHXCkVIdEAPfjCVJpbOTMV1Tiz1_86Kx8ugQyZKMGgiFqseKo8tX2A0m3bs4tC24zF-VpMs6KqGAIx-Ii-oLE9ozoh-iD2-S3498YbliwBTVBOTKH4DMV3i5EDj04QpsSGLjzvJRjvxl-WzOsv6XYaUA_azXnG8cPzwOPKBacY3V0J-qQF8hSIFnV9OqkY3Svz85yiuTc0cKnFkY5au3BjRe8cPkIWGd8uY4WsrdB2cj9RoVVlVB2kZpS0x0G1lj0PwqtFU4WpXRvyidZBl7dO1EK3CH-T8oRbqzNgBwxS5XD_lOOWH80FidqKc9Hunh96wL6WFD1GzTFyOY8Ad7Tm8OcTk2twuAW1Ka1749SjJ8HBL9h4Gu-4REM_ex62I8Tg1zb-4sc302f2LR8jpLBEShYOKnlUfgYmVGuBw5aikC64Q2pY8yqHC-WWDFz26BC4TODfNVsKDLEetRexaleahpcs8nZ1mhLuSTarGncYNBjaS9QNbTJGOqnlmAk&cid=CAQSOwBygQiD7yEIMhftgRpVln70w3IX9drQcYXhyw7TqE_eNbDTM22tqHBFBM1NpjUCeW-tqCV8SfOOSnfLGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=3828106269032251000&adk=3587751834&idt=35&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 21:03:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
12125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11027
x-xss-protection
0
server
cafe
etag
5492578185836041520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 21:03:39 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BE1B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 07:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
578771
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 May 2024 07:39:33 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 9038 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Origin
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61618
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 07:18:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame 9038 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLo55hlHNpLF3QeSxJHrIajWsJ841NCsGjkyDGcO7PbmB9n3-tH8ZIOv5Ab1LYhH4-xOJ6tWPPizyzaJLlboHKdQ-7HhPnCuRS-8l1rnWDUEgT7mINtQbd-cPceCHL6Tqe73E0sZw0i5AtwvOI8g4QjWR56X1F5y7a7Xvegq0QxYVz94s&dbm_d=AKAmf-C7ogeZqEFZutxlFbt5HmENK5UsXHsBLtp8yZ5TCg1O8b30JKuXDKPeVZJixX0Xt4IvThf6LSgS59BGaAfumMB3XrB8FluMOlWunJd8yVdUw3cR_lP4TzSbrx76INpXPYD-P3bIRxuJUFLTW07_LaD-EOSkEJOa26KZ-U9MD4D_9tQDVf7PIvU0UFYr5SlXVZnnCuEhHw2_gBUBWLaO57hAyQlbjWyASCLO8Fu5uFUvawmP7G-77J0ZqQqiJ71t4_J1baDGLFK36d1Or4TACUmt7aWe2kGOo2WwLgmw_zpfStBX6W6w2GHvfYfvR0amBZsAtdj4EEf123K9-PJG444YRppBXUUD2P-YVhdieIq3eTFALEc1i3uQcGtAZGVb_YH_0WUjuo70-s88hF2kCTtbuXFHzWyEHjqrm45ARoImAAFkRxYF6ArGg4SaIS1b4U36kI2R2hcxGHpoZ0rf7_mwQIAAxeDqwkMks24k5hS7h9QtwMFN4heNPcAT3FHKE3xrBsKZyKsnvknBc6bfUThVZOodpZioqLUvBEP9lyuu6DeJIgu3R_aljVRPyB__F8GQR7HrqVHucg_3mtEXIB62tF06qdBPvZfs4WFUr3JjuVBMlS8hTYsWudME3DWglagn1OT7A6EEB3FsEM3AWVSzdhskKUOKA7k3BiI_CgpTKJN06MvQLs6ytoah_M1IL_9qjtleEzpcsTZDwvHHg6Eo6VJq5k3KpEfC7fmqfdQTUPCMuh2y4cjb_OInNjnLuGVAkexwR1VXs2UHrIl-daJdkBXDlkGUsHqj17rzeB5CKTgynPYjoCmDkwxJGj0-loPyeb4_UkOdXYaP6ygMgp4KeL3oH-O_oevG8_yP-DjLuFHpvbHCdTiR3Am1E3GGEATmTxP384p-QqREzOEt6wo3gjs_gPEmULzV7Tm08-pEBLLMrEghvEpR2CSOCxEteKS06lJdNLE_8SZ0uhPTdP46vbmy5dAB1zDfCTgsfgWKkJPzUJgsCzd_lYnpltwDa0__CNA01ypH-tI7wXjprGp5av8UqXEt6Bk8KUcABSbBTpzhTdf4aZwuL71027drsOx5cJovheIMUq_JTB356SFuHGS-EVeMssN8Uc0DLqp_jMWajfLP804M2h0WsgT0TJn8pBKd5Wo4HofqILF6pgltkP9B1GWPmjCRlx18pxlPbQSXX69yYbCr8Gr8tssF6Wrdh3twJmZSrtybXlf_shUrL7tuNVbZNpRkfNlucYNWMjMb6eNE-02WY3apfxiHJMCIbV0IeWYp-XB10wltEnU5v9EcrJTJnBk9og6EUYWOVLsALEtfVN0d5DdWrD5_7hMqo4nWfjpwcozgkLmcRsQCOyxCGEsXPciWqCg-EYdoMn7Ec-elviPJRnrlX0rU_TrSl89HYBst-Wf7VsTZBIleU2t1yAsACITix4sI9TEOE02MX4teH1ECvGFGyzlu4ETuH4OQjTOo5zdOklcLQnfe8nRZe-xJIET5wQRe7Ef4gbk5kghLMoDFoDMek9FA6VB37xGco8L1OK-Nvu_xnFJraBfKk0acQlBlcHMaka8Wx7K-MbyxAwetIN1YAu9v_fYd6FlaeMCWYvjDPjmTCUQtDMH2HMk0lH5L6sjqOhVE_dMjjPz4u2y27zj1MkXMJ6Nu9phzu8pumI4V8B7vA7_3AKaG49Lq-1FI1JZKSVEmjfvXyCSIsoeQprzYpxLYIPbMAQgybgkBXXYFlY76dxCSsZo2axSb2-0OG29nrDynQrzzYBFqfJrFRlfbykOMSRXN_yhwqGIS_nqpqzBaVsXtOtDMDEZQCPS28G6lfkMaWIpKa8Z9JTSi5A9NMdLZ3Dp4hiZsqHLp7260bA8TNuwQ-e2KkTm0WDP1ot9nhZMm2VMt8sOTnf7mjS-msySXVBFU2FetacwBLmbLZzW9VWR2Q55BarLPLVz77tut5e_eHspybLfBunOboJFcIGB04AuYJGal_xPHrQ39HBaHuutoMGULFtc1QQSSBZnKFeeTNdA3PRZQZh1bu-Nw01piVAcjFJ9DmA4u2IBw4GrEHwS--saVupEpZ0zsS5IwWWaOpJnCZBZIcBUPbhjZRvibRaHey34MavrqoYVya1l1WEhSdRZrtfg_dd403eAUAANJBAfqrEO2wIyxnIUiDCPJ8tfXBaNWtTtlP5t72-SSD8xa6ye7eQdsfe_gD8XEKE77dZvp3P3tYI11nYzfVdJ88ZEV-1kd6b94bn8t7tcTX8vRzN2QOiOC-wiiPpipFAJ2TJdqZpvrnpBRRWFu_Z1MWoEKNlJlAU1zZbDJvETpZrA6CPm8NTDl_GlcK02F194yF4vKrZRd_M6rPZmK5gY2mbY7YQtpZsjlpFAQ5zCi7lmq3AXSRYvaqaHkaFK9DUdFb43u08tEAGN3i20A5yXhhobrzfjRJn5bsd_TCNC07cJFP42T8nRYM7lDGDn7-qgjFWkOokMRs_ohr_d3AKzHTVrwneg8eo7wkLxqPaI2gUc83ezkYNkp9lz8k1QGSxKSMu3Nb4COlHKEYi6kRa9y5swNGtnNgSiqyn8JOe8gG01VCcuOFQ2rd2aQRSImzNOIDK6TWBim5E9sGCOfyNT0_hrHcduUtWat-R-OLbIL_fvCQPdNaMKfsFcjD4Ro4AAYp719iMzhsVd5edu0n9RK-Q8lrdjGgfvpufKWe1gj9r3pFOVEYNcEbCARe7iAOfV-W_FXp6F2kBrSccfsfBdszdUEww12_SUZDa1bVCsW_LddzieGbEPimBT589L6MRPWifN76aDf3umzFYz0xd0PCjU7RGgOslWiPMOGXZT7I1e2AEqvVdytHL-B6H06EmF__NFM_GPYfYpdCKsDauQPefi7DDZYvairEkhtM_4BZPdO2mklWnh8hJSlGbCc2bT15K-K5RjfQhaUSX25pokhggu01pdiisvnfBjQ_G2VoLTSwgxVfVPQ0fFNOOfwFvFFThNPIg5muilT6N9Anh40PzzNbwYtQrZJx2NDLRgtI-J74GLmhRV5cUEe8HbkOMcGerzpxhkGlqdJBzFZNY0TVxYqZvPaSZtlzMQVo84ophYFedUWTujAfPJA_lIWjJ3aUMvNs6VOKWq7mK7HlWYy57xQsmQ_uvIa_uBAl46Ah7sJniU-enVVXLqbcEpYXM-R9DV72HabT5XA796DfkMoCPVVkA6p7_0EiBOcm0PBokBFaCZKnn1ggMA1Yjm9JsVzZdgog7mRgcxu-xjK1epRUeBszKvlNEN4eCMdGU5p35YQgzBOvRkRuzYYltXwpbTEy-EgJ5okOwcx5e0_84cRBzN5cVSZ&cid=CAQSOwBygQiDOgFK8sJRL19Ozwp_G43F0CSJ49ZuGJ1rS1V9CmkU5LaAWWUZmMa1HUgu3DX2jyU1Mcb9cXovGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=5687695187570812000&adk=578009112&idt=34&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 14:15:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
36633
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
6053914914909336730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 14:15:11 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 9038 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLo55hlHNpLF3QeSxJHrIajWsJ841NCsGjkyDGcO7PbmB9n3-tH8ZIOv5Ab1LYhH4-xOJ6tWPPizyzaJLlboHKdQ-7HhPnCuRS-8l1rnWDUEgT7mINtQbd-cPceCHL6Tqe73E0sZw0i5AtwvOI8g4QjWR56X1F5y7a7Xvegq0QxYVz94s&dbm_d=AKAmf-C7ogeZqEFZutxlFbt5HmENK5UsXHsBLtp8yZ5TCg1O8b30JKuXDKPeVZJixX0Xt4IvThf6LSgS59BGaAfumMB3XrB8FluMOlWunJd8yVdUw3cR_lP4TzSbrx76INpXPYD-P3bIRxuJUFLTW07_LaD-EOSkEJOa26KZ-U9MD4D_9tQDVf7PIvU0UFYr5SlXVZnnCuEhHw2_gBUBWLaO57hAyQlbjWyASCLO8Fu5uFUvawmP7G-77J0ZqQqiJ71t4_J1baDGLFK36d1Or4TACUmt7aWe2kGOo2WwLgmw_zpfStBX6W6w2GHvfYfvR0amBZsAtdj4EEf123K9-PJG444YRppBXUUD2P-YVhdieIq3eTFALEc1i3uQcGtAZGVb_YH_0WUjuo70-s88hF2kCTtbuXFHzWyEHjqrm45ARoImAAFkRxYF6ArGg4SaIS1b4U36kI2R2hcxGHpoZ0rf7_mwQIAAxeDqwkMks24k5hS7h9QtwMFN4heNPcAT3FHKE3xrBsKZyKsnvknBc6bfUThVZOodpZioqLUvBEP9lyuu6DeJIgu3R_aljVRPyB__F8GQR7HrqVHucg_3mtEXIB62tF06qdBPvZfs4WFUr3JjuVBMlS8hTYsWudME3DWglagn1OT7A6EEB3FsEM3AWVSzdhskKUOKA7k3BiI_CgpTKJN06MvQLs6ytoah_M1IL_9qjtleEzpcsTZDwvHHg6Eo6VJq5k3KpEfC7fmqfdQTUPCMuh2y4cjb_OInNjnLuGVAkexwR1VXs2UHrIl-daJdkBXDlkGUsHqj17rzeB5CKTgynPYjoCmDkwxJGj0-loPyeb4_UkOdXYaP6ygMgp4KeL3oH-O_oevG8_yP-DjLuFHpvbHCdTiR3Am1E3GGEATmTxP384p-QqREzOEt6wo3gjs_gPEmULzV7Tm08-pEBLLMrEghvEpR2CSOCxEteKS06lJdNLE_8SZ0uhPTdP46vbmy5dAB1zDfCTgsfgWKkJPzUJgsCzd_lYnpltwDa0__CNA01ypH-tI7wXjprGp5av8UqXEt6Bk8KUcABSbBTpzhTdf4aZwuL71027drsOx5cJovheIMUq_JTB356SFuHGS-EVeMssN8Uc0DLqp_jMWajfLP804M2h0WsgT0TJn8pBKd5Wo4HofqILF6pgltkP9B1GWPmjCRlx18pxlPbQSXX69yYbCr8Gr8tssF6Wrdh3twJmZSrtybXlf_shUrL7tuNVbZNpRkfNlucYNWMjMb6eNE-02WY3apfxiHJMCIbV0IeWYp-XB10wltEnU5v9EcrJTJnBk9og6EUYWOVLsALEtfVN0d5DdWrD5_7hMqo4nWfjpwcozgkLmcRsQCOyxCGEsXPciWqCg-EYdoMn7Ec-elviPJRnrlX0rU_TrSl89HYBst-Wf7VsTZBIleU2t1yAsACITix4sI9TEOE02MX4teH1ECvGFGyzlu4ETuH4OQjTOo5zdOklcLQnfe8nRZe-xJIET5wQRe7Ef4gbk5kghLMoDFoDMek9FA6VB37xGco8L1OK-Nvu_xnFJraBfKk0acQlBlcHMaka8Wx7K-MbyxAwetIN1YAu9v_fYd6FlaeMCWYvjDPjmTCUQtDMH2HMk0lH5L6sjqOhVE_dMjjPz4u2y27zj1MkXMJ6Nu9phzu8pumI4V8B7vA7_3AKaG49Lq-1FI1JZKSVEmjfvXyCSIsoeQprzYpxLYIPbMAQgybgkBXXYFlY76dxCSsZo2axSb2-0OG29nrDynQrzzYBFqfJrFRlfbykOMSRXN_yhwqGIS_nqpqzBaVsXtOtDMDEZQCPS28G6lfkMaWIpKa8Z9JTSi5A9NMdLZ3Dp4hiZsqHLp7260bA8TNuwQ-e2KkTm0WDP1ot9nhZMm2VMt8sOTnf7mjS-msySXVBFU2FetacwBLmbLZzW9VWR2Q55BarLPLVz77tut5e_eHspybLfBunOboJFcIGB04AuYJGal_xPHrQ39HBaHuutoMGULFtc1QQSSBZnKFeeTNdA3PRZQZh1bu-Nw01piVAcjFJ9DmA4u2IBw4GrEHwS--saVupEpZ0zsS5IwWWaOpJnCZBZIcBUPbhjZRvibRaHey34MavrqoYVya1l1WEhSdRZrtfg_dd403eAUAANJBAfqrEO2wIyxnIUiDCPJ8tfXBaNWtTtlP5t72-SSD8xa6ye7eQdsfe_gD8XEKE77dZvp3P3tYI11nYzfVdJ88ZEV-1kd6b94bn8t7tcTX8vRzN2QOiOC-wiiPpipFAJ2TJdqZpvrnpBRRWFu_Z1MWoEKNlJlAU1zZbDJvETpZrA6CPm8NTDl_GlcK02F194yF4vKrZRd_M6rPZmK5gY2mbY7YQtpZsjlpFAQ5zCi7lmq3AXSRYvaqaHkaFK9DUdFb43u08tEAGN3i20A5yXhhobrzfjRJn5bsd_TCNC07cJFP42T8nRYM7lDGDn7-qgjFWkOokMRs_ohr_d3AKzHTVrwneg8eo7wkLxqPaI2gUc83ezkYNkp9lz8k1QGSxKSMu3Nb4COlHKEYi6kRa9y5swNGtnNgSiqyn8JOe8gG01VCcuOFQ2rd2aQRSImzNOIDK6TWBim5E9sGCOfyNT0_hrHcduUtWat-R-OLbIL_fvCQPdNaMKfsFcjD4Ro4AAYp719iMzhsVd5edu0n9RK-Q8lrdjGgfvpufKWe1gj9r3pFOVEYNcEbCARe7iAOfV-W_FXp6F2kBrSccfsfBdszdUEww12_SUZDa1bVCsW_LddzieGbEPimBT589L6MRPWifN76aDf3umzFYz0xd0PCjU7RGgOslWiPMOGXZT7I1e2AEqvVdytHL-B6H06EmF__NFM_GPYfYpdCKsDauQPefi7DDZYvairEkhtM_4BZPdO2mklWnh8hJSlGbCc2bT15K-K5RjfQhaUSX25pokhggu01pdiisvnfBjQ_G2VoLTSwgxVfVPQ0fFNOOfwFvFFThNPIg5muilT6N9Anh40PzzNbwYtQrZJx2NDLRgtI-J74GLmhRV5cUEe8HbkOMcGerzpxhkGlqdJBzFZNY0TVxYqZvPaSZtlzMQVo84ophYFedUWTujAfPJA_lIWjJ3aUMvNs6VOKWq7mK7HlWYy57xQsmQ_uvIa_uBAl46Ah7sJniU-enVVXLqbcEpYXM-R9DV72HabT5XA796DfkMoCPVVkA6p7_0EiBOcm0PBokBFaCZKnn1ggMA1Yjm9JsVzZdgog7mRgcxu-xjK1epRUeBszKvlNEN4eCMdGU5p35YQgzBOvRkRuzYYltXwpbTEy-EgJ5okOwcx5e0_84cRBzN5cVSZ&cid=CAQSOwBygQiDOgFK8sJRL19Ozwp_G43F0CSJ49ZuGJ1rS1V9CmkU5LaAWWUZmMa1HUgu3DX2jyU1Mcb9cXovGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=5687695187570812000&adk=578009112&idt=34&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 21:03:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
12125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11027
x-xss-protection
0
server
cafe
etag
5492578185836041520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 21:03:39 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9038 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 07:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
578771
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 May 2024 07:39:33 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame AD7A 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Origin
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61618
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 07:18:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame AD7A 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CMcwKjX-lQdzLJ1XALjQnbmeL_Z3dHRSzR4FwTs3suMV5964mtvYqevpRtCDNerMGo4w98hfJNAshNqgPcsvitHi-pVwfzeB-J-WYwwPxsnbd6X1tosopfdt-djjkEvxyjo1LttBIUOU5mgb56XQW5_3pZeifxVH3uDu0sFJYmoKXyN5M&dbm_d=AKAmf-CO7j06Ly9WCA91Gs9Bm8bs5bKL0SKjFIQVMfvNLyVoaIITOnknZXjIOIzb_MY5psnwDqO4z4VHobVavD232h440ynjOZTA1NRtoVgyH0WaJSpHdXEK8s_VMt7sxycbHkwHYo5zQmlpQg6asZNa3jiSmXdKH61byAvjhXzorlg4Xk7TbhMVc8kqMzBnqkC1x_rhKRmZ16fXK2wwISgWxAU7NTkgaqOMfMCT7aCu_YQqtby2PLOmTWsI6KJQvI097xtuMh8z9eXGyRNaTB-dHDttqXJnMX0s2f5LSkuwkB0aW039TDT53Il1nTaWRgARQpc_2pK_HC8IW5KIoxHkUrd6FoEdpz6w8vNlXousBYDcK-_GiTfixazKQU_xvG7REHqpksojqtLlyqExZzJteX-OivcSwmSXmINQGHTEBlXE_JM5RvWGWXwnjK0JPKZJsbrwMkaCeV_Si6cq6Sc1uYx0MfGfFeVgzXPrXVNuvfeS8Om1NC3JDkpIFzieQfkus5M3YParnmdD5nhj84KN_6gt2e8KFVVyKDFe0Ns1nBPbhXVqy5zHdtd7T8vnnDT3QWA_EJjFdj2sXaf8hbYvPwcIRboRXR930pxqkvRtaWbeKtjuO_Aa1Z4987HLVTXssSU-WfwXa3BigPN6CxnhtDXrP13Ucl0qdUKvc5MBi3NyjoF4hgXEfd8qfbBSLPFntSijVEO2VVKPw7baTLDLoafOnDs7EMuwGBhFm81N0SoCd1yFrG9ekdkJrEB3xqlrxL82UDWXzUHTKzlt0TG6WQwrSQIm9VzgW6GlekR2KCwF7rlgCf9pUCyE-i9KZvAnwryDPlEEB0QqrGqMsooVD4c7nD8J69n3Xd5sHdCj9qYP09UG-SuSjGHfXKi9OT_m-gF_j10e5xukwTE_F04xnLXOQEa3AuuGlBN_66YIlw5hclLak766E0J0KrX7F3yeK8lXKKszaqqekR_hTXOEcKCrQ1GBV9NF21uJRdH7y_KScO1zd1KBFWCwijIOK7CjJc8FFAw8SUQ2P2n6pVnxujbQjFkEPcs9fRUMMrJIpvcnbM15wpoh8ea5nEqce9WCrH1OHtiQNJoYInF7z_Z8J87zvf27bBgLRFar_db9wMHk51ur8xFvjLepqE-aPjLS58B5Y9absjCWFZ7CUBYgiIv2HnuqzNlP2PHFyC6RRHiU5YQ6bdgxPTOIsEZT7POBkvcx00AjobzR8Ew2gCrzcPY0Ml2ZUBFrSc6fJUkpeEkBGiRAECXhy0lqDNpAZwkC9Udj6AueSncOHvVw_g7YwrfBu3j0xS-k_2208ZfildO1Y8PMXaYMAZShOwfZxCaGJ_DHfe793xwntiiqcP2vjnKGMTrWW-1cACIgdNmbHYEtK6VJCh8Nb0ER63Wrf8JiIUsnc9D0NNaJ9kIjKFId3WVcH5ZvF9vpelK88Ci_oX12za8CRj0zsmEcHNnFAT2eZKQpi7XjMyM1qIwmo8g0SK9FJJjhCqnrJmbWyz0_-0STOXcPk1T4nL7VSbJlbI4NEIvZGMJYkDv5GG7ESQGSGX7zV7zP7_2DTNVjzJTV5liLgMMzpcz7VlSyFz7hoXZyzGsr629k_FCUJ-IY8CQNMwp5mEYUh2b0K4Auf7d70rbzonxag5HrSYlOh87yTkk0FlNowHnEukH3GkGul7j_tgZYIamlcphvI2LnpxTyIHEzX4Iskz2OraOxLiFXE2RJQoEYMPk0Mk1IjhnjEaxJiJF3FEu0lx0dhj_-_WDpqWMe4f_sNVWNsKNi0_XXx9U8UbzRoWnXTckO0WF8Di79uwtyaXE-8nPstMKtGI04RR_6vdbQ9MxAJQHX1S6B3tZFJ6LZ5lNOLEcWFw90yasWsHUCGdqdb4fE9jg2bWn3qDVFI4GechZ7bIjWPTQgtA48jUkEcIy-FV5nsV8NyHsKR3eOQVvqKKwOsZ708kJgnMZMk487K8RG2IQsMizCp5MwOj72-pZ9jHtFFCnWcdTKxQ8O60PvEp2jV6-G_myqsDKqKOh4H90K8_9lvxXu8FCN5tZ_VpoThnw2b9R8szuAxC9P8V800tQdWfZ-DqHCVnwlD_VeC_tm5Lh2J2kHzaWfkZvndhJRMcltu4ip6X74TC9LzfLR684c-RwsXN7_kaRREG5oIPXFC2Rhm5cR6YXQhFb1Yu1GfWLKRH121sCYuDrwVMOPqzwl2T2BxS3LWzbnE6kQBJPicU-oncrdSfUN4td9BVZLw3rW3hwgK7N0uv8Ikbd4o-u9PrSnyN59P8cELTabzv8LMJqmN6YgsNTYGOfIYtkKPA3EMvh0-OAfr52r-_0D8FM713_GMzpwM57DE8q3KvRQudurRZzpFIa6zCqWsCEyrl5WbLgBTp-MoBdiayutHAdewXZOuisBd5dfHEO3CjYi5QYoJ-MgMXPP3IGF-ncAILSxNiSVsfV0KfyI2uuRv3VwchY4maDp6QjCFMO614tMRJTf2Sw07_7t7rCZ4qJYR4TOhb2NW3BWQMwoKTGXlzBPtA0Q8BR7ZDrK0DjoqaGYTBhIDkDAPkqbyfvS9zweKbsZ1U7xr8Rh_gWKLSn1CydRiSrTy6SoVHP9alHM5aYsT0MchmGJR4cqKe8q4vZqDnydKHhGFHWPIbBCJfYgZXRktYBaGhxuoUKfY2z2Z2vszNxzPmLf6HFU8Iwy8lmv2LQuZ8l0GoN7dLIw0tJFLUXcJTSdGEv3v3IH7p4kqreVGzZOCJFmVGvE2NvPA39YBfelXFeO3qBMgM-AzVL8yZB07kZF8mXDpbxURjpXoNLODJI6EovxDwr1pgirnFW3JeFb0I3cjGQQXikN9r1TJO3tsouY2imc0i9KeRihIF93AP8jbuhxoj60HWNv2EkpR0gkHrjhX153fd3G4jCSIFZ9ylHlr4l6xH8aF73sjnayzsH26cQsbRGdibUIJK2qSBEIJgJtCKVWusFFIb8JTt0BWquVS-3GPYw69ZJDiO3S8MX4xtP6ddhA4eJTo7nt7mQC6m3R3qjB-1l-KJF4_MifQ5j9SpHSN_TBYzfvBYIxK1bmhs54YSw-6421RVSWscb_D5K2C1dCwYIQDaM-KOZICYSxUC_sciwngUxOfZrSMLuPAK4IiTp4nHR5n6WiXyEhrXx3e2brIiH2z4Kmmpyq_4hb-Whxp-gtVpjgS2xp0uYxFxDgEWJ__IFu3iFtG1At2yCQQw5AFJG2Eaiip10oU11z7Q7T0tGFwTuBulv52JVdRL62U_byyXt3FericbeAS3k6ba68ubAQ_fOasR7bxu1EtjdmXwLD-TlrpT-gApa5d3k_VXMi8wEZDleT&cid=CAQSOwBygQiDvlt_JB1QlaKHARgwqAxRn6yRryC45M93Av-97IU3w-STNWpmMjtyscktLV4Tc9kzCAdJXMNLGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=9931757394151975000&adk=3860319555&idt=39&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 14:15:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
36633
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
6053914914909336730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 14:15:11 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame AD7A 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CMcwKjX-lQdzLJ1XALjQnbmeL_Z3dHRSzR4FwTs3suMV5964mtvYqevpRtCDNerMGo4w98hfJNAshNqgPcsvitHi-pVwfzeB-J-WYwwPxsnbd6X1tosopfdt-djjkEvxyjo1LttBIUOU5mgb56XQW5_3pZeifxVH3uDu0sFJYmoKXyN5M&dbm_d=AKAmf-CO7j06Ly9WCA91Gs9Bm8bs5bKL0SKjFIQVMfvNLyVoaIITOnknZXjIOIzb_MY5psnwDqO4z4VHobVavD232h440ynjOZTA1NRtoVgyH0WaJSpHdXEK8s_VMt7sxycbHkwHYo5zQmlpQg6asZNa3jiSmXdKH61byAvjhXzorlg4Xk7TbhMVc8kqMzBnqkC1x_rhKRmZ16fXK2wwISgWxAU7NTkgaqOMfMCT7aCu_YQqtby2PLOmTWsI6KJQvI097xtuMh8z9eXGyRNaTB-dHDttqXJnMX0s2f5LSkuwkB0aW039TDT53Il1nTaWRgARQpc_2pK_HC8IW5KIoxHkUrd6FoEdpz6w8vNlXousBYDcK-_GiTfixazKQU_xvG7REHqpksojqtLlyqExZzJteX-OivcSwmSXmINQGHTEBlXE_JM5RvWGWXwnjK0JPKZJsbrwMkaCeV_Si6cq6Sc1uYx0MfGfFeVgzXPrXVNuvfeS8Om1NC3JDkpIFzieQfkus5M3YParnmdD5nhj84KN_6gt2e8KFVVyKDFe0Ns1nBPbhXVqy5zHdtd7T8vnnDT3QWA_EJjFdj2sXaf8hbYvPwcIRboRXR930pxqkvRtaWbeKtjuO_Aa1Z4987HLVTXssSU-WfwXa3BigPN6CxnhtDXrP13Ucl0qdUKvc5MBi3NyjoF4hgXEfd8qfbBSLPFntSijVEO2VVKPw7baTLDLoafOnDs7EMuwGBhFm81N0SoCd1yFrG9ekdkJrEB3xqlrxL82UDWXzUHTKzlt0TG6WQwrSQIm9VzgW6GlekR2KCwF7rlgCf9pUCyE-i9KZvAnwryDPlEEB0QqrGqMsooVD4c7nD8J69n3Xd5sHdCj9qYP09UG-SuSjGHfXKi9OT_m-gF_j10e5xukwTE_F04xnLXOQEa3AuuGlBN_66YIlw5hclLak766E0J0KrX7F3yeK8lXKKszaqqekR_hTXOEcKCrQ1GBV9NF21uJRdH7y_KScO1zd1KBFWCwijIOK7CjJc8FFAw8SUQ2P2n6pVnxujbQjFkEPcs9fRUMMrJIpvcnbM15wpoh8ea5nEqce9WCrH1OHtiQNJoYInF7z_Z8J87zvf27bBgLRFar_db9wMHk51ur8xFvjLepqE-aPjLS58B5Y9absjCWFZ7CUBYgiIv2HnuqzNlP2PHFyC6RRHiU5YQ6bdgxPTOIsEZT7POBkvcx00AjobzR8Ew2gCrzcPY0Ml2ZUBFrSc6fJUkpeEkBGiRAECXhy0lqDNpAZwkC9Udj6AueSncOHvVw_g7YwrfBu3j0xS-k_2208ZfildO1Y8PMXaYMAZShOwfZxCaGJ_DHfe793xwntiiqcP2vjnKGMTrWW-1cACIgdNmbHYEtK6VJCh8Nb0ER63Wrf8JiIUsnc9D0NNaJ9kIjKFId3WVcH5ZvF9vpelK88Ci_oX12za8CRj0zsmEcHNnFAT2eZKQpi7XjMyM1qIwmo8g0SK9FJJjhCqnrJmbWyz0_-0STOXcPk1T4nL7VSbJlbI4NEIvZGMJYkDv5GG7ESQGSGX7zV7zP7_2DTNVjzJTV5liLgMMzpcz7VlSyFz7hoXZyzGsr629k_FCUJ-IY8CQNMwp5mEYUh2b0K4Auf7d70rbzonxag5HrSYlOh87yTkk0FlNowHnEukH3GkGul7j_tgZYIamlcphvI2LnpxTyIHEzX4Iskz2OraOxLiFXE2RJQoEYMPk0Mk1IjhnjEaxJiJF3FEu0lx0dhj_-_WDpqWMe4f_sNVWNsKNi0_XXx9U8UbzRoWnXTckO0WF8Di79uwtyaXE-8nPstMKtGI04RR_6vdbQ9MxAJQHX1S6B3tZFJ6LZ5lNOLEcWFw90yasWsHUCGdqdb4fE9jg2bWn3qDVFI4GechZ7bIjWPTQgtA48jUkEcIy-FV5nsV8NyHsKR3eOQVvqKKwOsZ708kJgnMZMk487K8RG2IQsMizCp5MwOj72-pZ9jHtFFCnWcdTKxQ8O60PvEp2jV6-G_myqsDKqKOh4H90K8_9lvxXu8FCN5tZ_VpoThnw2b9R8szuAxC9P8V800tQdWfZ-DqHCVnwlD_VeC_tm5Lh2J2kHzaWfkZvndhJRMcltu4ip6X74TC9LzfLR684c-RwsXN7_kaRREG5oIPXFC2Rhm5cR6YXQhFb1Yu1GfWLKRH121sCYuDrwVMOPqzwl2T2BxS3LWzbnE6kQBJPicU-oncrdSfUN4td9BVZLw3rW3hwgK7N0uv8Ikbd4o-u9PrSnyN59P8cELTabzv8LMJqmN6YgsNTYGOfIYtkKPA3EMvh0-OAfr52r-_0D8FM713_GMzpwM57DE8q3KvRQudurRZzpFIa6zCqWsCEyrl5WbLgBTp-MoBdiayutHAdewXZOuisBd5dfHEO3CjYi5QYoJ-MgMXPP3IGF-ncAILSxNiSVsfV0KfyI2uuRv3VwchY4maDp6QjCFMO614tMRJTf2Sw07_7t7rCZ4qJYR4TOhb2NW3BWQMwoKTGXlzBPtA0Q8BR7ZDrK0DjoqaGYTBhIDkDAPkqbyfvS9zweKbsZ1U7xr8Rh_gWKLSn1CydRiSrTy6SoVHP9alHM5aYsT0MchmGJR4cqKe8q4vZqDnydKHhGFHWPIbBCJfYgZXRktYBaGhxuoUKfY2z2Z2vszNxzPmLf6HFU8Iwy8lmv2LQuZ8l0GoN7dLIw0tJFLUXcJTSdGEv3v3IH7p4kqreVGzZOCJFmVGvE2NvPA39YBfelXFeO3qBMgM-AzVL8yZB07kZF8mXDpbxURjpXoNLODJI6EovxDwr1pgirnFW3JeFb0I3cjGQQXikN9r1TJO3tsouY2imc0i9KeRihIF93AP8jbuhxoj60HWNv2EkpR0gkHrjhX153fd3G4jCSIFZ9ylHlr4l6xH8aF73sjnayzsH26cQsbRGdibUIJK2qSBEIJgJtCKVWusFFIb8JTt0BWquVS-3GPYw69ZJDiO3S8MX4xtP6ddhA4eJTo7nt7mQC6m3R3qjB-1l-KJF4_MifQ5j9SpHSN_TBYzfvBYIxK1bmhs54YSw-6421RVSWscb_D5K2C1dCwYIQDaM-KOZICYSxUC_sciwngUxOfZrSMLuPAK4IiTp4nHR5n6WiXyEhrXx3e2brIiH2z4Kmmpyq_4hb-Whxp-gtVpjgS2xp0uYxFxDgEWJ__IFu3iFtG1At2yCQQw5AFJG2Eaiip10oU11z7Q7T0tGFwTuBulv52JVdRL62U_byyXt3FericbeAS3k6ba68ubAQ_fOasR7bxu1EtjdmXwLD-TlrpT-gApa5d3k_VXMi8wEZDleT&cid=CAQSOwBygQiDvlt_JB1QlaKHARgwqAxRn6yRryC45M93Av-97IU3w-STNWpmMjtyscktLV4Tc9kzCAdJXMNLGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=9931757394151975000&adk=3860319555&idt=39&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 21:03:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
12125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11027
x-xss-protection
0
server
cafe
etag
5492578185836041520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Jun 2023 21:03:39 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame AD7A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 07:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
578771
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 May 2024 07:39:33 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 036E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3x6KCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoErgFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdeBDed_TYZQWQ3B4SzS7BJGqHP0yFctTh8FpUTNv_1EEYERwILzeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY1OTM1MjMyMTAwMTAxNTQYAA&sigh=94ARp-oWrZI&uach_m=[UACH]&cid=CAQSKQBygQiD52YRLgyljb5VwvfgpgAyXC7sFOyxxTjcaS1KScFILFdcLWFRGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 06 Jun 2023 00:25:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 036E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j89sn2n70s4asj6yqxhtncb7rs70ac6c4806ar9c1yxt1bg2sapmp9ezpdd6y35pyxny05d18p7eppgft33z7qscd0rppgn6n83a1z052fj1rrrf11nc3dswsfm0se2rwjkpvy82gfwtkb6tqwtcah161py9teqs8bq8g6v5k4qrz19rwh1kj6jjbm1q97n9yswb5600xqfq37mz8gedttm2wvv9rxfkhpp16t2r6rrccfacr6ebwcvfdg72acebfa3r8by3nva5c43qbwb6bvn7f1kh1y55ccy5mn1nsj4mqsc02jz159bs9kn14abhbn4h8a0nkja8pxwhdk73ba706wvtakba4bxrh03xedwa72t2zbe8hfsxzxaaxycxaanrw4wng&b=ZH59CAAJJSUH_Z-UAAjVhXLKepZaAsO5nlK9_w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 06 Jun 2023 00:25:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame BB7B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1k4pasxdxbbk21k35bcspnp9szxbvb1d22ewq7zyg0e7mahk85x1c0jbjesx6rbgvp09nmcpzdvk9zhe6q8222e8j1kffjsddqa1yxnp27xqskgp4zg9pzbxv9hqty2eca68sat7b3rf0mzajrr287v79k3s42e2ej222tqa44h7z6q343ee47cqqqv8aqssqyf8jceywe6hyy3cgr1a6g2z5sjmsqz00t5409e5pc5695qamf9qf8epd3mfwrrxydk61d0zqbpjk7fxfew90z60vac3hwqc0s0ht5579h8q9tjqe32yw0kwevkj8893dt7shpxazj57pa9qh9wmr352568nayf40cp37vr2h90zd8xyt9x34c4vp9skywb8w72rh2dvxa4b8zam68f5pqa2fed7djx4etssh0xbdgwys4rdyvz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%26client%3Dca-pub-6593523210010154%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44599523c212eadb3dd1f6da161eceee9aa9d6fc71906dc7ec2b71d05fd72399
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7d2c85171a7168f2-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:44 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B456 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22233
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Jun 2023 18:15:11 GMT
etag
48472445140208031
expires
Tue, 06 Jun 2023 18:15:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
frame.html
ad4m.at/ Frame 717A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2237366
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7d2c85171a7368f2-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 00:25:44 GMT
expires
Mon, 08 May 2023 00:16:30 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Iw8qcp9dA1vYtqSFvpgdBlvWrxav30%2BYGOs8pkLrXxlaHPuTHxSjkgWTje6VEN4NJDMIwrqWIt0LTtYRhk%2Fo4VZRbGfeRfmAKnzEu6XHGStYL6cu%2FUfJnTpxnuDYiS87SA%2Fzzs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FF54 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22233
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Jun 2023 18:15:11 GMT
etag
48472445140208031
expires
Tue, 06 Jun 2023 18:15:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BE1B 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30a5a969eb05312525571f19a0ef06fb7e2a7b467b969fe9993cc499577ad75a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4724 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22233
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Jun 2023 18:15:11 GMT
etag
48472445140208031
expires
Tue, 06 Jun 2023 18:15:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9038 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7adb9c1ca1cf733b23aa6bac2b3348009075010a999669ec43cbdf82f7a6ce3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
postback
s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/ Frame 58C4 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/postback?oz_pl=1&to=3&de=2&md=1&si=&dm=300x250&di=https%3A%2F%2Fye-mek.net&ui=&pp=15222&pi=XROhqscfgR&ac=Xmwo1n97Q8&ci=948461&pd=avt&ap=&ti=&sr=GOOGLE&dt=9484611597092707615000&pv=8bdccc95-f51c-4594-9153-bfd55b000008&gt=DE&psv=2.94.1&_x=1
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE&pp=15222&ti=&pv=8bdccc95-f51c-4594-9153-bfd55b000008&to=3&de=2&md=1&si=&dm=300x250&pi=XROhqscfgR&gt=DE&ac=Xmwo1n97Q8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:44 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/ Frame B01F 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/postback?oz_pl=1&di=https%3A%2F%2Fye-mek.net&dm=300x250&pi=XROhqscfgR&ac=Xmwo1n97Q8&to=3&dt=9484611597092707615000&pd=avt&ui=&ap=&sr=GOOGLE&ti=&pv=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&md=1&si=&ci=948461&pp=15222&de=2&gt=DE&psv=2.94.1&_x=1
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE&pp=15222&ti=&pv=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&to=3&de=2&md=1&si=&dm=300x250&pi=XROhqscfgR&gt=DE&ac=Xmwo1n97Q8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:44 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8DD8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22233
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Jun 2023 18:15:11 GMT
etag
48472445140208031
expires
Tue, 06 Jun 2023 18:15:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame AD7A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b14e60ceb6b4ed93aba510369a7161b77daff472e5b215059c9ed4775e757133

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame BB7B 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k4pasxdxbbk21k35bcspnp9szxbvb1d22ewq7zyg0e7mahk85x1c0jbjesx6rbgvp09nmcpzdvk9zhe6q8222e8j1kffjsddqa1yxnp27xqskgp4zg9pzbxv9hqty2eca68sat7b3rf0mzajrr287v79k3s42e2ej222tqa44h7z6q343ee47cqqqv8aqssqyf8jceywe6hyy3cgr1a6g2z5sjmsqz00t5409e5pc5695qamf9qf8epd3mfwrrxydk61d0zqbpjk7fxfew90z60vac3hwqc0s0ht5579h8q9tjqe32yw0kwevkj8893dt7shpxazj57pa9qh9wmr352568nayf40cp37vr2h90zd8xyt9x34c4vp9skywb8w72rh2dvxa4b8zam68f5pqa2fed7djx4etssh0xbdgwys4rdyvz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1k4pasxdxbbk21k35bcspnp9szxbvb1d22ewq7zyg0e7mahk85x1c0jbjesx6rbgvp09nmcpzdvk9zhe6q8222e8j1kffjsddqa1yxnp27xqskgp4zg9pzbxv9hqty2eca68sat7b3rf0mzajrr287v79k3s42e2ej222tqa44h7z6q343ee47cqqqv8aqssqyf8jceywe6hyy3cgr1a6g2z5sjmsqz00t5409e5pc5695qamf9qf8epd3mfwrrxydk61d0zqbpjk7fxfew90z60vac3hwqc0s0ht5579h8q9tjqe32yw0kwevkj8893dt7shpxazj57pa9qh9wmr352568nayf40cp37vr2h90zd8xyt9x34c4vp9skywb8w72rh2dvxa4b8zam68f5pqa2fed7djx4etssh0xbdgwys4rdyvz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%26client%3Dca-pub-6593523210010154%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
980796
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2Bq42%2B%2Fgn7oX26JPpf3C%2BHoY76AyfwcsBWVqvQSqcvpd0RYvx4L6iVOetnZ9j7FrBj06YN%2BWholcFSV%2FwS7y3mdlKaBO9FUBltcfr4NJcmsAIfHCzEjesY%2FKef9IjKaCa7j54Gx6EjM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7d2c85183b0568f2-FRA
expires
Tue, 06 Jun 2023 01:25:45 GMT
r62eglto.js
ad4m.at/ Frame BB7B 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k4pasxdxbbk21k35bcspnp9szxbvb1d22ewq7zyg0e7mahk85x1c0jbjesx6rbgvp09nmcpzdvk9zhe6q8222e8j1kffjsddqa1yxnp27xqskgp4zg9pzbxv9hqty2eca68sat7b3rf0mzajrr287v79k3s42e2ej222tqa44h7z6q343ee47cqqqv8aqssqyf8jceywe6hyy3cgr1a6g2z5sjmsqz00t5409e5pc5695qamf9qf8epd3mfwrrxydk61d0zqbpjk7fxfew90z60vac3hwqc0s0ht5579h8q9tjqe32yw0kwevkj8893dt7shpxazj57pa9qh9wmr352568nayf40cp37vr2h90zd8xyt9x34c4vp9skywb8w72rh2dvxa4b8zam68f5pqa2fed7djx4etssh0xbdgwys4rdyvz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
556789
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khplFyQPDL75LJKHJtQ1wJJYAz%2FhDdytIgsZ%2B2e%2F6Az3MPmH8DcaKNZPYqcCMczoj8xiMipLreWxSUPSC%2FBdhw23ALdwY8IeI6a495RDwlX2%2FjOv8LHNPsVv9Iv%2FHUi2V5xD6BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7d2c85183b0668f2-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 23 May 2023 13:46:09 GMT
postback
s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/ Frame 58C4 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/postback?to=3&de=2&md=1&si=&dm=300x250&di=https%3A%2F%2Fye-mek.net&ui=&pp=15222&pi=XROhqscfgR&ac=Xmwo1n97Q8&ci=948461&pd=avt&ap=&ti=&sr=GOOGLE&dt=9484611597092707615000&pv=8bdccc95-f51c-4594-9153-bfd55b000008&gt=DE&sid=Ags7q0AAEPMQ79Z7&oz_sc=0fec102ff08f6eada88a6fc3&oz_df=1686011144921&oz_l=237&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:44 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/ Frame B01F 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/postback?di=https%3A%2F%2Fye-mek.net&dm=300x250&pi=XROhqscfgR&ac=Xmwo1n97Q8&to=3&dt=9484611597092707615000&pd=avt&ui=&ap=&sr=GOOGLE&ti=&pv=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&md=1&si=&ci=948461&pp=15222&de=2&gt=DE&sid=Ags7qz8HEPM2Juh9&oz_sc=f40f1dda7b495af10c3414b5&oz_df=1686011144944&oz_l=237&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:44 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
pixel
cm.g.doubleclick.net/ Frame 4341
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOsGYw58c_BqbO2s0a3GWnI&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0x6dHlDVkIxUTZrdzg1&google_gid=CAESEOsGYw58c_BqbO2s0a3GWnI&google_cver=1&google_push=ATf1kGOkgb4k3AWkDQjDG89r1QxoWZiXUNhJFjXtS8b0I2V...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0x6dHlDVkIxUTZrdzg1&google_gid=CAESEOsGYw58c_BqbO2s0a3GWnI&google_cver=1&google_push=ATf1kGOkgb4k3AWkDQjDG89r1QxoWZiXUNhJFjXtS8b0I2Vi1FBNJWLsPumNu9C-izT3rnTB6QeTeOM8dQKqzlDoN0p3dkh3uohX7g
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 00:25:44 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0x6dHlDVkIxUTZrdzg1&google_gid=CAESEOsGYw58c_BqbO2s0a3GWnI&google_cver=1&google_push=ATf1kGOkgb4k3AWkDQjDG89r1QxoWZiXUNhJFjXtS8b0I2Vi1FBNJWLsPumNu9C-izT3rnTB6QeTeOM8dQKqzlDoN0p3dkh3uohX7g
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4341
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEO4S9IqVxAUFVyp2Rmod5Ek&google_push=ATf1kGMt_0HYyGDrU2KwfI6s9vYmICJ81gvLMC0iziOzMhyFCU2lPnp5sw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEO4S9IqVxAUFVyp2Rmod5Ek&google_push=ATf1kGMt_0HYyGDrU2KwfI6s9vYmICJ81gvLMC0iziOzMhyFCU2lPnp5sw_sXHM1uhNV-yN_rbybWBdOfEDCwem9XooeaSzS5t75bg
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230135-FRA
pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1686011145.061856,VS0,VE94
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEO4S9IqVxAUFVyp2Rmod5Ek&google_push=ATf1kGMt_0HYyGDrU2KwfI6s9vYmICJ81gvLMC0iziOzMhyFCU2lPnp5sw_sXHM1uhNV-yN_rbybWBdOfEDCwem9XooeaSzS5t75bg
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame 4341 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJvz1lTIXMnXa98cEm3ZhFU&google_cver=1&google_push=ATf1kGN_nJ2eromloiY2WSA7T_E64k6YFPxMiaZMH08Sb7Nka55lwRX5WnSeN9NW2rzN4ZSdKoeAQXpVTwBpqqDmERGisNqLgrSl9Q
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 4341
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELyoJYm-cpQa6YcLHoiP0d4&google_cver=1&google_push=ATf1kGO6sZo_wZ6JFnxOvrYuJR9Ncf2H_2ljhEQ-XDhZzdGSL-SORDeM_UIMG-avGhryb2iy_ogySKecWoXs1o...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MTM2MjcyODQ2NzgyMjc0Nw%3D%3D&google_push=ATf1kGO6sZo_wZ6JFnxOvrYuJR9Ncf2H_2ljhEQ-XDhZzdGSL-SORDeM_UIMG-avGhryb2iy_ogySKecWoXs1oqQ0U...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MTM2MjcyODQ2NzgyMjc0Nw%3D%3D&google_push=ATf1kGO6sZo_wZ6JFnxOvrYuJR9Ncf2H_2ljhEQ-XDhZzdGSL-SORDeM_UIMG-avGhryb2iy_ogySKecWoXs1oqQ0UD8SD_9LGcNPA
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0MTM2MjcyODQ2NzgyMjc0Nw%3D%3D&google_push=ATf1kGO6sZo_wZ6JFnxOvrYuJR9Ncf2H_2ljhEQ-XDhZzdGSL-SORDeM_UIMG-avGhryb2iy_ogySKecWoXs1oqQ0UD8SD_9LGcNPA
Date
Tue, 06 Jun 2023 00:25:45 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 4341
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFhzBK4-nlnVqspKxbmCBHA&google_cver=1&google_push=ATf1kGMa_1uU0vMgt7wJPUC-lZ93oOhDxSVacisDxQrK4QHdCAsKQhSHTqVBDwUTwHQT3YDaAEiQuzO6r1xLkbr8...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMa_1uU0vMgt7wJPUC-lZ93oOhDxSVacisDxQrK4QHdCAsKQhSHTqVBDwUTwHQT3YDaAEiQuzO6r1xLkbr8YQcePQJomqWo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMa_1uU0vMgt7wJPUC-lZ93oOhDxSVacisDxQrK4QHdCAsKQhSHTqVBDwUTwHQT3YDaAEiQuzO6r1xLkbr8YQcePQJomqWo
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 06 Jun 2023 00:25:45 GMT
via
1.1 47b2ce4c0cbd550c326fba9b552b2176.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMa_1uU0vMgt7wJPUC-lZ93oOhDxSVacisDxQrK4QHdCAsKQhSHTqVBDwUTwHQT3YDaAEiQuzO6r1xLkbr8YQcePQJomqWo
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
LmE40HHGSoQ0PRENTu1tp-LZl01v2X75hWMSkBfEa8_IrV2bdnsZyQ==
pixel
cm.g.doubleclick.net/ Frame 4341
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAqUAIdJh1j-I1_qN8fFW8k&google_cver=1&google_push=ATf1kGPpXvR9Plx-MaMmWEUbmrjHjepTS9KiGEqrGwM4b_RXuQsmiM-vjFTLCMcTA0HzqLcNoEi7-5pOdhtH...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPpXvR9Plx-MaMmWEUbmrjHjepTS9KiGEqrGwM4b_RXuQsmiM-vjFTLCMcTA0HzqLcNoEi7-5pOdhtHh3oBH5FkclOWyzft
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPpXvR9Plx-MaMmWEUbmrjHjepTS9KiGEqrGwM4b_RXuQsmiM-vjFTLCMcTA0HzqLcNoEi7-5pOdhtHh3oBH5FkclOWyzft
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPpXvR9Plx-MaMmWEUbmrjHjepTS9KiGEqrGwM4b_RXuQsmiM-vjFTLCMcTA0HzqLcNoEi7-5pOdhtHh3oBH5FkclOWyzft
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync.smartadserver.com/api/ Frame 4341 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEQexQDkBRxXGgswiLb0dVM&google_cver=1&google_push=ATf1kGNHGDpHV0ZwMcYSDqifhDx_o4yF5W3OcTnDrle2BVCRMLsDiD7sBInLF33wjmdJtrGA0FtyryP2nvo94stsi_fXBWYf1oFl9A
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:44 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4341 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JeVbXa9I_GBmeJTDtcNYklG6r3MGFEEdL4toTTotK3PNenApS4WtIZLtIZhWxcZqu6sc5C
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/9170381621892120779/ Frame 347D 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=Jh16DUuzep&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691257cf7d510da3434f5eedca2b2e0137949c698e3750c7705526a1ee75684c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2744
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:45 GMT
expires
Wed, 05 Jun 2024 00:25:45 GMT
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame CEF4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWzihgB5uuaTVdStpxdgZCwLC07JTsmqVhi7Wd77r4Zqyr0Str9DBk04XH98n5U0CTPfY9vX0NlgzczE9LuSpqktHq3ZRiheXofx1Rh--iA4ym7rf-_W5BKAAMXX2qrWT5PjT0JNONQXu67l9tS6CT1BtPlnF48gD_BnUnOUs8QNZxKp72ALcdQumVui00tFN6i6N9pfZFKF2xJ6CLzC59LwdUCBtJrvPaG7InPs2sNfJ0OxygztlHyzQ-UmUrzgf2-Ps5NMlPztw2U5FR4CtQOSWb30jRYMt8avZN9WCBRm82Ob5SZWTUl99uCi_sZZVugQvcrzQ_nyohcwJ7wtF_9ttUOvqFl2lXI5Y_l-miOVJRnOWPoFEqGwo_yJ-TyhQLZdJusYx4GB-obIeYI65bqHuyVqjfRjS2-HiV4Nw6FGe7KdwnuYwuxL7L7NQj8v9Jpw7wCvBL8YdlkEdYUpQN2ezQiDUcURyBsCxPptYWOXT0ucQ1VtcSC1_UUtjModdV850YstuTGQ9b5O6XhN62wGekSVQ1xNqDCnlTCqEQrI-we8ARZydTquU6uwuF2JuNd-k7hEd0U9kgkJp-7qKSyTC9qfvCVgHkv3TKXWu-AnVr58YOzRi42Wjmn8dFeunuxAOb20Ety2IOMtHgwDaDij0VOrrVmlYiZl4BmNmZKC9REI5N6hl3IhQoVtEcg-8hr1HPNLiNI3c8i8kUBqH0u8EyUslvdDYJ1Mgm2y-IYMNU_LesAuhW9j81BsZ9QiKjFYTviwYEm3nord2t_i0ni8dub3kGHakUtycdgcLqaOwcbcheTl5C9SjJkRNqgSym16j_dJ3DgZYHZeQ-fNVToWp9MEzepR4wI6SYmU0bAKDvws_5Am3DB2kzdCq6DGsRJtM-s161qTPfMCFf2uUJo9lH7VX9h6KDy8GK8PYjqo0druaEsibmaA7XiV5cRK6EuzU1v9JEYt6Znw_JIMqUSvC3Bc3C6QI3_OxpCnzsSGP1odoOtfarhCwN1omx7JiLAq1abBxQEZ36QOCckqcilkhpy-DO7oM6nXCw2Ny2P-7tG430d4mHHOTmpZm6Df3ynWIq0uw7zOArs3m57DqylS3hwVbTnA85Ic9_VXIxVR1k0dcs6A5xfNp0UWSbxIoeSeIytPCdEggsLrH06CpYIBZf6uMm-LL0DBxcGdXjFLr1NQ_yjqVDbZfgg-0eG7J36L4EGZAOeiGO5Mt90f1gSxbHXaAnK4wu-Wglq1K_UwUux5JGzeMzF8Er_v-40rWI1Lg2gOz0MfrWTY472HjBOA&sai=AMfl-YRMVvsXzmu2oTRtXavhRbzApI8fDqgOE6NOlrPhOWuaS60990H7FItQa0GZcA8yWyALezdaZvKhuLfRHOgXJXfSON0U2CjCTvySwXYn38yuXK-qhR0tyVZRG4mQ25oXo4St9R9iG7VREpe654keqW4XRtjuA6lTKjo--Kj3WiHZDqE3sfHlKfPg1qHYNgypBru7XM3bQWB4zH8Hx6MY6nm7gOQbiLN-k2FkUZTGYTXKmll607agaMlRFrcW2WRv8GfSJtKgA0IuxiIYQnMnpTsNDv7beQ&sig=Cg0ArKJSzNvZLZdRq5TQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=354&cbvp=1&cstd=344&cisv=r20230531.83912&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 06 Jun 2023 00:25:45 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:45 GMT
300x250.html
s0.2mdn.net/sadbundle/11065803848835661824/ Frame 6550 		47 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=zAegWTeLAt&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:45 GMT
expires
Wed, 05 Jun 2024 00:25:45 GMT
last-modified
Wed, 15 Feb 2023 15:30:17 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame BE1B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstxPQBYPv7HhT04shCEp0UwD4NS7uEPB0Z_4uD8uX9eDnOYP5RbaBNDCfExMkiyfxhPkBFVzWMesNV1TU5kkM9VY6xyz5xBq4UvwVeJasuXvperWGIhgXSBYt1mW6USckNyQjmmrefMBi9085nABYTIHEGZO0gqrBae_MQbJoZf181Y96G5ZajcLofGqJQKCKa2goYsiat-oivV9KVI6IBxQs1sDdVn9eukrW44SfTHMdKEKphbQzuVRh_Q9Y-kJFvrJjGhK_dpURRTa8JGKe6_YGX9nRe2iO8NWRbpyCUc0gufMgKRKeZyKWOUnUtrOCXdjhQrM9SMRyLX-7yfphjgIF2unhHfR02B_lJRInYElFf1TlFSKg5FpeRH9HVdmOUNeqnKeCuHlUQZ6ZN-KemHiarhJ6JSCHg_TFJCqvnoLbrTorSmcl-mgFmehChnvCr1HXtq55EaEwwfTLxY8kT5WJwjGMUgNLFDz-ai-AWMA7EPbW7Cz8QZZKogGKbASlOeUMVZkbTv3J85LiWneOhrNEElGvcHJnS5GgWdHsXauELhSmfi-RzJGCB7xtPFeMx2LBVoP7VLKXBGTdxUXklZG5gEXBN_fWAJIZD9oHuSomhSZnoIpLw8eyb5nQaSvB-QffmnPJ3cSwt3BW3ICO-rYuK5f00htgJKkuBPVIrix3UUZTghBwoAyjQ-m0ouyY0UCnL2n1MLJ7ePO79iBbbt6Aet2vXqyhqFOb6XZbryLrymm-Vy2KRnDyYocU4GIOeJblBYfK26zuMIzBISIWNPUS7bGGI-_afp3V9b8E7ejekOmbv1ZVPrBHPGFCSyura96jb7mWqqLuf-B1joVmIM3MlFH6bhhlH0zqxS9iiOMBbIBZ9CYQig1-ChZjo_LpTZ_nifHwHO7oYo6edl_SapzigGyWhPjQOfCG6RBzUzp_LiyQckKxthTMkXXV8a94EX7J7trgUoMnk0vdPV7QSaluIA9T8tEAAwTxnqJRCiIiomm9mqyxE7emm1IdR-pM9kILjvcFRJZ4YLXakbfPP26kSIBzVUaekQj4ksAbVZerE3IVZ6LH7pqym2qqiX8v-TpoZFdlmzfJtncS3ZbP0VDjnK-D6vQLXzHQICQJuLsRtka1rArkNIYlThnQx4wdGssvNOMXr87FfZXLokorsv4GWvhR5l5ox5DNaLg-jhIeq6dZ_UARRWL_x27tUitdV5RoOkpgLE2fQMczWkNJftWkNJFd8ZyGyz_fubWJDYRIpa97yZzS3VnqKBa_YbZvEMgmPi4h12aWEPmODGY__osRMaVLdIcr6nndt2IwKU4TrYuA1pMkQMKppT3CfGnWhaf1hjXQ&sai=AMfl-YQOCtOUZvOxSqMvVyckbXx-4OhrK0REwycvvU5shddzwtAO-w7zTA0KOH90rukzhaNtbK3wZ2MJN1ksmsBm85cb4sCJJFCblf-sHxHurypKIfrAxFWyOyTfodyPtl2cC_nrpTLgrdbD9IbOZqPOnsW6cXXaLAr880jovlCrHMnpV5DYYSNtDQ9dB1_H58WvDQKc7O5xI7B0IvGacpSCg7rJ1xhTgpxPZPy5cCzVi2sa-w1aan1bnPLns_roXluIcPovKN3DtYtXH35pVkNL8r0nSD6x&sig=Cg0ArKJSzFuiS8mYX45AEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=316&cbvp=1&cstd=309&cisv=r20230531.53324&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 06 Jun 2023 00:25:45 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:45 GMT
index.html
s0.2mdn.net/sadbundle/7493198391404092334/ Frame 4D96 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=y252AtZlG8&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c6d900511c502a6d0b97a298ecab07040eb48a8756ec785beddb35006825f0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2701
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:45 GMT
expires
Wed, 05 Jun 2024 00:25:45 GMT
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9038 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuc67hE8eSZEjD_KyuTOFfUEwzXTeLz5In2ngJ0uBg-Fmc1HMAsGCtYQwtMxD1UqC899BbKLf5mKiknuYuVwx9WOH3hv8vKi3Bf_aYIg3qTsGXevDKZ3A8mxXVT9147YrK4jCUf4qcNpKnHTauvUQhEWX0PgQVA5E6Cb4siPd7z7Nv0vvg6OFDe-6JQ1-w3u5nRpLKZHTx67IHXcce_vA7h57QfbYghRsnAjwB3BXpy4rCG1LT2btfV4Ycpn8NwcDD8cljBW29SjCi6DPrg9Knt-HgvSfjZTlfhyk5UfVKpuOGg4fgJfDjexkK32xZSK1Gtc0wucAiergXv9kWmo1S6pfjZ5-0nfrFpTTBAFWUV-pC675yjWx9s0SHoiZ-Oz1Fm4FyuK_YajLXmtcMIBWBC38KvHMPTMSIKmuhW7LT8wZBcDJilC0EhrmkFflEmCJ9cq255IPhdgxVRO-XrX35RAWESjK_j_ehPhFUTwmxg-6sIwL2_BbvmF3NG-_fOMLBjcdsE88TiYyWQSSC_V2P62toRHHCozkG3whTlPANzojqObh4BY4_aP3Qp2s8DgVO75VGdDAEXAXg0PGQLBMN_Mlf-D0ekXFtghnJiVIpHZDoAPTsDI7VjyfzQGaKUVpUeQp-pUUYy7bbk7YoHIibxLGm-P4A6ue4OhcepAyGQSQTcqFiJEmvTX6BwLGeEWVdRsZbKqbPkMtw8lRA3JruWtpDgPihS3_MCazUVbBvwk9Fh9dpMtgjG-9H2EM92325adFsEqkqvRAOZSyr9iHps9jPrEFXj3-Dqz7H6wOK6sDKtIs62CKNCxKqXl_gWqifWa8VWdTA3jJxYDzZakUOhmz3cgFpzxw27qpssY6DOuGWci0KO0Zi0PAl9XzX6vP74dBVxBl014aqF_2j1B5jaWp863uWPzQOMtVOlOi9fo_Xyyl6XxPwrkvtVaKrEzY10LL3avT-Dd-_tLgEDDxZNIQL0QAWQJOgSdtJDuEBAni0WSYhhsE7LFGqrXARVkjH9vOFxGZY_u5JX9uYvCAaszgcpspoSfB3XZfdufkGuFC-aB05zEG6Na7U-VpUvc7vmKmS72rLrHc5lZAtAkkdckMDT06nHcyTB2-HrauOKpm2Uhbrn1oMUK_M9yiIMgZuzvW4UAI6AhPXLZqTOJFXy6XcIfFfE0Vv6ildNV9LP4aoRGAZLCeinI7WXhF_Caqu6g6mi3nX1cAmQHVi5pYm9E7_Ba4t1EYZrjzQpLPZYOdYp0B6k8Xp69KMtBrna2v5pHVcmbHVgaoIknYD85HeCjN8u&sai=AMfl-YSGe4No1_Futei-5jzINRGpS8CkhAQcbC8w_ei-ziXY6PmsyxEcrTx9oydAcL0JEnygBUA2VLKAHl1sdOfDaKgwt0N5HGOV2iuOM0Sx97_06A_oyLo1ZWuPn3VT7VEBeiFofE-TwlIt5ObAUrL5JdyGIqHX68e7Ne9-3Gz3tYH_6WAQnIuf_uU0bul1R935lM1DIy09xZluo4TgQ3IUqV4CcoVJ3UipCwqPvjYX4iQKDYjLswvG9IR_EMQE31QErB6hfMsPEoi9PCvnRndmamkmiuq0_w&sig=Cg0ArKJSzDlSFQGKvFnvEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=316&cbvp=1&cstd=309&cisv=r20230531.55282&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 06 Jun 2023 00:25:45 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:45 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ Frame 371C 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Jun 2023 00:25:45 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 127A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
243182
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Jun 2023 04:52:43 GMT
expires
Sun, 02 Jun 2024 04:52:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/7493198391404092334/ Frame CB2F 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=Wmdgo3dw3L&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c6d900511c502a6d0b97a298ecab07040eb48a8756ec785beddb35006825f0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2701
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:45 GMT
expires
Wed, 05 Jun 2024 00:25:45 GMT
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame AD7A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNwiBM9CMZbpI6pQ7cufhqQ5PIlNzypSbK1i8HddpgaVbM9XaMZEWVkJUPm6YIAREnmHax_I2x8FL2MKV72W9w4CEh0YvncuXvYYxrrq9R7_gElC0s6BADdnxVheIC2m6VUQubArH6z_UCnAlqgCehnX8ya2SYa-h6_GfNNt2uiYkEDe2uMMjpLaEX0hWvZZq0tGjZJKJ877DgZOXlrhDFCwpEkfCELwc4aELV16TxABTS3taXlj2M4TPwM_aCPVJXaXksOXacQvxybuAjaUwkssM5vRY7KSo7_pqDQYpY8I9RluI9-ATRrW3FICWVwqTA2TAmbN_CKPAL_rawXW_Fmrogs20Jg-dM7s9iA7se0lNKYtUNh2AJ3GNbQkWoB5d_YZYR5YcBoSsSO8GQMGC1799L_6OsfPw8E6gEOtmV5x0jhyberH7sONi3XBXrtyDbtM_4YpyVNxXv_ZGXO6BUkCpCBRitk42A_5ACcS9nB_kzhM5IkGMnjLYI5O_Tw7CBZV3X79_zFM9I4Jla11r61jsnsPDs1jbSJAqerjAzio1FUbePJjVzVgAg-dEYVsL_UOQEWuX-b74WRYU3OMlhpZuxYseglO7cQu0oVd8cjKUOLo1jOrLxaB48FC9vx24lsyvUKNHHafGtA_4w9eZqnw3AEV2iOsoMnxSstGgUYjITpHSAMuxksN0E6qMjbEZBT9EccIIlNCIWp10R7Wy5pxKVvUgNhsLbN7gm9hwIw5k1j0ZfRKpGRfJ04WM1hpWpDT_JfAWUgUGDL0Epw4s3gW0Z8gOpJQA-g9qQTg-NaMB_4unzkylBPtZ1WC-IgkxR9HPc7XBo51dfypoSxuEQmLv3PC789anBh9aLThlkaJRJ0DZ3kW98N6L9uhVmgkryw4yY1af3afkZb6lLe00ZVGUc0skSUoPcDWTTFTzeVkhBrtkkkFwyF3YUouiIbg-cqzjKywWdhozwdpWlt_ER0NbwuUlQMCJ8e6NFhH1amRqDjS5mlOhljczdXlTszMGFtaJZUHZvY2H8gw1avwuN1q7yn1ZBKgRVvaQXviVczU2ImtWF65Jz0l_E4DcGBNmA5rTCtH8y-Kz6NOyelDRIOKje6FOz3Q8fLsxRM8KcmgYQOG_AI9gTgyPe7kPhX6QmSvzwLfZkRj-uyXSYdT96Bf4Rq2BGd-8ikPiqQRpiYhTyc5kSCHgKReeSOieJ_jG-10rsHtQz7-exohwRHs-jgmQIvIek-JK_pGn40lglxnkO4Ke0PZKG3-_2Ry18F1N3sambi_gFtEwqiVKCiwhBgQbo&sai=AMfl-YTFvyTCjOfYpRvWVYdMQsMn07Ag4q7xUGSFm7VXJcZQyxkr_WG6ijAPE1mwSDFofjbA8Y-naz60pNPHonmO6EU7vtNY3E8qZGuL3gCvDDRZx5TYRhWjGTKa9KGToxBct6Hlo-RSOflMQrXQ-id08n7-IbmKrVIPQWReXnNg4j7-YerVbLca9tSYfHje0DyAJJD0o1SGcFpbPaFN35WZjcsR75U4_azkeVuag8XcseGyTrCzZ9ZxPT6s5pQOEy0J6msl_mzdHhN_aRj0ageTCeljT-BgFQ&sig=Cg0ArKJSzE28T2qDQ0PeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=355&cbvp=1&cstd=346&cisv=r20230531.96054&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 06 Jun 2023 00:25:45 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 06 Jun 2023 00:25:45 GMT
pixel
cm.g.doubleclick.net/ Frame B456
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOcKcIUq9wt6tvrsHpAtdU4&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0x6dHlDVkIxUTZrdzg1&google_gid=CAESEOcKcIUq9wt6tvrsHpAtdU4&google_cver=1&google_push=ATf1kGMWq7BjOccKk-X409itQZZk3iG7tTmv1R2pWShHi4T...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0x6dHlDVkIxUTZrdzg1&google_gid=CAESEOcKcIUq9wt6tvrsHpAtdU4&google_cver=1&google_push=ATf1kGMWq7BjOccKk-X409itQZZk3iG7tTmv1R2pWShHi4TVgnD9KcPL8MPi-qChtu9twJ1NmOEfDIWM71kY29VtP1vlrUfBHGMVeo4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 00:25:44 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-085c90e762a864cb4@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0x6dHlDVkIxUTZrdzg1&google_gid=CAESEOcKcIUq9wt6tvrsHpAtdU4&google_cver=1&google_push=ATf1kGMWq7BjOccKk-X409itQZZk3iG7tTmv1R2pWShHi4TVgnD9KcPL8MPi-qChtu9twJ1NmOEfDIWM71kY29VtP1vlrUfBHGMVeo4
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B456
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOp03QgHsme8skPCitUXMTs&google_cver=1&google_push=ATf1kGOzlqCSwWVlYlPfk1XbntVNW3jFXcUPleSzd57HP8lUl76JQqovVgN1xoYL-Vw_fkXwBqBCeulVMyQGD7m7...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=7k9kfn0IRwGASPRYXPuJ6Q&google_push=ATf1kGOzlqCSwWVlYlPfk1XbntVNW3jFXcUPleSzd57HP8lUl76JQqovVgN1xoYL-Vw_fkXwBqBCeulVMyQGD7m7Sj6UDzDA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=7k9kfn0IRwGASPRYXPuJ6Q&google_push=ATf1kGOzlqCSwWVlYlPfk1XbntVNW3jFXcUPleSzd57HP8lUl76JQqovVgN1xoYL-Vw_fkXwBqBCeulVMyQGD7m7Sj6UDzDAICzdNw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 06 Jun 2023 00:25:45 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x14 config_version:"2391"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=7k9kfn0IRwGASPRYXPuJ6Q&google_push=ATf1kGOzlqCSwWVlYlPfk1XbntVNW3jFXcUPleSzd57HP8lUl76JQqovVgN1xoYL-Vw_fkXwBqBCeulVMyQGD7m7Sj6UDzDAICzdNw
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 06 Jun 2023 00:25:44 GMT
i.match
a.tribalfusion.com/ Frame B456 		43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEGJpnzI64NA6ZcpvgHhqCXI&google_cver=1&google_push=ATf1kGORvDF9hBJUHOW_bPJRIe1BjwHowmE8EKB-xhATTqaMto1yyiY8uV-Y8ObQ4SOGE8hcfe6xGiNmb4rpuv2kXO6gTdxeICHF4j4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGORvDF9hBJUHOW_bPJRIe1BjwHowmE8EKB-xhATTqaMto1yyiY8uV-Y8ObQ4SOGE8hcfe6xGiNmb4rpuv2kXO6gTdxeICHF4j4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7d2c8519481619a9-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B456
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEO3_lm6Xd5ovmLlJjivJZow&google_push=ATf1kGOUUWL6OwgY7SpD8jXy5g2xiQefakgVLvP1XjxnqbvFFGSvxnizqU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEO3_lm6Xd5ovmLlJjivJZow&google_push=ATf1kGOUUWL6OwgY7SpD8jXy5g2xiQefakgVLvP1XjxnqbvFFGSvxnizqU9vVImNXaILMl95GFFnonikcywFxXOoN-13wbQGjnRXRw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230135-FRA
pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1686011145.161345,VS0,VE93
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEO3_lm6Xd5ovmLlJjivJZow&google_push=ATf1kGOUUWL6OwgY7SpD8jXy5g2xiQefakgVLvP1XjxnqbvFFGSvxnizqU9vVImNXaILMl95GFFnonikcywFxXOoN-13wbQGjnRXRw
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame B456
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJInDi2rf8vuuyE-HKq40fI&google_cver=1&google_push=ATf1kGPHRfPVsWiiLSceao2OizIutH1apoxafZvaKVQuR3cuWj_SZcIqAxIc3ItOCwsUVAQCw-ZXUMe1...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJInDi2rf8vuuyE-HKq40fI&google_cver=1&google_push=ATf1kGPHRfPVsWiiLSceao2OizIutH1apoxafZvaKVQuR3cuWj_SZcIqAxIc3ItOCwsUVAQCw-Z...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM4MjE3MjI3MDk0NDg0NzMzMg&google_push=ATf1kGPHRfPVsWiiLSceao2OizIutH1apoxafZvaKVQuR3cuWj_SZcIqAxIc3ItOCwsUVAQCw-ZXUM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM4MjE3MjI3MDk0NDg0NzMzMg&google_push=ATf1kGPHRfPVsWiiLSceao2OizIutH1apoxafZvaKVQuR3cuWj_SZcIqAxIc3ItOCwsUVAQCw-ZXUMe1zkrdJEoG6H3ugpoKEvoJLO4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM4MjE3MjI3MDk0NDg0NzMzMg&google_push=ATf1kGPHRfPVsWiiLSceao2OizIutH1apoxafZvaKVQuR3cuWj_SZcIqAxIc3ItOCwsUVAQCw-ZXUMe1zkrdJEoG6H3ugpoKEvoJLO4
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usersync.aspx
dis.criteo.com/dis/ Frame B456 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEMlkYkLb_qJejOYENvlbRjo&google_cver=1&google_push=ATf1kGMfYO8teq8cMGgjuS4Mhu7WGoK-Ttgsc0uw_roxQyQatosRPzSWDcR70nSyW8wFJ7knTYlf1pTlcpLJ44Ob1DMVhjbG11qIWdY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:44 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
262201
expires
Tue, 06 Jun 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B456
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJAaTww4xBE-xcIFHU9m7TA&google_cver=1&google_push=ATf1kGPFIMzbb7ddWRpMPbLoAKXnY9RfC9xpQilJIsx1atCNFmQ8VSl2c28EyciUCiCTKcWZyyNDoqBmKCBk...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPFIMzbb7ddWRpMPbLoAKXnY9RfC9xpQilJIsx1atCNFmQ8VSl2c28EyciUCiCTKcWZyyNDoqBmKCBkREGfEkW6IVdDGlGJJA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPFIMzbb7ddWRpMPbLoAKXnY9RfC9xpQilJIsx1atCNFmQ8VSl2c28EyciUCiCTKcWZyyNDoqBmKCBkREGfEkW6IVdDGlGJJA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPFIMzbb7ddWRpMPbLoAKXnY9RfC9xpQilJIsx1atCNFmQ8VSl2c28EyciUCiCTKcWZyyNDoqBmKCBkREGfEkW6IVdDGlGJJA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame B456 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LwSZ3p9wPfjH0M7IhyLqMcQJipOiAvhOc7pdIzzM3eUNuSaaSw6a-w6NZ8QgnfHZt-D14W
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011144151&bpp=2&bdt=289&idt=426&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=801930230126&frm=8&ife=1&pv=1&ga_vid=793927812.1686011144&ga_sid=1686011144&ga_hid=674110229&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=4166631501&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074995%2C42531705%2C44788441&oid=2&pvsid=640156709028305&tmod=1433333009&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8h38g7bkpof3&fsb=1&dtd=431
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
styles.css
s0.2mdn.net/sadbundle/9170381621892120779/css/ Frame 347D 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=Jh16DUuzep&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
101470fcde40e5ad29c691a0cc4276b7e311972a8e02a684f19db29fd4698645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=Jh16DUuzep&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 10:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221213
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1483
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Jun 2024 10:58:52 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 347D 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=Jh16DUuzep&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=Jh16DUuzep&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61619
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 07:18:46 GMT
overlay.png
s0.2mdn.net/sadbundle/9170381621892120779/img/ Frame 347D 		95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/img/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=Jh16DUuzep&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=Jh16DUuzep&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 08:27:51 GMT
x-content-type-options
nosniff
age
403074
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 31 May 2024 08:27:51 GMT
logo.svg
s0.2mdn.net/sadbundle/9170381621892120779/img/ Frame 347D 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/img/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=Jh16DUuzep&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=Jh16DUuzep&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 08:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
403074
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2563
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 31 May 2024 08:27:51 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 347D 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=Jh16DUuzep&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=Jh16DUuzep&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 00:25:45 GMT
i.match
a.tribalfusion.com/ Frame FF54 		43 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEGJpnzI64NA6ZcpvgHhqCXI&google_cver=1&google_push=ATf1kGN_9b0jx3__hC83DqU0GGJnjNeymJa4C7MijN35ztn286xCTceDn3J6z_3jipMkPmUH0-205cPuWA6oV7Mwgb8JgKoO2KYb&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGN_9b0jx3__hC83DqU0GGJnjNeymJa4C7MijN35ztn286xCTceDn3J6z_3jipMkPmUH0-205cPuWA6oV7Mwgb8JgKoO2KYb%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7d2c851969b9372c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FF54
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOqjFa5I0evgq1XOPzI-q1s&google_cver=1&google_push=ATf1kGOvH1QKxTyGya86efXBMy9M-X4cUsCgzy1zuqrfgAh3HISL5Wnnow03XmRVgfVmI7YgU7O0SfbKA6XJ9e...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ATf1kGOvH1QKxTyGya86efXBMy9M-X4cUsCgzy1zuqrfgAh3HISL5Wnnow03XmRVgfVmI7YgU7O0SfbKA6XJ9er8gTugW4vjz56K&google_hm=hmR-fQgX7sSJKbkRi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ATf1kGOvH1QKxTyGya86efXBMy9M-X4cUsCgzy1zuqrfgAh3HISL5Wnnow03XmRVgfVmI7YgU7O0SfbKA6XJ9er8gTugW4vjz56K&google_hm=hmR-fQgX7sSJKbkRiA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D647E7D0817EEC48929B91188BLIS
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ATf1kGOvH1QKxTyGya86efXBMy9M-X4cUsCgzy1zuqrfgAh3HISL5Wnnow03XmRVgfVmI7YgU7O0SfbKA6XJ9er8gTugW4vjz56K&google_hm=hmR-fQgX7sSJKbkRiA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D647E7D0817EEC48929B91188BLIS
date
Tue, 06 Jun 2023 00:25:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame FF54
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEku5iDyiLE72R4IMF-tHrY&google_cver=1&google_push=ATf1kGOZdosCJMgR2H4LOEUTKnAJTPkQqOn24eNLlzeR0YSlrpFk1aHiBE1xzmmcioIFxbUgnSv7QcfUWg5WzGTqkm4Z...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOZdosCJMgR2H4LOEUTKnAJTPkQqOn24eNLlzeR0YSlrpFk1aHiBE1xzmmcioIFxbUgnSv7QcfUWg5WzGTqkm4Zigh1tbxm&google_hm=JJHHAp_TRcyGQc-UHgcZgw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOZdosCJMgR2H4LOEUTKnAJTPkQqOn24eNLlzeR0YSlrpFk1aHiBE1xzmmcioIFxbUgnSv7QcfUWg5WzGTqkm4Zigh1tbxm&google_hm=JJHHAp_TRcyGQc-UHgcZgw==
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOZdosCJMgR2H4LOEUTKnAJTPkQqOn24eNLlzeR0YSlrpFk1aHiBE1xzmmcioIFxbUgnSv7QcfUWg5WzGTqkm4Zigh1tbxm&google_hm=JJHHAp_TRcyGQc-UHgcZgw==
date
Tue, 06 Jun 2023 00:25:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame FF54
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEI-ZG7Jt8ttV6IK7PQuDRs8&google_cver=1&google_push=ATf1kGOCjMN0kQXqs8CLCbDxVxqSU2V3DkexPL7OdBQWP710EmNoShwahhivWMqobYT_Tor9DjrBCitEQ_iO87M2bPV5n3r...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOCjMN0kQXqs8CLCbDxVxqSU2V3DkexPL7OdBQWP710EmNoShwahhivWMqobYT_Tor9DjrBCitEQ_iO87M2bPV5n3ryfhsI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOCjMN0kQXqs8CLCbDxVxqSU2V3DkexPL7OdBQWP710EmNoShwahhivWMqobYT_Tor9DjrBCitEQ_iO87M2bPV5n3ryfhsI
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOCjMN0kQXqs8CLCbDxVxqSU2V3DkexPL7OdBQWP710EmNoShwahhivWMqobYT_Tor9DjrBCitEQ_iO87M2bPV5n3ryfhsI
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dds
rtb.openx.net/sync/ Frame FF54 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEN7e1LFAJJvCNrTnVgn9mXc&google_cver=1&google_push=ATf1kGPlbWf960LeY4uxnsA3poheiRJk5PgLj-fuFgZ83YjDoIQW_dx0smRgrwcfwyOEsmLMvj330ALiepqpteg8jFJYoK9u4rJh
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
report
sync.teads.tv/um/ Frame FF54
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEId-EXJOA728Zd2JWF3xZOA&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGMBZOXL0EVVkK9XEEgMrvVy_CMe75rB6Gzc1gVQUujKP7mUivFuz3mijhX72mTg-E_DQy-VBGDTA_znqchCyfmOyXxCErdLgg
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires
Tue, 06 Jun 2023 00:25:45 GMT
pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FF54
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEE1LN2Un0...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2491c702-9fd3-45cc-8641-cf941e071983&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2491c702-9fd3-45cc-8641-cf941e071983&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2491c702-9fd3-45cc-8641-cf941e071983&%%GOOGLE_PUSH_PAIR%%
date
Tue, 06 Jun 2023 00:25:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame FF54 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IhqSgOzxBLZTdT9jfw9gnIjRZZrQCwelsa7dKeeUKFz4Lp60975vTwpwSefkY-8BK0FFmIuEE
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 6550 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=zAegWTeLAt&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=zAegWTeLAt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61619
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 07:18:46 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 6550 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=zAegWTeLAt&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=zAegWTeLAt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 00:25:45 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4724
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELXMyZ6sVaS5CeYqA2VGhLo&google_cver=1&google_push=ATf1kGOSLfZ3TtmVqA1_RMOO22okaTqMoGw1utuG1cmXs55oE-MUuCn2NsPxZShHK7iuE1CTQXQSLnbnv4xJ_wCTx6_WlAEt6dv5
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc1ODYyNzU3OTk4NzUxNTQxNg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJyV3rxaNRWbp9LfmdqoeNo&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJyV3rxaNRWbp9LfmdqoeNo&google_cver=1
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJyV3rxaNRWbp9LfmdqoeNo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 4724 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENslpijJvv0dzJ-anY5wx4c&google_cver=1&google_push=ATf1kGM5LZJl4kTQ9ZKemlfCTcw40yAxuDnfLUPlq-neah0U4ArKaztzPLQy2b97QQBgQ42aKOfNymsKkj-PW2FUywvJIn0spcQ
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 4724
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJNxT7BZfAaTTid_-Vbh8BI&google_cver=1&google_push=ATf1kGNcmEdMp9APRr1zLnzsOIH-TfTxYM6Q3I32JD8bb5_S6IXOeKBFD28f1Xf8wO4WD7fdFf_u5e8y8VukaKKg...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=7k9kfn0IRwGASPRYXPuJ6Q&google_push=ATf1kGNcmEdMp9APRr1zLnzsOIH-TfTxYM6Q3I32JD8bb5_S6IXOeKBFD28f1Xf8wO4WD7fdFf_u5e8y8VukaKKgf4Q3kHLO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=7k9kfn0IRwGASPRYXPuJ6Q&google_push=ATf1kGNcmEdMp9APRr1zLnzsOIH-TfTxYM6Q3I32JD8bb5_S6IXOeKBFD28f1Xf8wO4WD7fdFf_u5e8y8VukaKKgf4Q3kHLOHDJ4
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 06 Jun 2023 00:25:45 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x25 config_version:"2391"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=7k9kfn0IRwGASPRYXPuJ6Q&google_push=ATf1kGNcmEdMp9APRr1zLnzsOIH-TfTxYM6Q3I32JD8bb5_S6IXOeKBFD28f1Xf8wO4WD7fdFf_u5e8y8VukaKKgf4Q3kHLOHDJ4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 06 Jun 2023 00:25:44 GMT
pixel
cm.g.doubleclick.net/ Frame 4724
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGLgPzUaOoZC-Mip_2cNL5E&google_cver=1&google_push=ATf1kGPY3dLfJsN_ZfIzZ1q1OZoK0cPo6KzjLjua3mMDyvheBtjn1mJyx6islKq4RrEIDe0yhhTZHttM7dZxN4IZcJvE...
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=2491c702-9fd3-45cc-8641-cf941e071983&gdpr=&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=2491c702-9fd3-45cc-8641-cf941e071983&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=10ec42ed-a125-4367-b737-025b041a0fff&ssp=google&expires=30&user_group=5&bsw_param=2491c702-9fd3-45cc-8641-cf941e071983
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPY3dLfJsN_ZfIzZ1q1OZoK0cPo6KzjLjua3mMDyvheBtjn1mJyx6islKq4RrEIDe0yhhTZHttM7dZxN4IZcJvEgqZPs52E&google_hm=JJHHAp_TRcyGQc-UHgcZgw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPY3dLfJsN_ZfIzZ1q1OZoK0cPo6KzjLjua3mMDyvheBtjn1mJyx6islKq4RrEIDe0yhhTZHttM7dZxN4IZcJvEgqZPs52E&google_hm=JJHHAp_TRcyGQc-UHgcZgw==
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPY3dLfJsN_ZfIzZ1q1OZoK0cPo6KzjLjua3mMDyvheBtjn1mJyx6islKq4RrEIDe0yhhTZHttM7dZxN4IZcJvEgqZPs52E&google_hm=JJHHAp_TRcyGQc-UHgcZgw==
date
Tue, 06 Jun 2023 00:25:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4724
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEsapiLd3M6CBaLQWE77Fwc&google_cver=1&google_push=ATf1kGPmEVQM5sVY-4jHJonSwGycAnMMGLVsGe9QFw1CAohgOkjtDP0e3ChK29kpIq_WYgoo5DnHl_eA...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEsapiLd3M6CBaLQWE77Fwc&google_cver=1&google_push=ATf1kGPmEVQM5sVY-4jHJonSwGycAnMMGLVsGe9QFw1CAohgOkjtDP0e3ChK29kpIq_WYgoo5Dn...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIyMjY5MTQ0NDYzNTY1MTMwNA&google_push=ATf1kGPmEVQM5sVY-4jHJonSwGycAnMMGLVsGe9QFw1CAohgOkjtDP0e3ChK29kpIq_WYgoo5DnHl_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIyMjY5MTQ0NDYzNTY1MTMwNA&google_push=ATf1kGPmEVQM5sVY-4jHJonSwGycAnMMGLVsGe9QFw1CAohgOkjtDP0e3ChK29kpIq_WYgoo5DnHl_eAJT7ay9ZQx8qNTIFVrL8
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIyMjY5MTQ0NDYzNTY1MTMwNA&google_push=ATf1kGPmEVQM5sVY-4jHJonSwGycAnMMGLVsGe9QFw1CAohgOkjtDP0e3ChK29kpIq_WYgoo5DnHl_eAJT7ay9ZQx8qNTIFVrL8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 4724 		43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEIYNsF4Vvj5-srGeJqIQ79M&google_cver=1&google_push=ATf1kGOJGszYq3zsqS8jt3men-eWEYj6FH1ZGhb_uB94nMFQ4ESR06kRdojbOsCsUnw2ZP1g9tGLNPIY0xWiQTD1tVofsKY4tpNf
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 4724
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGNLwQllXgftYdSx5C7eOgk&google_cver=1&google_push=ATf1kGOMgGJeWVOhGFu1LOdHDl9DH2xwQeaLezCwBdJNgVnt-iCjiBthg3xo5bpm7JSwv-LcbV...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iMVF1OC41RTJ1SGNTUDFHenJrQ2xQbWs4Z1BLSjJGUH5B&google_push=ATf1kGOMgGJeWVOhGFu1LOdHDl9DH2xwQeaLezCwBdJNgVnt-iCjiBthg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iMVF1OC41RTJ1SGNTUDFHenJrQ2xQbWs4Z1BLSjJGUH5B&google_push=ATf1kGOMgGJeWVOhGFu1LOdHDl9DH2xwQeaLezCwBdJNgVnt-iCjiBthg3xo5bpm7JSwv-LcbVU4gZ2GPEhZ5UKtrf6rI2PZbOG8wA
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iMVF1OC41RTJ1SGNTUDFHenJrQ2xQbWs4Z1BLSjJGUH5B&google_push=ATf1kGOMgGJeWVOhGFu1LOdHDl9DH2xwQeaLezCwBdJNgVnt-iCjiBthg3xo5bpm7JSwv-LcbVU4gZ2GPEhZ5UKtrf6rI2PZbOG8wA
date
Tue, 06 Jun 2023 00:25:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 4724 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LDkXDcteab9wPDCRP7yeIqwT_6TrnCgpUVjAl0dF8xnxPa4lEDvNc84PzIrBJskWbPKEzbuw
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
styles.css
s0.2mdn.net/sadbundle/7493198391404092334/css/ Frame 4D96 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=y252AtZlG8&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac2429c9dd60bbe0eeab4fb4322667db2a3566125b4a1d772c488381de05b9e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=y252AtZlG8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 17:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198682
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1446
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Jun 2024 17:14:23 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 4D96 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=y252AtZlG8&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=y252AtZlG8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 07 Jun 2023 00:25:45 GMT
overlay.png
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame 4D96 		95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/img/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=y252AtZlG8&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=y252AtZlG8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:44:55 GMT
x-content-type-options
nosniff
age
232850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Jun 2024 07:44:55 GMT
logo.svg
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame 4D96 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/img/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=y252AtZlG8&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=y252AtZlG8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 00:14:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519048
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2563
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 May 2024 00:14:57 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 4D96 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=y252AtZlG8&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=y252AtZlG8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 00:25:45 GMT
pixel
cm.g.doubleclick.net/ Frame 8DD8
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOsGYw58c_BqbO2s0a3GWnI&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0x6dHlDVkIxUTZrdzg1&google_gid=CAESEOsGYw58c_BqbO2s0a3GWnI&google_cver=1&google_push=ATf1kGPM8Hc2-rzR8o9e2up09EYjZBoS-1gR491NJcASBDZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0x6dHlDVkIxUTZrdzg1&google_gid=CAESEOsGYw58c_BqbO2s0a3GWnI&google_cver=1&google_push=ATf1kGPM8Hc2-rzR8o9e2up09EYjZBoS-1gR491NJcASBDZSxjvuzvSy3x3dhsCG4CkyyhgO7TfsK--ZaPLRmps2loSEuHI1UgZT
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 00:25:45 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-03b3f67f69a828fdc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0x6dHlDVkIxUTZrdzg1&google_gid=CAESEOsGYw58c_BqbO2s0a3GWnI&google_cver=1&google_push=ATf1kGPM8Hc2-rzR8o9e2up09EYjZBoS-1gR491NJcASBDZSxjvuzvSy3x3dhsCG4CkyyhgO7TfsK--ZaPLRmps2loSEuHI1UgZT
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 8DD8 		43 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEFtO-38ed7dvVcC5KdIgHV0&google_cver=1&google_push=ATf1kGO0AOLSLZA03YkvXiRNj0gnuw2DXkOBMXcYehX7uzLtWzOXom5kod9u-l-KuIFiIBqUMD9XEq-X8QnkVFOIBp4ThMy-Pw_2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO0AOLSLZA03YkvXiRNj0gnuw2DXkOBMXcYehX7uzLtWzOXom5kod9u-l-KuIFiIBqUMD9XEq-X8QnkVFOIBp4ThMy-Pw_2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7d2c8519a9df372c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8DD8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO-ABM_0X4oa8o6v90v3sYU&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO-ABM_0X4oa8o6v90v3sYU&google_hm=ZH59CDnJEKWdTUIPerALDAAADGkAAAAB&google_nid=index&google_push=ATf1kGODjQLUSAS7qpc0ZupvPB81J-SL4X1Lj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO-ABM_0X4oa8o6v90v3sYU&google_hm=ZH59CDnJEKWdTUIPerALDAAADGkAAAAB&google_nid=index&google_push=ATf1kGODjQLUSAS7qpc0ZupvPB81J-SL4X1Ljly8Etrx-fpCpRcvJnIoZJmex6JWmlzK3dj45ZAMFlpBhfRCCEOfc7AqCIR5-Hs
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 00:25:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEO-ABM_0X4oa8o6v90v3sYU&google_hm=ZH59CDnJEKWdTUIPerALDAAADGkAAAAB&google_nid=index&google_push=ATf1kGODjQLUSAS7qpc0ZupvPB81J-SL4X1Ljly8Etrx-fpCpRcvJnIoZJmex6JWmlzK3dj45ZAMFlpBhfRCCEOfc7AqCIR5-Hs
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 8DD8
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHwHt4mjAfKJbwMgrkX1c5w&google_cver=1&google_push=ATf1kGPEZVvxu8Qu3yzzLXa0bXfbGgVJc5BCbefkmxTp6yRsQDqhxn5Qbb08KFyL4gkSNrF_xkYG9Nn3v-er38BbH...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHwHt4mjAfKJbwMgrkX1c5w&google_cver=1&google_push=ATf1kGPEZVvxu8Qu3yzzLXa0bXfbGgVJc5BCbefkmxTp6yRsQDqhxn5Qbb08KFyL4gkSNrF_xkYG9Nn3v-er38BbH...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPEZVvxu8Qu3yzzLXa0bXfbGgVJc5BCbefkmxTp6yRsQDqhxn5Qbb08KFyL4gkSNrF_xkYG9Nn3v-er38BbH6R-TTuiTTBu&google_hm=GxIZtGZHngOdlq9LQIOEANL3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPEZVvxu8Qu3yzzLXa0bXfbGgVJc5BCbefkmxTp6yRsQDqhxn5Qbb08KFyL4gkSNrF_xkYG9Nn3v-er38BbH6R-TTuiTTBu&google_hm=GxIZtGZHngOdlq9LQIOEANL3
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 06 Jun 2023 00:25:45 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPEZVvxu8Qu3yzzLXa0bXfbGgVJc5BCbefkmxTp6yRsQDqhxn5Qbb08KFyL4gkSNrF_xkYG9Nn3v-er38BbH6R-TTuiTTBu&google_hm=GxIZtGZHngOdlq9LQIOEANL3
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 8DD8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAqUAIdJh1j-I1_qN8fFW8k&google_cver=1&google_push=ATf1kGNGcC4jPAlHCvGR3xrgw6gaozQ8RMdM7Qx5-mzmAAEDjEY0xw4o4MJBeW2AAfpr7ufVdHU9u2-GSKGi...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNGcC4jPAlHCvGR3xrgw6gaozQ8RMdM7Qx5-mzmAAEDjEY0xw4o4MJBeW2AAfpr7ufVdHU9u2-GSKGiWtho6yKvvJwPs7p-
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNGcC4jPAlHCvGR3xrgw6gaozQ8RMdM7Qx5-mzmAAEDjEY0xw4o4MJBeW2AAfpr7ufVdHU9u2-GSKGiWtho6yKvvJwPs7p-
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNGcC4jPAlHCvGR3xrgw6gaozQ8RMdM7Qx5-mzmAAEDjEY0xw4o4MJBeW2AAfpr7ufVdHU9u2-GSKGiWtho6yKvvJwPs7p-
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 8DD8
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEDSihbxlOVNx_2iNlUBj0w0&google_cver=1&google_push=ATf1kGNImqYpCbk7igxeg2PnkX2vLBMV8zx6qLun-QkEyC_iHYgYo-Cvm2oY7u0Kjk5puzilvqTcMAqYFHKI0ZhzQJbHaE...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDSihbxlOVNx_2iNlUBj0w0&google_cver=1&google_push=ATf1kGNImqYpCbk7igxeg2PnkX2vLBMV8zx6qLun-QkEyC_iHYgYo-Cvm2oY7u0Kjk5puzilvqTcMAqYFHKI0Zhz...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=hURRytm5RIee9EZZV9pJXw&google_push=ATf1kGNImqYpCbk7igxeg2PnkX2vLBMV8zx6qLun-QkEyC_iHYgYo-Cvm2oY7u0Kjk5puzilvqTcMAqYFHKI0Zh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=hURRytm5RIee9EZZV9pJXw&google_push=ATf1kGNImqYpCbk7igxeg2PnkX2vLBMV8zx6qLun-QkEyC_iHYgYo-Cvm2oY7u0Kjk5puzilvqTcMAqYFHKI0ZhzQJbHaEO052Y
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=hURRytm5RIee9EZZV9pJXw&google_push=ATf1kGNImqYpCbk7igxeg2PnkX2vLBMV8zx6qLun-QkEyC_iHYgYo-Cvm2oY7u0Kjk5puzilvqTcMAqYFHKI0ZhzQJbHaEO052Y
access-control-allow-origin
*
date
Tue, 06 Jun 2023 00:25:45 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
onetag-sys.com/match/ Frame 8DD8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAqUAIdJh1j-I1_qN8fFW8k&google_cver=1&google_push=ATf1kGOh8e5IeLcgwFuUhI9outQEAsVIjfbi2huAyJ1pAEzUp20GHuMRlbpUqJX42RIFg6NMWbGDfxUv6jw...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOh8e5IeLcgwFuUhI9outQEAsVIjfbi2huAyJ1pAEzUp20GHuMRlbpUqJX42RIFg6NMWbGDfxUv6jwySIG4wytZWZ3zJBoTpw
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8DD8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IYoKJqgFRImJSbHe6r23n8c5RPMYgT03xdprwFfoknCOsdo0k0spF5jujttXsu9aWrOCxShg
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame 371C 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1686011143198&userId=vnet61d564df-8b29-4f2b-b20a-95a90770533e
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 06 Jun 2023 00:25:45 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
truncated
/ Frame 036E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0588a4a631f559882a5294929d3cb477c46ded26d68505d4b2b02b5b899dc5cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9163 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
243182
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Jun 2023 04:52:43 GMT
expires
Sun, 02 Jun 2024 04:52:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
styles.css
s0.2mdn.net/sadbundle/7493198391404092334/css/ Frame CB2F 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=Wmdgo3dw3L&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac2429c9dd60bbe0eeab4fb4322667db2a3566125b4a1d772c488381de05b9e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=Wmdgo3dw3L&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 17:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198682
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1446
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Jun 2024 17:14:23 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame CB2F 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=Wmdgo3dw3L&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=Wmdgo3dw3L&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61619
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 07:18:46 GMT
overlay.png
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame CB2F 		95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/img/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=Wmdgo3dw3L&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=Wmdgo3dw3L&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 07:44:55 GMT
x-content-type-options
nosniff
age
232850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Jun 2024 07:44:55 GMT
logo.svg
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame CB2F 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/img/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=Wmdgo3dw3L&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=Wmdgo3dw3L&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 00:14:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519048
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2563
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 May 2024 00:14:57 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame CB2F 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=Wmdgo3dw3L&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=Wmdgo3dw3L&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 00:25:45 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 34D9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
243182
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Jun 2023 04:52:43 GMT
expires
Sun, 02 Jun 2024 04:52:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ajk4xlebn4mw
hal9000.redintelligence.net/zone/ Frame 52E1 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=4125651338499241860&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dj5FciLNybAC7soAQ95PzAw%26exch_seat%3D20035004448%26mt_aid%3D4125651338499241860%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dee4f647e-7d08-4701-8048-f4585cfb89e9%26mt_cid%3Dee4f647e-7d08-4701-8048-f4585cfb89e9%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCGRs4B31-ZJXQO4Og9u8P-pCEoAfPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT4AU_QTj0sZQLtJi0GDFzUi65a7AEvAPjIJBScXIIh1-r8tgScX3PYZpjdKTakYZkuLV9e7DukGhk6tvh0t38DrANE-gQqlV6FNeKsbgS1YU1i41Zbo1aBkdwNWLMQVd-gPexF8AcUts0YgkZk56ZE5LtO1P5EF929zN4LIa00Q7GrfVp_9iV6Twvye5O4CDG_VzgIuYhBpH-u9YG-FF_1KJ7WNOijALWuIUowYOPKzhrB7Elp1xbuEgfq9m9jXRIWY3EklCH6z-0aPs6dWKtzWVERHIl1j6Ipd7BbMpU3GfaRuTtkw0_E6QqgL5aOflm_Fz71HzQ4oC-g4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2C8jdqrQML_b0lPwdI0hIzNf0UqQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
91d182f1178fb24917ba35d7123176bbff34aab4a0e1bbdaa385ac04b9fe7bfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:45 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3461
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 52E1 		0
0
img
pixel.mathtag.com/event/ Frame 52E1 		43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=4125651338499241860&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkROak1tVmtOV0l0WkRNMVppMDVabU14TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMjU2NTEzMzg0OTkyNDE4NjAvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1Nl9oSHg0bjNjV0hMOUdOZEUtUVlfay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTI1NjUxMzM4NDk5MjQxODYwL3pyaC8wLzEwNS8xMC85OTkvMTYyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY4NjAxMTE0NC8xNjg2MDIzNzQ0LzQvcHViLTc5ODM2NTEyNTc4MzgyODIv/n_z-dIqTScmv9i6zsBHWjuuND4Y&nodeid=4837&group=zrh&auctionid=4125651338499241860&pbs_auctionid=4125651338499241860&shardkey=4125651338499241860&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.156&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRs4B31-ZJXQO4Og9u8P-pCEoAfPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT4AU_QTj0sZQLtJi0GDFzUi65a7AEvAPjIJBScXIIh1-r8tgScX3PYZpjdKTakYZkuLV9e7DukGhk6tvh0t38DrANE-gQqlV6FNeKsbgS1YU1i41Zbo1aBkdwNWLMQVd-gPexF8AcUts0YgkZk56ZE5LtO1P5EF929zN4LIa00Q7GrfVp_9iV6Twvye5O4CDG_VzgIuYhBpH-u9YG-FF_1KJ7WNOijALWuIUowYOPKzhrB7Elp1xbuEgfq9m9jXRIWY3EklCH6z-0aPs6dWKtzWVERHIl1j6Ipd7BbMpU3GfaRuTtkw0_E6QqgL5aOflm_Fz71HzQ4oC-g4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2C8jdqrQML_b0lPwdI0hIzNf0UqQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master cdg-pixel-x27 config_version:"58" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:45 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x27 config_version:"58"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Tue, 06 Jun 2023 00:25:44 GMT
img
tags.mathtag.com/event/ Frame 52E1 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=4125651338499241860&st=4562306&time=1686011144&nodeid=4837
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkROak1tVmtOV0l0WkRNMVppMDVabU14TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMjU2NTEzMzg0OTkyNDE4NjAvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1Nl9oSHg0bjNjV0hMOUdOZEUtUVlfay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTI1NjUxMzM4NDk5MjQxODYwL3pyaC8wLzEwNS8xMC85OTkvMTYyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY4NjAxMTE0NC8xNjg2MDIzNzQ0LzQvcHViLTc5ODM2NTEyNTc4MzgyODIv/n_z-dIqTScmv9i6zsBHWjuuND4Y&nodeid=4837&group=zrh&auctionid=4125651338499241860&pbs_auctionid=4125651338499241860&shardkey=4125651338499241860&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.156&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGRs4B31-ZJXQO4Og9u8P-pCEoAfPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT4AU_QTj0sZQLtJi0GDFzUi65a7AEvAPjIJBScXIIh1-r8tgScX3PYZpjdKTakYZkuLV9e7DukGhk6tvh0t38DrANE-gQqlV6FNeKsbgS1YU1i41Zbo1aBkdwNWLMQVd-gPexF8AcUts0YgkZk56ZE5LtO1P5EF929zN4LIa00Q7GrfVp_9iV6Twvye5O4CDG_VzgIuYhBpH-u9YG-FF_1KJ7WNOijALWuIUowYOPKzhrB7Elp1xbuEgfq9m9jXRIWY3EklCH6z-0aPs6dWKtzWVERHIl1j6Ipd7BbMpU3GfaRuTtkw0_E6QqgL5aOflm_Fz71HzQ4oC-g4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2C8jdqrQML_b0lPwdI0hIzNf0UqQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.241 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.389.1 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:45 GMT
Server
MMBD/3.389.1
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
pao-router-x85, zrh-bidder-x172
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 06 Jun 2023 00:25:44 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8D86 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
243182
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Jun 2023 04:52:43 GMT
expires
Sun, 02 Jun 2024 04:52:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
7ff603f7-461e-4820-8619-d65dbebb58d3
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/ Frame D33A 		186 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/7ff603f7-461e-4820-8619-d65dbebb58d3
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Length
186
Content-Type
application/javascript
postback
s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/ Frame 58C4 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/postback?to=3&de=2&md=1&si=&dm=300x250&di=https%3A%2F%2Fye-mek.net&ui=&pp=15222&pi=XROhqscfgR&ac=Xmwo1n97Q8&ci=948461&pd=avt&ap=&ti=&sr=GOOGLE&dt=9484611597092707615000&pv=8bdccc95-f51c-4594-9153-bfd55b000008&gt=DE&sid=Ags7q0AAEPMQ79Z7&oz_sc=0fec102ff08f6eada88a6fc3&oz_df=1686011145220&oz_l=4339&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/ Frame B01F 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/postback?di=https%3A%2F%2Fye-mek.net&dm=300x250&pi=XROhqscfgR&ac=Xmwo1n97Q8&to=3&dt=9484611597092707615000&pd=avt&ui=&ap=&sr=GOOGLE&ti=&pv=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&md=1&si=&ci=948461&pp=15222&de=2&gt=DE&sid=Ags7qz8HEPM2Juh9&oz_sc=f40f1dda7b495af10c3414b5&oz_df=1686011145220&oz_l=4339&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame B01F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIcDzdyeUdsja28OCWS1lDjKEuX6B8LXPOdJ51e2AJvBYo9PKFEKNl68hyn1YvuCS5x1j7HE95pzz1yhvqoWVMSFfX&sig=Cg0ArKJSzJhcEZqWCW8DEAE&id=lidar2&mcvt=1116&p=0,0,250,300&mtos=1116,1116,1116,1116,1116&tos=1116,0,0,0,0&v=20230605&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4211136529&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686011143853&rpt=372&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ac2c9ff6-58cc-426d-b157-dd6d14422842
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/ Frame C523 		186 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/ac2c9ff6-58cc-426d-b157-dd6d14422842
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Length
186
Content-Type
application/javascript
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame BB7B 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1234
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2C1Yl%2BHdzXa9KJesWNx5NMbcJDDJCtyWrDeqtUSHemjI1fwq0%2FeLVUYNSUF9U5Sc%2B3NHA%2FyK17adrBe8IIlMBe1DsUegKqi8trYeCXBPr0dSBHVaXq0Hy1CUH4BUijWonrm3zcfFOwMVA8fR9kYIZEB"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7d2c851ad97d9a17-FRA
expires
Tue, 06 Jun 2023 00:11:24 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 371C 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 31 May 2023 13:09:50 GMT
server
nginx
etag
W/"6477471e-176eb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Jun 2023 00:25:45 GMT
frame.html
ad4m.at/ Frame 4021 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2237367
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7d2c851b2d1b68f2-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 00:25:45 GMT
expires
Mon, 08 May 2023 00:16:30 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0LqeUqQxmG9xGarkDUkv%2Bmy%2FwflC8%2FsaKjQ9fRttOv1yRYAF6h4BJjHY%2BcYsydkvBe2Y7KvHsznchNoqG0h2gHLSOdyULNBbbBSQIKYhCqC%2BWNtzBDfttFz7YarPDQpF6%2FNAwE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
pagead2.googlesyndication.com/bg/ Frame 127A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 08:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
57902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14684
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jun 2024 08:20:43 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 58C4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSwMW1oTfTHr7g19nUFjH7ZdigiIzlfo2Xc2-i4aYsi8AxoF2hNjPPCSiNSNBTtIqpHQBS9MeDLv03SOk3ERX9fDPH&sig=Cg0ArKJSzOj4PDn830KzEAE&id=lidar2&mcvt=1048&p=0,0,250,300&mtos=1048,1048,1048,1048,1048&tos=1048,0,0,0,0&v=20230605&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1462316560&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686011144009&rpt=389&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/9170381621892120779/fonts/ Frame 347D 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/fonts/FordAntennaCondMedium.subline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 20:23:08 GMT
x-content-type-options
nosniff
age
532957
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13336
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 May 2024 20:23:08 GMT
FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/9170381621892120779/fonts/ Frame 347D 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/fonts/FordAntennaBlack.headline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 10:58:48 GMT
x-content-type-options
nosniff
age
221217
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11876
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Jun 2024 10:58:48 GMT
FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/9170381621892120779/fonts/ Frame 347D 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/fonts/FordAntennaRegular.legal.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 08:27:52 GMT
x-content-type-options
nosniff
age
403073
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14468
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 31 May 2024 08:27:52 GMT
FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame 4D96 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaCondMedium.subline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 02:35:15 GMT
x-content-type-options
nosniff
age
251430
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13336
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Jun 2024 02:35:15 GMT
FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame 4D96 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaBlack.headline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 11:23:09 GMT
x-content-type-options
nosniff
age
219756
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11876
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Jun 2024 11:23:09 GMT
FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame 4D96 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaRegular.legal.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 23:46:02 GMT
x-content-type-options
nosniff
age
261583
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14468
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Jun 2024 23:46:02 GMT
request.php
hal900019.redintelligence.net/ Frame 52E1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=bbde5f0ed1&subid=&uid=6c125bae82971f8e&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dj5FciLNybAC7soAQ95PzAw%26exch_seat%3D20035004448%26mt_aid%3D4125651338499241860%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dee4f647e-7d08-4701-8048-f4585cfb89e9%26mt_cid%3Dee4f647e-7d08-4701-8048-f4585cfb89e9%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCGRs4B31-ZJXQO4Og9u8P-pCEoAfPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT4AU_QTj0sZQLtJi0GDFzUi65a7AEvAPjIJBScXIIh1-r8tgScX3PYZpjdKTakYZkuLV9e7DukGhk6tvh0t38DrANE-gQqlV6FNeKsbgS1YU1i41Zbo1aBkdwNWLMQVd-gPexF8AcUts0YgkZk56ZE5LtO1P5EF929zN4LIa00Q7GrfVp_9iV6Twvye5O4CDG_VzgIuYhBpH-u9YG-FF_1KJ7WNOijALWuIUowYOPKzhrB7Elp1xbuEgfq9m9jXRIWY3EklCH6z-0aPs6dWKtzWVERHIl1j6Ipd7BbMpU3GfaRuTtkw0_E6QqgL5aOflm_Fz71HzQ4oC-g4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2C8jdqrQML_b0lPwdI0hIzNf0UqQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2F7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=9918133753806&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=4125651338499241860&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dj5FciLNybAC7soAQ95PzAw%26exch_seat%3D20035004448%26mt_aid%3D4125651338499241860%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dee4f647e-7d08-4701-8048-f4585cfb89e9%26mt_cid%3Dee4f647e-7d08-4701-8048-f4585cfb89e9%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCGRs4B31-ZJXQO4Og9u8P-pCEoAfPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT4AU_QTj0sZQLtJi0GDFzUi65a7AEvAPjIJBScXIIh1-r8tgScX3PYZpjdKTakYZkuLV9e7DukGhk6tvh0t38DrANE-gQqlV6FNeKsbgS1YU1i41Zbo1aBkdwNWLMQVd-gPexF8AcUts0YgkZk56ZE5LtO1P5EF929zN4LIa00Q7GrfVp_9iV6Twvye5O4CDG_VzgIuYhBpH-u9YG-FF_1KJ7WNOijALWuIUowYOPKzhrB7Elp1xbuEgfq9m9jXRIWY3EklCH6z-0aPs6dWKtzWVERHIl1j6Ipd7BbMpU3GfaRuTtkw0_E6QqgL5aOflm_Fz71HzQ4oC-g4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2C8jdqrQML_b0lPwdI0hIzNf0UqQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
2e88862c2bcbf490aa92addb66d5df3b2207580a5f3c861df82fd10f0c0c265c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 00:25:45 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
73181600004838100951389012347019
Connection
close
Content-Length
1318
Expires
Tue, 06 Jun 2023 01:25:45 +0200
postback
s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/ Frame 58C4 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/postback?to=3&de=2&md=1&si=&dm=300x250&di=https%3A%2F%2Fye-mek.net&ui=&pp=15222&pi=XROhqscfgR&ac=Xmwo1n97Q8&ci=948461&pd=avt&ap=&ti=&sr=GOOGLE&dt=9484611597092707615000&pv=8bdccc95-f51c-4594-9153-bfd55b000008&gt=DE&sid=Ags7q0AAEPMQ79Z7&oz_sc=0fec102ff08f6eada88a6fc3&oz_df=1686011145441&oz_l=215&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
view
googleads4.g.doubleclick.net/pcs/ Frame BE1B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstxPQBYPv7HhT04shCEp0UwD4NS7uEPB0Z_4uD8uX9eDnOYP5RbaBNDCfExMkiyfxhPkBFVzWMesNV1TU5kkM9VY6xyz5xBq4UvwVeJasuXvperWGIhgXSBYt1mW6USckNyQjmmrefMBi9085nABYTIHEGZO0gqrBae_MQbJoZf181Y96G5ZajcLofGqJQKCKa2goYsiat-oivV9KVI6IBxQs1sDdVn9eukrW44SfTHMdKEKphbQzuVRh_Q9Y-kJFvrJjGhK_dpURRTa8JGKe6_YGX9nRe2iO8NWRbpyCUc0gufMgKRKeZyKWOUnUtrOCXdjhQrM9SMRyLX-7yfphjgIF2unhHfR02B_lJRInYElFf1TlFSKg5FpeRH9HVdmOUNeqnKeCuHlUQZ6ZN-KemHiarhJ6JSCHg_TFJCqvnoLbrTorSmcl-mgFmehChnvCr1HXtq55EaEwwfTLxY8kT5WJwjGMUgNLFDz-ai-AWMA7EPbW7Cz8QZZKogGKbASlOeUMVZkbTv3J85LiWneOhrNEElGvcHJnS5GgWdHsXauELhSmfi-RzJGCB7xtPFeMx2LBVoP7VLKXBGTdxUXklZG5gEXBN_fWAJIZD9oHuSomhSZnoIpLw8eyb5nQaSvB-QffmnPJ3cSwt3BW3ICO-rYuK5f00htgJKkuBPVIrix3UUZTghBwoAyjQ-m0ouyY0UCnL2n1MLJ7ePO79iBbbt6Aet2vXqyhqFOb6XZbryLrymm-Vy2KRnDyYocU4GIOeJblBYfK26zuMIzBISIWNPUS7bGGI-_afp3V9b8E7ejekOmbv1ZVPrBHPGFCSyura96jb7mWqqLuf-B1joVmIM3MlFH6bhhlH0zqxS9iiOMBbIBZ9CYQig1-ChZjo_LpTZ_nifHwHO7oYo6edl_SapzigGyWhPjQOfCG6RBzUzp_LiyQckKxthTMkXXV8a94EX7J7trgUoMnk0vdPV7QSaluIA9T8tEAAwTxnqJRCiIiomm9mqyxE7emm1IdR-pM9kILjvcFRJZ4YLXakbfPP26kSIBzVUaekQj4ksAbVZerE3IVZ6LH7pqym2qqiX8v-TpoZFdlmzfJtncS3ZbP0VDjnK-D6vQLXzHQICQJuLsRtka1rArkNIYlThnQx4wdGssvNOMXr87FfZXLokorsv4GWvhR5l5ox5DNaLg-jhIeq6dZ_UARRWL_x27tUitdV5RoOkpgLE2fQMczWkNJftWkNJFd8ZyGyz_fubWJDYRIpa97yZzS3VnqKBa_YbZvEMgmPi4h12aWEPmODGY__osRMaVLdIcr6nndt2IwKU4TrYuA1pMkQMKppT3CfGnWhaf1hjXQ&sai=AMfl-YQOCtOUZvOxSqMvVyckbXx-4OhrK0REwycvvU5shddzwtAO-w7zTA0KOH90rukzhaNtbK3wZ2MJN1ksmsBm85cb4sCJJFCblf-sHxHurypKIfrAxFWyOyTfodyPtl2cC_nrpTLgrdbD9IbOZqPOnsW6cXXaLAr880jovlCrHMnpV5DYYSNtDQ9dB1_H58WvDQKc7O5xI7B0IvGacpSCg7rJ1xhTgpxPZPy5cCzVi2sa-w1aan1bnPLns_roXluIcPovKN3DtYtXH35pVkNL8r0nSD6x&sig=Cg0ArKJSzFuiS8mYX45AEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=765&vt=11&dtpt=449&dett=3&cstd=309&cisv=r20230531.53324&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Jun 2023 00:25:45 GMT
FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame CB2F 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaCondMedium.subline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 02:35:15 GMT
x-content-type-options
nosniff
age
251430
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13336
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Jun 2024 02:35:15 GMT
FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame CB2F 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaBlack.headline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 11:23:09 GMT
x-content-type-options
nosniff
age
219756
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11876
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Jun 2024 11:23:09 GMT
FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame CB2F 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaRegular.legal.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 23:46:02 GMT
x-content-type-options
nosniff
age
261583
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14468
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Jun 2024 23:46:02 GMT
postback
s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/ Frame B01F 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/postback?di=https%3A%2F%2Fye-mek.net&dm=300x250&pi=XROhqscfgR&ac=Xmwo1n97Q8&to=3&dt=9484611597092707615000&pd=avt&ui=&ap=&sr=GOOGLE&ti=&pv=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&md=1&si=&ci=948461&pp=15222&de=2&gt=DE&sid=Ags7qz8HEPM2Juh9&oz_sc=f40f1dda7b495af10c3414b5&oz_df=1686011145470&oz_l=215&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
pagead2.googlesyndication.com/bg/ Frame 9163 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 08:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
57902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14684
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jun 2024 08:20:43 GMT
021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
pagead2.googlesyndication.com/bg/ Frame 34D9 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 08:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
57902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14684
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jun 2024 08:20:43 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CEF4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWzihgB5uuaTVdStpxdgZCwLC07JTsmqVhi7Wd77r4Zqyr0Str9DBk04XH98n5U0CTPfY9vX0NlgzczE9LuSpqktHq3ZRiheXofx1Rh--iA4ym7rf-_W5BKAAMXX2qrWT5PjT0JNONQXu67l9tS6CT1BtPlnF48gD_BnUnOUs8QNZxKp72ALcdQumVui00tFN6i6N9pfZFKF2xJ6CLzC59LwdUCBtJrvPaG7InPs2sNfJ0OxygztlHyzQ-UmUrzgf2-Ps5NMlPztw2U5FR4CtQOSWb30jRYMt8avZN9WCBRm82Ob5SZWTUl99uCi_sZZVugQvcrzQ_nyohcwJ7wtF_9ttUOvqFl2lXI5Y_l-miOVJRnOWPoFEqGwo_yJ-TyhQLZdJusYx4GB-obIeYI65bqHuyVqjfRjS2-HiV4Nw6FGe7KdwnuYwuxL7L7NQj8v9Jpw7wCvBL8YdlkEdYUpQN2ezQiDUcURyBsCxPptYWOXT0ucQ1VtcSC1_UUtjModdV850YstuTGQ9b5O6XhN62wGekSVQ1xNqDCnlTCqEQrI-we8ARZydTquU6uwuF2JuNd-k7hEd0U9kgkJp-7qKSyTC9qfvCVgHkv3TKXWu-AnVr58YOzRi42Wjmn8dFeunuxAOb20Ety2IOMtHgwDaDij0VOrrVmlYiZl4BmNmZKC9REI5N6hl3IhQoVtEcg-8hr1HPNLiNI3c8i8kUBqH0u8EyUslvdDYJ1Mgm2y-IYMNU_LesAuhW9j81BsZ9QiKjFYTviwYEm3nord2t_i0ni8dub3kGHakUtycdgcLqaOwcbcheTl5C9SjJkRNqgSym16j_dJ3DgZYHZeQ-fNVToWp9MEzepR4wI6SYmU0bAKDvws_5Am3DB2kzdCq6DGsRJtM-s161qTPfMCFf2uUJo9lH7VX9h6KDy8GK8PYjqo0druaEsibmaA7XiV5cRK6EuzU1v9JEYt6Znw_JIMqUSvC3Bc3C6QI3_OxpCnzsSGP1odoOtfarhCwN1omx7JiLAq1abBxQEZ36QOCckqcilkhpy-DO7oM6nXCw2Ny2P-7tG430d4mHHOTmpZm6Df3ynWIq0uw7zOArs3m57DqylS3hwVbTnA85Ic9_VXIxVR1k0dcs6A5xfNp0UWSbxIoeSeIytPCdEggsLrH06CpYIBZf6uMm-LL0DBxcGdXjFLr1NQ_yjqVDbZfgg-0eG7J36L4EGZAOeiGO5Mt90f1gSxbHXaAnK4wu-Wglq1K_UwUux5JGzeMzF8Er_v-40rWI1Lg2gOz0MfrWTY472HjBOA&sai=AMfl-YRMVvsXzmu2oTRtXavhRbzApI8fDqgOE6NOlrPhOWuaS60990H7FItQa0GZcA8yWyALezdaZvKhuLfRHOgXJXfSON0U2CjCTvySwXYn38yuXK-qhR0tyVZRG4mQ25oXo4St9R9iG7VREpe654keqW4XRtjuA6lTKjo--Kj3WiHZDqE3sfHlKfPg1qHYNgypBru7XM3bQWB4zH8Hx6MY6nm7gOQbiLN-k2FkUZTGYTXKmll607agaMlRFrcW2WRv8GfSJtKgA0IuxiIYQnMnpTsNDv7beQ&sig=Cg0ArKJSzNvZLZdRq5TQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=893&vt=11&dtpt=539&dett=3&cstd=344&cisv=r20230531.83912&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Jun 2023 00:25:45 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9038 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuc67hE8eSZEjD_KyuTOFfUEwzXTeLz5In2ngJ0uBg-Fmc1HMAsGCtYQwtMxD1UqC899BbKLf5mKiknuYuVwx9WOH3hv8vKi3Bf_aYIg3qTsGXevDKZ3A8mxXVT9147YrK4jCUf4qcNpKnHTauvUQhEWX0PgQVA5E6Cb4siPd7z7Nv0vvg6OFDe-6JQ1-w3u5nRpLKZHTx67IHXcce_vA7h57QfbYghRsnAjwB3BXpy4rCG1LT2btfV4Ycpn8NwcDD8cljBW29SjCi6DPrg9Knt-HgvSfjZTlfhyk5UfVKpuOGg4fgJfDjexkK32xZSK1Gtc0wucAiergXv9kWmo1S6pfjZ5-0nfrFpTTBAFWUV-pC675yjWx9s0SHoiZ-Oz1Fm4FyuK_YajLXmtcMIBWBC38KvHMPTMSIKmuhW7LT8wZBcDJilC0EhrmkFflEmCJ9cq255IPhdgxVRO-XrX35RAWESjK_j_ehPhFUTwmxg-6sIwL2_BbvmF3NG-_fOMLBjcdsE88TiYyWQSSC_V2P62toRHHCozkG3whTlPANzojqObh4BY4_aP3Qp2s8DgVO75VGdDAEXAXg0PGQLBMN_Mlf-D0ekXFtghnJiVIpHZDoAPTsDI7VjyfzQGaKUVpUeQp-pUUYy7bbk7YoHIibxLGm-P4A6ue4OhcepAyGQSQTcqFiJEmvTX6BwLGeEWVdRsZbKqbPkMtw8lRA3JruWtpDgPihS3_MCazUVbBvwk9Fh9dpMtgjG-9H2EM92325adFsEqkqvRAOZSyr9iHps9jPrEFXj3-Dqz7H6wOK6sDKtIs62CKNCxKqXl_gWqifWa8VWdTA3jJxYDzZakUOhmz3cgFpzxw27qpssY6DOuGWci0KO0Zi0PAl9XzX6vP74dBVxBl014aqF_2j1B5jaWp863uWPzQOMtVOlOi9fo_Xyyl6XxPwrkvtVaKrEzY10LL3avT-Dd-_tLgEDDxZNIQL0QAWQJOgSdtJDuEBAni0WSYhhsE7LFGqrXARVkjH9vOFxGZY_u5JX9uYvCAaszgcpspoSfB3XZfdufkGuFC-aB05zEG6Na7U-VpUvc7vmKmS72rLrHc5lZAtAkkdckMDT06nHcyTB2-HrauOKpm2Uhbrn1oMUK_M9yiIMgZuzvW4UAI6AhPXLZqTOJFXy6XcIfFfE0Vv6ildNV9LP4aoRGAZLCeinI7WXhF_Caqu6g6mi3nX1cAmQHVi5pYm9E7_Ba4t1EYZrjzQpLPZYOdYp0B6k8Xp69KMtBrna2v5pHVcmbHVgaoIknYD85HeCjN8u&sai=AMfl-YSGe4No1_Futei-5jzINRGpS8CkhAQcbC8w_ei-ziXY6PmsyxEcrTx9oydAcL0JEnygBUA2VLKAHl1sdOfDaKgwt0N5HGOV2iuOM0Sx97_06A_oyLo1ZWuPn3VT7VEBeiFofE-TwlIt5ObAUrL5JdyGIqHX68e7Ne9-3Gz3tYH_6WAQnIuf_uU0bul1R935lM1DIy09xZluo4TgQ3IUqV4CcoVJ3UipCwqPvjYX4iQKDYjLswvG9IR_EMQE31QErB6hfMsPEoi9PCvnRndmamkmiuq0_w&sig=Cg0ArKJSzDlSFQGKvFnvEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=817&vt=11&dtpt=501&dett=3&cstd=309&cisv=r20230531.55282&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Jun 2023 00:25:45 GMT
021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
pagead2.googlesyndication.com/bg/ Frame 8D86 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 08:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
57902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14684
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jun 2024 08:20:43 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame AD7A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNwiBM9CMZbpI6pQ7cufhqQ5PIlNzypSbK1i8HddpgaVbM9XaMZEWVkJUPm6YIAREnmHax_I2x8FL2MKV72W9w4CEh0YvncuXvYYxrrq9R7_gElC0s6BADdnxVheIC2m6VUQubArH6z_UCnAlqgCehnX8ya2SYa-h6_GfNNt2uiYkEDe2uMMjpLaEX0hWvZZq0tGjZJKJ877DgZOXlrhDFCwpEkfCELwc4aELV16TxABTS3taXlj2M4TPwM_aCPVJXaXksOXacQvxybuAjaUwkssM5vRY7KSo7_pqDQYpY8I9RluI9-ATRrW3FICWVwqTA2TAmbN_CKPAL_rawXW_Fmrogs20Jg-dM7s9iA7se0lNKYtUNh2AJ3GNbQkWoB5d_YZYR5YcBoSsSO8GQMGC1799L_6OsfPw8E6gEOtmV5x0jhyberH7sONi3XBXrtyDbtM_4YpyVNxXv_ZGXO6BUkCpCBRitk42A_5ACcS9nB_kzhM5IkGMnjLYI5O_Tw7CBZV3X79_zFM9I4Jla11r61jsnsPDs1jbSJAqerjAzio1FUbePJjVzVgAg-dEYVsL_UOQEWuX-b74WRYU3OMlhpZuxYseglO7cQu0oVd8cjKUOLo1jOrLxaB48FC9vx24lsyvUKNHHafGtA_4w9eZqnw3AEV2iOsoMnxSstGgUYjITpHSAMuxksN0E6qMjbEZBT9EccIIlNCIWp10R7Wy5pxKVvUgNhsLbN7gm9hwIw5k1j0ZfRKpGRfJ04WM1hpWpDT_JfAWUgUGDL0Epw4s3gW0Z8gOpJQA-g9qQTg-NaMB_4unzkylBPtZ1WC-IgkxR9HPc7XBo51dfypoSxuEQmLv3PC789anBh9aLThlkaJRJ0DZ3kW98N6L9uhVmgkryw4yY1af3afkZb6lLe00ZVGUc0skSUoPcDWTTFTzeVkhBrtkkkFwyF3YUouiIbg-cqzjKywWdhozwdpWlt_ER0NbwuUlQMCJ8e6NFhH1amRqDjS5mlOhljczdXlTszMGFtaJZUHZvY2H8gw1avwuN1q7yn1ZBKgRVvaQXviVczU2ImtWF65Jz0l_E4DcGBNmA5rTCtH8y-Kz6NOyelDRIOKje6FOz3Q8fLsxRM8KcmgYQOG_AI9gTgyPe7kPhX6QmSvzwLfZkRj-uyXSYdT96Bf4Rq2BGd-8ikPiqQRpiYhTyc5kSCHgKReeSOieJ_jG-10rsHtQz7-exohwRHs-jgmQIvIek-JK_pGn40lglxnkO4Ke0PZKG3-_2Ry18F1N3sambi_gFtEwqiVKCiwhBgQbo&sai=AMfl-YTFvyTCjOfYpRvWVYdMQsMn07Ag4q7xUGSFm7VXJcZQyxkr_WG6ijAPE1mwSDFofjbA8Y-naz60pNPHonmO6EU7vtNY3E8qZGuL3gCvDDRZx5TYRhWjGTKa9KGToxBct6Hlo-RSOflMQrXQ-id08n7-IbmKrVIPQWReXnNg4j7-YerVbLca9tSYfHje0DyAJJD0o1SGcFpbPaFN35WZjcsR75U4_azkeVuag8XcseGyTrCzZ9ZxPT6s5pQOEy0J6msl_mzdHhN_aRj0ageTCeljT-BgFQ&sig=Cg0ArKJSzE28T2qDQ0PeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=818&vt=11&dtpt=463&dett=3&cstd=346&cisv=r20230531.96054&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Jun 2023 00:25:45 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 347D 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d1738a30db124d9ea7b3201fc5b72f1d50ca4f113aa1f94091b6e37587e9ac0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5741
x-xss-protection
0
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 6550 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=zAegWTeLAt&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:12:15 GMT
x-content-type-options
nosniff
age
810
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 00:27:15 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 6550 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=zAegWTeLAt&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:23:34 GMT
x-content-type-options
nosniff
age
131
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 00:38:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6550 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
038364fd14edea25399eeb86fafc8f72062c5db35d4e64a073dd07eba88f286b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5711
x-xss-protection
0
60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 6550 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=zAegWTeLAt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 18:42:46 GMT
x-content-type-options
nosniff
age
20579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2040
x-xss-protection
0
last-modified
Fri, 07 May 2021 13:08:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 18:42:46 GMT
60005582_20230413245519799_300x250_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 6550 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230413245519799_300x250_LOOK-01.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00867e4aa81a541e2fad8ba10b2c4e9a6b137bdbb4ba13fb1a38d2fea88cb41a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=zAegWTeLAt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 03:05:17 GMT
x-content-type-options
nosniff
age
76828
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36758
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 07:55:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 03:05:17 GMT
60005582_20230413243008511_300x250_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 6550 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230413243008511_300x250_LOOK-02.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f46bfd81485e775d3ba7208cd1de8eb706639b1aaa338f371676199625faa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=zAegWTeLAt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 22:01:49 GMT
x-content-type-options
nosniff
age
8636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34621
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 07:30:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 22:01:49 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 6550 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29115794_4307561_355029325_145340772_HSP0201A20230413&ref=29115794_4307561_355029325_145340772_HSP0201A20230413
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:45 GMT
via
1.1 varnish-live-2-0
CF-Cache-Status
HIT
age
7391330
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
43
last-modified
Wed, 01 Mar 2023 07:22:36 GMT
Server
cloudflare
etag
"2b-5f5d1938cc700"
Vary
Accept-Encoding
Content-Type
image/gif
x-varnish
52523298
cache-control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
7d2c851c7fe19bdc-FRA
Expires
Wed, 05 Jun 2024 00:25:45 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4D96 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a586493541196f5fe385db8b6053de264660ca21f625cddeed85848c51df5a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5635
x-xss-protection
0
visual.jpg
s0.2mdn.net/sadbundle/9170381621892120779/img/ Frame 347D 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/img/visual.jpg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb578159169bb38173ca68b7f9ce061b18af4e4e6724bf3c9c3e745cc954f177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=Jh16DUuzep&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 19:30:54 GMT
x-content-type-options
nosniff
age
17691
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94238
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jun 2024 19:30:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9185 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQ_kocdF0kvzjLUBx2lRUN3yPIwzAs8kCPScepI4Fr_TLe7C3MWzsBREgW35Dhm8OgUXiKRmSvVRHupiKFHh5Fqzo1jUJ_73A-AhNikwI706RkhbU7juHxVCpbijU6mJuAs9ZEiE3cLx0FuSeeZj__zoaicpbx3mIxUvnV15z-E2gAcaTFhvXvs30fNRH-lhtQL1_GQBt_n8SfSD3fkdrX0co7YQEiFq4tES8ryHpYPjv3T1Kz5SCiKJ9wZxKaMr3ClEr6fFP-vbbddIw0uW4LLPxkSBPQitjBMl2LhaZHIbC9dLXyAOgHt-IyRWbCBajZWAPW-V5l4lnI69jrnRyHW-V6YT8NZjKasj1-QjYmxEQHPsXWow&sai=AMfl-YTvlJkS_QW7WKb_eQ4UdnxNAeKtL7xv42RL0rxx7yBdS_DlcGatOl_jGeE61J5dlKQfBBDIQ1YTHUXWYre7GJm29yY87F290G0w31nSmvs&sig=Cg0ArKJSzD9caJDQVvahEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Jun 2023 00:25:45 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9185 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230531&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0913db42f0f2db4dcb1b2404f4bd8071a21ee13a08f855db9e99adadfbd0d733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11066
x-xss-protection
0
visual.jpg
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame 4D96 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/img/visual.jpg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b438fcb0b6409866bcf245a57397590528a9db351cceb09953f27f9105069895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=y252AtZlG8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 02:35:15 GMT
x-content-type-options
nosniff
age
251430
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86025
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Jun 2024 02:35:15 GMT
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 6550 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=zAegWTeLAt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:13:02 GMT
x-content-type-options
nosniff
age
763
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 00:28:02 GMT
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d2c851c886e9a39-FRA
content-length
24
content-type
text/plain
date
Tue, 06 Jun 2023 00:25:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puFTVmwAs0X6BzfG%2FNEFqMLaNOV51BF9REi4RbRgZaeYeKJKLDCv913viqXxchUcGeMtpQlenxNmKt8g9Tk7NvLu%2FtEfbrrWm27OiXV7kMdLuXUEzJb9TQhIcHyLTwX6fgjX5uY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-3zc0
rs
ad4m.at/ Frame D07C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dbbd20de7b0865fc8e4e43ab1c4541cdbc5832455e90621ce7b87dfc6988c24

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVbtvhnchds%2BeOMc206e5MtovPcYb55B6MeDhbXqWgeOI65Xhqo%2B%2F%2FKKkEtc3xsLXsAT%2B61AXBRVb2mGodW05TeL39AOA7madNhWc6Nt70LRj1MWpcuGnM4QZ0LxxQISb%2FgG5YE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7d2c851cb8869a39-FRA
x-backend-server
aa-reachservice-group-europe-west1-3zc0
alt-svc
h3=":443"; ma=86400
visual.jpg
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame CB2F 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/img/visual.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=Wmdgo3dw3L&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b438fcb0b6409866bcf245a57397590528a9db351cceb09953f27f9105069895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=Wmdgo3dw3L&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 02:35:15 GMT
x-content-type-options
nosniff
age
251430
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86025
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Jun 2024 02:35:15 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CB2F 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53134d8e8b6d839bbf41018b3502fb74a7061c5699cddd5fc2460e4e3aafc8bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5727
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 347D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Jun 2023 00:25:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6550 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Jun 2023 00:25:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4D96 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Jun 2023 00:25:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9185 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Jun 2023 00:25:45 GMT
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame A4F5 		208 B
576 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=73181600004838100951389012347019&gdpr=1&consent=1&gdpr_consent=li
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=bbde5f0ed1&subid=&uid=6c125bae82971f8e&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dj5FciLNybAC7soAQ95PzAw%26exch_seat%3D20035004448%26mt_aid%3D4125651338499241860%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dee4f647e-7d08-4701-8048-f4585cfb89e9%26mt_cid%3Dee4f647e-7d08-4701-8048-f4585cfb89e9%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCGRs4B31-ZJXQO4Og9u8P-pCEoAfPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT4AU_QTj0sZQLtJi0GDFzUi65a7AEvAPjIJBScXIIh1-r8tgScX3PYZpjdKTakYZkuLV9e7DukGhk6tvh0t38DrANE-gQqlV6FNeKsbgS1YU1i41Zbo1aBkdwNWLMQVd-gPexF8AcUts0YgkZk56ZE5LtO1P5EF929zN4LIa00Q7GrfVp_9iV6Twvye5O4CDG_VzgIuYhBpH-u9YG-FF_1KJ7WNOijALWuIUowYOPKzhrB7Elp1xbuEgfq9m9jXRIWY3EklCH6z-0aPs6dWKtzWVERHIl1j6Ipd7BbMpU3GfaRuTtkw0_E6QqgL5aOflm_Fz71HzQ4oC-g4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2C8jdqrQML_b0lPwdI0hIzNf0UqQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2F7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=9918133753806&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
9346dfe679ac5dab3ab193e515fcf9205aecf01c7052bdf57f24b55d64d1d2b4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
208
Content-Type
application/javascript; charset=utf-8
Date
Tue, 06 Jun 2023 00:25:45 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40027
X-IPLB-Request-ID
92467578:BE60_91EFC182:01BB_647E7D09_119A1567:6DD9
/
adv.office-partner.de/ Frame F681 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=bbde5f0ed1&subid=&uid=6c125bae82971f8e&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dj5FciLNybAC7soAQ95PzAw%26exch_seat%3D20035004448%26mt_aid%3D4125651338499241860%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dee4f647e-7d08-4701-8048-f4585cfb89e9%26mt_cid%3Dee4f647e-7d08-4701-8048-f4585cfb89e9%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCGRs4B31-ZJXQO4Og9u8P-pCEoAfPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT4AU_QTj0sZQLtJi0GDFzUi65a7AEvAPjIJBScXIIh1-r8tgScX3PYZpjdKTakYZkuLV9e7DukGhk6tvh0t38DrANE-gQqlV6FNeKsbgS1YU1i41Zbo1aBkdwNWLMQVd-gPexF8AcUts0YgkZk56ZE5LtO1P5EF929zN4LIa00Q7GrfVp_9iV6Twvye5O4CDG_VzgIuYhBpH-u9YG-FF_1KJ7WNOijALWuIUowYOPKzhrB7Elp1xbuEgfq9m9jXRIWY3EklCH6z-0aPs6dWKtzWVERHIl1j6Ipd7BbMpU3GfaRuTtkw0_E6QqgL5aOflm_Fz71HzQ4oC-g4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2C8jdqrQML_b0lPwdI0hIzNf0UqQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2F7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=9918133753806&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Tue, 06 Jun 2023 00:25:45 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Tue, 13 Jun 2023 00:25:45 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
htlp
futalis.de/ Frame DA1B
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=73181600004838100951389012347019&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2769703075
350 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2769703075
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=bbde5f0ed1&subid=&uid=6c125bae82971f8e&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dj5FciLNybAC7soAQ95PzAw%26exch_seat%3D20035004448%26mt_aid%3D4125651338499241860%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dee4f647e-7d08-4701-8048-f4585cfb89e9%26mt_cid%3Dee4f647e-7d08-4701-8048-f4585cfb89e9%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCGRs4B31-ZJXQO4Og9u8P-pCEoAfPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT4AU_QTj0sZQLtJi0GDFzUi65a7AEvAPjIJBScXIIh1-r8tgScX3PYZpjdKTakYZkuLV9e7DukGhk6tvh0t38DrANE-gQqlV6FNeKsbgS1YU1i41Zbo1aBkdwNWLMQVd-gPexF8AcUts0YgkZk56ZE5LtO1P5EF929zN4LIa00Q7GrfVp_9iV6Twvye5O4CDG_VzgIuYhBpH-u9YG-FF_1KJ7WNOijALWuIUowYOPKzhrB7Elp1xbuEgfq9m9jXRIWY3EklCH6z-0aPs6dWKtzWVERHIl1j6Ipd7BbMpU3GfaRuTtkw0_E6QqgL5aOflm_Fz71HzQ4oC-g4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2C8jdqrQML_b0lPwdI0hIzNf0UqQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2F7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=9918133753806&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.14.134 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 00:25:45 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2769703075
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
link.html
track.webgains.com/ Frame 52E1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=73181600004838100951389012347019&nw=1
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.176.6.129 -, , ASN (),
Reverse DNS
Software
nginx / PHP/7.4.26
Resource Hash
0b17d8c6d4a35078eafa35d9b0d468f4b34f4ba4a09800a25598ed6f65bb4edd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
last-modified
Tue, 06 Jun 2023 00:25:45 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 06 Jun 2023 00:26:45 GMT
activityi;dc_pre=CNriuPuwrf8CFSMdBgAdCr0M9A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2683329017935.081
5994599.fls.doubleclick.net/ Frame 6B40
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2683329017935.081?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CNriuPuwrf8CFSMdBgAdCr0M9A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2683329017935.081?
391 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNriuPuwrf8CFSMdBgAdCr0M9A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2683329017935.081?
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
c0cea4726e5d14265b7d8c58d88f6ae4aa5459bae7771aefd6579d7e1ecbbb8c
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
214
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:45 GMT
expires
Tue, 06 Jun 2023 00:25:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNriuPuwrf8CFSMdBgAdCr0M9A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2683329017935.081?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900019.redintelligence.net/ Frame A1A9 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/request_content.php?s=73181600004838100951389012347019&a=de5979d5
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=bbde5f0ed1&subid=&uid=6c125bae82971f8e&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dj5FciLNybAC7soAQ95PzAw%26exch_seat%3D20035004448%26mt_aid%3D4125651338499241860%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dee4f647e-7d08-4701-8048-f4585cfb89e9%26mt_cid%3Dee4f647e-7d08-4701-8048-f4585cfb89e9%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCGRs4B31-ZJXQO4Og9u8P-pCEoAfPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT4AU_QTj0sZQLtJi0GDFzUi65a7AEvAPjIJBScXIIh1-r8tgScX3PYZpjdKTakYZkuLV9e7DukGhk6tvh0t38DrANE-gQqlV6FNeKsbgS1YU1i41Zbo1aBkdwNWLMQVd-gPexF8AcUts0YgkZk56ZE5LtO1P5EF929zN4LIa00Q7GrfVp_9iV6Twvye5O4CDG_VzgIuYhBpH-u9YG-FF_1KJ7WNOijALWuIUowYOPKzhrB7Elp1xbuEgfq9m9jXRIWY3EklCH6z-0aPs6dWKtzWVERHIl1j6Ipd7BbMpU3GfaRuTtkw0_E6QqgL5aOflm_Fz71HzQ4oC-g4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2C8jdqrQML_b0lPwdI0hIzNf0UqQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2F7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=9918133753806&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
67b8b0bd3ffdaf202f423e8a6e71e2481491275cb91d3205b1d7c1b27ea672b6

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2074
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Jun 2023 00:25:45 GMT
Expires
Tue, 06 Jun 2023 01:25:45 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
native.png
ad-server.eu/wm/pb/ Frame 52E1
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=73181600004838100951389012347019&gdpr=1&consent=1&gdpr_consent=li
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=73181600004838100951389012347019&gdpr=1&consent=1&gdpr_consent=li
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
54.76.176.197 -, , ASN (),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:27:36 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Tue, 06 Jun 2023 00:25:45 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
92467578:BE60_91EFC182:01BB_647E7D09_119A1568:6DD9
X-IPLB-Instance
40027
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CB2F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Jun 2023 00:25:45 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D8E4 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22234
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Jun 2023 18:15:11 GMT
etag
48472445140208031
expires
Tue, 06 Jun 2023 18:15:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 52E1 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46fc1b0b99f93f4bebfe5d97bb85194fe5990561107a6c921b9c02af73ba13b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
rar
as.ad4m.at/ad/ Frame 9F20 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=919617d6710dead59f2912fabff3d1ca%2F12388881068457119529&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686011145721&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j6e702kjcjt54137b6hdq9h2ezh4drb1recj72nxdda3wdhkxxkn6zrj2wbtz19t9y4xmyn620yt3b1m3wfcz20cnfdk3wzpd1c2xvarbkeqd4zwrassj07vp38efw334smmz5fgndc1sscv8jt52npkbw6a6t1yme293c73rmhmjnqh3wehekrdzsp3fep9vm4902rrm875y68ezyp0b3esc70akpp4zwyzy0nkjrr7wzs437tamdqm1j779zdx2q9rrghkgm60hwd5yp5a77yd4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed3c3f2dc6b3a4c69017c09ffe98e350530ea53791ae94be70322500a0bfce8a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hcjd31yrza1r1bdnqf7rq0adh7qnady4dtnest6p1vxzg39964gmp7q4actcefghas8h1j8ctt8g7ygxrs3mwgdtn06qvh5v6s7tv9hjgjbr3c66sznn559v102btr8ctnyywjcfkzgkny10zsgmqtr17wjgtgf873y0hpqght2x2w7xtpk0kc7r5808k0arnar6wy66nggw0sc8w8f2v5f9k7bs32b8z1nvx6erg3e9p3r2cvf2s1c6hbj8jn4xbg09jw7p3wbtak7wf3s0xw9wna68vzfn1g1f9ge22gdw1s3a94a84avqgvc7t2fz8fqjh2q5rq36nvhv2mr267cs818f92yfvbdrkez21jjh1v2wpkjjhwefvsj9bhk567am6grbhzrg74wddnxg2j5q8bccvvbczer1281qadb84zwvgsqa6xkfgspp12wyccsamwg1w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7d2c851d9e7a68f2-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:45 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ Frame A1A9 		2 KB
844 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=73181600004838100951389012347019&a=de5979d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 23:59:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Jun 2023 00:25:45 GMT
/
hal9000.redintelligence.net/scale/ Frame A1A9 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=73181600004838100951389012347019&a=de5979d5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
bc2e26177f588d00532e822475b8d68898fe177bb53d78f7c83c2090fc71a079

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:45 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16227
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame A1A9 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=73181600004838100951389012347019&a=de5979d5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f84d9fd6d7aadbbf8e71e27856b60535e04f115518e78aa36f99ac85ecb5eeb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:45 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16511
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame A1A9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=73181600004838100951389012347019&a=de5979d5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
b5e9d76eec635e0776622e5b5a00cce7a062a8876f268f28f79f19c0d3220c0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:45 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12994
Vary
Accept-Encoding
Content-Type
image/png
dc_pre=CNriuPuwrf8CFSMdBgAdCr0M9A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2683329017935.081
adservice.google.com/ddm/fls/z/ Frame 6B40 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNriuPuwrf8CFSMdBgAdCr0M9A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2683329017935.081
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNriuPuwrf8CFSMdBgAdCr0M9A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2683329017935.081?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ts.js
cdn.retailads.net/ Frame DA1B 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2769703075
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
activeview
pagead2.googlesyndication.com/pcs/ Frame CEF4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvj7zkW9lyZHGFc5xqOrW3DfV7_emEv0QUXnzZ5A6qIZFwEen79Ylst4Gy-jvnmXNAzXp4P8Kgz4o_eaV2pLtMFmYFjkN8LOysDe7x6m1jb-Vxng4t8jziCeJq-Gf10YXzZlfHgBA&sai=AMfl-YQjGmKIgJpcbLcHCkkDkepk94CAQhHU9TzM4kowV0wET8GFNQK9kGtQa6Jeqj2y148rmS4rEbf9eHs2D3TW0efkhC9aNMm9-W0jmYsZ3a5jlXNpT8k-l73XjYo&sig=Cg0ArKJSzOK7v7bjgFZVEAE&cid=CAQSOwBygQiD7la4DNBQSEqEeN6K703YbIA1cQ0LM0iBTH84jL3y2yW86gcgbf1veQcCSfxIKlGmbMezL_0jGAE&id=lidar2&mcvt=1103&p=0,0,90,728&mtos=1103,1103,1103,1103,1103&tos=1103,0,0,0,0&v=20230605&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=456810305&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686011144189&rpt=566&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame F681 		111 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
208660c9792b97b9744ed4fdeb6b5cd7a8b831fd2415d42718391741bf1967c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43860
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Jun 2023 00:25:45 GMT
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 9F20 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=919617d6710dead59f2912fabff3d1ca%2F12388881068457119529&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686011145721&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j6e702kjcjt54137b6hdq9h2ezh4drb1recj72nxdda3wdhkxxkn6zrj2wbtz19t9y4xmyn620yt3b1m3wfcz20cnfdk3wzpd1c2xvarbkeqd4zwrassj07vp38efw334smmz5fgndc1sscv8jt52npkbw6a6t1yme293c73rmhmjnqh3wehekrdzsp3fep9vm4902rrm875y68ezyp0b3esc70akpp4zwyzy0nkjrr7wzs437tamdqm1j779zdx2q9rrghkgm60hwd5yp5a77yd4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=919617d6710dead59f2912fabff3d1ca%2F12388881068457119529&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686011145721&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j6e702kjcjt54137b6hdq9h2ezh4drb1recj72nxdda3wdhkxxkn6zrj2wbtz19t9y4xmyn620yt3b1m3wfcz20cnfdk3wzpd1c2xvarbkeqd4zwrassj07vp38efw334smmz5fgndc1sscv8jt52npkbw6a6t1yme293c73rmhmjnqh3wehekrdzsp3fep9vm4902rrm875y68ezyp0b3esc70akpp4zwyzy0nkjrr7wzs437tamdqm1j779zdx2q9rrghkgm60hwd5yp5a77yd4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
980796
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3RPsary%2B9TpnUEHeMSPxAACVraPTnS%2BPXdiUQNJrMQpkHcprxtmUHU%2FntyZHzU2BuEO5kjDJPdEatDHF040PYWtIa4loCOrb247AP2HwEqXqtwCZIZNnK8XXLrVuFH%2FYiapH%2FCHKz9o%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7d2c851e1ec468f2-FRA
expires
Tue, 06 Jun 2023 01:25:45 GMT
C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame 9F20 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=919617d6710dead59f2912fabff3d1ca%2F12388881068457119529&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686011145721&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j6e702kjcjt54137b6hdq9h2ezh4drb1recj72nxdda3wdhkxxkn6zrj2wbtz19t9y4xmyn620yt3b1m3wfcz20cnfdk3wzpd1c2xvarbkeqd4zwrassj07vp38efw334smmz5fgndc1sscv8jt52npkbw6a6t1yme293c73rmhmjnqh3wehekrdzsp3fep9vm4902rrm875y68ezyp0b3esc70akpp4zwyzy0nkjrr7wzs437tamdqm1j779zdx2q9rrghkgm60hwd5yp5a77yd4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1223994
cf-polished
origFmt=png, origSize=10283
alt-svc
h3=":443"; ma=86400
content-length
4736
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Apr 2023 12:21:02 GMT
server
cloudflare
etag
"b90d04a587c2a1ab6749e51d8bb195d1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ix%2BEp2EhdVg9DnD5ZusweDKcYOYpIos9wwa4xiL5fPt68GBWjLXvneYKs7yzvF9meoGNZ9rRUGY515x8fFssVTKjI1iHeFMcAX8itqN0AqnevFVdYEYdoewjW1EL8frOdAuxn%2FSe00UrPVkg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d2c851e2a9a9170-FRA
expires
Wed, 07 Jun 2023 00:25:45 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 9F20 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=919617d6710dead59f2912fabff3d1ca%2F12388881068457119529&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686011145721&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j6e702kjcjt54137b6hdq9h2ezh4drb1recj72nxdda3wdhkxxkn6zrj2wbtz19t9y4xmyn620yt3b1m3wfcz20cnfdk3wzpd1c2xvarbkeqd4zwrassj07vp38efw334smmz5fgndc1sscv8jt52npkbw6a6t1yme293c73rmhmjnqh3wehekrdzsp3fep9vm4902rrm875y68ezyp0b3esc70akpp4zwyzy0nkjrr7wzs437tamdqm1j779zdx2q9rrghkgm60hwd5yp5a77yd4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
538406
cf-polished
origSize=105738, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
92686
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omKiyMp6E0O3bfoan6I7YSrYZ5Ej%2FshJBSlpOlQO8J3oUf7%2BfVC9wrlKQdRsihctWDLaAHmi781i7wtvqJBZGGw66sGRDr3LATSyyWmNr9VJXdmgLlk32GQKHDanYjlqTgYOXGl7%2FqfDjq%2FN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d2c851ecf3568f2-FRA
expires
Wed, 07 Jun 2023 00:25:46 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 9F20 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=919617d6710dead59f2912fabff3d1ca%2F12388881068457119529&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686011145721&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j6e702kjcjt54137b6hdq9h2ezh4drb1recj72nxdda3wdhkxxkn6zrj2wbtz19t9y4xmyn620yt3b1m3wfcz20cnfdk3wzpd1c2xvarbkeqd4zwrassj07vp38efw334smmz5fgndc1sscv8jt52npkbw6a6t1yme293c73rmhmjnqh3wehekrdzsp3fep9vm4902rrm875y68ezyp0b3esc70akpp4zwyzy0nkjrr7wzs437tamdqm1j779zdx2q9rrghkgm60hwd5yp5a77yd4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1346881
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hu5hnKWdEW%2Fpbc7qUCDmKrGX2%2FPzAr99hA36t4k6l32%2FKr76PWG%2Boy4vQOowAsXZDKvGV9rcYOQ1TX6oKAvxGG3LyJ7Yn8tqhy0HnCC6Y%2B9K5ErAXUYYWmD130KqyNXxHgtq5fQuAuxMIoif"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d2c851ecf3668f2-FRA
expires
Wed, 07 Jun 2023 00:25:46 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 9F20 		496 KB
497 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=919617d6710dead59f2912fabff3d1ca%2F12388881068457119529&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686011145721&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j6e702kjcjt54137b6hdq9h2ezh4drb1recj72nxdda3wdhkxxkn6zrj2wbtz19t9y4xmyn620yt3b1m3wfcz20cnfdk3wzpd1c2xvarbkeqd4zwrassj07vp38efw334smmz5fgndc1sscv8jt52npkbw6a6t1yme293c73rmhmjnqh3wehekrdzsp3fep9vm4902rrm875y68ezyp0b3esc70akpp4zwyzy0nkjrr7wzs437tamdqm1j779zdx2q9rrghkgm60hwd5yp5a77yd4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e61c4c6f2c0c52c9b5dadb303f0db1128715c2e8819a50b1d24c6d7089fbebb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1231904
cf-polished
origSize=563367, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
508355
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40pJmFSXNMboNNv%2F6zMeErHBUy%2B1EEFu%2BqaSrQgBbrYkpAsEoowQ1YVUQRY2SJVfhxeF6%2BWaSLa%2BBaRG4c5f9nQeqQ78EBOlzNCFWmQTAWW5S1ZHfQ43Dc7WtKRjHjFb8eqTeTsk9SPXk28t"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d2c851ecf3968f2-FRA
expires
Wed, 07 Jun 2023 00:25:46 GMT
cshow.php
www.awin1.com/ Frame 9F20 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=919617d6710dead59f2912fabff3d1ca%2F12388881068457119529&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686011145721&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j6e702kjcjt54137b6hdq9h2ezh4drb1recj72nxdda3wdhkxxkn6zrj2wbtz19t9y4xmyn620yt3b1m3wfcz20cnfdk3wzpd1c2xvarbkeqd4zwrassj07vp38efw334smmz5fgndc1sscv8jt52npkbw6a6t1yme293c73rmhmjnqh3wehekrdzsp3fep9vm4902rrm875y68ezyp0b3esc70akpp4zwyzy0nkjrr7wzs437tamdqm1j779zdx2q9rrghkgm60hwd5yp5a77yd4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 00:25:46 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 9F20 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=919617d6710dead59f2912fabff3d1ca%2F12388881068457119529&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686011145721&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j6e702kjcjt54137b6hdq9h2ezh4drb1recj72nxdda3wdhkxxkn6zrj2wbtz19t9y4xmyn620yt3b1m3wfcz20cnfdk3wzpd1c2xvarbkeqd4zwrassj07vp38efw334smmz5fgndc1sscv8jt52npkbw6a6t1yme293c73rmhmjnqh3wehekrdzsp3fep9vm4902rrm875y68ezyp0b3esc70akpp4zwyzy0nkjrr7wzs437tamdqm1j779zdx2q9rrghkgm60hwd5yp5a77yd4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1061606
cf-polished
origFmt=png, origSize=62828
alt-svc
h3=":443"; ma=86400
content-length
36446
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fbw%2B%2FebZ85jDBv6AlB%2BkDrCgC6ZBe8flfc0n9FBEKGsMQW78lVthWzYdCXQpcu0k0RA7jyivvmrn0UJ3uWHTrz0UUGnJoRo7ZIgdjNyaTRflYW92XlBI58%2BCF6HK%2BCXYWplCspuAKSlqyqx1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d2c851ecf3a68f2-FRA
expires
Wed, 07 Jun 2023 00:25:46 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 9F20 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=919617d6710dead59f2912fabff3d1ca%2F12388881068457119529&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686011145721&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j6e702kjcjt54137b6hdq9h2ezh4drb1recj72nxdda3wdhkxxkn6zrj2wbtz19t9y4xmyn620yt3b1m3wfcz20cnfdk3wzpd1c2xvarbkeqd4zwrassj07vp38efw334smmz5fgndc1sscv8jt52npkbw6a6t1yme293c73rmhmjnqh3wehekrdzsp3fep9vm4902rrm875y68ezyp0b3esc70akpp4zwyzy0nkjrr7wzs437tamdqm1j779zdx2q9rrghkgm60hwd5yp5a77yd4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
377039
cf-polished
qual=85, origFmt=jpeg, origSize=133780
alt-svc
h3=":443"; ma=86400
content-length
28740
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lu1UVE6cnvtuUbFN49Ed4Lt2ULk8S6qUtlaSbPOyewB2J3EGL4R1tBvzTf1puAGvz%2BdPaGYzcJORlfdk6OZWXqYY6zMFiTqWM3uq1BkRWlVavnJXOcfe6G34JpUk0w2cLrL1htqBvNTQjJTT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d2c851ecf3b68f2-FRA
expires
Wed, 07 Jun 2023 00:25:46 GMT
cshow.php
www.awin1.com/ Frame 9F20 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=919617d6710dead59f2912fabff3d1ca%2F12388881068457119529&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686011145721&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j6e702kjcjt54137b6hdq9h2ezh4drb1recj72nxdda3wdhkxxkn6zrj2wbtz19t9y4xmyn620yt3b1m3wfcz20cnfdk3wzpd1c2xvarbkeqd4zwrassj07vp38efw334smmz5fgndc1sscv8jt52npkbw6a6t1yme293c73rmhmjnqh3wehekrdzsp3fep9vm4902rrm875y68ezyp0b3esc70akpp4zwyzy0nkjrr7wzs437tamdqm1j779zdx2q9rrghkgm60hwd5yp5a77yd4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 00:25:46 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
pagead2.googlesyndication.com/bg/ Frame 8493 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 08:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
57902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14684
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jun 2024 08:20:43 GMT
021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
pagead2.googlesyndication.com/bg/ Frame 0310 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 08:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
57902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14684
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jun 2024 08:20:43 GMT
021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
pagead2.googlesyndication.com/bg/ Frame 9837 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 08:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
57903
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14684
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jun 2024 08:20:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 17AF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
25765
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Jun 2023 17:16:21 GMT
expires
Tue, 04 Jun 2024 17:16:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 830D 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6f2ef887bd2656bb561c759678795d4f55e6fb0872d6978f9deafa5d6f243c0a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jbKjQojJZ6luAVgyHJclyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-jbKjQojJZ6luAVgyHJclyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:46 GMT
expires
Tue, 06 Jun 2023 00:25:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame BE1B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrK5d49rwpi_IhLIUOaHwSpf8ac8_qT4VtQwJ24N_TAK2vsE1czK5xRfTGHUI1SqOaRH9cuE-PGSX1PT9TNrTr9LZfsz_3w0_FTPe72BoIkaWxDlQVBeW8vJ5ulr_CRfmoyArd6w&sai=AMfl-YQSz56Vh0aIWV4bCbB4BP9j95AXnaS-4KKb2sA7PWIOO1KkW48QStLmrQ0yHOzjM4v-eU_CYaB50jdcy9vg8pE7I6ATpaXytRlXKZa7ho1QWKSLZBe7OquD_-A&sig=Cg0ArKJSzCUDamJ1E7kLEAE&cid=CAQSOwBygQiD7yEIMhftgRpVln70w3IX9drQcYXhyw7TqE_eNbDTM22tqHBFBM1NpjUCeW-tqCV8SfOOSnfLGAE&id=lidar2&mcvt=1101&p=0,0,250,300&mtos=1101,1101,1101,1101,1101&tos=1101,0,0,0,0&v=20230605&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2489655037&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686011144239&rpt=604&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
pagead2.googlesyndication.com/bg/ Frame 7709 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 08:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
57903
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14684
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jun 2024 08:20:43 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame D8E4 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENslpijJvv0dzJ-anY5wx4c&google_cver=1&google_push=ATf1kGNj2m1eB0xp7PmdDW-1GwKElT9OZAc9v9m4eU_tlTIqQaeSdolWEcoiMYdZJtxM9lKfaELKSTi7gH8mzXfOwieApmETS64
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:46 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame D8E4
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBU56B98CzIArskVR504JgY&google_cver=1&google_push=ATf1kGNMyzwPZvILVyCPcL2PBMMmSoh_QDcIqq4dlxb1bwxgVmSAS0oz6nfzOeIPJeTmshHEcCm33SlD6ub...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGNMyzwPZvILVyCPcL2PBMMmSoh_QDcIqq4dlxb1bwxgVmSAS0oz6nfzOeIPJeTmshHEcCm33SlD6ubH2fQEaxfVw37I80sZ&google_hm=yi2dKhHkRmud5-dtl8nnb3g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGNMyzwPZvILVyCPcL2PBMMmSoh_QDcIqq4dlxb1bwxgVmSAS0oz6nfzOeIPJeTmshHEcCm33SlD6ubH2fQEaxfVw37I80sZ&google_hm=yi2dKhHkRmud5-dtl8nnb3g
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:45 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGNMyzwPZvILVyCPcL2PBMMmSoh_QDcIqq4dlxb1bwxgVmSAS0oz6nfzOeIPJeTmshHEcCm33SlD6ubH2fQEaxfVw37I80sZ&google_hm=yi2dKhHkRmud5-dtl8nnb3g
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D8E4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGLgPzUaOoZC-Mip_2cNL5E&google_cver=1&google_push=ATf1kGPfrRiMXL1-6sp0s0ZzOkRlxeUIyVYrntDk4e9NT5BPMLsZbD1HEzi535awCw3KS_GX2BjJP_XqpEywPtpx9fVt...
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=7bcb476b-b45e-4c2b-bba4-7221b6b6902f&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPfrRiMXL1-6sp0s0ZzOkRlxeUIyVYrntDk4e9NT5BPMLsZbD1HEzi535awCw3KS_GX2BjJP_XqpEywPtpx9fVtn57BGnc&google_hm=JJHHAp_TRcyGQc-UHgcZgw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPfrRiMXL1-6sp0s0ZzOkRlxeUIyVYrntDk4e9NT5BPMLsZbD1HEzi535awCw3KS_GX2BjJP_XqpEywPtpx9fVtn57BGnc&google_hm=JJHHAp_TRcyGQc-UHgcZgw==
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPfrRiMXL1-6sp0s0ZzOkRlxeUIyVYrntDk4e9NT5BPMLsZbD1HEzi535awCw3KS_GX2BjJP_XqpEywPtpx9fVtn57BGnc&google_hm=JJHHAp_TRcyGQc-UHgcZgw==
date
Tue, 06 Jun 2023 00:25:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame D8E4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMRMXMVQOkDNUnGhFHLypWM&google_cver=1&google_push=ATf1kGNmXtZyuTHFDTjmYAnnAQoi2Twm7g9drIv8WC4hyNNF6pp6ECL2Rf8HTxfr9PsG5n3jFKb2jYXxd9R4GYsLpXIDKPX...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNmXtZyuTHFDTjmYAnnAQoi2Twm7g9drIv8WC4hyNNF6pp6ECL2Rf8HTxfr9PsG5n3jFKb2jYXxd9R4GYsLpXIDKPXXe_Ca&google_hm=eS10V1JDcGhsRTJwSGguRn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNmXtZyuTHFDTjmYAnnAQoi2Twm7g9drIv8WC4hyNNF6pp6ECL2Rf8HTxfr9PsG5n3jFKb2jYXxd9R4GYsLpXIDKPXXe_Ca&google_hm=eS10V1JDcGhsRTJwSGguRnRiQ0tWb2d3ekJlanNMaTlQen5B
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 06 Jun 2023 00:25:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNmXtZyuTHFDTjmYAnnAQoi2Twm7g9drIv8WC4hyNNF6pp6ECL2Rf8HTxfr9PsG5n3jFKb2jYXxd9R4GYsLpXIDKPXXe_Ca&google_hm=eS10V1JDcGhsRTJwSGguRnRiQ0tWb2d3ekJlanNMaTlQen5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame D8E4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEsapiLd3M6CBaLQWE77Fwc&google_cver=1&google_push=ATf1kGOOCG5xkXznKadzh7Bi0ECxZHCx26Mkd14d3JHHwHjQ_HnBFhoOQEKlWJo9f14wdutLTvDdzBvs...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM4MjE3MjI3MDk0NDg0NzMzMg&google_push=ATf1kGOOCG5xkXznKadzh7Bi0ECxZHCx26Mkd14d3JHHwHjQ_HnBFhoOQEKlWJo9f14wdutLTvDdzB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM4MjE3MjI3MDk0NDg0NzMzMg&google_push=ATf1kGOOCG5xkXznKadzh7Bi0ECxZHCx26Mkd14d3JHHwHjQ_HnBFhoOQEKlWJo9f14wdutLTvDdzBvsdXlNQaGz7gshJ8W184F3
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM4MjE3MjI3MDk0NDg0NzMzMg&google_push=ATf1kGOOCG5xkXznKadzh7Bi0ECxZHCx26Mkd14d3JHHwHjQ_HnBFhoOQEKlWJo9f14wdutLTvDdzBvsdXlNQaGz7gshJ8W184F3
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame D8E4
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEN...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGP8c30fwtnic4B9VLSS-Ax19EcQwpeXb6iYgDHQb0O8ZFEqtqyk_5tNK3gLb3ZjDP1TmB0w6C_UZlZMF4k1sPTG5lCsLro0&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-b2a3d478-1d7d-4fb5-8f2d-cc6c2f97332b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGP8c30fwtnic4B9VLSS-...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP8c30fwtnic4B9VLSS-Ax19EcQwpeXb6iYgDHQb0O8ZFEqtqyk_5tNK3gLb3ZjDP1TmB0w6C_UZlZMF4k1sPTG5lCsLro0&google_hm=A7Kj1HgdfU-1jy3MbC-XMys
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP8c30fwtnic4B9VLSS-Ax19EcQwpeXb6iYgDHQb0O8ZFEqtqyk_5tNK3gLb3ZjDP1TmB0w6C_UZlZMF4k1sPTG5lCsLro0&google_hm=A7Kj1HgdfU-1jy3MbC-XMys
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP8c30fwtnic4B9VLSS-Ax19EcQwpeXb6iYgDHQb0O8ZFEqtqyk_5tNK3gLb3ZjDP1TmB0w6C_UZlZMF4k1sPTG5lCsLro0&google_hm=A7Kj1HgdfU-1jy3MbC-XMys
date
Tue, 06 Jun 2023 00:25:46 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXb2a3d4781d7d4fb58f2dcc6c2f97332b003
content-type
text/html
sync
ssbsync.smartadserver.com/api/ Frame D8E4 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEQexQDkBRxXGgswiLb0dVM&google_cver=1&google_push=ATf1kGN3laiVuBqQnVF8rsGesqIOJNK7pksATzXaBNEVGxKtXx8U0Q2OFjhnFO9Nhx1yfMoGnwYMcMQ9Bi6zqVANRH0cTFB5Jhg4
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:46 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame D8E4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IChL-HcADZEXGkqw4g4_KIbifh4Hk-q-YGPGrRGhiotOzd80XY93Fk7yXs56HtpJSh76y8
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pvClk.min.js
analytics.webgains.io/ Frame 52E1 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=73181600004838100951389012347019&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.15 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 14:02:21 GMT
content-encoding
gzip
via
1.1 09b934fc5a2991212bdc3b299a0a1cb4.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
37405
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
DUvvAs2fABmH9nKG8WL0kEgiSJgbby8tepyyMhgKKsjNWFs-RYMZYw==
1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 52E1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1686011445&Signature=kdmIUYFVCzzpVduAKFmFbelY5aredhad4VzPunK0vCPIma83qnPRFFCSTO0JYmfkpv4ozSZqzDHRchDXSB7hTdzwdKf9EdPVKmGtBlnyWR~v8u0590vSS7Et6vw8rdaDGCivIDiGnjVDiRqkTQg~9IQSu1Pd9JmlvPulADDoxyUZrSDCz2DfGlR0aObfUXi~xBE4YomWcvhAiAcUbguoXTsUpENctfzj1UqAieVTS3baEqBXB6MhKswcKTTUNUyNccGn01-atRzg3kNdSUJQydFkFT1bahSgVgLBNVX~u3kgp9Rxfi0M-rxASY9FO1dnSckuj7gqJEu9Znxac4pwqQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
URL: https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.69 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 05 Jun 2023 01:55:54 GMT
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
80993
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
6lrZJlNppkfcPdX9vaxYwCOZIEuhYql2CnYq34geb3_WEZ5RjKZgAw==
viewability
hal900019.redintelligence.net/ Frame A1A9 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/viewability?s=73181600004838100951389012347019&a=85f570be&vb=m
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=73181600004838100951389012347019&a=de5979d5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/request_content.php?s=73181600004838100951389012347019&a=de5979d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:46 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
postback
s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/ Frame 58C4 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/postback?to=3&de=2&md=1&si=&dm=300x250&di=https%3A%2F%2Fye-mek.net&ui=&pp=15222&pi=XROhqscfgR&ac=Xmwo1n97Q8&ci=948461&pd=avt&ap=&ti=&sr=GOOGLE&dt=9484611597092707615000&pv=8bdccc95-f51c-4594-9153-bfd55b000008&gt=DE&sid=Ags7q0AAEPMQ79Z7&oz_sc=0fec102ff08f6eada88a6fc3&oz_df=1686011146025&oz_l=365&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame 371C 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1686011143198&userId=vnet61d564df-8b29-4f2b-b20a-95a90770533e
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 06 Jun 2023 00:25:46 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
link.html
track.webgains.com/ Frame 9F20 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gdmx44t6tjbrc0tts9d027m17e6ceh6ayrcvg94vry7r0pkf6eb4f500qgnpfe1w1c5rpcqvxwp74fvxgejadtf54580x1wm2qyvps5wph6k6vp14pztmdw9bhz1j2tfvxaqpaa5yxzcwzyv0ghrjt942pb8jmjz15mgz6355nyp3bw0xfg1yeepgkdxaf9ft6gv776s6xzq4fa8bc7asj0978anb1b5ynyrkchj7xsrnzpte1xapcae751xzey9dyne%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j6e702kjcjt54137b6hdq9h2ezh4drb1recj72nxdda3wdhkxxkn6zrj2wbtz19t9y4xmyn620yt3b1m3wfcz20cnfdk3wzpd1c2xvarbkeqd4zwrassj07vp38efw334smmz5fgndc1sscv8jt52npkbw6a6t1yme293c73rmhmjnqh3wehekrdzsp3fep9vm4902rrm875y68ezyp0b3esc70akpp4zwyzy0nkjrr7wzs437tamdqm1j779zdx2q9rrghkgm60hwd5yp5a77yd4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%252526client%25253Dca-pub-7983651257838282%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=919617d6710dead59f2912fabff3d1ca%2F12388881068457119529&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686011145721&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j6e702kjcjt54137b6hdq9h2ezh4drb1recj72nxdda3wdhkxxkn6zrj2wbtz19t9y4xmyn620yt3b1m3wfcz20cnfdk3wzpd1c2xvarbkeqd4zwrassj07vp38efw334smmz5fgndc1sscv8jt52npkbw6a6t1yme293c73rmhmjnqh3wehekrdzsp3fep9vm4902rrm875y68ezyp0b3esc70akpp4zwyzy0nkjrr7wzs437tamdqm1j779zdx2q9rrghkgm60hwd5yp5a77yd4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.176.6.129 -, , ASN (),
Reverse DNS
Software
nginx / PHP/7.4.26
Resource Hash
8f29e1391beece7562de5598316e00a52908fc9df484c3d0a4e4164402b82b32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:46 GMT
last-modified
Tue, 06 Jun 2023 00:25:46 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 06 Jun 2023 00:26:46 GMT
rs
ad4m.at/ Frame BB7B 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10eab49762ff14b457ddc96021b02a1dd01aff6626f2dd5bbf08a54e2aa5fba1

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Jun 2023 00:25:46 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuUhfevEUs6GkeD4hXqeoKyVzft%2FK3qwYH0qRS6j11X61ySxo7O44ieUUAyfeu%2BMlWivVYUuNEXza%2B%2BUsrARs6p%2FyFG3c60AWYC2yErGudey4t1ZkuaZNtx18Hh2nauclazG%2Fc0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7d2c851f7b009a39-FRA
x-backend-server
aa-reachservice-group-europe-west1-3zc0
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d2c851f5ae69a39-FRA
content-length
24
content-type
text/plain
date
Tue, 06 Jun 2023 00:25:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gI66UpwWS95FRFAONZqszUwnXn2xroHGRzkiAeTqWaj2kE1osDhEeBw4%2BMKXZlxC8viQ5NI%2FYpzxKCty1VYOgTbWL%2BBrkA3YV6hisArs6MQuXL8kaDercXpnFKUKXtECrH7fNc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-3zc0
postback
s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/ Frame B01F 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/postback?di=https%3A%2F%2Fye-mek.net&dm=300x250&pi=XROhqscfgR&ac=Xmwo1n97Q8&to=3&dt=9484611597092707615000&pd=avt&ui=&ap=&sr=GOOGLE&ti=&pv=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&md=1&si=&ci=948461&pp=15222&de=2&gt=DE&sid=Ags7qz8HEPM2Juh9&oz_sc=f40f1dda7b495af10c3414b5&oz_df=1686011146078&oz_l=365&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:46 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame 9038 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsul450VeHwdibFkoLyjTgoWNCs7VH1ZUuS_EpOr4r4DO-nDYN5idA3dxyd3q99O8SpS-mQfEfSs4ymtxZATWisddr2zmuGBpsgBhQa1QslkWGZGJaV-pIQfm4nwTw7RJEEj3MqgEw&sai=AMfl-YQRzBfFOchWxi9zvey_zoYkOgQCV6dVmiviWBi91N78s_VlrctdXOJeRjcIR6MrdUaItmptQ7-17GIc9E9i98PgqotR8U3bvecUQDcT_k7jFBzV5wh10iEo88I&sig=Cg0ArKJSzAWTiFOiwSLpEAE&cid=CAQSOwBygQiDOgFK8sJRL19Ozwp_G43F0CSJ49ZuGJ1rS1V9CmkU5LaAWWUZmMa1HUgu3DX2jyU1Mcb9cXovGAE&id=lidar2&mcvt=1059&p=0,119,40,160&mtos=1059,1059,1059,1059,1059&tos=1059,0,0,0,0&v=20230605&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3203893797&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686011144251&rpt=620&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rar
as.ad4m.at/ad/ Frame 7FFF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=141546094973574f76a6a2258b313ed6%2F5876744579672059674&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1686011146167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hhgwqmx1b34getmeh4gc01fp8nrfdp0dqgcmht00hbgdv2ffn0yhtgggx56snpeeqkrcnced8esyqtb17pmw2mh6sr4d36qgqh8tet3xrffkqr5cky8cwk06s0beety7w9jc8ac54azq28sn1kgqsy9v8srv5n4a051hc5k131gnkz84r2m4660e67mas3z4eataqf8ksztmfk55wm9sfds338y221vrp7atpeb2s0pc1wfe7468zz1vyskqyxw2j6kewvn9jcv9rw0p2sg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e113d2b4151046dda8b1bd032cd839491a1ad95b7d0fb349c4f0966d69374cf8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1k4pasxdxbbk21k35bcspnp9szxbvb1d22ewq7zyg0e7mahk85x1c0jbjesx6rbgvp09nmcpzdvk9zhe6q8222e8j1kffjsddqa1yxnp27xqskgp4zg9pzbxv9hqty2eca68sat7b3rf0mzajrr287v79k3s42e2ej222tqa44h7z6q343ee47cqqqv8aqssqyf8jceywe6hyy3cgr1a6g2z5sjmsqz00t5409e5pc5695qamf9qf8epd3mfwrrxydk61d0zqbpjk7fxfew90z60vac3hwqc0s0ht5579h8q9tjqe32yw0kwevkj8893dt7shpxazj57pa9qh9wmr352568nayf40cp37vr2h90zd8xyt9x34c4vp9skywb8w72rh2dvxa4b8zam68f5pqa2fed7djx4etssh0xbdgwys4rdyvz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%26client%3Dca-pub-6593523210010154%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7d2c8521d9a668f2-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:46 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame AD7A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVymjrhnS0QW1XiHWwZlLScLwnQxx7LA2jg6sya70SAcEs8FMfNbEPpUubl2Dpe1IgtDFgofjE6jsPhHF4I_AVWgEaDckoe8qsJ--AgMxRnV1mO_yPrbb3RGnLGvInPK2AUhgh9g&sai=AMfl-YSclghGCBt-L222BBQwAu5cWVV73iq4msIsK2e9Bp0qb6YGjPNgVlTI5FdSroZ7-NG-5Czlis49k0FcnzbWn8yS1AMftR-XjYewqIi7sFBe5giEGX03KZDzqBc&sig=Cg0ArKJSzC6GJOKv7PcyEAE&cid=CAQSOwBygQiDvlt_JB1QlaKHARgwqAxRn6yRryC45M93Av-97IU3w-STNWpmMjtyscktLV4Tc9kzCAdJXMNLGAE&id=lidar2&mcvt=1074&p=0,119,40,160&mtos=1074,1074,1074,1074,1074&tos=1074,0,0,0,0&v=20230605&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3299242717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686011144263&rpt=701&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 830D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230531&jk=640156709028305&rc=
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
6363a944e4b0125bde9e6739
ng.virgul.com/tck/i_vb2/ Frame 371C 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/6363a944e4b0125bde9e6739?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1686011146587&userId=vnet61d564df-8b29-4f2b-b20a-95a90770533e
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 06 Jun 2023 00:25:46 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame 371C 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1686011146588&userId=vnet61d564df-8b29-4f2b-b20a-95a90770533e
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 06 Jun 2023 00:25:46 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed771bae4b07a92411bc04c
ng.virgul.com/tck/i_vb2/ Frame 371C 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1686011146588&userId=vnet61d564df-8b29-4f2b-b20a-95a90770533e
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 06 Jun 2023 00:25:46 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed771e3e4b07a92411bc04e
ng.virgul.com/tck/i_vb2/ Frame 371C 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1686011146588&userId=vnet61d564df-8b29-4f2b-b20a-95a90770533e
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 06 Jun 2023 00:25:46 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
gen_204
pagead2.googlesyndication.com/pagead/ Frame BE1B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=67869052294&version=m202301230201&ct=76&x=1&cor=3828106269032251000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 9F20 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gdmx44t6tjbrc0tts9d027m17e6ceh6ayrcvg94vry7r0pkf6eb4f500qgnpfe1w1c5rpcqvxwp74fvxgejadtf54580x1wm2qyvps5wph6k6vp14pztmdw9bhz1j2tfvxaqpaa5yxzcwzyv0ghrjt942pb8jmjz15mgz6355nyp3bw0xfg1yeepgkdxaf9ft6gv776s6xzq4fa8bc7asj0978anb1b5ynyrkchj7xsrnzpte1xapcae751xzey9dyne%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j6e702kjcjt54137b6hdq9h2ezh4drb1recj72nxdda3wdhkxxkn6zrj2wbtz19t9y4xmyn620yt3b1m3wfcz20cnfdk3wzpd1c2xvarbkeqd4zwrassj07vp38efw334smmz5fgndc1sscv8jt52npkbw6a6t1yme293c73rmhmjnqh3wehekrdzsp3fep9vm4902rrm875y68ezyp0b3esc70akpp4zwyzy0nkjrr7wzs437tamdqm1j779zdx2q9rrghkgm60hwd5yp5a77yd4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%252526client%25253Dca-pub-7983651257838282%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.15 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 14:02:21 GMT
content-encoding
gzip
via
1.1 09b934fc5a2991212bdc3b299a0a1cb4.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
37405
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
vAt2NSoARkKa55mGTu6q7OtfNLmdmp0AooT4YMIHb_fQchXN-wT99A==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 9F20 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1686011446&Signature=O9st3zz0cJp~yUD49OeaZKjfFG6R4ev9b1l8QZOCaxvfnqiuLpHAOGiSPQ6neP2-rMAQTnDd3R0MB9CI2RvfWPc-FcGuHOibTx04EcQjO8i3mGAp6IKlkrS9Ng5P0iaySPcEm8Xyn92IpOOSEUI8QNNJdiVAQvD9oCML3BEDJ1Ylu~5EtQIxMyQ5Roo~fuAATAkfsR1iB6vK2Z727iM34wlck6GaVafLvBlAytqdKqm899b2jF~ryTRhhu17W~pCn30ywi~J7O-xIT8PnvTMK~Es4tPNLI~juH83Rp0ywNxxNTnw9jFCx13fy730Q9JxGJb8E4TMvatLZ4JTWrQLtw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=919617d6710dead59f2912fabff3d1ca%2F12388881068457119529&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686011145721&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j6e702kjcjt54137b6hdq9h2ezh4drb1recj72nxdda3wdhkxxkn6zrj2wbtz19t9y4xmyn620yt3b1m3wfcz20cnfdk3wzpd1c2xvarbkeqd4zwrassj07vp38efw334smmz5fgndc1sscv8jt52npkbw6a6t1yme293c73rmhmjnqh3wehekrdzsp3fep9vm4902rrm875y68ezyp0b3esc70akpp4zwyzy0nkjrr7wzs437tamdqm1j779zdx2q9rrghkgm60hwd5yp5a77yd4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.69 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 05 Jun 2023 15:17:07 GMT
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
55042
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
of2Php5SyTKtN5cEBhlTXOX1MGNxbOVR4ioo3vcAouDOAbpeNSZLOQ==
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 7FFF 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=141546094973574f76a6a2258b313ed6%2F5876744579672059674&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1686011146167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hhgwqmx1b34getmeh4gc01fp8nrfdp0dqgcmht00hbgdv2ffn0yhtgggx56snpeeqkrcnced8esyqtb17pmw2mh6sr4d36qgqh8tet3xrffkqr5cky8cwk06s0beety7w9jc8ac54azq28sn1kgqsy9v8srv5n4a051hc5k131gnkz84r2m4660e67mas3z4eataqf8ksztmfk55wm9sfds338y221vrp7atpeb2s0pc1wfe7468zz1vyskqyxw2j6kewvn9jcv9rw0p2sg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=141546094973574f76a6a2258b313ed6%2F5876744579672059674&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1686011146167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hhgwqmx1b34getmeh4gc01fp8nrfdp0dqgcmht00hbgdv2ffn0yhtgggx56snpeeqkrcnced8esyqtb17pmw2mh6sr4d36qgqh8tet3xrffkqr5cky8cwk06s0beety7w9jc8ac54azq28sn1kgqsy9v8srv5n4a051hc5k131gnkz84r2m4660e67mas3z4eataqf8ksztmfk55wm9sfds338y221vrp7atpeb2s0pc1wfe7468zz1vyskqyxw2j6kewvn9jcv9rw0p2sg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
980797
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7jxi148Eygmv6bCq4tpO9KRkVUd7N3yYqULF0PhQYiLhkgXcagVGb10lHVjV5UdhiqgMvMAEm2zDxydg8IrsiYQbkRKBQ8eOpuZ%2BgQovxevbRuzyr28o%2FtOO5VEZE9xTNISl6hz2oc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7d2c85228a0868f2-FRA
expires
Tue, 06 Jun 2023 01:25:46 GMT
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 7FFF 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=141546094973574f76a6a2258b313ed6%2F5876744579672059674&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1686011146167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hhgwqmx1b34getmeh4gc01fp8nrfdp0dqgcmht00hbgdv2ffn0yhtgggx56snpeeqkrcnced8esyqtb17pmw2mh6sr4d36qgqh8tet3xrffkqr5cky8cwk06s0beety7w9jc8ac54azq28sn1kgqsy9v8srv5n4a051hc5k131gnkz84r2m4660e67mas3z4eataqf8ksztmfk55wm9sfds338y221vrp7atpeb2s0pc1wfe7468zz1vyskqyxw2j6kewvn9jcv9rw0p2sg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
537143
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLSFDLUornOmAfEy2I2I8aMl17qvw4zoXbhX25ekWd6vLii02sl86xYdSB1HPOLrx7dz3eS3iAomMJgxyFJ3jT4Z3r16JpQpfYH%2FbWjaVNGtqNnVIWRZIpswCtGrbwEcR8EOR1fy8WSBl3wo"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d2c85228a0968f2-FRA
expires
Wed, 07 Jun 2023 00:25:46 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 7FFF 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=141546094973574f76a6a2258b313ed6%2F5876744579672059674&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1686011146167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hhgwqmx1b34getmeh4gc01fp8nrfdp0dqgcmht00hbgdv2ffn0yhtgggx56snpeeqkrcnced8esyqtb17pmw2mh6sr4d36qgqh8tet3xrffkqr5cky8cwk06s0beety7w9jc8ac54azq28sn1kgqsy9v8srv5n4a051hc5k131gnkz84r2m4660e67mas3z4eataqf8ksztmfk55wm9sfds338y221vrp7atpeb2s0pc1wfe7468zz1vyskqyxw2j6kewvn9jcv9rw0p2sg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
537757
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400
content-length
226916
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGypJ9hSBYHAfOKe%2F3FHmNAm%2FkgndAM8Dh%2Bg8WW29F5NCdPeRvBfH4vURfbLawQAjz3uZlRq9uWPlef7A39xjal0%2FR6ga2lJKodM4NWlbB1gXLlSRL9lOqbWLYzWisH6gigOXMrGPvOyMhSS"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d2c85232a6e68f2-FRA
expires
Wed, 07 Jun 2023 00:25:46 GMT
ztpv.php
www.conrad.de/ Frame 7FFF
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1686011146_ae6c2c60-0400-11ee-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=
0
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1686011146_ae6c2c60-0400-11ee-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=141546094973574f76a6a2258b313ed6%2F5876744579672059674&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1686011146167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hhgwqmx1b34getmeh4gc01fp8nrfdp0dqgcmht00hbgdv2ffn0yhtgggx56snpeeqkrcnced8esyqtb17pmw2mh6sr4d36qgqh8tet3xrffkqr5cky8cwk06s0beety7w9jc8ac54azq28sn1kgqsy9v8srv5n4a051hc5k131gnkz84r2m4660e67mas3z4eataqf8ksztmfk55wm9sfds338y221vrp7atpeb2s0pc1wfe7468zz1vyskqyxw2j6kewvn9jcv9rw0p2sg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7e05 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:46 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
cache-control
no-cache
cf-ray
7d2c85243c07bbb0-FRA
content-length
0
expires
-1

Redirect headers

Date
Tue, 06 Jun 2023 00:25:46 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1686011146_ae6c2c60-0400-11ee-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 7FFF 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=141546094973574f76a6a2258b313ed6%2F5876744579672059674&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1686011146167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hhgwqmx1b34getmeh4gc01fp8nrfdp0dqgcmht00hbgdv2ffn0yhtgggx56snpeeqkrcnced8esyqtb17pmw2mh6sr4d36qgqh8tet3xrffkqr5cky8cwk06s0beety7w9jc8ac54azq28sn1kgqsy9v8srv5n4a051hc5k131gnkz84r2m4660e67mas3z4eataqf8ksztmfk55wm9sfds338y221vrp7atpeb2s0pc1wfe7468zz1vyskqyxw2j6kewvn9jcv9rw0p2sg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1594985
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpVL9cm9XW5uEPW49k5shktsBgT5LyFvMjlJftwqy%2F1WaQbw7586OSHfgFvMsphfFtY2IrDjjDuJ43CWsn7e8D%2FpTwFf4Y0UmBxGTQalejufAwOu%2FfT05IVSrxXAOIRjrwWL%2FoVJRKoxv74K"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d2c85232a7468f2-FRA
expires
Wed, 07 Jun 2023 00:25:46 GMT
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 7FFF 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=141546094973574f76a6a2258b313ed6%2F5876744579672059674&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1686011146167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hhgwqmx1b34getmeh4gc01fp8nrfdp0dqgcmht00hbgdv2ffn0yhtgggx56snpeeqkrcnced8esyqtb17pmw2mh6sr4d36qgqh8tet3xrffkqr5cky8cwk06s0beety7w9jc8ac54azq28sn1kgqsy9v8srv5n4a051hc5k131gnkz84r2m4660e67mas3z4eataqf8ksztmfk55wm9sfds338y221vrp7atpeb2s0pc1wfe7468zz1vyskqyxw2j6kewvn9jcv9rw0p2sg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182799
cf-polished
qual=85, origFmt=jpeg, origSize=132437
alt-svc
h3=":443"; ma=86400
content-length
23154
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KOAdW3XGrDccmpaz4RYspuOFPzCYc9jS4bb27Kk71UiyDeR%2BL4cZpjMS%2BFZwjwReH3n5hAiwebwFSH4nA73pYJpL6BNUqirYMm9lUSpagTI3GZzGgpK%2BV0EiDNaj7d3QqfdUvfUqsMv7IF5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d2c85232a7668f2-FRA
expires
Wed, 07 Jun 2023 00:25:46 GMT
/
partner.o2online.de/a/ Frame 7FFF
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLmn9_uwrf8CFefauwgdBI4Ntw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023060602254785641842167X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023060602254785641842167X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023060602254785641842167X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=141546094973574f76a6a2258b313ed6%2F5876744579672059674&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1686011146167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hhgwqmx1b34getmeh4gc01fp8nrfdp0dqgcmht00hbgdv2ffn0yhtgggx56snpeeqkrcnced8esyqtb17pmw2mh6sr4d36qgqh8tet3xrffkqr5cky8cwk06s0beety7w9jc8ac54azq28sn1kgqsy9v8srv5n4a051hc5k131gnkz84r2m4660e67mas3z4eataqf8ksztmfk55wm9sfds338y221vrp7atpeb2s0pc1wfe7468zz1vyskqyxw2j6kewvn9jcv9rw0p2sg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:47 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023060602254785641842167X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023060602254785641842167X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date
Tue, 06 Jun 2023 00:25:47 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 7FFF 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=141546094973574f76a6a2258b313ed6%2F5876744579672059674&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1686011146167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hhgwqmx1b34getmeh4gc01fp8nrfdp0dqgcmht00hbgdv2ffn0yhtgggx56snpeeqkrcnced8esyqtb17pmw2mh6sr4d36qgqh8tet3xrffkqr5cky8cwk06s0beety7w9jc8ac54azq28sn1kgqsy9v8srv5n4a051hc5k131gnkz84r2m4660e67mas3z4eataqf8ksztmfk55wm9sfds338y221vrp7atpeb2s0pc1wfe7468zz1vyskqyxw2j6kewvn9jcv9rw0p2sg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1230932
cf-polished
origSize=24833, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
13494
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66SrCjtnl1F0D2EcAAK5aiw4PXH%2Fv3Bsalj9hKljhtZIIJ8H%2FlitJD%2B3EFp9gDSm59AcMJXApxXvIB%2FbJqFwVVHiNLfar4bJGOiNk48rZZFpxBhVI6ZyCoGASqRL4BBBaLxNQGMvZGv%2FXQVf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d2c85232a7768f2-FRA
expires
Wed, 07 Jun 2023 00:25:46 GMT
4203BD8B6DFC28122A57CD0F74F9CECD38E430D5675BBE6AD8D38A36BACBF4464C414E9D6B7C9D424BC78DD3AF8507AB207AAFC56090D4E89249C87620F96EE7
assets.ad4m.at/ Frame 7FFF 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/4203BD8B6DFC28122A57CD0F74F9CECD38E430D5675BBE6AD8D38A36BACBF4464C414E9D6B7C9D424BC78DD3AF8507AB207AAFC56090D4E89249C87620F96EE7
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=141546094973574f76a6a2258b313ed6%2F5876744579672059674&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1686011146167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hhgwqmx1b34getmeh4gc01fp8nrfdp0dqgcmht00hbgdv2ffn0yhtgggx56snpeeqkrcnced8esyqtb17pmw2mh6sr4d36qgqh8tet3xrffkqr5cky8cwk06s0beety7w9jc8ac54azq28sn1kgqsy9v8srv5n4a051hc5k131gnkz84r2m4660e67mas3z4eataqf8ksztmfk55wm9sfds338y221vrp7atpeb2s0pc1wfe7468zz1vyskqyxw2j6kewvn9jcv9rw0p2sg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b7e05564f91fc8ac5e933d73eb80f92bc95037220fe493bd7d617bf24d4aa00

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
979772
cf-polished
qual=85, origFmt=jpeg, origSize=42379
alt-svc
h3=":443"; ma=86400
content-length
12442
cf-bgj
imgq:85,h2pri
last-modified
Fri, 14 Apr 2023 14:20:26 GMT
server
cloudflare
etag
"d065bd00faf2a542b1b900322391648c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAkeHVaG7z5sjaT164ybckb%2B6lcv60qEADNRFHkwKgppIXlYLr5SL%2FVE%2FyehiWFIkqwlO%2FsV5zwFcwhIi5Z0CFw9aY9rITzPbuLJb%2FZOZZBeQNne1MIlRnKYHyRX7HK%2FavKwMzU%2BTfFmGkWN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d2c85232a7968f2-FRA
expires
Wed, 07 Jun 2023 00:25:46 GMT
/
partner.blau.de/a/ Frame 7FFF
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CJmp9_uwrf8CFarvEQgdvF4COg;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=mm_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=mm_SUBIDTEST_view
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023060602254785641842169X117663V1225131106MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023060602254785641842169X117663V1225131106MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=141546094973574f76a6a2258b313ed6%2F5876744579672059674&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1686011146167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hhgwqmx1b34getmeh4gc01fp8nrfdp0dqgcmht00hbgdv2ffn0yhtgggx56snpeeqkrcnced8esyqtb17pmw2mh6sr4d36qgqh8tet3xrffkqr5cky8cwk06s0beety7w9jc8ac54azq28sn1kgqsy9v8srv5n4a051hc5k131gnkz84r2m4660e67mas3z4eataqf8ksztmfk55wm9sfds338y221vrp7atpeb2s0pc1wfe7468zz1vyskqyxw2j6kewvn9jcv9rw0p2sg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:47 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023060602254785641842169X117663V1225131106MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date
Tue, 06 Jun 2023 00:25:47 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
postback
s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/ Frame 58C4 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/postback?to=3&de=2&md=1&si=&dm=300x250&di=https%3A%2F%2Fye-mek.net&ui=&pp=15222&pi=XROhqscfgR&ac=Xmwo1n97Q8&ci=948461&pd=avt&ap=&ti=&sr=GOOGLE&dt=9484611597092707615000&pv=8bdccc95-f51c-4594-9153-bfd55b000008&gt=DE&sid=Ags7q0AAEPMQ79Z7&oz_sc=0fec102ff08f6eada88a6fc3&oz_df=1686011146555&oz_l=2939&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:46 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
pagead2.googlesyndication.com/bg/ Frame 17AF 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 08:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
57903
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14684
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jun 2024 08:20:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CEF4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3448584114429&version=m202301230201&ct=76&x=1&cor=2237742837388520400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9038 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5930690410745&version=m202301230201&ct=76&x=1&cor=5687695187570812000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AD7A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6018713160892&version=m202301230201&ct=76&x=1&cor=9931757394151975000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/ Frame B01F 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/postback?di=https%3A%2F%2Fye-mek.net&dm=300x250&pi=XROhqscfgR&ac=Xmwo1n97Q8&to=3&dt=9484611597092707615000&pd=avt&ui=&ap=&sr=GOOGLE&ti=&pv=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&md=1&si=&ci=948461&pp=15222&de=2&gt=DE&sid=Ags7qz8HEPM2Juh9&oz_sc=f40f1dda7b495af10c3414b5&oz_df=1686011146627&oz_l=2939&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:46 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
gen_204
pagead2.googlesyndication.com/pagead/ Frame 127A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1vJrCH1-ZIrAI7Pm7_UP06GFyAUAAAAAOAHgBAI&bg=!KimlKX3NAAY9J7QfHSc7ADkAdvg8WhJnCa2iI0XZSmIZS2-M4jGwrLwe41l72sXETEHXlGjb-LZRcK-8BfKj3Jp7BUM856QLIH4CAAAD1VIAAAADaAEHmQNJbxLvzcnlR4uw7qBoSKlqaGrqAPqyHXmsZHnEYbTqK9zl7hl28Dyx-C5XwuIvD7o_j3lodMY-c_Zz3Jl9tgoOD05E7jXV_umu8zkDrUWUTq_MtgXYwPYrxmsXDH32SC9aU3UiRfXtZf9S9R7Aw8wfwGCUqdLR-tWZcG1qOmiJJD_IDY1qUEaO6HzRB0A1fSTNq3qCXv3d17BwUjnJBBDpCCataZawuBnwkkT8hgUE9zj_Nrt8Ol5k-BmVOcFi0HSCrMSmdGm1lJLKroUn0enoRb8eogyh-sBPwdUHBCz_JyKUvHzHp_CDsnzCqhSv1xbB8kDwlf5WQKYnXLLEYzLEUaUFeLj5L8OBxKONXQWuVWO93-5hfYjBbNz1XQ1a3xAODyZ2F4f-vfUnqDw3YKUH8-gjaQSeBCQWwwfVuUOIXzR4LUGDsqnYDvP-Rju4GesXPgLXaDHzAfcYfaGetvnX0RAl-ms0WPG9SaEf8b02tIyNjB52SI2JVxN_swWB_AoxhJvRSQm_T_HBVu3Uiqv77Q8pcKe_37kog96VyzlrUNnwQ5_zcEPdgzgLp_083MrP-t1Eh8YPqrQQjHNpGk8GWRL9UB6WE2WmhLr-MR0S2_OiwCDFNoXcdEX19m7B2Pyb8lXZ7rmIm-7kHtb7k5h4UwZFJTRKK3oKznb-z3uCpcB8Au1tBJ1iRVq6R9VQi-zpbenK1M55Bh2JFmTpW687wuE_DbfJlmKgyYbbIR8mAw7_NvfMGB-d21_-Wqaa0QTFM1OARYGqlrLLnqJsuzdUuIqJsHL92_2XujOr_5VskJXiCIKdaxk5TnRKLoDreGhqUileYdPuZ0QBZxI9epev6Inw7iElKmSmslo053acA3rODH9XX48B49jYBx36O2WthBEN0DUn0s81kszGf6Q5Va8vn-DE2_C7udT0ksB8c4uZWOLSYxPZAXuhFoyW5nxO5VGo4uBGa-e9rIEzHCp5iWlCaprybdt8sWBXcNiN5KuxGdTx-nkU7AkNnk-YHeCVKUSvsPXD4zMd-_g_jYQBVInApitGDpCpL_nfwebQdA31Q-mZavrVdKrC_eZ-QKnU4DZGd36DVMWMh9yJ6SnM_VJb_cFF5TRj3A
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9163 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bjb8yCH1-ZK2LJubO7_UP-PyHmAYAAAAAOAHgBAI&bg=!RUalRhLNAAY9J7QfHSc7ADkAdvg8WgDaRDZpO8ROuvxOka1WiURYtdvsz5WXyvEXY9mMicX58t5q9se57PHPJ5pPF_H-QPZQRJwCAAAEBFIAAAADaAEHmQNNiFtsJPNwFOI7H8Q_PUnhTkvcYnkRBylY6bXE2ZTV7BNjMe4d7poA-xtOid5dX4pYUt7ZU-H63MuJ4UwlJBl7bhgwodypvji5e_mw26rjmLhow5u2DMfClluvs3QQbzczHO3Xi7OK_3IZnnYWszWAyQfTpA0_-0G6Fxx7pqtscwWo086Ey_hc8bVbolA9ttH4FBcA3oKwlD35SvCH0WQThVnaa92QcrKwwWRVtADAVF7rWthqwTxxJK0Dc-6g-Dto3gbeHGudt9-WCmqMc-rt3_9x75fPIpg9hKNJiFgJRfNGOuqsvwsagfyUW1wyps89gSvkSrr7kYwvqVQPJ3jKraukynkPdMbBISvooA_b7fl7CIOKrNZ-jSrhrWM-20OHsgKKbmI34ZapvQ-LdT9txqf7ei90siqau5FNZSNgUm1Ge3ChRhRpzxwpD0WQDMPFtNg8R2KW6QJIXFqOdxl-3p9zadfEXOrSMSD480Br1o34mT-HuUxYoqo1C8NyaG5RL16_8_zcAPGwz_MsHoEBrE2x4Ir1n08lvrkikKIgy88UQX_lVezwFz9ZJHCiUPGOMexExsEMprFHLIL3tmMG8dxJfPtFmnVUfGlesaW3bsGKezrP0Bhex3srINxGBuHBQKiv6gudRRweVse3GE7wNP3PBvohpXsY6XY2bbwdf_OY2fVkulGat7qoIx7Y0ALPfcylbZzUQBWfu3rUk942oj_rAcbPExEbJXEjr8RqqmIMaHeSRwtGHVnvrrps8j9Q4WUhEL9mFAzZQHF596f7LwF0pbzBFFQUWDyv0A2VAb16sd5VkGN_MfYfrvwd0PU4y8mI36ioS5MgGf9qbO7SuCiU_vEVXfgV2gIEYlcg_hhdLA-y7Q7DpE4U_I3reKdUQGhsiB21xypq42Ezdxvpt780YmpvvDkWAx0AhMOOECfXUqlKc2X25B4rpA9KUG0AMMU4E7Uxl-3Wp-ZZwikAuySXqFWGStw4-a9ZEHg7_fDCyml3orYpiZZZ7fJu4awhiZwGIaxoOtBfROS1f2sgiaJZXc7PmRGBDcwRWVjoNWv_Eh5DAf2C5XbN2W1peI0sD9Rgsnv7LYCKfn9eQXFZmdNPezguBfab7hLaakQ
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 34D9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCt-5CH1-ZPSHJ_id9u8PoJyTgAkAAAAAOAHgBAI&bg=!NzSlNGDNAAY9J7QfHSc7ADkAdvg8Wh1hvvtUpMC6nUohepl0baSmFNDFKkmz2XoB-dRy8Qbg04O7tTLl0FK1Bq_dNLTIaQmW8F8CAAAEH1IAAAADaAEHmQMzel4h1kbNCAohnztp6RJkhP3_ztIXIrlM2CXCNIECK3kTehZfqZQB7IVamwQryCYEa3ODAvFney0ypQ9mRgPdoF8QjMw18k8MHGFawZ2ZV1bxgJYK6A1Z89DLTc4gitoJwqP5LYULKLK7FGoTf_o-7dTiyHLYwi7bp1iKMmduVX86DNa1VyW3PB0fiYe7cXaMIHD2fOqYH0rHeKuTLpJmoLZfHqKJXGCObGWce8hI9qdD5LXa2iZwrwdD63t5TBn_wFNF5sZkR-L39gaAyBvk8OYQoyrtyNe45Lnw26vUDP7gnLLo8Z8Ic1jwKcQ0Q1v5LQ0uvJ3X1QCb85pOlNdSZ1ZSbvTPl9O2Xpx1wQhh4I-_qHdf5bF3JCP9GYJEp0WIwsLr1QIglcJikN2kGdT7cJckJF7gZ0wvYCkNyyRT4pWnFYvBoeGQsT3sFP3Rc22sbOavJbOu-fMMIzKUiLoM-_P78ukDOKvpuVvaMPIxBD78YwbtsmxdNmzQ65GMOsXB9GRtgC-s0ZCIhy9AS7SPp1wwfcMiDc3wZHF5royM4qa3mSMqbs5aC7S3gc0Oyg-L202HoVlqHt9TSTOKXLZw7dK3hVdHLyMxHYNiTy1pobSdUWn8RV9YupbPPnRnuTpiS0KrmsF4lfuzwDt9RDllCZEMfUf17w4EwTr39hV_hpfXr6Amtv8wtPQldq7XhY9JnOjGHrZz0dpfIf7oMwzd7x29zQxcR4iWiGrNqPEpS1-Ljg21yc6p2NcPE0yPscIzLI5XhNH0IneUfAUbbDKdXU7JS9ntXPJzs0DGckjXKNsAU4VbRJFDRoyxvyYLQf0_WTjZhpCcrq1YEOQ5Tn7ZBa6B6qDpxgeUbr5Uc48Ldfu9bTPv6-3F7fb-VegGQYDqG5ssuBeFe8d8_ZszpbT299mAIJ320BLFqJAsfgsJIeBHF3NDto3M9sUMhAxWnFnKy6q43Y8sT4Hrr4R0Eq0j3159aHuRNUfgGdcXNd0WQC3t_vr3wsO2_comq384lT0ww_kCZb6Ok0VtdrPha02nRdXLyVEFb1WDZQTL-m_4N0MsCpTV34BCdIS6jnDyHeEiC0MU
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D86 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBuWPCH1-ZKvBJ6e79u8P3PunkAwAAAAAOAHgBAI&bg=!cnGlcSXNAAY9J7QfHSc7ADkAdvg8Wj09zlRgBjqXv7o5wJkOI_cJiPZhEbtaHC6dTERSJtJcS6x2nIX8JsuxI3H7ECdHezuXW_UCAAADy1IAAAAEaAEHmQNQTkJhpY88zTVM8PnIjmSsfrJ-n4VvmLcp3SzaqnbCuuykYXvLnutGvYabKWXK_3OdY3G0Jxt2PPI_CAkDDbANb6XYpUapyHbiqtZcEy15V_Zy1ePKO8soYMSQccDBhvEEtKtSI34xaWkryOsrQGelfkgfYAzjNwn4lkunKMiz46IACvNecLB40MdpNVQgcfbhP4N14SKhIbqMKo10MnPKOP0kd2u0Jed36S7rsn8w3HM8cykPje-NE9RO2cM6Hypm2KHvm5YnbRvo5qyW2Ydzd2Pq-udX0kXnXcVxS8JKk378Xv7U3WpItIQqOd14KWNK0Iqlx72EoeYmCx1OUtiBKFJBysgcy6BgwoQ_1S5nLOAVxxMZ5TnVyuPRp9ODGLRarniyniobjy_HLH3KidhT4-nk9EZkYQOvNzQqvV-1gjP580ffY7Jt2CHmgEBR0a53_J9gTty9zszvN0uREXfw8Re9inP8Q0WvdKj4WZAmefyUE41e5O340TXlxlD8sJa_k3kANR55c2-k35lfdHUMt13BVeGXZONinePVSY8g1peqi-F-FjO0mAXgKDTbgwsygRf4IZYXqIpVbV7MCO4o5udvhekq9a9hDucNvYsnB8kYkHFTi0zmSm0gOl6ACapySiSYYdk0pmabjz3C1Fsl9Rp3BnYyThQzVb9l1q2tfm0I4uLBd8Wnany6pFJ5Z3zt7ZjD9TNkqmBiB8P0pTR2vUIkq39wSZoQiArtgg07TbtjbD0NCBypMYOIy_6c7D-edyMNSaK_KBKcjQdaGaiGQQm8qgTh0D-EaqKqlh8prSEykubP7BRTtPym4b1CTMcvPgRKHoEulWtALTPIR6t413m16C2dzaE-7Ihk9vLhWYxDhHIJ4rkrvkATEJ3Vy1iEO4RyAv8S3OfHqiKIJICfX7_MV4E4u5E4Sbsm5X6JcNSEX8un-p6QNUxVJXzikj9LFdgn_UhLPALIhKDxPx1XEBsbcisU-FYDCiM_yCWJwRHbdU7CGbIXsXxBkBk7ncuJ-gcPvicSlZKGEVFD07Q1HtGgT6N6xTlxwedr9K3Vms9uL8C3dy6h2zXjnsmzj4lI1GIaaKN9Xs3T1ueS8I6-LNSQexHzN0adDMQnr7Zlr04
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rid
match.adsrvr.org/track/ Frame 371C 		63 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
debbcf90c9264f7564e41182c3aa2821bcae7154cc12ba724d3073dc9182a11f

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 00:25:46 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ye-mek.net
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 06 Jul 2023 00:25:46 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 850F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 06 Jun 2023 00:25:47 GMT
ETag
"623de86a-cf34"
Expires
Wed, 07 Jun 2023 00:25:49 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame A4CA 		977 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.21.69.217 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
80d5376e68f3824be9e97919bdc5ded99f0103ca92bc92717b46bb4f394d3402

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
624
CF-Cache-Status
HIT
CF-RAY
7d2c8524bf4630c4-FRA
Cache-Control
max-age=60
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html
Date
Tue, 06 Jun 2023 00:25:47 GMT
Last-Modified
Thu, 26 Jan 2023 15:01:29 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jadp%2BxYKDs3YuKJ1W5RCbAbolXgEyknu3NfM7NEtObeez4VTDqJfaSYZRx%2B3eJ2jd7bX4VQPnhAJuQrA7DY%2BlKMSzHh7QyD%2B4ZfyE%2BmPCNW883LoEgt9EDOES9NopHHRwXCQwBXI"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
X-Amz-Cf-Id
lRrFSUQpzdw0Q4r8TdFi21g8VNz0fiQemqx-L4gObcpiGlRQ-4ziyg==
X-Amz-Cf-Pop
FRA56-P2
X-Cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-server-side-encryption
AES256
usync.html
eus.rubiconproject.com/ Frame 70DB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Jun 2023 00:25:47 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9C97 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=99777
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 06 Jun 2023 00:25:47 GMT
expires
Wed, 07 Jun 2023 04:08:44 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame 371C 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1686011143198&userId=vnet61d564df-8b29-4f2b-b20a-95a90770533e
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 06 Jun 2023 00:25:47 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
postback
s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/ Frame 58C4 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/postback?to=3&de=2&md=1&si=&dm=300x250&di=https%3A%2F%2Fye-mek.net&ui=&pp=15222&pi=XROhqscfgR&ac=Xmwo1n97Q8&ci=948461&pd=avt&ap=&ti=&sr=GOOGLE&dt=9484611597092707615000&pv=8bdccc95-f51c-4594-9153-bfd55b000008&gt=DE&sid=Ags7q0AAEPMQ79Z7&oz_sc=0fec102ff08f6eada88a6fc3&oz_df=1686011146936&oz_l=180&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:46 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/ Frame B01F 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/postback?di=https%3A%2F%2Fye-mek.net&dm=300x250&pi=XROhqscfgR&ac=Xmwo1n97Q8&to=3&dt=9484611597092707615000&pd=avt&ui=&ap=&sr=GOOGLE&ti=&pv=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&md=1&si=&ci=948461&pp=15222&de=2&gt=DE&sid=Ags7qz8HEPM2Juh9&oz_sc=f40f1dda7b495af10c3414b5&oz_df=1686011146966&oz_l=180&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:46 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
usync.js
eus.rubiconproject.com/ Frame 70DB 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
972755983c98afbfb107d5b6da02f1eaef49d9bef146531bf655142633effb76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Jun 2023 19:17:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=67888
Connection
keep-alive
Content-Length
10113
Expires
Tue, 06 Jun 2023 19:17:15 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9C97 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51925740&p=159432&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3d0bc134f9e7eb2d2dfccb38205a141bc8a74af8df6959e3741a6d4e85b71414

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 00:25:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame 850F 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 00:25:47 GMT
AN-X-Request-Uuid
f97b6a6d-bfb4-402d-aaae-e1ebb9758227
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.120; 146.70.117.120; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 17AF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?uQNfbA
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
avw.gif
c.4dex.io/ Frame 371C 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&evt=start&pv_id=64b1c8ad-7a79-467e-a591-b6775962d1ce&adu_el_id=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&v=0&tz_off=0&js_late=1&js_ts=&size=728x90&pbjs_sizes=728x90%2C468x60&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=0&pg_durat=4288&pg_paused=0&pg_exp=4288&vsbl=0&adsrv_vsbl=0&adsrv_att_delta=0&clk_time=&reset=0&adsrv_adu_exp=0&navs_ts=1686011142621&trgr_ts=1686011144178&init_ts=1686011144179&start_ts=1686011144181&reset_ts=&vsbl_ts=&adsrv_vsbl_ts=&auct_id=5a1439a5-7561-43a3-9a77-b91130aac962&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_kategori_sayfalari_728x90_repeating&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4640999434&adsrv_cmpgn_id=2414810363&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=728x90&adgjsv=1.16.2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:47 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
avw.gif
c.4dex.io/ Frame 371C 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&evt=vsbl_actvw&pv_id=64b1c8ad-7a79-467e-a591-b6775962d1ce&adu_el_id=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&v=0&tz_off=0&js_late=1&js_ts=&size=728x90&pbjs_sizes=728x90%2C468x60&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=2784&pg_durat=4289&pg_paused=0&pg_exp=4289&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=1244&clk_time=&reset=0&adsrv_adu_exp=1526&navs_ts=1686011142621&trgr_ts=1686011144194&init_ts=1686011144194&start_ts=1686011144195&reset_ts=&vsbl_ts=1686011145510&adsrv_vsbl_ts=1686011146701&auct_id=5a1439a5-7561-43a3-9a77-b91130aac962&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_kategori_sayfalari_ust_728x90&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4640999434&adsrv_cmpgn_id=2414810363&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=728x90&adgjsv=1.16.2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:47 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 70DB
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vgwEOqu4Rbuhk4s4UZqTDw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=vgwEOqu4Rbuhk4s4UZqTDw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=vgwEOqu4Rbuhk4s4UZqTDw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
52.95.126.138 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 00:25:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7X76GEJPJM4RJ586PWM0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=vgwEOqu4Rbuhk4s4UZqTDw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 70DB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0VMTlwcTQ56icewBz6h0ZQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0VMTlwcTQ56icewBz6h0ZQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0VMTlwcTQ56icewBz6h0ZQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 00:25:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0XKVN387WD2XZ3HWA3E6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0VMTlwcTQ56icewBz6h0ZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 70DB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElKSkk0RDMtNS1NR0VV
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL03EepedO2qBJTVSUm4Q6k&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElKSkk0RDMtNS1NR0VV&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElKSkk0RDMtNS1NR0VV&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElKSkk0RDMtNS1NR0VV&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
pixel
cm.g.doubleclick.net/ Frame 70DB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDg5ZTZkZmVlZDMxY2U5ODU0YTBjOTA3MTNlYmMwNjY2MzhhZGYyMA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDg5ZTZkZmVlZDMxY2U5ODU0YTBjOTA3MTNlYmMwNjY2MzhhZGYyMA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDg5ZTZkZmVlZDMxY2U5ODU0YTBjOTA3MTNlYmMwNjY2MzhhZGYyMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 70DB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/P_v91URuTabPLa93BisVDQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4funNf5E2oJ9JKhj5DxfuXw90blon_V50MKPMg--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4funNf5E2oJ9JKhj5DxfuXw90blon_V50MKPMg--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 06 Jun 2023 00:25:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4funNf5E2oJ9JKhj5DxfuXw90blon_V50MKPMg--~A
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 70DB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Jun 2023 00:25:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame 70DB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIJJI4D3-5-MGEU
0
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIJJI4D3-5-MGEU
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:47 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 394FAC17886D4D95B5028A51704C4A45 Ref B: FRAEDGE1215 Ref C: 2023-06-06T00:25:47Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX9aw+LAxgQVEjJR3bMvA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIJJI4D3-5-MGEU
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 70DB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOedvdudpJKhsGr14Wq0t8o&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOedvdudpJKhsGr14Wq0t8o&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOedvdudpJKhsGr14Wq0t8o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3B63
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee4f647e-7d08-4701-8048-f4585cfb89e9&gdpr=0&gdpr_consent=
42 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee4f647e-7d08-4701-8048-f4585cfb89e9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 00:25:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 06 Jun 2023 00:25:47 GMT
Expires
Tue, 06 Jun 2023 00:25:46 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master zrh-pixel-x7 config_version:"2391"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee4f647e-7d08-4701-8048-f4585cfb89e9&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame B058
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526031689692
42 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526031689692
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 00:25:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 06 Jun 2023 00:25:47 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526031689692
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
usersync.aspx
dis.criteo.com/dis/ Frame 031C 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 00:25:46 GMT
expires
Tue, 06 Jun 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
300894
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 62D9
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6630368038902902732
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6630368038902902732
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 00:25:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6630368038902902732
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7A1F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5714AADD-CF7B-487F-9FF4-A18548D62033&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5714AADD-CF7B-487F-9FF4-A18548D62033&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5714AADD-CF7B-487F-9FF4-A18548D62033&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.138 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Jun 2023 00:25:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
9SBSVCRWD463QA7X4S8M

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 06 Jun 2023 00:25:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5714AADD-CF7B-487F-9FF4-A18548D62033&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
TMJ09NR2EFTGMCZD14RG
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9C97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VxSq3c97SH-f9KGFSNYgMw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
23.35.236.201 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:47 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=99777
accept-ranges
bytes
content-length
5554
expires
Wed, 07 Jun 2023 04:08:44 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 9C97 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=5714AADD-CF7B-487F-9FF4-A18548D62033&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.159.132 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:47 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.9.202
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 9C97
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1110108337
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=5714AADD-CF7B-487F-9FF4-A18548D62033
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=5714AADD-CF7B-487F-9FF4-A18548D62033
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
34.111.131.239 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:47 GMT
via
1.1 google
last-modified
Tue, 06 Jun 2023 00:25:47 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=5714AADD-CF7B-487F-9FF4-A18548D62033
date
Tue, 06 Jun 2023 00:25:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 9C97
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=5714AADD-CF7B-487F-9FF4-A18548D62033
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MDc3eFc1YVZWakdSM0tOVVR2Z1RPeHVPQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7382172270944847332&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
HTTP/1.1
Server
54.84.97.211 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 00:25:48 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 06 Jun 2023 00:25:48 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 9C97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTcxNEFBREQtQ0Y3Qi00ODdGLTlGRjQtQTE4NTQ4RDYyMDMz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 00:25:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9C97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAa4AhwI3CFavd2U7Zu1VjE&google_cver=1
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAa4AhwI3CFavd2U7Zu1VjE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 00:25:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAa4AhwI3CFavd2U7Zu1VjE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 9C97 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:47 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 05 Jun 2023 00:25:47 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9C97
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7382172270944847332
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7382172270944847332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 00:25:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 00:25:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7382172270944847332
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 9C97 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Jun 2023 00:25:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
avw.gif
c.4dex.io/ Frame 371C 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&evt=vsbl_actvw&pv_id=64b1c8ad-7a79-467e-a591-b6775962d1ce&adu_el_id=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&v=0&tz_off=0&js_late=1&js_ts=&size=160x600&pbjs_sizes=160x600%2C120x600%2C300x600%2C300x800%2C300x250%2C120x240%2C160x800&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=2813&pg_durat=4407&pg_paused=0&pg_exp=4407&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=1298&clk_time=&reset=0&adsrv_adu_exp=1607&navs_ts=1686011142621&trgr_ts=1686011144257&init_ts=1686011144257&start_ts=1686011144257&reset_ts=&vsbl_ts=1686011145532&adsrv_vsbl_ts=1686011146702&auct_id=5a1439a5-7561-43a3-9a77-b91130aac962&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_right_tower&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4640999434&adsrv_cmpgn_id=2414810363&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=160x600&adgjsv=1.16.2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:47 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
avw.gif
c.4dex.io/ Frame 371C 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&evt=vsbl_actvw&pv_id=64b1c8ad-7a79-467e-a591-b6775962d1ce&adu_el_id=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&v=0&tz_off=0&js_late=1&js_ts=&size=160x600&pbjs_sizes=160x600%2C120x600%2C300x600%2C300x800%2C300x250%2C120x240%2C160x800&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=2852&pg_durat=4455&pg_paused=0&pg_exp=4455&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=1230&clk_time=&reset=0&adsrv_adu_exp=1599&navs_ts=1686011142621&trgr_ts=1686011144270&init_ts=1686011144270&start_ts=1686011144270&reset_ts=&vsbl_ts=1686011145541&adsrv_vsbl_ts=1686011146792&auct_id=5a1439a5-7561-43a3-9a77-b91130aac962&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_left_tower&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4640999434&adsrv_cmpgn_id=2414810363&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=160x600&adgjsv=1.16.2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.34.106 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:47 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
postback
s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/ Frame 58C4 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/postback?to=3&de=2&md=1&si=&dm=300x250&di=https%3A%2F%2Fye-mek.net&ui=&pp=15222&pi=XROhqscfgR&ac=Xmwo1n97Q8&ci=948461&pd=avt&ap=&ti=&sr=GOOGLE&dt=9484611597092707615000&pv=8bdccc95-f51c-4594-9153-bfd55b000008&gt=DE&sid=Ags7q0AAEPMQ79Z7&oz_sc=0fec102ff08f6eada88a6fc3&oz_df=1686011147271&oz_l=33&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:47 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
avw.gif
c.4dex.io/ Frame 371C 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&evt=start&pv_id=64b1c8ad-7a79-467e-a591-b6775962d1ce&adu_el_id=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&v=0&tz_off=0&js_late=1&js_ts=&size=728x90&pbjs_sizes=728x90%2C468x60&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=0&pg_durat=4474&pg_paused=0&pg_exp=4474&vsbl=0&adsrv_vsbl=0&adsrv_att_delta=0&clk_time=&reset=0&adsrv_adu_exp=0&navs_ts=1686011142621&trgr_ts=1686011144289&init_ts=1686011144289&start_ts=1686011144290&reset_ts=&vsbl_ts=&adsrv_vsbl_ts=&auct_id=5a1439a5-7561-43a3-9a77-b91130aac962&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_kategori_sayfalari_728x90_2&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4640999434&adsrv_cmpgn_id=2414810363&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=728x90&adgjsv=1.16.2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.34.106 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:25:47 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
postback
s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/ Frame B01F 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/postback?di=https%3A%2F%2Fye-mek.net&dm=300x250&pi=XROhqscfgR&ac=Xmwo1n97Q8&to=3&dt=9484611597092707615000&pd=avt&ui=&ap=&sr=GOOGLE&ti=&pv=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&md=1&si=&ci=948461&pp=15222&de=2&gt=DE&sid=Ags7qz8HEPM2Juh9&oz_sc=f40f1dda7b495af10c3414b5&oz_df=1686011147325&oz_l=33&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:47 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
firstevent
unilever.demdex.net/ Frame 371C
Redirect Chain
  • https://unilever.demdex.net/event?d_sid=25453995&cs=1686011147528
  • https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1686011147528
42 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1686011147528
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Server
52.215.85.23 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v048-077362add.edge-irl1.demdex.com 7 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
woqkN9EKTuM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v048-026448671.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
U1xSyBvISug=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1686011147528
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.8.42.199 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 06 Jun 2023 00:25:47 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 52E1 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.8.42.199 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Jun 2023 00:25:47 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 9F20 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.8.42.199 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Jun 2023 00:25:47 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.8.42.199 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 06 Jun 2023 00:25:47 GMT
server
nginx
postback
s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/ Frame 58C4 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/postback?to=3&de=2&md=1&si=&dm=300x250&di=https%3A%2F%2Fye-mek.net&ui=&pp=15222&pi=XROhqscfgR&ac=Xmwo1n97Q8&ci=948461&pd=avt&ap=&ti=&sr=GOOGLE&dt=9484611597092707615000&pv=8bdccc95-f51c-4594-9153-bfd55b000008&gt=DE&sid=Ags7q0AAEPMQ79Z7&oz_sc=0fec102ff08f6eada88a6fc3&oz_df=1686011147667&oz_l=184&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:47 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/ Frame B01F 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/postback?di=https%3A%2F%2Fye-mek.net&dm=300x250&pi=XROhqscfgR&ac=Xmwo1n97Q8&to=3&dt=9484611597092707615000&pd=avt&ui=&ap=&sr=GOOGLE&ti=&pv=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&md=1&si=&ci=948461&pp=15222&de=2&gt=DE&sid=Ags7qz8HEPM2Juh9&oz_sc=f40f1dda7b495af10c3414b5&oz_df=1686011147668&oz_l=184&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:47 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
f9b4d89f-f401-443d-b766-74a950051050
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/ Frame 58C4 		817 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/f9b4d89f-f401-443d-b766-74a950051050
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c21f115524e9e4a50120f3e71d42530bb0341b3c847b568558e4f41385c427fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Length
817
Content-Type
postback
s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/ Frame B01F 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/postback?di=https%3A%2F%2Fye-mek.net&dm=300x250&pi=XROhqscfgR&ac=Xmwo1n97Q8&to=3&dt=9484611597092707615000&pd=avt&ui=&ap=&sr=GOOGLE&ti=&pv=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&md=1&si=&ci=948461&pp=15222&de=2&gt=DE&sid=Ags7qz8HEPM2Juh9&oz_sc=f40f1dda7b495af10c3414b5&oz_df=1686011147819&oz_l=616&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:47 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
ea6324ec-f1d0-44c7-91be-5dba623f4516
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/ Frame B01F 		817 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/ea6324ec-f1d0-44c7-91be-5dba623f4516
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c21f115524e9e4a50120f3e71d42530bb0341b3c847b568558e4f41385c427fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Length
817
Content-Type
5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame 371C 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1686011143198&userId=vnet61d564df-8b29-4f2b-b20a-95a90770533e
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 06 Jun 2023 00:25:47 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
postback
s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/ Frame 58C4 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/postback?to=3&de=2&md=1&si=&dm=300x250&di=https%3A%2F%2Fye-mek.net&ui=&pp=15222&pi=XROhqscfgR&ac=Xmwo1n97Q8&ci=948461&pd=avt&ap=&ti=&sr=GOOGLE&dt=9484611597092707615000&pv=8bdccc95-f51c-4594-9153-bfd55b000008&gt=DE&sid=Ags7q0AAEPMQ79Z7&oz_sc=0fec102ff08f6eada88a6fc3&oz_df=1686011147835&oz_l=927&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:47 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/ Frame B01F 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/postback?di=https%3A%2F%2Fye-mek.net&dm=300x250&pi=XROhqscfgR&ac=Xmwo1n97Q8&to=3&dt=9484611597092707615000&pd=avt&ui=&ap=&sr=GOOGLE&ti=&pv=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&md=1&si=&ci=948461&pp=15222&de=2&gt=DE&sid=Ags7qz8HEPM2Juh9&oz_sc=f40f1dda7b495af10c3414b5&oz_df=1686011147975&oz_l=5545&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:47 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/ Frame 58C4 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/postback?to=3&de=2&md=1&si=&dm=300x250&di=https%3A%2F%2Fye-mek.net&ui=&pp=15222&pi=XROhqscfgR&ac=Xmwo1n97Q8&ci=948461&pd=avt&ap=&ti=&sr=GOOGLE&dt=9484611597092707615000&pv=8bdccc95-f51c-4594-9153-bfd55b000008&gt=DE&sid=Ags7q0AAEPMQ79Z7&oz_sc=0fec102ff08f6eada88a6fc3&oz_df=1686011148002&oz_l=5527&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:47 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sodar
pagead2.googlesyndication.com/pagead/ Frame 9185 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230531&jk=640156709028305&bg=!2Nul24_NAAY9J7QfHSc7ADkAdvg8WteAHvLjge9PjZBdsFhq-ZwWgQLwn0MgaVqL5VhohPKpg0iCEnlarw36QChimH-1KC10yDUCAAACJVIAAAAEaAEHCgAPtn4FB8Vi6yfbPs-8h8gkmQNOLGSx1F1AcUJzG8LIkEjzCKTOxJs-gCISzKIKGrHbuIL2jrqfel-x-s04Qs9tKl3rHN8ZVAKrUQUzFteqxHwqV-Qv1fVGH7jkJdACsfzTT9JlXva-fD2ya9Zk377DcsQTDWgvKgBpLDFgOry2QIXHl2tB4m34pOeqTaxVsQA5A1dqPSEEekE43f6T_KDVKYivMvnGL15koY22MwP5oxjtqWiEU3_zsFOy0UMEoU7Qw8A-g5qqDORxds5kXFn4bQu5JAg1be04cyWZ8tT8HcIir35f42yVCdSrcZaujnTYy02A01gW4zJpQbC0Evokm_lffwQ50BALjOxxkhTIsbbfgD9ysFJwKNSUfqUSZwdbqqCOhVCNrI_QQ8YuXxs40fvizu096zQM-j-GlHpRnmOLZmsbpdmGwZyzH83hjo_FKlIczmyZTjUtR4T6WHQMtXUk8jiGF7kU6_nGkopyT01cRdfT2ZK5s0IZgB6NYIyEhRZX9iwkS3Zv6N36KwP9lAC1MmoA0TtldGupJm3I9U1ltyDbpBynE71brsRWP9SLekx5H_GSAQIMrUCf3HwdnJZpyzj7AesIuVogO89W6YvhbLWZMyyq4jiw70GKwZLOJrbhYMEK3R7O_prtSgfOwPgQ5BJYfM8DEQCyetKOrsY0SUDYaHrAr6SEhKl-6TAL4QAm_KrHuQdk5OzH6goUJGEWhd6xoHyCVskkrBfFoPI9wqrHe9eDTaAxVbXYcvuzSpL434F3OWPbvml7-rXWN0YUJHGfTvS-XawBIdrIZGEcEoO-_YBm8GCjD85u7aVsb8CvYC1EI6P7AzR6HvRd8olRq5gO87WboCo-oKulkXgYfftx4Wdn1kEPWjb7TcY-eOE_qwV1shE5ieqEJyEqaVkAF1XRUjLYNtkxexElr11ggyEBl84P5sNM9VS9Hw4Gy6wwgSrW9wvEvTc8VD4uiww3L5uJOWgXL4uMRnLATaRkCukR5ZXDRXvRW4v5-7oywMWwYikvullfePcbFugx8Hxr3zZoBC8GMugpO7aHbQ9ZfL4dD47g59vFaXplPZiMLCqCAJ0sNTmjZFRdH7m6dDBPCdEdGI9pcE0CayDbFSF2qfYP5o05cg-Vh2aJ9wrI
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 850F 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 00:25:48 GMT
AN-X-Request-Uuid
50407301-0421-48bc-aae9-65f5fb83df0b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.120; 146.70.117.120; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
postback
s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/ Frame 58C4 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7q0AAEPMQ79Z7/postback?to=3&de=2&md=1&si=&dm=300x250&di=https%3A%2F%2Fye-mek.net&ui=&pp=15222&pi=XROhqscfgR&ac=Xmwo1n97Q8&ci=948461&pd=avt&ap=&ti=&sr=GOOGLE&dt=9484611597092707615000&pv=8bdccc95-f51c-4594-9153-bfd55b000008&gt=DE&sid=Ags7q0AAEPMQ79Z7&oz_sc=0fec102ff08f6eada88a6fc3&oz_df=1686011148153&oz_l=404&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:48 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/ Frame B01F 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.94.1/948461/Ags7qz8HEPM2Juh9/postback?di=https%3A%2F%2Fye-mek.net&dm=300x250&pi=XROhqscfgR&ac=Xmwo1n97Q8&to=3&dt=9484611597092707615000&pd=avt&ui=&ap=&sr=GOOGLE&ti=&pv=a2c9b8be-5c3e-47ed-ae20-bc47582b540b&md=1&si=&ci=948461&pp=15222&de=2&gt=DE&sid=Ags7qz8HEPM2Juh9&oz_sc=f40f1dda7b495af10c3414b5&oz_df=1686011148154&oz_l=697&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.198.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-198-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 00:25:48 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb.emxdgt.com
URL
https://hb.emxdgt.com/?t=1500&ts=1686011143512&src=pbjs
Domain
tags.mathtag.com
URL
https://tags.mathtag.com/ck-confirm?bid_id=4125651338499241860&node_id=4837&exch_id=4

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| cloakan string| data object| xmlHttp number| data2 string| hash object| ifrm

43 Cookies

Domain/Path Name / Value
.adnxs.com/ Name: icu
Value: ChgI5MdxEAoYASABKAEwh_r5owY4AUABSAEQh_r5owYYAA..
.adnxs.com/ Name: uuid2
Value: 3564603306732348930
.rubiconproject.com/ Name: khaos
Value: LIJJI4D3-5-MGEU
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqSzQ4SCY+OAg/5onLiA/RiY1TdhAkPVQBbHu0hL1Zspm7RkL+J7N3a8NhzLov3/0MOwzHLtYfPBBoZUFBBzTvW0A+VO7RH1E0=
.w55c.net/ Name: wfivefivec
Value: sLztyCVB1Q6kw85
.hspvst.com/ Name: VIP2677
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUm50b3twmSWHsOzcUe29UlNL5B2upS7C_a8uMrOOFLEYeRkGHD_jWL07P6eY_Q
.hspvst.com/ Name: VI2677
Value: %7B%22time%22%3A1686011144%2C%22utid%22%3A%22fe0ab9a8396533b6153ee3bd5515f44b%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.casalemedia.com/ Name: CMID
Value: ZH59CDnJEKWdTUIPerALDAAA
.casalemedia.com/ Name: CMPS
Value: 3177
.casalemedia.com/ Name: CMPRO
Value: 3177
.bidswitch.net/ Name: tuuid
Value: 2491c702-9fd3-45cc-8641-cf941e071983
.bidswitch.net/ Name: c
Value: 1686011144
.bidswitch.net/ Name: tuuid_lu
Value: 1686011144
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.de17a.com/ Name: guid
Value: 1.6630368038902902732
.3lift.com/ Name: tluid
Value: 3101317178932013099735
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 5714AADD-CF7B-487F-9FF4-A18548D62033
.blismedia.com/ Name: b
Value: 647E7D0817EEC48929B91188BLIS
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%sgRMsN!]tbPl1M>e)ZlrFUfJ+tGXxpKX?ieja:PD`FT@IKPoR!8C?y[Lc0OeFX<ZEN*bpRz*qF1`*b`pq*GuOK
.simpli.fi/ Name: suid
Value: DE18247059094916B42138F2ADD0FE5B
.spotxchange.com/ Name: audience
Value: ad223998-0400-11ee-9a8f-1eddb0c50206
.yahoo.com/ Name: A3
Value: d=AQABBAh9fmQCEF14n0UuVYqMXVwYmtjKRpEFEgEBAQHOf2SIZOANyiMA_eMAAA&S=AQAAAjj2dsA1bbA7WXEGufHkTMU
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjMwNjSzsDSzNBLiM9SNiiwzKSq2rMopMQwHACQyJ5ElAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZmFmYGhoaGJiYWgIAG-mhIgQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjMwNjSzsDSzNBLiM9SNiiwzKSq2rMopMQwHACQyJ5ElAAAA
.adfarm1.adition.com/ Name: UserID1
Value: 7241362728467822747
.w55c.net/ Name: matchgoogle
Value: 5
.mathtag.com/ Name: uuid
Value: ee4f647e-7d08-4701-8048-f4585cfb89e9
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yl~2c20:18yx~2c20"
.mathtag.com/ Name: mt_mop
Value: 4:1686011146
.lijit.com/ Name: ljt_reader
Value: GxIZtGZHngOdlq9LQIOEANL3
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZH59CQAFVzICyAAD
.adform.net/ Name: C
Value: 1
.turn.com/ Name: uid
Value: 7758627579987515416
.360yield.com/ Name: tuuid
Value: 854451ca-d9b9-4487-9ef4-465957da495f
.360yield.com/ Name: tuuid_lu
Value: 1686011145
.creative-serving.com/ Name: tuuid
Value: 10ec42ed-a125-4367-b737-025b041a0fff
.creative-serving.com/ Name: c
Value: 1686011145
.creative-serving.com/ Name: tuuid_lu
Value: 1686011145
.tribalfusion.com/ Name: ANON_ID
Value: afnsIHmge06ousnA7jvZcxfFVQES7TgleZa85UBlqGHPQLb1YMIE5kiEIOqBxvZbDt0fkKjZd9QSry7NXZcLqZbPg9V0B9
.adform.net/ Name: uid
Value: 7382172270944847332
.retailads.net/ Name: ppb2172
Value: 2769703075

21 Console Messages

Source Level URL
Text
network error URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript error URL: https://ye-mek.net/(Line 39)
Message:
Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x69807j0b5.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686011143305&bpp=4&bdt=473&idt=168&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&nras=1&correlator=3070194810937&frm=24&ife=1&pv=2&ga_vid=507540644.1686011143&ga_sid=1686011143&ga_hid=1107654582&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31075067%2C44772268%2C44788441&oid=2&pvsid=1123457220321230&tmod=2103150481&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ljfsm6kqz6gh&fsb=1&dtd=182
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://hb.emxdgt.com/?t=1500&ts=1686011143512&src=pbjs
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://as.ad4m.at/ad/dr?ed=1hcjd31yrza1r1bdnqf7rq0adh7qnady4dtnest6p1vxzg39964gmp7q4actcefghas8h1j8ctt8g7ygxrs3mwgdtn06qvh5v6s7tv9hjgjbr3c66sznn559v102btr8ctnyywjcfkzgkny10zsgmqtr17wjgtgf873y0hpqght2x2w7xtpk0kc7r5808k0arnar6wy66nggw0sc8w8f2v5f9k7bs32b8z1nvx6erg3e9p3r2cvf2s1c6hbj8jn4xbg09jw7p3wbtak7wf3s0xw9wna68vzfn1g1f9ge22gdw1s3a94a84avqgvc7t2fz8fqjh2q5rq36nvhv2mr267cs818f92yfvbdrkez21jjh1v2wpkjjhwefvsj9bhk567am6grbhzrg74wddnxg2j5q8bccvvbczer1281qadb84zwvgsqa6xkfgspp12wyccsamwg1w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/dr?ed=1k4pasxdxbbk21k35bcspnp9szxbvb1d22ewq7zyg0e7mahk85x1c0jbjesx6rbgvp09nmcpzdvk9zhe6q8222e8j1kffjsddqa1yxnp27xqskgp4zg9pzbxv9hqty2eca68sat7b3rf0mzajrr287v79k3s42e2ej222tqa44h7z6q343ee47cqqqv8aqssqyf8jceywe6hyy3cgr1a6g2z5sjmsqz00t5409e5pc5695qamf9qf8epd3mfwrrxydk61d0zqbpjk7fxfew90z60vac3hwqc0s0ht5579h8q9tjqe32yw0kwevkj8893dt7shpxazj57pa9qh9wmr352568nayf40cp37vr2h90zd8xyt9x34c4vp9skywb8w72rh2dvxa4b8zam68f5pqa2fed7djx4etssh0xbdgwys4rdyvz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%26client%3Dca-pub-6593523210010154%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
worker error URL: blob:https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/7ff603f7-461e-4820-8619-d65dbebb58d3
Message:
Mixed Content: The page at 'blob:https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/7ff603f7-461e-4820-8619-d65dbebb58d3' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/7ff603f7-461e-4820-8619-d65dbebb58d3
Message:
Mixed Content: The page at 'blob:https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/7ff603f7-461e-4820-8619-d65dbebb58d3' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/ac2c9ff6-58cc-426d-b157-dd6d14422842
Message:
Mixed Content: The page at 'blob:https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/ac2c9ff6-58cc-426d-b157-dd6d14422842' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/ac2c9ff6-58cc-426d-b157-dd6d14422842
Message:
Mixed Content: The page at 'blob:https://7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com/ac2c9ff6-58cc-426d-b157-dd6d14422842' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=919617d6710dead59f2912fabff3d1ca%2F12388881068457119529&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686011145721&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j6e702kjcjt54137b6hdq9h2ezh4drb1recj72nxdda3wdhkxxkn6zrj2wbtz19t9y4xmyn620yt3b1m3wfcz20cnfdk3wzpd1c2xvarbkeqd4zwrassj07vp38efw334smmz5fgndc1sscv8jt52npkbw6a6t1yme293c73rmhmjnqh3wehekrdzsp3fep9vm4902rrm875y68ezyp0b3esc70akpp4zwyzy0nkjrr7wzs437tamdqm1j779zdx2q9rrghkgm60hwd5yp5a77yd4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCsKPVB31-ZP-EO--V7_UPmc21qAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJ1lSzY7fixPuACAKgDAaoEgAJP0Gml0d9z0plprlSeR9oiVMfGcsu8In7oCgGXotmenEU664gbnqV7eGq1MNqi15uMWS-wrt5PXNWQAiaIHl3cwCMdqzA-cQBMDs9Rf_Jzz5eSazqS0ZRHnSI3pHIABIQjMnXDIYA6kvJgKYVvwallnr5oBa3JC37DwUp913jhuQYEy6lV4rnajQbVdcZqyUgvW6yrYdhaRK6DIoPHyErBvk3Jj44pHruduc0Xwsz0H5lR87sbg0st83eYB6CCNXfF5dt3shkzWLLTVrxrFiQg-sb05Tgjp7RH3FFUnekA9ntCeUz7C8gAw05_aAhXp9q1U1loJUKyIejzyHgfzulX4AQBgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3sDbOf2MTMr3kKZBTnz-t9deBMVQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=141546094973574f76a6a2258b313ed6%2F5876744579672059674&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1686011146167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hhgwqmx1b34getmeh4gc01fp8nrfdp0dqgcmht00hbgdv2ffn0yhtgggx56snpeeqkrcnced8esyqtb17pmw2mh6sr4d36qgqh8tet3xrffkqr5cky8cwk06s0beety7w9jc8ac54azq28sn1kgqsy9v8srv5n4a051hc5k131gnkz84r2m4660e67mas3z4eataqf8ksztmfk55wm9sfds338y221vrp7atpeb2s0pc1wfe7468zz1vyskqyxw2j6kewvn9jcv9rw0p2sg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMLBdCH1-ZKXKJJS_9u8Phauj0AKQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQInWyDC5vqxPqgDAaoEsQFP0GuItOyIeKTyKCqyflUwFuZh0TQvB8SNJEknCucE0LzXp3qyFQnZtcd8CwWqLyVTifAybl_-RLPclIlr-igpZvSaWCoy9_dYKUCjgBSbN4ORbLeVZ2nIcfMMYkz5_RQ4FkTRanxWNy5ZlIh4DS7X8bOomyqbp8xtXt96NQ3HZpVz_1uTQ0LdOhL_5SMh4kVYW1aEF2dT1lOTNeGPXMw8cJgd3iNrym0AxMCXb_970faABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29pK0ix3VPkUWZh7x0hk-sY-F7vA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=5714AADD-CF7B-487F-9FF4-A18548D62033&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
7b316b89901a62179061a89c71cde6c0.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-server.eu
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.creative-serving.com
ads.pubmatic.com
ads.w55c.net
adservice.google.com
adservice.google.de
adv.office-partner.de
adx.adform.net
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
bidder.criteo.com
biddr.brealtime.com
c.4dex.io
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
cdn.retailads.net
cdn.track.production.webgains.team
cdn.ye-mek.net
cm.g.doubleclick.net
connect.facebook.net
cpm.programattik.com
cr.frontend.weborama.fr
cti.w55c.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
feed.pghub.io
fonts.googleapis.com
futalis.de
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900019.redintelligence.net
hb.emxdgt.com
hbopenbid.pubmatic.com
i.w55c.net
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images.dmca.com
imasdk.googleapis.com
match.360yield.com
match.adsrvr.org
medialead.de
mp.4dex.io
ng.virgul.com
ng2.virgul.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pcloak.blob.core.windows.net
pghub.io
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.rubiconproject.com
pm.w55c.net
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prod-rtb.ad4mat.net
pv.medialead.de
px.ads.linkedin.com
r.scoota.co
r.turn.com
rtb-csync.smartadserver.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.h.w55c.net
s.tribalfusion.com
s0.2mdn.net
s7.addthis.com
script.4dex.io
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
static.virgul.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.hspvst.com
tags.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
um.simpli.fi
unilever.demdex.net
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.cloakan.co
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
ye-mek.net
hb.emxdgt.com
tags.mathtag.com
104.111.217.42
104.21.69.217
108.138.36.15
108.138.36.69
138.201.63.117
141.101.90.98
142.250.185.66
142.250.186.166
142.250.186.98
145.239.193.130
151.101.2.49
151.139.128.10
154.58.197.185
167.233.13.224
167.233.14.134
172.217.18.6
178.250.7.11
18.185.19.103
18.66.190.43
185.29.132.245
185.64.189.110
185.64.189.112
185.64.189.115
185.64.190.80
185.7.176.222
185.7.176.223
185.80.39.216
185.86.138.151
185.86.138.155
185.89.210.212
185.94.180.125
192.229.233.53
193.0.160.130
2.18.232.7
2.18.233.201
20.60.220.36
2001:678:cb4:bbbb::11
213.155.156.184
213.19.147.44
216.52.2.48
23.206.208.114
23.35.236.188
23.35.236.201
23.56.202.187
23.56.205.163
2600:1901:0:76b9::
2600:9000:20c3:b200:1b:5138:8a40:93a1
2600:9000:237d:a400:1b:f040:3600:93a1
2602:803:c003:200::41
2606:4700:20::681a:61b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700:20::ac43:4bf1
2606:4700::6812:19ad
2606:4700::6812:272
2606:4700::6812:7e05
2620:1ec:21::14
2a00:1450:4001:808::2001
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:828::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a01:4f8:d0a:2321::2
2a02:2638:3::3
2a02:2638:3::7
2a02:6ea0:c700::17
2a02:fa8:8806:12::1370
2a03:2880:f084:d:face:b00c:0:3
2a05:d018:d29:3605:4761:f2ea:372c:aa4
2a0b:4d07:101::1
3.122.8.193
3.126.192.167
3.33.220.150
3.75.62.37
3.8.42.199
34.102.243.38
34.111.129.221
34.111.131.239
34.252.159.132
34.254.167.178
34.96.105.8
35.157.134.200
35.176.6.129
35.186.193.173
35.186.253.211
35.204.158.49
35.241.34.106
35.241.45.217
35.244.159.8
37.157.6.242
37.157.6.243
51.89.9.253
52.19.198.230
52.215.85.23
52.46.143.56
52.95.126.138
54.228.185.250
54.76.176.197
54.84.97.211
54.93.152.195
69.173.144.138
69.173.144.139
74.121.143.241
76.223.111.18
77.245.159.14
78.46.90.238
84.200.5.215
85.111.6.48
85.114.159.93
94.138.206.83
94.23.99.218
98.98.134.242
99.84.87.107
00867e4aa81a541e2fad8ba10b2c4e9a6b137bdbb4ba13fb1a38d2fea88cb41a
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
038364fd14edea25399eeb86fafc8f72062c5db35d4e64a073dd07eba88f286b
038c545ef084b3fe9e6c446e8080e4d6be85650256a782e67219ab547aa65c82
0588a4a631f559882a5294929d3cb477c46ded26d68505d4b2b02b5b899dc5cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0913db42f0f2db4dcb1b2404f4bd8071a21ee13a08f855db9e99adadfbd0d733
0a586493541196f5fe385db8b6053de264660ca21f625cddeed85848c51df5a3
0b17d8c6d4a35078eafa35d9b0d468f4b34f4ba4a09800a25598ed6f65bb4edd
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c23f6a48bd83f8880c0b081d28bb96a001e5af3fab7edf77c9a79dc0d96e188
0dbbd20de7b0865fc8e4e43ab1c4541cdbc5832455e90621ce7b87dfc6988c24
101470fcde40e5ad29c691a0cc4276b7e311972a8e02a684f19db29fd4698645
10eab49762ff14b457ddc96021b02a1dd01aff6626f2dd5bbf08a54e2aa5fba1
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
160d1864783c67f39eb03bef232d860b57aba8f26003317974a774a3d5146345
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19ea605e3d74ff18b6cb722e699de7cc47d7f01afa7bae0b25dc39f9141d5552
1aebfe69d3a53d318fffd81363cf8b90c3e9619def25e28f10e88c34e712d793
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e3a7651e485bbd08be45c3794ce29db6668bd23f89ef0f62d86ac8f6488378e
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
206d936128d5106e1b85b8f3fcbcbc138c5c6eb107c5f427bff0fc34f4040374
208660c9792b97b9744ed4fdeb6b5cd7a8b831fd2415d42718391741bf1967c1
2214a9c42ac416d027c9814595f62b198356d64ee8eebd6cef1ab5ba1def247d
222e839deae40bf57b859b6fcce58ee35d0e9e4e418ab9473bac43772b4945cc
229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
25b0fc18fa46dfcb28fdab9b486f78a11dc35790fdfc410b1af2c062410e14d9
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
29171ddb1bc1d6cd70b4f75fa8a66c58b843542ec15e10c1047db5c41f5886dd
29baddd2317a5ecb3e583247931b8433a51135a2decfab0e8d3b7cf8b53e76fa
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2c481ccdb6e10e0136132ac25c732c873df15b1cf23a063a714f63606159551e
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e88862c2bcbf490aa92addb66d5df3b2207580a5f3c861df82fd10f0c0c265c
2eb2914e0253d3d949c2aad28f6f109c7b3a67ef37696a4496592837c0f9d7a4
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f51705addd284a43543035d26d3a9bb0b9941e499583afa5c18b924a1aec453
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30a5a969eb05312525571f19a0ef06fb7e2a7b467b969fe9993cc499577ad75a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
35b21209877b5b74adcb3a1bd21f8fd45a5ee0ea13d754f7d69bad34147800bf
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
39ddfa0e149ffe66b2480afecb8501822ac2d7aba2f841103eb7caab5ab7fe2a
3d0bc134f9e7eb2d2dfccb38205a141bc8a74af8df6959e3741a6d4e85b71414
3d10738d0985aa0c149a83f9a4dfb4ba694247917ece47662da88bf811c37b58
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
40e79ea3833e391579a893edcb1311f9d82372fcf6ad18ebd245b7535bc2eef1
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
44599523c212eadb3dd1f6da161eceee9aa9d6fc71906dc7ec2b71d05fd72399
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46fc1b0b99f93f4bebfe5d97bb85194fe5990561107a6c921b9c02af73ba13b6
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c5deb00f38b73c0882d773ade1a2084150544c3129128fc0655f419ef157e93
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e61c4c6f2c0c52c9b5dadb303f0db1128715c2e8819a50b1d24c6d7089fbebb
4f6807cb9aeeaf47ed6d98f39015d941001a5308cf4f2590b81a4d3b65728ca2
4fc9cd0ebc8513e8a6188191ca83e134d2ce8bc8c86474bb972c2c568f23c527
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
53134d8e8b6d839bbf41018b3502fb74a7061c5699cddd5fc2460e4e3aafc8bc
53d6ea5eca53713dec5cfc9ac5eb5684756835e59aeb55b76a6ff80239893da3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5776bffed7ddf8e7d01fd494cab06180cf52bc16edcebb94b20035a2a4148d36
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
60d1b27fae6b92ce48badf66a677c1170a9ae6e97fa91a5e1c21c4ebe59fc811
60f46bfd81485e775d3ba7208cd1de8eb706639b1aaa338f371676199625faa7
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f71ee8352ec04befb52f4526446329daf8f614719c248a4d1296dc01781505
64af7a328ead4e6e3e77587ae81c88a4156eea6f476df565496f8f46d89d255f
6594fd4d569d83128239d65be3c71777426a58805bce24785eae672180bf0cd8
66c959f9c66c9d93e6e80b887a34c0d39f206dcf48d1006352878eb03ad8b729
67b8b0bd3ffdaf202f423e8a6e71e2481491275cb91d3205b1d7c1b27ea672b6
68bbcab002cfe978fe70454b240f442046de6170bdef247b98f4819f1e7f2417
691257cf7d510da3434f5eedca2b2e0137949c698e3750c7705526a1ee75684c
692093ef20830aec5e55efde27578dc706a1e8526b77aba20df78ba94bcfec89
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a88e0d82ba2998038cc86adc47bfb48d21e6114e18d97f0ecd05f5df519a95f
6abeac389ce1fbbf8140ce124532a733ec8bcb9b518cd57a0b75136a7c41a0eb
6b7e05564f91fc8ac5e933d73eb80f92bc95037220fe493bd7d617bf24d4aa00
6c6d900511c502a6d0b97a298ecab07040eb48a8756ec785beddb35006825f0a
6c7af93df3e471d069c625fd6b01c9623ffce3e10f81a040bf9b9b2c0945401c
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6ddb9b04afe63453d2fafd12ea0bdcad9132d1368642cb2cdec3b5340351b468
6e8bade7432811a06da96799253de1b01c4715f190088d310cafa8bfeff32347
6f2ef887bd2656bb561c759678795d4f55e6fb0872d6978f9deafa5d6f243c0a
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
716a8626ab6358ce82bc4e809d46120fa9981951ce6718b860523189aeb18bf9
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73950740472b6965bd4ea8e08993d1abce3447c4a12d6cac6ddeefde3a698f50
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
747dafb0b3858b83992fdaedac2b930a92004d4add4914151c7cf05be61ebcea
748e8228aca30d52882fef7f711864f04d3901f8ec4e445fba8974a9491050b6
75a2d792f308a098933d39680dde3bed5589d7d3dce592faf4cd823dca9fbc9f
7619efea4ccd65a5edde7db90013478309541941826ee2aacacaf95614043b87
7adb9c1ca1cf733b23aa6bac2b3348009075010a999669ec43cbdf82f7a6ce3f
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
7cc53b9adf139d3c48666f76e1d316281c5e9065f7eeaa3fb329057c397f83e5
7d204c1db9d0b9f4e3c0e89b93253f44357689f6bd9b887752e08cbd77fcf3f9
7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0
80d5376e68f3824be9e97919bdc5ded99f0103ca92bc92717b46bb4f394d3402
842c88bbde71118e56fc313dbe3ad3d9e5dd9b3b9913960838734a29e5982b7e
878de60769bec438439f67e4a6facea40f500e79c90118ab9137415159f0f003
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b2efcc15b3c3cbb0013d0b563b89640d9a58946a714664fe835463dd4fab2a5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e5551335c8d5643935c3058958d8f6085ddbbadd9bea2a6a6be382aadd93e8e
8f29e1391beece7562de5598316e00a52908fc9df484c3d0a4e4164402b82b32
904d57c2734478af402ac7c17566dc17fd1821e78055940daa321792b800a214
91d182f1178fb24917ba35d7123176bbff34aab4a0e1bbdaa385ac04b9fe7bfd
9346dfe679ac5dab3ab193e515fcf9205aecf01c7052bdf57f24b55d64d1d2b4
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
945c1791f9111652026e898861d692d6943525bbe49fb5e2b33bdd29140ed2d7
96aa3667db041dd0f9351d85ca19b7485bf1dad1832ae2099c65cd5a11841275
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
972755983c98afbfb107d5b6da02f1eaef49d9bef146531bf655142633effb76
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06
9a5c9814ff59d799f8501c1a636a556c0c42b529445e9897729e94314b14f9b3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa15f3d270011a0d81029fc96091ebec29d9cd93a32ffb12eda6e0db7649665
9b38d88b1023d2badd893cbb744210baf4a8f01a2c36f2efa8799dd86440cf2c
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9ceb7464fd907c8a73e70b85c142e987072812977b9a17e742a734b50be481ad
9d1738a30db124d9ea7b3201fc5b72f1d50ca4f113aa1f94091b6e37587e9ac0
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
9fcb1f44c662d22fb6145cba631fe848dc79bc290cc3fd00dac9c4f2c8ac69bd
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a23fa775e1ab1d33c8c8182f665ee481ed538bb588846dff48380cb5c35cb8a3
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a401ab3b7ec5aad2e82fd1df7e4b4c9eb24ea37d3689ffd3384ceaafd4571226
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b502beaef6be86daf64aca46fa4f4314de9db352fa312cde8a5d015ee85c22
a6c41d442fbd4f5a62c31d4d210c888415b13db4abeac987ecb7156929146006
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a8f7c822ad63a849206f187b5b4d812340f1b9a6b276d4b65d5510d7eea52657
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
aa022b304cdbc35574b2b59a0de7bc991c1c1bdebdf0ae2e20ff79ff6121552f
ac2429c9dd60bbe0eeab4fb4322667db2a3566125b4a1d772c488381de05b9e6
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14e60ceb6b4ed93aba510369a7161b77daff472e5b215059c9ed4775e757133
b2da82b9515badabe46928ce6c1a0811a05116daf6d19ce85ef940270c040109
b438fcb0b6409866bcf245a57397590528a9db351cceb09953f27f9105069895
b5e9d76eec635e0776622e5b5a00cce7a062a8876f268f28f79f19c0d3220c0a
b626cb98565e377b5fbb449fcb91acaaa421a333bcea9850b70ac58cf9fc4432
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde
bc2e26177f588d00532e822475b8d68898fe177bb53d78f7c83c2090fc71a079
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c
bea8d71fab49f78e36cedf624ad1adfe53342d31d819e598948280425cbd7de5
c0cea4726e5d14265b7d8c58d88f6ae4aa5459bae7771aefd6579d7e1ecbbb8c
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c21f115524e9e4a50120f3e71d42530bb0341b3c847b568558e4f41385c427fe
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c3269d90b3fdb58e163c5d9a037b8d8873beb5688f1b00506ad9cf28c1c65892
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9e844af4410cf57f0d04198c29d49588aa62ffa9f17905b3123005191d6dc7e
cce86358aefed3ef34b6bef869dcc25ccae198205118ac0a680aaf84bd93eb42
cee24400374220190dbbe92c4936239fb6b23604dad30937caa1d9e2e2b6cad7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d055867437abda4ae890a687a7b12a2451dbadaad7c7ed70ac114b4cde95f160
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d
d469330093a2cebd898628a339df6abaf5edcb89e85769ff79840371195a7d1f
d4919c0899a5c816320524b44d3512cadb733c4bf0b3592f2f802566902b4341
d5544013c9c882cd032a4ed06f6f8338f6fce934e82311a1267f59b5e717c4c7
d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
d8b88e546c86f01f35e95c04abb21cab9bf6ee21145ad7827eebb0364c6e9787
d95c58ca837df68de7be1fbf761df4e9fe88e5983357baccde4ddddaf7aa2b16
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
debbcf90c9264f7564e41182c3aa2821bcae7154cc12ba724d3073dc9182a11f
e09c62274a0d96f7c1bb7c530df7fe9cfabdf263685d1112e6f0b99e60e442b9
e113d2b4151046dda8b1bd032cd839491a1ad95b7d0fb349c4f0966d69374cf8
e23d026372bbff6824bf24732f4d37102c28471a8b7c4521e2e371707434cbf6
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e56aac528376e68aa022b8644fe38365668080de50bf4158ed8f89d7ec8438e0
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e83a6e6d3b514c443964ced040878fe12d03f326240804355adc29084ed7ca8c
e8f206722d43879dc706b4270e95add2fb8ff20785b9ff7c2bf2bab8f4012435
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
ea8f240546897acbfea3e09edecabc3ae63892d59dd7ae5416ec1813f8278a53
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
ed3c3f2dc6b3a4c69017c09ffe98e350530ea53791ae94be70322500a0bfce8a
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f417034e954f35355ab26de74d5f0345e87815c5b5ca8e3963be6fb4377c78bd
f466f019fb298001391f4aa4bfd22b8fb45f356f4eaafe28e8bfa7b551656408
f47da0b8eecd2764b1e23bce508f8654b4d50c84ca0344b65235ac3d954cff5e
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f84d9fd6d7aadbbf8e71e27856b60535e04f115518e78aa36f99ac85ecb5eeb7
f92913aa57f03ca29c3abb2e250286bf31567308566d8c9d82862013d6816f38
fb578159169bb38173ca68b7f9ce061b18af4e4e6724bf3c9c3e745cc954f177
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2