urlscan.io logo urlscan.io
SecurityTrails logo

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36  Public Scan

Go To Rescan Add Verdict Report
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Submission: On May 26 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 89 IPs in 8 countries across 62 domains to perform 410 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.
This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 20.60.220.36 8075 (MICROSOFT...)
2 77.245.159.14 42868 (NIOBEBILI...)
3 94.138.206.83 49126 (AS49126)
1 2a00:1450:400... 15169 (GOOGLE)
40 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2a00:1450:400... 15169 (GOOGLE)
2 151.139.128.10 20446 (STACKPATH...)
20 185.7.176.222 42910 (PREMIERDC...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
33 2a00:1450:400... 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
3 52.222.208.154 16509 (AMAZON-02)
1 35.241.45.217 15169 (GOOGLE)
2 185.7.176.221 42910 (PREMIERDC...)
1 34.102.243.38 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 13.32.119.77 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 184.30.21.51 16625 (AKAMAI-AS)
1 3.122.161.136 16509 (AMAZON-02)
6 2602:803:c004... 26667 (RUBICONPR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 216.52.2.48 30282 (AS-INAPCD...)
4 185.89.211.132 29990 (ASN-APPNEX)
4 85.111.6.48 9121 (TTNET)
2 37.157.6.241 198622 (ADFORM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
1 185.89.208.11 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
30 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
1 2 52.48.217.237 16509 (AMAZON-02)
1 2602:803:c004... 26667 (RUBICONPR...)
15 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 10 2a00:1450:400... 15169 (GOOGLE)
8 20 142.250.184.226 15169 (GOOGLE)
1 23.215.16.120 16625 (AKAMAI-AS)
1 37.157.6.242 198622 (ADFORM)
3 185.29.134.249 30419 (MEDIAMATH...)
7 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:223... 16509 (AMAZON-02)
4 144.76.91.199 24940 (HETZNER-AS)
1 95.101.148.198 16625 (AKAMAI-AS)
7 2600:1f18:1ac... 14618 (AMAZON-AES)
4 138.201.63.145 24940 (HETZNER-AS)
4 23.201.255.110 16625 (AKAMAI-AS)
2 2600:1901:0:7... 15169 (GOOGLE)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2a0b:4d07:102::1 44239 (PROINITY ...)
1 2 145.239.193.130 16276 (OVH)
1 2 2a01:4f8:d0a:... 24940 (HETZNER-AS)
1 167.233.14.134 24940 (HETZNER-AS)
8 18.133.209.175 16509 (AMAZON-02)
1 1 94.23.99.218 16276 (OVH)
1 54.76.176.197 ()
1 2 2620:116:800d... 16509 (AMAZON-02)
1 3 2606:4700::68... ()
6 6 37.157.5.132 198622 (ADFORM)
1 2a02:fa8:8806... ()
4 15.197.193.217 ()
2 2 185.80.39.216 ()
2 2 34.252.177.111 ()
2 2 3.71.149.231 ()
1 2 104.102.35.84 ()
2 2606:4700:20:... ()
3 18.66.147.120 ()
2 99.86.4.52 ()
2 3 52.46.151.131 ()
3 5 69.173.144.139 ()
2 4 52.95.125.22 ()
4 4 69.173.144.165 ()
1 2620:1ec:21::14 ()
1 1 2a05:d018:d29... ()
4 2606:4700:20:... ()
1 2 2a02:2638:3::c ()
1 178.250.7.13 ()
2 104.102.45.165 ()
10 52.56.253.51 ()
1 151.101.1.108 ()
2 23.32.184.192 ()
1 2 185.64.190.78 ()
6 35.241.34.106 ()
1 2 54.73.43.225 ()
1 1 185.29.134.248 ()
3 185.64.190.80 ()
1 1 193.0.160.131 ()
4 185.64.189.110 ()
1 1 178.250.1.9 ()
2 2 213.155.156.165 ()
1 54.76.92.86 ()
2 2 34.111.129.221 ()
1 34.111.131.239 ()
1 35.204.158.49 ()
410 89
4    20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pcloak.blob.core.windows.net
2    77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com
www.cloakan.co
3    94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)
ye-mek.net
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
40    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.ye-mek.net
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
images.dmca.com
20    185.7.176.222 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
static.virgul.com
ng.virgul.com
ng2.virgul.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
33    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
adservice.google.de
34    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
2    185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
c1.imgiz.com
1    34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com
feed.pghub.io
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net
aax.amazon-adsystem.com
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
1    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
1    3.122.161.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-161-136.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
6    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
4    185.89.211.132 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
4    85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns1.ttidc.com.tr
cpm.programattik.com
2    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net
prebid.adnxs.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
30    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    52.48.217.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-217-237.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
1    2602:803:c004:200::155 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
beacon-fra2.rubiconproject.com
15    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
20    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
1    23.215.16.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-16-120.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
3    185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
7    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2600:9000:223f:c200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de
hal9000.redintelligence.net
1    95.101.148.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-198.deploy.static.akamaitechnologies.com
pixel.mathtag.com
7    2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
4    138.201.63.145 (Esslingen am Neckar, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de
hal900010.redintelligence.net
4    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
24    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
2    2a01:4f8:d0a:2321::2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
1    167.233.14.134 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de
futalis.de
8    18.133.209.175 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-209-175.eu-west-2.compute.amazonaws.com
track.webgains.com
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
1    54.76.176.197 (None, )

ASN- ()
ad-server.eu
2    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    2606:4700::6812:18ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
6    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2a02:fa8:8806:16::1400 (None, )

ASN- ()
dclk-match.dotomi.com
4    15.197.193.217 (None, )

ASN- ()
match.adsrvr.org
2    185.80.39.216 (None, )

ASN- ()
ssum-sec.casalemedia.com
2    34.252.177.111 (None, )

ASN- ()
match.360yield.com
2    3.71.149.231 (None, )

ASN- ()
ups.analytics.yahoo.com
2    104.102.35.84 (None, )

ASN- ()
sync.teads.tv
2    2606:4700:20::ac43:444e (None, )

ASN- ()
static-de.ad4mat.net
3    18.66.147.120 (None, )

ASN- ()
analytics.webgains.io
2    99.86.4.52 (None, )

ASN- ()
cdn.track.production.webgains.team
3    52.46.151.131 (None, )

ASN- ()
s.amazon-adsystem.com
5    69.173.144.139 (None, )

ASN- ()
pixel.rubiconproject.com
4    52.95.125.22 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
4    69.173.144.165 (None, )

ASN- ()
token.rubiconproject.com
1    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
1    2a05:d018:d29:3605:ce3c:c11f:c01c:6fb9 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
4    2606:4700:20::681a:bd1 (None, )

ASN- ()
ad4m.at
2    2a02:2638:3::c (None, )

ASN- ()
gum.criteo.com
1    178.250.7.13 (None, )

ASN- ()
mug.criteo.com
2    104.102.45.165 (None, )

ASN- ()
www.awin1.com
10    52.56.253.51 (None, )

ASN- ()
api.webgains.io
1    151.101.1.108 (None, )

ASN- ()
acdn.adnxs.com
2    23.32.184.192 (None, )

ASN- ()
ads.pubmatic.com
2    185.64.190.78 (None, )

ASN- ()
image6.pubmatic.com
6    35.241.34.106 (None, )

ASN- ()
c.4dex.io
2    54.73.43.225 (None, )

ASN- ()
unilever.demdex.net
1    185.29.134.248 (None, )

ASN- ()
sync.mathtag.com
3    185.64.190.80 (None, )

ASN- ()
simage2.pubmatic.com
1    193.0.160.131 (None, )

ASN- ()
p.rfihub.com
4    185.64.189.110 (None, )

ASN- ()
image2.pubmatic.com
1    178.250.1.9 (None, )

ASN- ()
dis.criteo.com
2    213.155.156.165 (None, )

ASN- ()
d5p.de17a.com
1    54.76.92.86 (None, )

ASN- ()
sync.crwdcntrl.net
2    34.111.129.221 (None, )

ASN- ()
cr.frontend.weborama.fr
1    34.111.131.239 (None, )

ASN- ()
idsync.frontend.weborama.fr
1    35.204.158.49 (None, )

ASN- ()
um.simpli.fi
Apex Domain
Subdomains		 Transfer
68 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
838 KB
50 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
282 KB
43 ye-mek.net
ye-mek.net — Cisco Umbrella Rank: 414703
cdn.ye-mek.net
624 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 32812
ad4m.at — Cisco Umbrella Rank: 10585
assets.ad4m.at
2 MB
21 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 811
fastlane.rubiconproject.com — Cisco Umbrella Rank: 469
beacon-fra2.rubiconproject.com — Cisco Umbrella Rank: 11912
eus.rubiconproject.com — Cisco Umbrella Rank: 566
pixel.rubiconproject.com
token.rubiconproject.com
36 KB
20 virgul.com
static.virgul.com — Cisco Umbrella Rank: 68795
ng.virgul.com — Cisco Umbrella Rank: 62090
ng2.virgul.com — Cisco Umbrella Rank: 67803
233 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 373
327 KB
15 google.com
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
3 KB
13 webgains.io
analytics.webgains.io
api.webgains.io
95 KB
12 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 835
static.adsafeprotected.com — Cisco Umbrella Rank: 595
dt.adsafeprotected.com — Cisco Umbrella Rank: 569
119 KB
12 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 477
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
27 KB
11 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 286
aax.amazon-adsystem.com — Cisco Umbrella Rank: 387
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
65 KB
9 adform.net
adx.adform.net — Cisco Umbrella Rank: 4394
cm.adform.net — Cisco Umbrella Rank: 1155
c1.adform.net — Cisco Umbrella Rank: 562
dmp.adform.net Failed
5 KB
9 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1351
mp.4dex.io — Cisco Umbrella Rank: 1975
c.4dex.io
25 KB
8 webgains.com
track.webgains.com — Cisco Umbrella Rank: 44502
85 KB
8 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 41405
hal900010.redintelligence.net — Cisco Umbrella Rank: 331062
80 KB
7 gstatic.com
fonts.gstatic.com
140 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
372 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
prebid.adnxs.com — Cisco Umbrella Rank: 1505
acdn.adnxs.com
28 KB
6 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 320
imasdk.googleapis.com — Cisco Umbrella Rank: 437
fonts.googleapis.com — Cisco Umbrella Rank: 35
158 KB
5 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 4147
pixel.mathtag.com — Cisco Umbrella Rank: 978
sync.mathtag.com
4 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 723
gum.criteo.com
mug.criteo.com
dis.criteo.com
8 KB
5 google.de
adservice.google.de — Cisco Umbrella Rank: 9037
1 KB
4 adsrvr.org
match.adsrvr.org
1 KB
4 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 141178
static-de.ad4mat.net
8 KB
4 programattik.com
cpm.programattik.com — Cisco Umbrella Rank: 54660
565 B
4 windows.net
pcloak.blob.core.windows.net
3 KB
3 weborama.fr
cr.frontend.weborama.fr
idsync.frontend.weborama.fr
897 B
3 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
1 KB
3 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
2 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 58728
medialead.de — Cisco Umbrella Rank: 58490
1 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1373
sync.teads.tv
847 B
2 de17a.com
d5p.de17a.com
562 B
2 demdex.net
unilever.demdex.net
2 KB
2 awin1.com
www.awin1.com
1 KB
2 webgains.team
cdn.track.production.webgains.team
15 KB
2 360yield.com
match.360yield.com
814 B
2 casalemedia.com
ssum-sec.casalemedia.com
2 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 686
798 B
2 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 154362
6 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 639
59 KB
2 imgiz.com
c1.imgiz.com — Cisco Umbrella Rank: 121400
131 KB
2 pghub.io
pghub.io — Cisco Umbrella Rank: 1628
feed.pghub.io — Cisco Umbrella Rank: 7466
6 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 157
88 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 13287
6 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
89 KB
2 cloakan.co
www.cloakan.co
1 KB
1 simpli.fi
um.simpli.fi
611 B
1 crwdcntrl.net
sync.crwdcntrl.net
265 B
1 rfihub.com
p.rfihub.com
795 B
1 linkedin.com
px.ads.linkedin.com
651 B
1 dotomi.com
dclk-match.dotomi.com
104 B
1 ad-server.eu
ad-server.eu
312 B
1 futalis.de
futalis.de — Cisco Umbrella Rank: 248600
401 B
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 195628
931 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4221
400 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 344
26 KB
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 597
397 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
0 brealtime.com Failed
biddr.brealtime.com Failed
0 emxdgt.com Failed
hb.emxdgt.com Failed
0 addthis.com Failed
s7.addthis.com Failed
410 62
Domain Requested by
40 cdn.ye-mek.net ye-mek.net
cdn.ye-mek.net
34 pagead2.googlesyndication.com static.virgul.com
pagead2.googlesyndication.com
632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
pcloak.blob.core.windows.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
ye-mek.net
securepubads.g.doubleclick.net
www.googletagservices.com
30 tpc.googlesyndication.com 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
ye-mek.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cdn.ampproject.org
tpc.googlesyndication.com
pagead2.googlesyndication.com
pcloak.blob.core.windows.net
20 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
ye-mek.net
19 securepubads.g.doubleclick.net static.virgul.com
securepubads.g.doubleclick.net
632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
pcloak.blob.core.windows.net
ye-mek.net
www.googletagservices.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
12 assets.ad4m.at as.ad4m.at
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
pcloak.blob.core.windows.net
ye-mek.net
googleads.g.doubleclick.net
10 api.webgains.io analytics.webgains.io
10 www.google.com 1 redirects ye-mek.net
632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
8 ad4m.at as.ad4m.at
ad4m.at
8 track.webgains.com pcloak.blob.core.windows.net
as.ad4m.at
8 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
8 ng.virgul.com static.virgul.com
ye-mek.net
pcloak.blob.core.windows.net
7 dt.adsafeprotected.com ye-mek.net
pcloak.blob.core.windows.net
7 fonts.gstatic.com fonts.googleapis.com
7 www.googletagservices.com 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
ye-mek.net
7 static.virgul.com ye-mek.net
static.virgul.com
pcloak.blob.core.windows.net
6 c.4dex.io pcloak.blob.core.windows.net
6 c1.adform.net 6 redirects
6 fastlane.rubiconproject.com static.virgul.com
5 pixel.rubiconproject.com 3 redirects ye-mek.net
pcloak.blob.core.windows.net
5 ng2.virgul.com ye-mek.net
pcloak.blob.core.windows.net
5 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 image2.pubmatic.com ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 aax-eu.amazon-adsystem.com 2 redirects pcloak.blob.core.windows.net
ads.pubmatic.com
4 match.adsrvr.org 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
ye-mek.net
static.virgul.com
ads.pubmatic.com
4 eus.rubiconproject.com ye-mek.net
eus.rubiconproject.com
static.virgul.com
4 hal900010.redintelligence.net hal9000.redintelligence.net
hal900010.redintelligence.net
4 hal9000.redintelligence.net pcloak.blob.core.windows.net
hal900010.redintelligence.net
4 fonts.googleapis.com securepubads.g.doubleclick.net
hal900010.redintelligence.net
4 cpm.programattik.com static.virgul.com
4 ib.adnxs.com static.virgul.com
acdn.adnxs.com
4 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 pcloak.blob.core.windows.net pcloak.blob.core.windows.net
3 simage2.pubmatic.com ads.pubmatic.com
3 s.amazon-adsystem.com 2 redirects pcloak.blob.core.windows.net
3 analytics.webgains.io track.webgains.com
3 static.adsafeprotected.com ye-mek.net
3 tags.mathtag.com 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
tags.mathtag.com
3 c.amazon-adsystem.com static.virgul.com
c.amazon-adsystem.com
3 ye-mek.net www.cloakan.co
ye-mek.net
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 unilever.demdex.net 1 redirects
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 ads.pubmatic.com static.virgul.com
ads.pubmatic.com
2 www.awin1.com as.ad4m.at
2 gum.criteo.com 1 redirects static.criteo.net
2 cdn.track.production.webgains.team 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
as.ad4m.at
2 static-de.ad4mat.net as.ad4m.at
2 sync.teads.tv 1 redirects 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
2 ups.analytics.yahoo.com 2 redirects
2 match.360yield.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 a.tribalfusion.com 1 redirects googleads.g.doubleclick.net
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 cdn.retailads.net 1 redirects futalis.de
2 pv.medialead.de 1 redirects hal900010.redintelligence.net
2 static.criteo.net static.virgul.com
static.criteo.net
2 prod-rtb.ad4mat.net googleads.g.doubleclick.net
2 fw.adsafeprotected.com 1 redirects pcloak.blob.core.windows.net
2 adx.adform.net static.virgul.com
2 script.4dex.io static.virgul.com
script.4dex.io
2 c1.imgiz.com static.virgul.com
c1.imgiz.com
2 connect.facebook.net ye-mek.net
connect.facebook.net
2 images.dmca.com ye-mek.net
2 www.googletagmanager.com ye-mek.net
adv.office-partner.de
2 www.cloakan.co pcloak.blob.core.windows.net
1 um.simpli.fi ads.pubmatic.com
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 p.rfihub.com 1 redirects
1 sync.mathtag.com 1 redirects
1 acdn.adnxs.com static.virgul.com
1 mug.criteo.com pcloak.blob.core.windows.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 px.ads.linkedin.com ye-mek.net
1 dclk-match.dotomi.com 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
1 s.tribalfusion.com googleads.g.doubleclick.net
1 ad-server.eu 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
1 medialead.de 1 redirects
1 futalis.de hal900010.redintelligence.net
1 adv.office-partner.de hal900010.redintelligence.net
1 pixel.mathtag.com tags.mathtag.com
1 cm.adform.net googleads.g.doubleclick.net
1 ad.yieldlab.net googleads.g.doubleclick.net
1 beacon-fra2.rubiconproject.com pcloak.blob.core.windows.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 imasdk.googleapis.com c1.imgiz.com
1 prebid.adnxs.com static.virgul.com
1 bidder.criteo.com static.virgul.com
1 mp.4dex.io static.virgul.com
1 ap.lijit.com static.virgul.com
1 hbopenbid.pubmatic.com static.virgul.com
1 prebid-server.rubiconproject.com static.virgul.com
1 a.teads.tv static.virgul.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 feed.pghub.io pghub.io
1 pghub.io static.virgul.com
1 www.google-analytics.com www.googletagmanager.com
1 ajax.googleapis.com ye-mek.net
0 dmp.adform.net Failed ads.pubmatic.com
0 biddr.brealtime.com Failed static.virgul.com
0 hb.emxdgt.com Failed static.virgul.com
0 s7.addthis.com Failed ye-mek.net
410 109

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2023-03-22 -
2024-03-22		 a year crt.sh
cpanel.cloakan.co
R3		 2023-05-03 -
2023-08-01		 3 months crt.sh
www.ye-mek.net
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-11-29 -
2023-07-07		 7 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
1099124734.rsc.cdn77.org
R3		 2023-04-04 -
2023-07-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
images.dmca.com
R3		 2023-05-13 -
2023-08-11		 3 months crt.sh
*.virgul.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-24 -
2023-09-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-04 -
2023-06-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-08		 a year crt.sh
*.imgiz.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-27 -
2023-09-09		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
teads.tv
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.programattik.com
GeoTrust RSA CA 2018		 2022-10-25 -
2023-10-25		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-31 -
2023-08-31		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2022-05-26 -
2023-06-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
redintelligence.net
R3		 2023-04-10 -
2023-07-09		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-04-09 -
2023-07-08		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
adv.office-partner.de
R3		 2023-05-01 -
2023-07-30		 3 months crt.sh
pv.medialead.de
R3		 2023-04-15 -
2023-07-14		 3 months crt.sh
*.futalis.de
R3		 2023-04-17 -
2023-07-16		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G2		 2023-05-18 -
2024-05-17		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
c.4dex.io
GTS CA 1D4		 2023-05-04 -
2023-08-02		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh

This page contains 51 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Frame ID: 7E31E75987FF64E1E6AE0143CED987E2
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: 92DB5175F71890651EAA839999CF8FB2
Requests: 132 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 14C090E4ECF6CD4443CBC2ED17B5CBB1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20190131/zrt_lookup.html
Frame ID: EE97BC0E0B30EB9E72C84D4A1D302616
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 8925214ECDA6FDC7C0D0EF7C92A6620A
Requests: 1 HTTP requests in this frame

Frame: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F1323A94531ED7BB7D1A460569C66603
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096333431&bpp=4&bdt=832&idt=338&shv=r20230523&mjsv=m202305240101&ptt=9&saldr=aa&nras=1&correlator=7632003967368&frm=24&ife=1&pv=2&ga_vid=1193860383.1685096333&ga_sid=1685096334&ga_hid=2062951008&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C31074870%2C44788441%2C44789923%2C44792013&oid=2&pvsid=4135818972219998&tmod=1380910158&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.5qwjfievpui7&fsb=1&dtd=372
Frame ID: 8A0BF4F391A86B08E38BC228D9828E23
Requests: 1 HTTP requests in this frame

Frame: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A253E51C365E541ED6306C939F41DCB1
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQJn5GfQIwKgF8lVu6_jkC6Bvn6JEQWNZIe4D9PIkMoGo8WQZ3Xe3p1gXB1WVlrbCujym2_UsaPgcjz_xQJ4dSYDO89yIxNOCtwyjwQ-OaaOuy8GIra1O5555W-YWUvO7WdgSmfLaH4EA4QX1mMIt8cRTycXQlIOO82VzrTqe-SEAqgd8GWsZJWmH4GpbNSh4V1T-APk4VXyuF93Yir7aj41sI2PcYeLrmtaJkPwu_o3sVmqHtieLhYKANdZF9R4BRzKJLaJf-GVzRVnMXyAEh5XLRC1eBFZ4ww03Rl8znoXc95EkJEnjIXYHqJtzgChqWReaN3Tc1NY0kn20&sai=AMfl-YQZDwz_MVlFzZRKRXAfAZQQjcog3cSHB1IBBHJHAJd6BI4T8_nMokoLiOfnudE443srGdkxj9KagAN1pmuEOuFjihibIpEg52_be04Y44Oji6cpf9L3vLfADzZ6sA&sig=Cg0ArKJSzITfcWuQhmIaEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AA1F79CCC6CD77BE15B98CC8638929C2
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYicia3gEwAQ&v=APEucNVisNps_ALiG8wkkyzWSJRklzWCeSIbXAKmn7-q4Bqx8JMsW66Q9L_BLOqlBJa3611uyfxBruVKwsdjt-ProEK-4Q-CE2v-TyHr_6h7ZomkPzAYzQNfNg-LrV2at1kUoaxm6sUgQLGLc5ppctDUiTL98Psy4So7cdx4s5oGnpptP32Psgk
Frame ID: D351C695D2766D11B5AD111CC331CA00
Requests: 3 HTTP requests in this frame

Frame: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: FFDA2D6D00DC7302F3FD229A159643DF
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032305221508000/amp4ads-v0.mjs
Frame ID: 74679549E14FA0D4CEA9C11C3806F644
Requests: 16 HTTP requests in this frame

Frame: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1A786C99B9EFCE718AD163BA29EC179F
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305152039000/amp4ads-v0.mjs
Frame ID: 7CF7B6D48B02748DFED4CA461A41B2F6
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305152039000/amp4ads-v0.mjs
Frame ID: 3C2E41B7900421315872639CA9B237E8
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334164&bpp=10&bdt=156&idt=327&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&nras=1&correlator=6910485774796&frm=8&ife=1&pv=2&ga_vid=1185872397.1685096335&ga_sid=1685096335&ga_hid=928252979&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074821%2C44788442%2C44789779&oid=2&pvsid=857899531715694&tmod=2054775726&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.uo93gk3g129b&fsb=1&dtd=351
Frame ID: 5AB62071EE06DF968DDED1439FE79F7F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334174&bpp=2&bdt=166&idt=372&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6910485774796&frm=8&ife=1&pv=1&ga_vid=1185872397.1685096335&ga_sid=1685096335&ga_hid=928252979&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074821%2C44788442%2C44789779&oid=2&pvsid=857899531715694&tmod=2054775726&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.y48ed9rmbs8q&fsb=1&dtd=378
Frame ID: E97E5B5E0E5A3D725908C615C0B748CD
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: DFB09A8760E1A3D15D5B53058CEE5733
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5B81A992AEBEAA3B7F98D01E6A88DC7C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407281013&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334695&bpp=3&bdt=298&idt=342&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&nras=1&correlator=3158054665860&frm=8&ife=1&pv=2&ga_vid=313650823.1685096335&ga_sid=1685096335&ga_hid=624338477&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074869%2C44788442%2C44789923&oid=2&pvsid=3659434229855259&tmod=909151483&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.a74zgik5xohk&fsb=1&dtd=359
Frame ID: 757ABA6AB46B6A0B8BE2CABDDBA7662F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334698&bpp=1&bdt=302&idt=377&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3158054665860&frm=8&ife=1&pv=1&ga_vid=313650823.1685096335&ga_sid=1685096335&ga_hid=624338477&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074869%2C44788442%2C44789923&oid=2&pvsid=3659434229855259&tmod=909151483&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n6f0gnnu4uru&fsb=1&dtd=381
Frame ID: F8890A02232141362C4F118CF0D391CE
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 29FE8B4276332A1A1C55CE20E631579C
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jx7tr9gnjt2ce9sxx27t5m6m5xj36qs142xsvc0mwqr1eymyn8s779p7ksp0y4tnvndjegm8jddw5w6dj8edag5vk3k7fdbe3gz45n6rxjk9b13nqppjrn5ejmph57acgb4mtwe3g499984s69c0k12y8xd76hfvfwhsj4e3zhqzz0jd8tqbs9p4k3z476cxagcae339a383x752dzw0sx4xemq2h2yzgp9j3y64s64bx87v37dtez5n2ct6qk9rpw1x6c8vz509eqmt270zqsvst4bwsrjhah5gsjz4wb99wznfdq2pxrbj4ktdt6asejjmqgpsdm4n7hw3z85fq92gnp0f3yrdzrjhqqatzd6grbn3c6d3dxn1yevk7m5qaffj91wtdwgznmeyhmwpt7t8zdavf520fa9frp775rps8fzj9zcvc39x676tvevpmd4cr92q8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%26client%3Dca-pub-6593523210010154%26adurl%3D
Frame ID: E7B9CE865C82DB2438565FA429B68365
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 015F44C8C97C54788FA9634D73DB1DFE
Requests: 5 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 7AE55AE03A55FE4A0FBB7B3E74087CBC
Requests: 2 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=40778400054361700951395012336010&gdpr=1&gdpr_consent=li
Frame ID: 86975D2EBD171DF0CE7F0B9B6AB357BB
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2750622502
Frame ID: 0E7A055CFA86BFA9A3BD8830C30FC87D
Requests: 2 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=40778400054361700951395012336010&a=a53b8c18
Frame ID: 65EB755642852D16543C05D5EC094060
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3D651C3B41297A06C720AE1959E920A0
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hwjq04z8gjcgvze10r21wer768tvw7ey4n607d3x05b6eqadz7js3rfw521e36x6hhtq2m0b10s2w514wy70f7h91bcqca520p9wpaq5pp44arevscpbrvk3cmbhtdj1cfyvwkc0xtx6ckwsgesnshatpcm2yq4chdm96hszkv9stxyfad43sxtq6ykcn34g12exeyad7dhayhqv9kpqqfe6p8wtxppnxpx0kj5ser401wrj90ncf3zzbawdqnjme7m77061s2xqxg1myxe95z3q07dwzn28eb6qsp94pxkcfv465zg0z1bc43qkd976thtbesszgv3ch6xdtkarabq5qhetkk4p00v47e29p5nwfkcm9dy68h6mjmd96rnxfq72pyqywv7xxkfkkjr4pstmq4gx7ecn5tsxyt7as9sk041jb8twyrxsj6cx1dp33m2jeapj8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%26client%3Dca-pub-6593523210010154%26adurl%3D
Frame ID: 56ED8754C31AB0A8EBC090E9D6EF9D96
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 62731AFE037503ABF2A47B721E4524F2
Requests: 5 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4C4DC76692EB27F3A943985C39B11249
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 83EDC9B0A0CDEB631A3206B66AA4DA51
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Frame ID: C9A9EFDC7726CA43C26ABC8C0E2EDC3C
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=109f293eca23ca430eb3378551e6ef2a%2F7165685274092907977&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxh06nqn6sq8sts054n5trc5zcnejwbdh5v6z4q6cdj6a7j6n8f204nrybn8hhfq94pxgzj69cqfe5gnwsjz505fhgx5j2n36qk9brtey1w2r60zftrgtr753ccyy9pejtnwxx3tyr3evm0qtxfqqp26sj01e2c6154dc41g8g2p23yjxwgvceh7m66jpekq92sa64awrddfxre5tjm0q48e009yq7ka9rpbb6ec15xrhdbps4tgqr35ea9san0nwe9xgxt6hhghgxp99zkke8d0m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Frame ID: 27F6E22D52D34FB7669F1A73D1A77D0D
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F638DBF0936DAC74204AA4BDAE37D38D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5AA583F44E3539CF8CEA2684E1CB5914
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=64c7e3725f1af83250c5ad033b4baff9%2F14934217882478561544&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335820&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Frame ID: 1427B3927CC46D666000F34A711E1088
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8C09AE55C2C2D535346E908AD338740E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 012103598274B7B5B9B52407F9E9E854
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0626E4E2670ED530DAD410972C57A706
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE0CBB3DE9B072BA0FE88EEA44AB5B94
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: EE9BF3127F60E03F90AC893F152E403B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3D067CA96D2A420B26D5B99D13AB10B2
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 89B71CE3C39E2366C79414E6AF4EB3CC
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Frame ID: C19ED202F55833B95CF8E084C3E18247
Requests: 11 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1c5d6470-878e-4a01-91e8-46721305ae64&gdpr=0&gdpr_consent=
Frame ID: CE6B99BD79EEC3757C9C59BFF3A1ADA1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455419360081138
Frame ID: 603086A9342FFC2F07A20EAC5B69C8BE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 872A00453C3BB417651A3EFFAA377471
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2986613357033322857
Frame ID: 88D33D272C967CF3C8B7517E882A269C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=63B1B3CE-38C4-4E27-87EE-D73BE236EA9F&redir=true&gdpr=0&gdpr_consent=
Frame ID: D1C843D9D750C2232D08C7FA7FF7CE7B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

410
Requests

92 %
HTTPS

38 %
IPv6

62
Domains

109
Subdomains

89
IPs

8
Countries

6274 kB
Transfer

12517 kB
Size

24
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 165
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEIPBwZWesAwGONIiBiVGswI&google_cver=1
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEAGonobI0CYhijBCkPf1tnA&google_cver=1&adform_v=1
Request Chain 201
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 203
  • https://fw.adsafeprotected.com/rfw/bgd/1352960/69587979/xbbe/creative/adj?p=APEucNVqL6oAgioxGD8L0DyOT5YPZmBp5eyf8WrkQ25ro_9dx29sOtw&d=CokBAKAmf-A6HsJz9ezWhWodVa_XRk8gVw83AXwsO7J9fpoJRxmZDrHUjxqfO2FjnCXO4SG6gZxCWhTeev2BqzceTZhrPrBl_jjj3-5kzeHA6I3RXHIrEYMFUy6OU7LP0RIKxu20_Ht_Ye2n7XQMchsE7X-AYDBMUoKIIZWErsPSJ3jFZ40JAopyu20SuQ4AoCZ_4OdlG2ize6GCXTzq-y0mBlY7iJmdlki05lU_fOHAfuid71DKU1T5Ptg91T3xVCIVv_N6Op25SZbwss-K1kKwdc-lYijznou1EOVnn4omNBeYLGLVRWdFi8aRmVOiyJuazSmig4gaF2tSzR2x2_Hcxf6oFOmZlWfzysa4vY645N9cdtPb5G-9YG2yj8M3cFx_NVyfliAQtM_ecSpNorCjRsmZWwq2wBXImoO05ehY_kBdRgUq9aBKshgNJ5k2vgjDi7Fgvj-rMsCnDAS2YC83dq2LrKLr8LUxq1zI3VNRqqFnso3JX_MxKK1YQtHf5fk1J8COuoL6NAt7Kx4N9apiv8CjutZWJYsKkaXiXG_nf3pqkDtsJtIEkdZe60QHHaoV8_SQ4DWndHyioZoT-YxIgn5ihKvoYsqs1MK8lTmV0r_AbjGKEK4_ioFykjUaPzHbvvE_ztzPjW6muRKMSO3Zm6aOoHeXyfJelXPoQqnES3jrCP5CXeHKU6Ghn1DgL9WUdQ0Rn-J-n1mhT2waLHrKJhTcG0Cs2V174aZJ1z2WkdPtkg7N9SchFYY2rC6AnIMpbxDzrg217UTdvq5WGf9pPlOR9yFkte1q-xpmt2iTs_BGvQ4HgQn1_-XBpKcCmECd2ud8w7CP8_3FeyTLcsq2sf5Spi3_t2NB2gwVP0Nd8KWW3J1rRftVJ9fyySRzYM7j0NwwHnE0EQL0vjNGBwnep6wk4KY_dFADiW67GM6OLjnkh07dNEH-9JCRoLqtQqqD6sr6fbROvkijcVqlRf9n6hZhS7PW_Rvxyu5gvtCW5KGyUnCHTaqAS-Nq3tGIzB4lznq9wZhJh_6aDWiY6Xbi8P3o-Oqkp2oMMQem524q2XdItpw6lM1tHRXg05u5pSJMC4QgE28B48lq_5uUNwuSQlZYOEviGH8D1TFQcauCcuxaS5U5-tzACIp_AGbnRGAh6zdYIJYss4VtW0pNJ4a39qSksSEpbLDshquUyIVR9VAZFWGTOJm-ubMb5SvCTbTtr0_9-cIL0gJgiU9aefWNvk3lAnz9-e4Lvh5bG5g9H6-QQNJm-Cyg5tQ7uu00AsSzpCz2BIiBHkbiYtM-1G1KtpaaLzpc6JMwmQl7q3R2BxZ8qLEuvG-ZYwnsE0BNgIvmZ4vOjaafwENFKtrYmb1P5cq2cC1WZCTETGUlPPGr6e5yx8uH14hx_0hOCEu7NPf6R7gcbdybQ7gmX72WBcBXftvSgwgrwlq0AZdLQ_Kkd4JF3BdWe7sSQgnChc1zxYZhC5IpwlDmGy5anPV70jAhlFfUn_mWK3pKUiGVdGFXKCmaKX6g0S40jQeSh2WaRvUysNGxQEh7zCJQSBod8UnSWGmiRyMPLN9Va98qcAGVt-2yMYloVXRuP_ohQ0FN9Z4_IeJUwXzqCGPnRT7dhMnRo24x5tnwBu6fP6QNYI8NZVZZI5GvcIf_IVFAw7hI_XzUAmCRFOPIgCvoCqhoKK6r7Ipjyyf2yzqM-pMHGMFkuxKFxwdxLY5BKvH1qvvE10WwtPOAn86TQekeufP_RDtrpyRwPMa-q2DTs5AKXz3V5uvG09xyREk9PEJgt58IJgLVhhEKoGvr3YxcSUZsgvv-imc6b9bWaQ14A9dLcxeo6gpxj9JtUUaVQ7OgezJkMKUfZHy1gOlNT4LaVAHZh-4ZCFGT1DnWHp8bU4tE2IY4z46Kp2PSu9Ic9MFtO5wmZOTb2zgAUq7Fpr4OkhgHHvF_Xo0YuqU8qZ96fSajSxRCe-PuWDxOLm8dS86O-POT3W9hyBx6U4lFwiRL5u6Tbg2DoRJiyEvQyzV8RutCIy1aXkOphERT8k7NWEdjBZlzO6_ClcUK9pOVIB5YfHKyas3cFjx_6QbWWpyW9Hv-BIz3LDH6_6rSx_pqwz2hRHYS0IiC_vfYDaTX4plUdzHrkbxSK4suqYMQAb_zsaqxCbqXJ9Ufomk1YMmRTcyhGayk0Z9r_g-I-ijM58Ujwbu1StNNPgqXl3Uh3zHYJf9UzyCQGKAhZCoWpt7QR2cXGks2wU_QcKDvLRKiusTHDWsfGkLRS8ktpnySfM16HR0jhUOW9Ri4vN0__7wWvhIWCFRWVKW0izgegFF9tLszdjTOVQJmWkQIYB3RVT2luV51L-1kl03TW4EJCJbHFCuZd-9kYeyknD-wdrQIuSA2FwXSnvguGkgPkzU3kyl5PWK6T3uZN3dktFuwM9gyi9x8iAetjFkSUJTItrDSEJVS7jY07B_glwPRaY61HWdsO8cGXwTBc7mR7BhDNuXOHryHupAmJsoLzaBLuJ9ae8ycZdq97Ad_cXzg8Gdvmxht-5EWeNhEIIS1o81lskD-G_4lFnd9jBz5Tnm8PjGdVDQ8_yI0Yq779Sn7q_ojoAaIZVU3Yu4vcGCPCMI_8XYC1Kg2U5wqAZcojwNoC1-IwcFH4NQJCw6FZADW6E3rGjgIBBIyAHKBCIObY_UxDCGKHgjJtloSYTO34CjekpkHyzoyP2rT3reKvY-2iMcAha71UlVcXGMYAWAB&bundleId=&ias_dspID=3&ias_campId=1010578566&ias_pubId=13760&ias_chanId=8&ias_placementId=19682516548&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i-Eq9PALqzcVhWUSvYe7jY&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=bedf&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&adsafe_type=c&adsafe_jsinfo=,id:94a131fa-d10e-8063-ab9e-fdbd6f30e251,c:dIm1yq,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-76dcc6f68d-c98xm,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tFmcuxv+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C117*.1352960-69587979%7C1171%7C118%7C119%7C11a%7C11b%7C11c,idMap:117*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:22,oid:b7c67053-fbae-11ed-809e-ea6e15eb366d,v:19.8.415,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/passback_160x600.js
Request Chain 239
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=40778400054361700951395012336010&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2750622502
Request Chain 242
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=40778400054361700951395012336010&gdpr=1&gdpr_consent=li HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=40778400054361700951395012336010&gdpr=1&gdpr_consent=li HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 256
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEE2movsbcqonKqDeKq9t_qk&google_cver=1&google_push=ATf1kGPKLs0WYP5ZI4f6jcHJ2389OvFy-8fmaDycwlo0FXotMb1j86xtjWvnsUGqOxzJ6io2QbvoBfYAn4JXKskUHjS7Dpj3MjlvGA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPKLs0WYP5ZI4f6jcHJ2389OvFy-8fmaDycwlo0FXotMb1j86xtjWvnsUGqOxzJ6io2QbvoBfYAn4JXKskUHjS7Dpj3MjlvGA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE2movsbcqonKqDeKq9t_qk&google_cver=1&google_push=ATf1kGPKLs0WYP5ZI4f6jcHJ2389OvFy-8fmaDycwlo0FXotMb1j86xtjWvnsUGqOxzJ6io2QbvoBfYAn4JXKskUHjS7Dpj3MjlvGA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPKLs0WYP5ZI4f6jcHJ2389OvFy-8fmaDycwlo0FXotMb1j86xtjWvnsUGqOxzJ6io2QbvoBfYAn4JXKskUHjS7Dpj3MjlvGA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 257
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHORGkl14n2dc-49u_kVlxo&google_cver=1&google_push=ATf1kGOArKScOYrnZF7_MdP_cfpg2PgWdIc98gu2tEbRvx58-0_Pv2x-pSGcY16scDDhhG-2YuO6FdclYm1erlkwcLfWHOEV-wa3DQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHORGkl14n2dc-49u_kVlxo&google_cver=1&google_push=ATf1kGOArKScOYrnZF7_MdP_cfpg2PgWdIc98gu2tEbRvx58-0_Pv2x-pSGcY16scDDhhG-2YuO6FdclYm1erlkwcLfWHOEV-wa3DQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzczMzAzNjg5NTU3MTkxMDkxMw&google_push=ATf1kGOArKScOYrnZF7_MdP_cfpg2PgWdIc98gu2tEbRvx58-0_Pv2x-pSGcY16scDDhhG-2YuO6FdclYm1erlkwcLfWHOEV-wa3DQ
Request Chain 263
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM6QQX-bXFrCKEPNFTFQnqY&google_cver=1&google_push=ATf1kGOcK64u1nibIb4DgbLvLu1TK2UXD-uaDf0cPaYCoHxU2XLF4fnXXPH7oZETg2OaAxySIgywDKlsipsSHwRaIN8YMKjHAfka HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM6QQX-bXFrCKEPNFTFQnqY&google_cver=1&google_push=ATf1kGOcK64u1nibIb4DgbLvLu1TK2UXD-uaDf0cPaYCoHxU2XLF4fnXXPH7oZETg2OaAxySIgywDKlsipsSHwRaIN8YMKjHAfka HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjczNzI1NDE5NTAzNzkwMjU0Ng&google_push=ATf1kGOcK64u1nibIb4DgbLvLu1TK2UXD-uaDf0cPaYCoHxU2XLF4fnXXPH7oZETg2OaAxySIgywDKlsipsSHwRaIN8YMKjHAfka
Request Chain 264
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOonFeLvEtKaCnBMUYxHYCw&google_cver=1&google_push=ATf1kGMn8TJZ6keWEdp4vg1KEHCtBtBYKc53SWrsRR1s2vwipt8IVwuZbyiN9LNtTol_FFWAMc3ZjSqSjDX_1_DCSXB045HLPhB8 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOonFeLvEtKaCnBMUYxHYCw&google_push=ATf1kGMn8TJZ6keWEdp4vg1KEHCtBtBYKc53SWrsRR1s2vwipt8IVwuZbyiN9LNtTol_FFWAMc3ZjSqSjDX_1_DCSXB045HLPhB8&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOonFeLvEtKaCnBMUYxHYCw&google_hm=ZHCHj7a6V87YAuId5iD_IQAADLEAAAIB&google_nid=index&google_push=ATf1kGMn8TJZ6keWEdp4vg1KEHCtBtBYKc53SWrsRR1s2vwipt8IVwuZbyiN9LNtTol_FFWAMc3ZjSqSjDX_1_DCSXB045HLPhB8
Request Chain 265
  • https://match.360yield.com/match/ebda?google_gid=CAESEG9mJHVhlvOeoijiFg_OR9E&google_cver=1&google_push=ATf1kGOzJId_I1MJcpk6vYIwJPbI3mmUnZtMBfdvOhYe95iKKRwC8Ip1Akcyw3ORvovH3VqkQqNZY-O3L4NUvJQY4WgF5h1Nrb1n HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEG9mJHVhlvOeoijiFg_OR9E&google_cver=1&google_push=ATf1kGOzJId_I1MJcpk6vYIwJPbI3mmUnZtMBfdvOhYe95iKKRwC8Ip1Akcyw3ORvovH3VqkQqNZY-O3L4NUvJQY4WgF5h1Nrb1n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mPLUF-M4RySjvfk28q4vxQ&google_push=ATf1kGOzJId_I1MJcpk6vYIwJPbI3mmUnZtMBfdvOhYe95iKKRwC8Ip1Akcyw3ORvovH3VqkQqNZY-O3L4NUvJQY4WgF5h1Nrb1n
Request Chain 266
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAvG5DF2p4D93jU9X_khwiY&google_cver=1&google_push=ATf1kGNQjABFkOaB-jEO-OzMZPfdeBB6GRztWOHV_Xv_HplS3Jm0o1ph40hKOK1HEDLuyI-dOLRbvUQiYAZQvrS5lb8uQlH5IGzLcw HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAvG5DF2p4D93jU9X_khwiY&google_cver=1&google_push=ATf1kGNQjABFkOaB-jEO-OzMZPfdeBB6GRztWOHV_Xv_HplS3Jm0o1ph40hKOK1HEDLuyI-dOLRbvUQiYAZQvrS5lb8uQlH5IGzLcw&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mWmFCRkIxRTJ1R0szdWc3d1BwMlZqVnJJZmFtMm1LS35B&google_push=ATf1kGNQjABFkOaB-jEO-OzMZPfdeBB6GRztWOHV_Xv_HplS3Jm0o1ph40hKOK1HEDLuyI-dOLRbvUQiYAZQvrS5lb8uQlH5IGzLcw
Request Chain 267
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAS18eI7ndu0sMnfYHxRG5Y&google_cver=1&google_push=ATf1kGMuHFYeSTfEP_BCXZKsH2GSjgDqJMZZzVuMSMIdGmOpQMfYoEjJ9vS0h3Gk58dOWipzoh2eyaNilJ9XQUfquzKLZkszZdF9cQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGMuHFYeSTfEP_BCXZKsH2GSjgDqJMZZzVuMSMIdGmOpQMfYoEjJ9vS0h3Gk58dOWipzoh2eyaNilJ9XQUfquzKLZkszZdF9cQ HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 287
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=t2Ln3nK3Q9Sx-Loz5Jq45A&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=t2Ln3nK3Q9Sx-Loz5Jq45A
Request Chain 288
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7tu_w5uTRVmVCCir61AyEg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=7tu_w5uTRVmVCCir61AyEg
Request Chain 289
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDYyOTY0OThhNzAxZDU2MTMzM2RiY2EzYjBmYzM0MzNkMGQ0MWQyNg
Request Chain 290
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI4EUKI4-A-69TX
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFQiWF4aNiXB8vHMJ47LFmw&google_cver=1
Request Chain 292
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/o9oYpT_0HxQr1Cz5WVs2vQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-419N31tE2oIBMfr.FsOVzT1_k9vtnjl4AdNYJA--~A
Request Chain 294
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEk0RVVLSTQtQS02OVRY HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDC8r5Ww1xkgLKQ7DG08aS0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEk0RVVLSTQtQS02OVRY&google_push=
Request Chain 301
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEItm0Bjg0qIw-1a2Igh18FI&google_cver=1&google_push=ATf1kGP6FO7-y4XAYnr35e0FjXgMKjtUsXInmWnXUDiklU4iYqiPUIX0loqsQZzK5abH2kF8UA5s1uxfCph-bMxZ38aKE0kz_gIBQTI HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGP6FO7-y4XAYnr35e0FjXgMKjtUsXInmWnXUDiklU4iYqiPUIX0loqsQZzK5abH2kF8UA5s1uxfCph-bMxZ38aKE0kz_gIBQTI&google_hm=mn0yiiiM97SBWzVuApxBSw
Request Chain 303
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHORGkl14n2dc-49u_kVlxo&google_cver=1&google_push=ATf1kGNUK2WBZ9-YizGJPfGbAYDcELserllqcPhuSmBfwp2pBaNurMt2BI43ATx99jlQz0BsqyFUfJS8NZ7wfsqrST7_ErqtO_94KA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjczNzI1NDE5NTAzNzkwMjU0Ng&google_push=ATf1kGNUK2WBZ9-YizGJPfGbAYDcELserllqcPhuSmBfwp2pBaNurMt2BI43ATx99jlQz0BsqyFUfJS8NZ7wfsqrST7_ErqtO_94KA
Request Chain 316
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=FqUoc3x5Q2t5dXJ1STR0STYybEIwTm42VlIzNU94Y0RhYVBWMjlvd1hWeC9KOFdMVGNZTm5leDc0V1RFY3padGRIclRNV0FyK3Eyakk3dVliVzYvWHkrQWZvd0NyZ3V5cmRlcUI2SXVkbVhCVXFGb1ZlaUZYelQ5bmlwcWRvenVMbDNNcnVjQkNnMk1MdWVJNkdPbzFpbk5RSlhyRlNuSjNjUmNTVndodGliYUNUZXo4VEFqMWZ1Q0ZUektPVTF2a2FIbHRkOUtqSVNYY3grU1B5NC9PaGJxTHgvT1BlZXkxaThOOCtDaDN4Z3N4N0xnZnZaMUNHSlUvUHprWXlCZzZHb2V3ODVZVmtka0Vad0NseHFPRUFERE9GTTBXSGE5d2hUS3hlNHZLNGdxNGtXOD18&cppv=2
Request Chain 392
  • https://unilever.demdex.net/event?d_sid=25453995&cs=1685096337672 HTTP 302
  • https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1685096337672
Request Chain 400
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1c5d6470-878e-4a01-91e8-46721305ae64&gdpr=0&gdpr_consent=
Request Chain 401
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455419360081138
Request Chain 402
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 403
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2986613357033322857
Request Chain 405
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Y7GzzjjETieH7tc74jbqnw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 407
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=660090068 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=63B1B3CE-38C4-4E27-87EE-D73BE236EA9F
Request Chain 408
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=63B1B3CE-38C4-4E27-87EE-D73BE236EA9F HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ODhoOHJnWnUwTWRTWTJlbjJsYkRWeEJsUQ==&google_redir=http%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W3sibmFtZSI6ImFkZm9ybSJ9XX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W3sibmFtZSI6ImFkZm9ybSJ9XX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W119&gdpr=0&gdpr_consent=
Request Chain 409
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjNCMUIzQ0UtMzhDNC00RTI3LTg3RUUtRDczQkUyMzZFQTlG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 410
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAq4zqCN3mn165yDm57SEYE&google_cver=1
Request Chain 412
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6737254195037902546

410 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6x6uf5z9e3262.html
pcloak.blob.core.windows.net/web/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
1324
Content-MD5
XPHdOVCmWyxrVVstkB9xGw==
Content-Type
text/html
Date
Fri, 26 May 2023 10:18:51 GMT
ETag
0x8DB304DFD1C41BC
Last-Modified
Wed, 29 Mar 2023 12:06:12 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
61a72c7a-f01e-0005-15bb-8f90d6000000
x-ms-version
2009-09-19
jquery.min.js
pcloak.blob.core.windows.net/web/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-request-id
61a72cb3-f01e-0005-48bb-8f90d6000000
Date
Fri, 26 May 2023 10:18:51 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
cloakan.js
pcloak.blob.core.windows.net/web/ 		308 B
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 26 May 2023 10:18:51 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zPiKctHo6j8i1UGOFPpInw==
ETag
0x8DA4D4A263C11C2
Content-Type
text/javascript
x-ms-request-id
61a72d20-f01e-0005-2cbb-8f90d6000000
x-ms-version
2009-09-19
Content-Length
308
style.css
pcloak.blob.core.windows.net/web/ 		166 B
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/style.css
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 26 May 2023 10:18:51 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
9ruAIrm4XHnQO3/sM8J0AQ==
ETag
0x8DA4D4A26527CA0
Content-Type
text/css
x-ms-request-id
61a72ce0-f01e-0005-6fbb-8f90d6000000
x-ms-version
2009-09-19
Content-Length
166
px.php
www.cloakan.co/ 		743 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/px.php?id=6x6uf5z9e3262
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:50 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
404
nv.php
www.cloakan.co/ 		232 B
385 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:50 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
112
/
ye-mek.net/ Frame 92DB 		77 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/
Requested by
Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c65630af1469e49f86f196899c3a0cf165fb5326f0cda0d260d1928223e5a17c

Request headers

Referer
https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-length
78652
content-type
text/html; charset=utf-8
date
Fri, 26 May 2023 10:18:52 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 92DB 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 18:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145014
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 May 2024 18:01:58 GMT
yemeknet.js
ye-mek.net/js/ Frame 92DB 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/js/yemeknet.js?v=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Fri, 26 May 2023 10:18:52 GMT
content-encoding
br
last-modified
Tue, 20 Aug 2019 13:15:54 GMT
server
Microsoft-IIS/10.0
etag
"0a144655957d51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=691200
accept-ranges
bytes
content-length
2179
maincss.css
cdn.ye-mek.net/ Frame 92DB 		40 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ye-mek.net/maincss.css?v=434
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
3286930
x-accel-date
1681809402
x-77-nzt
AcO1rw5Jyvb/kicyAA
x-accel-expires
@1713345402
last-modified
Tue, 24 Nov 2020 00:00:32 GMT
server
CDN77-Turbo
etag
W/"5fbc4d20-9e5b"
x-77-nzt-ray
908339309572ec868c877064b18e0c2a
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/ Frame 92DB 		118 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-38733763-1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4d48e43269f7cad6a232025f91828c3ec6421080eafb41c9578f329aad384025
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46892
x-xss-protection
0
last-modified
Fri, 26 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 26 May 2023 10:18:52 GMT
WebResource.axd
ye-mek.net/ Frame 92DB 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/WebResource.axd?d=YeedoL8dFzo5gymDuarFXngFaaXpLN8jYlixY-HzMyr_r8lEwXsCQefYQgi2kFzYfrVacpu_9us1eVTBWQamZuI0ynrH9LDfafZF-A5wZF41&t=637811837229275428
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Fri, 26 May 2023 10:18:52 GMT
last-modified
Wed, 23 Feb 2022 00:28:42 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/x-javascript
cache-control
public
content-length
23063
expires
Sat, 04 May 2024 23:14:43 GMT
searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame 92DB 		542 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3286929
x-accel-date
1681809403
content-length
542
x-77-nzt
AcO1rw6jm7f/kScyAA
x-accel-expires
@1713345403
last-modified
Sat, 22 Oct 2022 20:00:57 GMT
server
CDN77-Turbo
etag
"63544bf9-21e"
x-77-nzt-ray
908339309572ec868c877064fa9d832e
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ara.png
cdn.ye-mek.net/App_UI/Img/ Frame 92DB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3286920
x-accel-date
1681809412
content-length
1651
x-77-nzt
AcO1rw41FTT/iCcyAA
x-accel-expires
@1713345412
last-modified
Mon, 14 May 2018 22:41:08 GMT
server
CDN77-Turbo
etag
"5afa1084-673"
x-77-nzt-ray
908339309572ec868c8770642e742431
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-salcali-tavuk-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 92DB 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/firinda-salcali-tavuk-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
25384b36677ec71b3678443817eb7d4876fdeb68a889bdd6ea15a16864f00308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
39749
x-accel-date
1685056583
content-length
17122
x-77-nzt
AcO1rw4aczX/RZsAAA
x-accel-expires
@1716592583
last-modified
Thu, 25 May 2023 23:00:46 GMT
server
CDN77-Turbo
etag
"646fe89e-42e2"
x-77-nzt-ray
908339309572ec868c8770643ba9ab31
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ic-bakla-salatasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 92DB 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ic-bakla-salatasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a7fe9caf3097b900fe4584c14eac69d82dcf3bccf9f53de5513dacc0b0c7e1d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
130742
x-accel-date
1684965590
content-length
18368
x-77-nzt
AcO1rw7GMmv/tv4BAA
x-accel-expires
@1716501590
last-modified
Wed, 24 May 2023 21:42:02 GMT
server
CDN77-Turbo
etag
"646e84aa-47c0"
x-77-nzt-ray
908339309572ec868c8770648c0eb231
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
bes-5-dakika-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 92DB 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/bes-5-dakika-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
dfd9a5c0bb1644bc374d77486e9da375da18ac81d1476f25466329c0cb8c437c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
215446
x-accel-date
1684880886
content-length
10934
x-77-nzt
AcO1rw6mnCn/lkkDAA
x-accel-expires
@1716416886
last-modified
Tue, 23 May 2023 18:07:36 GMT
server
CDN77-Turbo
etag
"646d00e8-2ab6"
x-77-nzt-ray
908339309572ec868c8770649f00bb31
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ic-baklali-pilav-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 92DB 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ic-baklali-pilav-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
81094d7429b2724dd8b5fda43a631235b3bd0f26421a7da4d7b277aaa464f1bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
300376
x-accel-date
1684795956
content-length
16951
x-77-nzt
AcO1rw4Vvob/WJUEAA
x-accel-expires
@1716331956
last-modified
Mon, 22 May 2023 22:18:51 GMT
server
CDN77-Turbo
etag
"646bea4b-4237"
x-77-nzt-ray
908339309572ec868c877064c849bf31
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-tavuk-kanat-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/11/ Frame 92DB 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/11/firinda-tavuk-kanat-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
81e566e70ca8804ec2feea476a39833bf39fb650efffdf3530cb0e94072990dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3284045
x-accel-date
1681812287
content-length
15895
x-77-nzt
AcO1rw4b9Ej/TRwyAA
x-accel-expires
@1713348287
last-modified
Mon, 31 Oct 2022 23:01:54 GMT
server
CDN77-Turbo
etag
"636053e2-3e17"
x-77-nzt-ray
908339309572ec868c877064a2bec231
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
hasanpasa-koftesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/03/ Frame 92DB 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2018/03/hasanpasa-koftesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
bcd5fa5d7dbca071d56d8dbd96ea4b73018dabd55ba191b2cd111719765f384c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3285580
x-accel-date
1681810752
content-length
11290
x-77-nzt
AcO1rw5lcFf/TCIyAA
x-accel-expires
@1713346752
last-modified
Wed, 01 May 2019 23:32:07 GMT
server
CDN77-Turbo
etag
"5cca2c77-2c1a"
x-77-nzt-ray
908339309572ec868c877064a5a0c531
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
seftali-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/04/ Frame 92DB 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2015/04/seftali-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
caba686e8a0a57536805240ee1ac6b56d9f5b5add5a8bf88fd6ff83d8a860b63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3286793
x-accel-date
1681809539
content-length
13794
x-77-nzt
AcO1rw7W2GrvCScyAA
x-accel-expires
@1713345539
last-modified
Wed, 01 May 2019 22:40:09 GMT
server
CDN77-Turbo
etag
"5cca2049-35e2"
x-77-nzt-ray
908339309572ec868c877064b017c831
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavada-tavuk-baget-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/07/ Frame 92DB 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/07/tavada-tavuk-baget-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
153e16434e35bbd9bbcff26425cd7d24a240b15f44b9e04cd8f9c3efb3d052f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3286843
x-accel-date
1681809489
content-length
16274
x-77-nzt
AcO1rw6Bzk7/OycyAA
x-accel-expires
@1713345489
last-modified
Sun, 12 Jul 2020 00:28:21 GMT
server
CDN77-Turbo
etag
"5f0a5925-3f92"
x-77-nzt-ray
908339309572ec868c8770640d5fca31
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
pusuruk-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/05/ Frame 92DB 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2019/05/pusuruk-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5687b49f792b9dd66f69e7ff2b2365ae5ab3dfb950f97e492a540503be95c201

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3284761
x-accel-date
1681811571
content-length
9920
x-77-nzt
AcO1rw5pp6r/GR8yAA
x-accel-expires
@1713347571
last-modified
Sun, 12 May 2019 22:33:30 GMT
server
CDN77-Turbo
etag
"5cd89f3a-26c0"
x-77-nzt-ray
908339309572ec868c877064ab8bcc31
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tablaci-salatasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/06/ Frame 92DB 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/06/tablaci-salatasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b8061d56c3273b448e8867e7dee12cae9a3f78656303a124b85b7be2ca041466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3286843
x-accel-date
1681809489
content-length
15361
x-77-nzt
AcO1rw7CbND/OycyAA
x-accel-expires
@1713345489
last-modified
Sat, 27 Jun 2020 22:45:01 GMT
server
CDN77-Turbo
etag
"5ef7cbed-3c01"
x-77-nzt-ray
908339309572ec868c877064d67fce31
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
katikli-dolma-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 92DB 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/katikli-dolma-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4db3292f4d48701915b46f5de3cc365ad20985486373d51af771c1e3d9ce7baa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3286578
x-accel-date
1681809754
content-length
14462
x-77-nzt
AcO1rw4dgWH/MiYyAA
x-accel-expires
@1713345754
last-modified
Fri, 08 May 2020 02:12:32 GMT
server
CDN77-Turbo
etag
"5eb4c010-387e"
x-77-nzt-ray
908339309572ec868c877064fc320f32
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
dalyan-kofte-rosto-kofte-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/02/ Frame 92DB 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2015/02/dalyan-kofte-rosto-kofte-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
22c974ca84d1beebef37b4c95335f8ae6f597563bbb9246eed2f4f647a176128

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3286569
x-accel-date
1681809763
content-length
11371
x-77-nzt
AcO1rw6YHXD/KSYyAA
x-accel-expires
@1713345763
last-modified
Wed, 01 May 2019 22:37:27 GMT
server
CDN77-Turbo
etag
"5cca1fa7-2c6b"
x-77-nzt-ray
908339309572ec868c8770642ce31132
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-orman-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/05/ Frame 92DB 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2018/05/firinda-orman-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d5544013c9c882cd032a4ed06f6f8338f6fce934e82311a1267f59b5e717c4c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2662582
x-accel-date
1682433750
content-length
12058
x-77-nzt
AcO1rw5AC4P/tqAoAA
x-accel-expires
@1713969750
last-modified
Wed, 01 May 2019 23:34:49 GMT
server
CDN77-Turbo
etag
"5cca2d19-2f1a"
x-77-nzt-ray
908339309572ec868c877064501f1432
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
et-sote-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/07/ Frame 92DB 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/07/et-sote-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7b74b15c0e0224974c8f830453f4141254e43fc02d4d95a8bce9c1a27a893079

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2666091
x-accel-date
1682430241
content-length
13282
x-77-nzt
AcO1rw6lA03/a64oAA
x-accel-expires
@1713966241
last-modified
Wed, 01 May 2019 23:21:08 GMT
server
CDN77-Turbo
etag
"5cca29e4-33e2"
x-77-nzt-ray
908339309572ec868c877064c4e31532
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
elbasan-tava-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 92DB 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/elbasan-tava-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3a7cdd2a8d457a3a736abdd116f27948e56ad18163f6f31bc4191240fe28e312

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3286177
x-accel-date
1681810155
content-length
13627
x-77-nzt
AcO1rw4DESX/oSQyAA
x-accel-expires
@1713346155
last-modified
Fri, 22 May 2020 00:07:54 GMT
server
CDN77-Turbo
etag
"5ec717da-353b"
x-77-nzt-ray
908339309572ec868c8770644e651732
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-kazan-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/06/ Frame 92DB 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2018/06/firinda-kazan-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8696856d40a33bb1143b9f31c9d507fccab76523f0f3e431bf6e03997017950e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3283716
x-accel-date
1681812616
content-length
13223
x-77-nzt
AcO1rw5SNG3/BBsyAA
x-accel-expires
@1713348616
last-modified
Wed, 01 May 2019 23:36:40 GMT
server
CDN77-Turbo
etag
"5cca2d88-33a7"
x-77-nzt-ray
908339309572ec868c87706498a41832
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kremali-mantarli-tavuk-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/09/ Frame 92DB 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/09/kremali-mantarli-tavuk-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
987661af2505d84576a6058c6afa89ebbfa78c0c6de5ab5a48fe3a8bead6cdf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3286139
x-accel-date
1681810193
content-length
15999
x-77-nzt
AcO1rw6osgD/eyQyAA
x-accel-expires
@1713346193
last-modified
Sun, 19 Sep 2021 21:21:28 GMT
server
CDN77-Turbo
etag
"6147a9d8-3e7f"
x-77-nzt-ray
908339309572ec868c87706484f41932
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cafe-de-paris-soslu-tavuk-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/09/ Frame 92DB 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/09/cafe-de-paris-soslu-tavuk-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7f77595ef2e4eb11d9f19fd5858399d25663ea63168d0efdf4042b9d85a7dadf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3286778
x-accel-date
1681809554
content-length
13167
x-77-nzt
AcO1rw6fHJP/+iYyAA
x-accel-expires
@1713345554
last-modified
Tue, 22 Sep 2020 21:48:39 GMT
server
CDN77-Turbo
etag
"5f6a7137-336f"
x-77-nzt-ray
908339309572ec868c877064d2bb1b32
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavada-tavuk-pirzola-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/03/ Frame 92DB 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/03/tavada-tavuk-pirzola-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3a55a81ee41fb052562bfb3751492caf7ce85c5c029a7a7b03fa55797707b85a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3286741
x-accel-date
1681809591
content-length
14203
x-77-nzt
AcO1rw5+n9j/1SYyAA
x-accel-expires
@1713345591
last-modified
Sun, 28 Feb 2021 23:53:10 GMT
server
CDN77-Turbo
etag
"603c2ce6-377b"
x-77-nzt-ray
908339309572ec868c87706471351d32
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavuk-burger-koftesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/02/ Frame 92DB 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/02/tavuk-burger-koftesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
78aa3d973a83de17d8b856934f19a2613483fbfd3cd2b6c5bc50865014924659

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
849910
x-accel-date
1684246422
content-length
11304
x-77-nzt
AcO1rw62eb3/9vcMAA
x-accel-expires
@1715782422
last-modified
Mon, 28 Feb 2022 17:23:23 GMT
server
CDN77-Turbo
etag
"621d050b-2c28"
x-77-nzt-ray
908339309572ec868c877064adc51e32
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kasarli-karnabahar-koftesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ Frame 92DB 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/12/kasarli-karnabahar-koftesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a9e0c3f2f8aa72179351f0b5edcde6cfcf708285785c4a358331e05da8bff5a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3286802
x-accel-date
1681809530
content-length
14949
x-77-nzt
AcO1rw6danD/EicyAA
x-accel-expires
@1713345530
last-modified
Wed, 09 Dec 2020 00:07:17 GMT
server
CDN77-Turbo
etag
"5fd01535-3a65"
x-77-nzt-ray
908339309572ec868c877064574c2032
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kereviz-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/11/ Frame 92DB 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/11/kereviz-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
52fedf0c6c75e944816784929f6948c93f1019a88a84dfcc6323e40d2fdd47b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3284650
x-accel-date
1681811682
content-length
10188
x-77-nzt
AcO1rw6YjHz/qh4yAA
x-accel-expires
@1713347682
last-modified
Wed, 01 May 2019 23:26:58 GMT
server
CDN77-Turbo
etag
"5cca2b42-27cc"
x-77-nzt-ray
908339309572ec868c8770647f712232
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
bal-kabagi-sinkonta-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/02/ Frame 92DB 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/02/bal-kabagi-sinkonta-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6e1330041e6221db02bceb99117262e8223c801c9c2708e99630521939b3f0d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
341557
x-accel-date
1684754775
content-length
11672
x-77-nzt
AcO1rw6zNEH/NTYFAA
x-accel-expires
@1716290775
last-modified
Tue, 25 Feb 2020 22:03:55 GMT
server
CDN77-Turbo
etag
"5e5599cb-2d98"
x-77-nzt-ray
908339309572ec868c877064997a2432
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
pirincli-domates-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/08/ Frame 92DB 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/08/pirincli-domates-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5edbd7e44da663fe3154846ac383a1516e681e69cd5fe15fa24331914a73904e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3284057
x-accel-date
1681812275
content-length
15141
x-77-nzt
AcO1rw5RUa7/WRwyAA
x-accel-expires
@1713348275
last-modified
Fri, 21 Aug 2020 22:33:50 GMT
server
CDN77-Turbo
etag
"5f404bce-3b25"
x-77-nzt-ray
908339309572ec868c87706474082632
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
guluklu-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/04/ Frame 92DB 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2019/04/guluklu-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c3269d90b3fdb58e163c5d9a037b8d8873beb5688f1b00506ad9cf28c1c65892

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3286740
x-accel-date
1681809592
content-length
11186
x-77-nzt
AcO1rw60dPH/1CYyAA
x-accel-expires
@1713345592
last-modified
Wed, 01 May 2019 23:47:25 GMT
server
CDN77-Turbo
etag
"5cca300d-2bb2"
x-77-nzt-ray
908339309572ec868c877064eb6a2732
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cesmi-nigar-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/03/ Frame 92DB 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2018/03/cesmi-nigar-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a7e17d550d41b7654e64d27d1f37bcd33e2cf6bdf7a45e00a158ff4a2933b04d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3285622
x-accel-date
1681810710
content-length
11179
x-77-nzt
AcO1rw4FJKX/diIyAA
x-accel-expires
@1713346710
last-modified
Wed, 01 May 2019 23:32:21 GMT
server
CDN77-Turbo
etag
"5cca2c85-2bab"
x-77-nzt-ray
908339309572ec868c877064590a2932
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
yesil-mercimekli-manti-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/07/ Frame 92DB 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2015/07/yesil-mercimekli-manti-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4e0a07ec787f2e0dbb5b2d9b2fda1a14fc819cdfbede1b6eb8a1a63d05cb8fd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3285855
x-accel-date
1681810477
content-length
13873
x-77-nzt
AcO1rw7yIfD/XyMyAA
x-accel-expires
@1713346477
last-modified
Wed, 01 May 2019 22:44:24 GMT
server
CDN77-Turbo
etag
"5cca2148-3631"
x-77-nzt-ray
908339309572ec868c877064ebaf2a32
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kremasiz-mantar-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/12/ Frame 92DB 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/12/kremasiz-mantar-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c3c8f737c2c30356f2b788246c529049e20b42a6454539265981b00d318536ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3286604
x-accel-date
1681809728
content-length
11203
x-77-nzt
AcO1rw53oTf/TCYyAA
x-accel-expires
@1713345728
last-modified
Fri, 23 Dec 2022 23:04:21 GMT
server
CDN77-Turbo
etag
"63a633f5-2bc3"
x-77-nzt-ray
908339309572ec868c877064c10b2d32
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cikolatali-mousse-pasta-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/11/ Frame 92DB 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2019/11/cikolatali-mousse-pasta-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2a646361d717e3337f62c383f8eb15a66bf52a57d50e8d11d217313255f941c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3285620
x-accel-date
1681810712
content-length
12348
x-77-nzt
AcO1rw69Lnf/dCIyAA
x-accel-expires
@1713346712
last-modified
Sat, 16 Nov 2019 18:41:52 GMT
server
CDN77-Turbo
etag
"5dd042f0-303c"
x-77-nzt-ray
908339309572ec868c87706477b32f32
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
prenses-lokumu-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/10/ Frame 92DB 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2019/10/prenses-lokumu-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
09b60b8645ea0d8386950e615246c3a25a57c1925061f17d2a7ea15aaa4c846f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3285493
x-accel-date
1681810839
content-length
11685
x-77-nzt
AcO1rw4aTkv/9SEyAA
x-accel-expires
@1713346839
last-modified
Fri, 25 Oct 2019 22:30:34 GMT
server
CDN77-Turbo
etag
"5db3778a-2da5"
x-77-nzt-ray
908339309572ec868c877064719e3132
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
hosmerim-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/10/ Frame 92DB 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/10/hosmerim-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
42957ef601fd013119bccbb5d1a6a656f89851c80a3e5a1482315b87251f53be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3284796
x-accel-date
1681811536
content-length
9683
x-77-nzt
AcO1rw4de8f/PB8yAA
x-accel-expires
@1713347536
last-modified
Tue, 04 Oct 2022 22:04:12 GMT
server
CDN77-Turbo
etag
"633caddc-25d3"
x-77-nzt-ray
908339309572ec868c8770649e633332
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cevizli-sekerpare-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/06/ Frame 92DB 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/06/cevizli-sekerpare-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
30208b675fa5e78df537b2aaac01f81879d49d2e86790814957fc74e7078ec92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3286489
x-accel-date
1681809843
content-length
13946
x-77-nzt
AcO1rw4/pUD/2SUyAA
x-accel-expires
@1713345843
last-modified
Wed, 01 May 2019 23:19:40 GMT
server
CDN77-Turbo
etag
"5cca298c-367a"
x-77-nzt-ray
908339309572ec868c8770645cd03432
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-somun-ekmek-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/03/ Frame 92DB 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/03/firinda-somun-ekmek-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
58fa8288d109b6525ab6ced54d659e79cc4e2a925f61d6c76da140f0a689ef59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1017411
x-accel-date
1684078921
content-length
11344
x-77-nzt
AcO1rw4X29H/Q4YPAA
x-accel-expires
@1715614921
last-modified
Mon, 23 Mar 2020 22:17:36 GMT
server
CDN77-Turbo
etag
"5e793580-2c50"
x-77-nzt-ray
908339309572ec868c877064fd073732
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
salcali-sucuk-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/01/ Frame 92DB 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/01/salcali-sucuk-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
00c9a53acb8d16de693b30eaf3111656cc8e0c5e378cb4ae4d538a6a47b08559

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2633876
x-accel-date
1682462456
content-length
15387
x-77-nzt
AcO1rw4URob/lDAoAA
x-accel-expires
@1713998456
last-modified
Fri, 20 Jan 2023 22:30:06 GMT
server
CDN77-Turbo
etag
"63cb15ee-3c1b"
x-77-nzt-ray
908339309572ec868c877064dd2d3932
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
soganli-domatesli-yumurta-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/10/ Frame 92DB 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/10/soganli-domatesli-yumurta-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fab9d74fcce7689dea0bacb41bb6137fc0840109018ebb0c34e20ee62e68aeeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2955046
x-accel-date
1682141286
content-length
15166
x-77-nzt
AcO1rw7i9vL/JhctAA
x-accel-expires
@1713677286
last-modified
Fri, 29 Oct 2021 22:05:22 GMT
server
CDN77-Turbo
etag
"617c7022-3b3e"
x-77-nzt-ray
908339309572ec868c87706447f23a32
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sosisli-yumurta-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/01/ Frame 92DB 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/01/sosisli-yumurta-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d394419ae2b292353b5bd8c15921fd154189ad3957a89ed7d33d411a4f230469

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2742215
x-accel-date
1682354117
content-length
17056
x-77-nzt
AcO1rw4rwaT/x9cpAA
x-accel-expires
@1713890117
last-modified
Fri, 27 Jan 2023 23:12:33 GMT
server
CDN77-Turbo
etag
"63d45a61-42a0"
x-77-nzt-ray
908339309572ec868c87706433c43c32
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
_dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame 92DB 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:52 GMT
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
Microsoft-IIS/10.0
etag
"8ae3cdbd420cc1:0"
x-powered-by
ASP.NET
x-hw
1685096332.cds236.am5.hn,1685096332.cds292.am5.c
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length
5605
addthis_widget.js
s7.addthis.com/js/300/ Frame 92DB 		0
0
DMCABadgeHelper.min.js
images.dmca.com/Badges/ Frame 92DB 		465 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:52 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
Microsoft-IIS/10.0
etag
"26b181f16d28d51:0"
x-powered-by
ASP.NET
x-hw
1685096332.cds236.am5.hn,1685096332.cds214.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length
395
outside.js
static.virgul.com/theme/mockups/adcode/ Frame 92DB 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19503
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
a0847b5e0373e2fd011803f2dc04baa326f849fe2b2684b4e89cb11122cb5b17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
last-modified
Thu, 18 May 2023 15:23:45 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
sdk.js
connect.facebook.net/tr_TR/ Frame 92DB 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ca10a6d1f922242d3eb6e073be7cd39bfc20ed0a557c0b346cd280c16caa29be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 26 May 2023 10:18:52 GMT
content-md5
mzmRdLUGVlyt++Okn4mIwg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
k82PRFsF63o/vvuO0k6dHiW2M/K+IwCEwrlK1Ecfa02WTx7DR51RC4nuLatsHUgUnuaBeTLjlZ0tsoNVoM3HRw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
878270e7ac64a4f8df382622beefb9b9
cross-origin-opener-policy
same-origin-allow-popups
etag
"35b374ba7207be8f7f582613a05d1099"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 26 May 2023 10:36:13 GMT
sprite_3.png
cdn.ye-mek.net/grafik/ Frame 92DB 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by
Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ye-mek.net/maincss.css?v=434
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 26 May 2023 10:18:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3286930
x-accel-date
1681809402
content-length
21525
x-77-nzt
AcO1rw4P4pn/kicyAA
x-accel-expires
@1713345402
last-modified
Mon, 14 May 2018 20:55:05 GMT
server
CDN77-Turbo
etag
"5af9f7a9-5415"
x-77-nzt-ray
908339309572ec868c877064b3253e32
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sdk.js
connect.facebook.net/tr_TR/ Frame 92DB 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js?hash=b6dedc167256073483f72962698c4e5e
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
685efbbe0fcee0314c018ab36843882716c564d2ad58897516215964a080ea88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 26 May 2023 10:18:52 GMT
content-md5
19lMJefcr56hg7XHqvgF4Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87270
x-fb-rlafr
0
x-fb-debug
kTsbMtjt+uHEv6RVjytd7HDKPsG4jiJab5kfJ654ArOmg7yCf2fRDldzWf3k5vUxErCEJbI+tpxeYZ+UJllgtg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
552d2d6ffbdf6e7b2356db0d51c6393d
cross-origin-opener-policy
same-origin-allow-popups
etag
"35ad2bcba5f803f62fc4a37b06170838"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 25 May 2024 09:54:12 GMT
analytics.js
www.google-analytics.com/ Frame 92DB 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 26 May 2023 09:04:54 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4439
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 26 May 2023 11:04:54 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 92DB 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33ab06805ad1d9432f466a08a1d556341545f34af9932d78809b866e09fd4163
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25196
x-xss-protection
0
server
cafe
etag
66 / 19503 / m202305220101 / config-hash: 8162924834617908161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 26 May 2023 10:18:53 GMT
ads.js
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame 92DB 		120 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19503
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
last-modified
Wed, 21 Dec 2022 18:47:42 GMT
server
openresty/1.15.8.3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
120
str.html
static.virgul.com/theme/mockups/outside/ Frame 14C0 		891 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19503
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=5184000
content-length
891
content-type
text/html
date
Fri, 26 May 2023 10:18:53 GMT
last-modified
Wed, 28 Sep 2022 10:07:57 GMT
server
openresty/1.15.8.3
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 92DB 		136 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75bac8aebfef81111d89ce3abc24127b9e61097efc4e29f6b5d142a8170ab8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47299
x-xss-protection
0
server
cafe
etag
15469395311371751405
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 26 May 2023 10:18:53 GMT
prebid7.38.0.js
static.virgul.com/theme/mockups/outside/ Frame 92DB 		489 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19503
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
last-modified
Mon, 27 Mar 2023 14:56:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
apstag.js
c.amazon-adsystem.com/aax2/ Frame 92DB 		228 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 09:42:51 GMT
content-encoding
gzip
via
1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 19:17:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
2162
x-amz-server-side-encryption
AES256
etag
W/"d18b57a80b57082ffb531a2e077b3016"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
f0zUnjVxnmEEXE1JUoA6x5Sjgt17Zz56vL2FOBKao-jlIm_94mqWkg==
pageview
ng.virgul.com/ Frame 92DB 		37 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/pageview?c=site_geneli&mt=1685096333184&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.654823337544628
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19503
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
cf2dca4748855e6e8c666c1b072f409e3b33d61589b70d1e9c99913dd1ed7593

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://ye-mek.net
content-type
application/javascript
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
yemek_net.js
static.virgul.com/theme/mockups/fallback/ Frame 92DB 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19503
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19503
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
58712a4f1909f78e6b3cb7b01dfbb8e2952037880985e4fc91ccf08d37a7bd84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
last-modified
Sun, 14 May 2023 21:52:48 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
hb
ng.virgul.com/ Frame 92DB 		49 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=468082
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19503
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
bcb412b3576eba95c714723b9827d13af8f6a592fa4635c4b3d501984c84964a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://ye-mek.net
content-type
application/javascript
cache-control
max-age=3600
access-control-allow-credentials
true
config
c.amazon-adsystem.com/cdn/prod/ Frame 92DB 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:41 GMT
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
6552
x-cache
Hit from cloudfront
access-control-allow-origin
https://ye-mek.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
mZqxdfMI4qmb8q2jkwDeAzdS2SnPlqlNXOAh_jzbVLEekYOlDtcOhA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 92DB 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 01:35:52 GMT
x-amz-version-id
Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding
gzip
via
1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
31382
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 26 May 2023 01:35:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
LBiDvUBJAA7Eqos9rDa8qT6og5EoQ0_b3U2SLUVuRk67-Uf5xXRp7A==
empowerwebplayer3.js
static.virgul.com/theme/mockups/outside/ Frame 92DB 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 09:38:48 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/ Frame 92DB 		404 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af07705eb7e434ddc33426eb84d9ba31bba2b5cc9d022239df1c1376e437f1d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:59:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
4747
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127485
x-xss-protection
0
server
cafe
etag
17275677167730277524
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 25 May 2024 08:59:46 GMT
yemek_net.js
static.virgul.com/theme/mockups/sites/ Frame 92DB 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=468082
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19503
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 09:08:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
pandg-sdk.js
pghub.io/js/ Frame 92DB 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 09:33:57 GMT
content-encoding
gzip
age
2696
x-guploader-uploadid
ADPycds6BaxKFMuGd48xmV5KY5ZxOG90QRG2HQWc5dhd3nXMLupqO27EaLmZBaCHzBWqlQhZC3KzCspbrpuWDCDqQ8AHMw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4955
last-modified
Fri, 20 Jan 2023 18:31:19 GMT
server
UploadServer
etag
"b3517e216253857ea8c4209cb84004df"
vary
Accept-Encoding
x-goog-generation
1674239479122517
x-goog-hash
crc32c=rClt4g==, md5=s1F+IWJThX6oxCCcuEAE3w==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
4955
accept-ranges
bytes
content-type
application/javascript
zoneview
ng.virgul.com/ Frame 92DB 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1685096333416&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnetc294117e-8508-46bf-9303-232e5aca3885&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.6983476028459137
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 26 May 2023 10:18:53 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305240101/ Frame 92DB 		350 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31074870
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a73e07cbf6a42298677ad0672ea18daffc2c94e582311f434d6c460ac4e8dad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120385
x-xss-protection
0
server
cafe
etag
5161192659224340450
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 26 May 2023 10:18:53 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230523/r20190131/ Frame EE97 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230523/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2169
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 09:42:44 GMT
etag
15057649708203361565
expires
Fri, 09 Jun 2023 09:42:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
NoktaNpmPlayerApi.js
c1.imgiz.com/player_others/html5/ Frame 92DB 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19503
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 11:58:21 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Fri, 02 Jun 2023 10:18:53 GMT
zoneview
ng.virgul.com/ Frame 92DB 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1685096333470&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnetc294117e-8508-46bf-9303-232e5aca3885&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.32805750005051526
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 26 May 2023 10:18:53 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
tag
feed.pghub.io/ Frame 8925 		13 B
257 B 		Document
General
Check archive.org
Download Go to
Full URL
https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Fri, 26 May 2023 10:18:53 GMT
strict-transport-security
max-age=31536000
via
1.1 google
localstore.js
script.4dex.io/ Frame 92DB 		483 B
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 10:18:53 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
315793
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiAp5PcCnKw2QBoteDluvKObs2L3uNmNa0qlrsEySoZSxQn31JkTwUfbozrsL5IwPT1TwWRJndtj96eJiWkCBU8sOC4KUqP57JC8CE0BIpofkxK4zUIRmma7vVw5Zk%2B%2F9ckG12GPt%2F7CvBLH"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7cd546d4eca9380d-FRA
bid
aax.amazon-adsystem.com/e/dtb/ Frame 92DB 		23 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=7kZ18JJbF26OZ&cb=0&ws=1600x1200&v=23.517.1921&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_masthead%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
K20A43QP83SNV1KVNCBM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
bplz9YjGo9yZEJoCkKWW7QbBj2m-sS_scwhmgRkC02cPMXMrgmb0wg==
integrator.js
adservice.google.de/adsid/ Frame 92DB 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 92DB 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 92DB 		26 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4135818972219998&correlator=2012327876672723&eid=31074679&output=ldjh&gdfp_req=1&vrg=202305220101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685096333184%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc294117e-8508-46bf-9303-232e5aca3885%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc294117e850846bf9303232e5aca3885&sc=1&cdm=ye-mek.net&abxe=1&dt=1685096333567&lmt=1685096333&dlt=1685096332599&idt=925&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=r0kkhrl1ltg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1193860383.1685096333&ga_sid=1685096334&ga_hid=2062951008&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ad3c720a0a8aae30a239c8ee1c3e99dcefd0f1fefef6bd8cf70d9f8604e010a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11264
x-xss-protection
0
google-lineitem-id
6241543851
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425583957
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F132 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:53 GMT
expires
Sat, 25 May 2024 10:18:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bid-request
a.teads.tv/hb/ Frame 92DB 		16 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 26 May 2023 10:18:53 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 92DB 		173 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.161.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-161-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ab5558c65028fcdf7b5e9fe065a81cfe389e5e279eb60b9ee70630e96b2b4413

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
x-prebid
pbs-java/1.119.0
content-type
application/json
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
166
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 92DB 		416 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862172&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=732cf64c-cbfe-4f4f-89c8-fc60e00a6784%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&tk_flint=pbjs_lite_v7.38.0&x_source.tid=2032d938-8cc5-468e-bc93-605c92b8b135&l_pb_bid_id=6baafe8fd22f08&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.773806683586064
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a795c2b7135beaff5f12fe97d58f1e019a056383ff9ebca7b22c464a90f24858

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
416
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 92DB 		410 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862174&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=732cf64c-cbfe-4f4f-89c8-fc60e00a6784%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&tk_flint=pbjs_lite_v7.38.0&x_source.tid=1887742e-2a41-442c-8cd7-1d0770fc8f5c&l_pb_bid_id=7104b5c46bee3b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5300618037998373
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
19ebf576dcb0c71fdb5edcbb97d06e5807d78dad0161d6b46f2c1f681493d6fc

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
410
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 92DB 		404 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746578&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C55%2C57&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=732cf64c-cbfe-4f4f-89c8-fc60e00a6784%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead&tk_flint=pbjs_lite_v7.38.0&x_source.tid=b445861c-057f-4eee-a631-598b59fc2f8c&l_pb_bid_id=8faebb0a01ea2d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6964241209842161
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2b63c800e6d85663c9e3918ab6e68412d267e7bb0962bde855d9058061e65844

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
404
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 92DB 		398 B
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746730&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=732cf64c-cbfe-4f4f-89c8-fc60e00a6784%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=9cbb92d7-d572-49bf-831c-f816e9b37961&l_pb_bid_id=9759a2d3e75696&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4630421714156001
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
84e0a76e554aac2e2ca085d90eb6db1e13c3293986053e546c081e0fd9aed164

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
398
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 92DB 		20 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746580&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=732cf64c-cbfe-4f4f-89c8-fc60e00a6784%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=90294fc3-c40b-4865-81fc-aefccd59512b&l_pb_bid_id=10d08cf4bffa5d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5999037461917824
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c41d45ce496bdd3b628f19f22e7d848a36736434bf182e54bef14a8381800428

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 92DB 		408 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862158&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=732cf64c-cbfe-4f4f-89c8-fc60e00a6784%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&tk_flint=pbjs_lite_v7.38.0&x_source.tid=3a9fdb76-269d-49f3-b94c-f6b989a734c3&l_pb_bid_id=12333f58ac003d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8662383793182467
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ee5686347454be5a9a6034fe3e2f99ccd79c15c8833d6b30ed45e8a4b330e22d

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
408
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 92DB 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 26 May 2023 10:18:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 92DB 		24 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.38.0
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b4c828e4d4f2491bd148c79e458134d68fd6b05c226e8cfcfdca70eab082a6e6

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 May 2023 10:18:53 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ye-mek.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ Frame 92DB 		360 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
72aabac673a1dc8624ebb13f61fe42f8acc8c3a2041d25a36ec936b8b53a2f98
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 26 May 2023 10:18:53 GMT
AN-X-Request-Uuid
db1101f9-c6fd-4b95-8c9f-080a258603da
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ye-mek.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.167; 185.213.155.167; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
360
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
cpm.programattik.com/ Frame 92DB 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=43&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns1.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Fri, 26 May 2023 10:18:53 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
hb
cpm.programattik.com/ Frame 92DB 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=45&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns1.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Fri, 26 May 2023 10:18:53 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
hb
cpm.programattik.com/ Frame 92DB 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=44&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns1.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Fri, 26 May 2023 10:18:53 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
hb
cpm.programattik.com/ Frame 92DB 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=80&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns1.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Fri, 26 May 2023 10:18:53 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
openrtb
adx.adform.net/adx/ Frame 92DB 		0
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame 92DB 		9 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b61525fc22c0235c8f753203a130ca5a877a972fd62d7c7ca5d1c0be9d09416b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 May 2023 10:18:53 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.167; 185.213.155.167; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
174b9be1-e768-4acc-8d5b-a1015863b9b1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ye-mek.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 92DB 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
mp.4dex.io/ Frame 92DB 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:53 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cd546d54a511e5a-FRA
expires
0
cdb
bidder.criteo.com/ Frame 92DB 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.38.0&cb=37514618941&lsavail=0
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 26 May 2023 10:18:52 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
/
hb.emxdgt.com/ Frame 92DB 		0
0
adagio.js
script.4dex.io/ Frame 92DB 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 10:18:53 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
281785
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVJocP7OK%2BA0umO55nIFLYoxMF2WHGyac9GB0qygtXy7jp2OuxexmintxhiXeD4ahawgEeS5keT%2FSut0YuRlZCNZIQzI3tAL4KtAnP3QtLUifRrwgLeaaiTJGTKtAfEe3q%2F95HylAST64G9l"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7cd546d5593d2bec-FRA
integrator.js
adservice.google.de/adsid/ Frame 92DB 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31074870
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 92DB 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31074870
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8A0B 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096333431&bpp=4&bdt=832&idt=338&shv=r20230523&mjsv=m202305240101&ptt=9&saldr=aa&nras=1&correlator=7632003967368&frm=24&ife=1&pv=2&ga_vid=1193860383.1685096333&ga_sid=1685096334&ga_hid=2062951008&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C31074870%2C44788441%2C44789923%2C44792013&oid=2&pvsid=4135818972219998&tmod=1380910158&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.5qwjfievpui7&fsb=1&dtd=372
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31074870
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cache
prebid.adnxs.com/pbc/v1/ Frame 92DB 		63 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c8b8a04e2b2bc2639aed8be4457061a27db9b3133e033aafe2c715581fc74b18

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 May 2023 10:18:53 GMT
Server
nginx/1.21.3
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://ye-mek.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 92DB 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123025
x-xss-protection
0
expires
Fri, 26 May 2023 10:18:53 GMT
NoktaPlayer.js
c1.imgiz.com/player_others/html5/ Frame 92DB 		398 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=5/26/2023
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19503
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
a2bd03a89a32099068ca9ca2a7f6a61ed04029d3f196d8ab9285d32de87a07f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
last-modified
Tue, 23 May 2023 15:46:17 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Fri, 02 Jun 2023 10:18:53 GMT
container.html
632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A253 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:53 GMT
expires
Sat, 25 May 2024 10:18:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 92DB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 92DB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 92DB 		27 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4135818972219998&correlator=1146228654053677&eid=31074679&output=ldjh&gdfp_req=1&vrg=202305220101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=3&adks=3299242717&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D8.93%26hb_adid%3D701a7c55d75bf29%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D160x600%26hb_pb_rubicon%3D8.93%26hb_adid_rubicon%3D701a7c55d75bf29%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D8.93&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685096333184%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc294117e-8508-46bf-9303-232e5aca3885%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc294117e850846bf9303232e5aca3885&sc=1&cdm=ye-mek.net&abxe=1&dt=1685096333969&lmt=1685096333&dlt=1685096332599&idt=925&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=nnn4kedt814n&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCvjbJi8WBIjTC4_cO_qTqZVayHGNX_mFTc63EkODvKtr8KeVIwf8neIBanDv5Evwsb3vdsQwokNg094-oCpLDQ&ga_vid=1193860383.1685096333&ga_sid=1685096334&ga_hid=2062951008&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
824d537cc6beb823d12a61fe03ccd10fef4383f2881f031474b8466de36ae902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11632
x-xss-protection
0
google-lineitem-id
5615630541
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339352911
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 92DB 		26 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4135818972219998&correlator=3580254046527210&eid=31074679&output=ldjh&gdfp_req=1&vrg=202305220101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=4&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685096333184%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc294117e-8508-46bf-9303-232e5aca3885%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc294117e850846bf9303232e5aca3885&sc=1&cdm=ye-mek.net&abxe=1&dt=1685096333973&lmt=1685096333&dlt=1685096332599&idt=925&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=n75bk1159q3e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvjbJi8WBIjTC4_cO_qTqZVayHGNX_mFTc63EkODvKtr8KeVIwf8neIBanDv5Evwsb3vdsQwokNg094-oCpLDQ&ga_vid=1193860383.1685096333&ga_sid=1685096334&ga_hid=2062951008&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
098358c1667c388c5bc608a4108420d3a2e3f73fc819ab3c140e271fbe31573c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11659
x-xss-protection
0
google-lineitem-id
6241543851
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425219174
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 92DB 		33 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4135818972219998&correlator=3507388569052229&eid=31074679&output=ldjh&gdfp_req=1&vrg=202305220101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=5&adks=3203893797&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685096333184%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc294117e-8508-46bf-9303-232e5aca3885%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc294117e850846bf9303232e5aca3885&sc=1&cdm=ye-mek.net&abxe=1&dt=1685096333978&lmt=1685096333&dlt=1685096332599&idt=925&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=qm8gjj309y60&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCvjbJi8WBIjTC4_cO_qTqZVayHGNX_mFTc63EkODvKtr8KeVIwf8neIBanDv5Evwsb3vdsQwokNg094-oCpLDQ&ga_vid=1193860383.1685096333&ga_sid=1685096334&ga_hid=2062951008&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c691489ae412e38f611fc7eb1a439446d14e075bcf221d4c244ec4eaf131cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14211
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 92DB 		61 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4135818972219998&correlator=1360343518537021&eid=31074679&output=ldjh&gdfp_req=1&vrg=202305220101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160%7C640x205&fluid=height&ifi=6&adks=3050045420&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685096333184%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc294117e-8508-46bf-9303-232e5aca3885%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc294117e850846bf9303232e5aca3885&sc=1&cdm=ye-mek.net&abxe=1&dt=1685096333983&lmt=1685096333&dlt=1685096332599&idt=925&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ssgp8qky2yng&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=996x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvjbJi8WBIjTC4_cO_qTqZVayHGNX_mFTc63EkODvKtr8KeVIwf8neIBanDv5Evwsb3vdsQwokNg094-oCpLDQ&ga_vid=1193860383.1685096333&ga_sid=1685096334&ga_hid=2062951008&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
369916248342a7075561d9d0cbb07bf8fb928481573208c4e31d37fc8d656b92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13806
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 92DB 		62 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4135818972219998&correlator=4451260331808636&eid=31074679&output=ldjh&gdfp_req=1&vrg=202305220101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=7&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685096333184%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc294117e-8508-46bf-9303-232e5aca3885%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc294117e850846bf9303232e5aca3885&sc=1&cdm=ye-mek.net&abxe=1&dt=1685096333987&lmt=1685096333&dlt=1685096332599&idt=925&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=8n0bm07pqn22&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvjbJi8WBIjTC4_cO_qTqZVayHGNX_mFTc63EkODvKtr8KeVIwf8neIBanDv5Evwsb3vdsQwokNg094-oCpLDQ&ga_vid=1193860383.1685096333&ga_sid=1685096334&ga_hid=2062951008&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6cfa18df741a5e28d02ebb4881b859d88dcd85873a3734d463f924de9a01780b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13930
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 92DB 		53 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4135818972219998&correlator=1498160236040438&eid=31074679&output=ldjh&gdfp_req=1&vrg=202305220101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=8&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685096333184%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetc294117e-8508-46bf-9303-232e5aca3885%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetc294117e850846bf9303232e5aca3885&sc=1&cdm=ye-mek.net&abxe=1&dt=1685096333994&lmt=1685096333&dlt=1685096332599&idt=925&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=1iytnxd29w3t&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvjbJi8WBIjTC4_cO_qTqZVayHGNX_mFTc63EkODvKtr8KeVIwf8neIBanDv5Evwsb3vdsQwokNg094-oCpLDQ&ga_vid=1193860383.1685096333&ga_sid=1685096334&ga_hid=2062951008&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62feea2323c73e3d98a3e737a9215f712161785f34a880349d0e8238b73d1ab8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13149
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A253 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 14:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
588399
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 May 2024 14:52:15 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame A253 		135 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f6ee7a2e0fbfccf450421186da7d532b52c5764d7dcb9c9b4413a8c4c83af71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
Origin
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47226
x-xss-protection
0
server
cafe
etag
13063866380361525258
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 26 May 2023 10:18:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A253 		171 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 May 2023 10:18:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A253 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhEPhJYnGmAceRksBI8OMUwCthK6tpm0E39URSC5jPT72gCJD4pxWTyhOcnZalGrgrYVt17lOStvcoW7g9bLlL37ko6k0YfWpNN6i29vw3hwyr0qUUJrONYkPZEoz-QMLh1A_0StCAsHLGAQpsVEaUlFLQ7MvU1EwwDKQpHiVw5JGoiBOnzjj0l8tMtc24FWVtnWk1VObektgfK0Q3LQ5Y6vzoGccRxhNdw9PvD1JA0KVERtwdxCDQgJkprxqaGTkakM1hc-1E3Cg8O8z6kJaiZAYga6eJKZFxEt0NHAWQf1jfJgbh66QNuDY22rvm5fPJ-4zEBW17_2MKiOGmlaW7OOVsiCtqtgOxkpawKTCXRLF5s1M&sai=AMfl-YQwX6s9iWMJiov35t2gGDcglWWzRsEh-qCJvt0M20NTW7o-Il8vaKQoI6vfZsm0Zbelg-2PLi340EBjtA0ahMVAnzWwEOCmmXjL49sHauo&sig=Cg0ArKJSzFxQ3PNGIFLLEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 26 May 2023 10:18:54 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/ Frame A253 		350 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
367311b199a022f641e3f473fcfb6a42acc7c78b492c68e3971d2cc3d9176f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120274
x-xss-protection
0
server
cafe
etag
17518515081196725930
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 26 May 2023 10:18:54 GMT
truncated
/ Frame A253 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e6fdf90b8d7276855ef7a54d0040f294a690086f77c0a6b11bb95053a6c721a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame AA1F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQJn5GfQIwKgF8lVu6_jkC6Bvn6JEQWNZIe4D9PIkMoGo8WQZ3Xe3p1gXB1WVlrbCujym2_UsaPgcjz_xQJ4dSYDO89yIxNOCtwyjwQ-OaaOuy8GIra1O5555W-YWUvO7WdgSmfLaH4EA4QX1mMIt8cRTycXQlIOO82VzrTqe-SEAqgd8GWsZJWmH4GpbNSh4V1T-APk4VXyuF93Yir7aj41sI2PcYeLrmtaJkPwu_o3sVmqHtieLhYKANdZF9R4BRzKJLaJf-GVzRVnMXyAEh5XLRC1eBFZ4ww03Rl8znoXc95EkJEnjIXYHqJtzgChqWReaN3Tc1NY0kn20&sai=AMfl-YQZDwz_MVlFzZRKRXAfAZQQjcog3cSHB1IBBHJHAJd6BI4T8_nMokoLiOfnudE443srGdkxj9KagAN1pmuEOuFjihibIpEg52_be04Y44Oji6cpf9L3vLfADzZ6sA&sig=Cg0ArKJSzITfcWuQhmIaEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame AA1F 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 26 May 2023 10:18:54 GMT
x-content-type-options
nosniff
age
33434
x-jsd-version
1.15.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26200
x-served-by
cache-fra-eddf8230131-FRA
x-jsd-version-type
version
etag
W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AA1F 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 May 2023 10:18:54 GMT
5ed7638be4b07a92411bbffe
ng2.virgul.com/tck/imp/ Frame 92DB 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7638be4b07a92411bbffe?g=1&t=gb&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685096333184&userId=vnetc294117e-8508-46bf-9303-232e5aca3885
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 26 May 2023 10:18:54 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
pixel
googleads.g.doubleclick.net/xbbe/ Frame D351 		261 B
122 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYicia3gEwAQ&v=APEucNVisNps_ALiG8wkkyzWSJRklzWCeSIbXAKmn7-q4Bqx8JMsW66Q9L_BLOqlBJa3611uyfxBruVKwsdjt-ProEK-4Q-CE2v-TyHr_6h7ZomkPzAYzQNfNg-LrV2at1kUoaxm6sUgQLGLc5ppctDUiTL98Psy4So7cdx4s5oGnpptP32Psgk
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame AA1F 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 26 May 2023 10:18:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA1F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D3w8vk1inD21taOEFCAJt2tZr12I6MMThlIkosIvO_MrfDmrhDRqHyfTBLGDhmROqRxMFBfVKm7yF40P36j8UdYtAaBSr3kZlDCI_7q069a5SQTqU
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA1F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5779211525343353854&x=8&ct=76
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1352960/69587979/xbbe/creative/ Frame AA1F 		250 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1352960/69587979/xbbe/creative/adj?p=APEucNVqL6oAgioxGD8L0DyOT5YPZmBp5eyf8WrkQ25ro_9dx29sOtw&d=CokBAKAmf-A6HsJz9ezWhWodVa_XRk8gVw83AXwsO7J9fpoJRxmZDrHUjxqfO2FjnCXO4SG6gZxCWhTeev2BqzceTZhrPrBl_jjj3-5kzeHA6I3RXHIrEYMFUy6OU7LP0RIKxu20_Ht_Ye2n7XQMchsE7X-AYDBMUoKIIZWErsPSJ3jFZ40JAopyu20SuQ4AoCZ_4OdlG2ize6GCXTzq-y0mBlY7iJmdlki05lU_fOHAfuid71DKU1T5Ptg91T3xVCIVv_N6Op25SZbwss-K1kKwdc-lYijznou1EOVnn4omNBeYLGLVRWdFi8aRmVOiyJuazSmig4gaF2tSzR2x2_Hcxf6oFOmZlWfzysa4vY645N9cdtPb5G-9YG2yj8M3cFx_NVyfliAQtM_ecSpNorCjRsmZWwq2wBXImoO05ehY_kBdRgUq9aBKshgNJ5k2vgjDi7Fgvj-rMsCnDAS2YC83dq2LrKLr8LUxq1zI3VNRqqFnso3JX_MxKK1YQtHf5fk1J8COuoL6NAt7Kx4N9apiv8CjutZWJYsKkaXiXG_nf3pqkDtsJtIEkdZe60QHHaoV8_SQ4DWndHyioZoT-YxIgn5ihKvoYsqs1MK8lTmV0r_AbjGKEK4_ioFykjUaPzHbvvE_ztzPjW6muRKMSO3Zm6aOoHeXyfJelXPoQqnES3jrCP5CXeHKU6Ghn1DgL9WUdQ0Rn-J-n1mhT2waLHrKJhTcG0Cs2V174aZJ1z2WkdPtkg7N9SchFYY2rC6AnIMpbxDzrg217UTdvq5WGf9pPlOR9yFkte1q-xpmt2iTs_BGvQ4HgQn1_-XBpKcCmECd2ud8w7CP8_3FeyTLcsq2sf5Spi3_t2NB2gwVP0Nd8KWW3J1rRftVJ9fyySRzYM7j0NwwHnE0EQL0vjNGBwnep6wk4KY_dFADiW67GM6OLjnkh07dNEH-9JCRoLqtQqqD6sr6fbROvkijcVqlRf9n6hZhS7PW_Rvxyu5gvtCW5KGyUnCHTaqAS-Nq3tGIzB4lznq9wZhJh_6aDWiY6Xbi8P3o-Oqkp2oMMQem524q2XdItpw6lM1tHRXg05u5pSJMC4QgE28B48lq_5uUNwuSQlZYOEviGH8D1TFQcauCcuxaS5U5-tzACIp_AGbnRGAh6zdYIJYss4VtW0pNJ4a39qSksSEpbLDshquUyIVR9VAZFWGTOJm-ubMb5SvCTbTtr0_9-cIL0gJgiU9aefWNvk3lAnz9-e4Lvh5bG5g9H6-QQNJm-Cyg5tQ7uu00AsSzpCz2BIiBHkbiYtM-1G1KtpaaLzpc6JMwmQl7q3R2BxZ8qLEuvG-ZYwnsE0BNgIvmZ4vOjaafwENFKtrYmb1P5cq2cC1WZCTETGUlPPGr6e5yx8uH14hx_0hOCEu7NPf6R7gcbdybQ7gmX72WBcBXftvSgwgrwlq0AZdLQ_Kkd4JF3BdWe7sSQgnChc1zxYZhC5IpwlDmGy5anPV70jAhlFfUn_mWK3pKUiGVdGFXKCmaKX6g0S40jQeSh2WaRvUysNGxQEh7zCJQSBod8UnSWGmiRyMPLN9Va98qcAGVt-2yMYloVXRuP_ohQ0FN9Z4_IeJUwXzqCGPnRT7dhMnRo24x5tnwBu6fP6QNYI8NZVZZI5GvcIf_IVFAw7hI_XzUAmCRFOPIgCvoCqhoKK6r7Ipjyyf2yzqM-pMHGMFkuxKFxwdxLY5BKvH1qvvE10WwtPOAn86TQekeufP_RDtrpyRwPMa-q2DTs5AKXz3V5uvG09xyREk9PEJgt58IJgLVhhEKoGvr3YxcSUZsgvv-imc6b9bWaQ14A9dLcxeo6gpxj9JtUUaVQ7OgezJkMKUfZHy1gOlNT4LaVAHZh-4ZCFGT1DnWHp8bU4tE2IY4z46Kp2PSu9Ic9MFtO5wmZOTb2zgAUq7Fpr4OkhgHHvF_Xo0YuqU8qZ96fSajSxRCe-PuWDxOLm8dS86O-POT3W9hyBx6U4lFwiRL5u6Tbg2DoRJiyEvQyzV8RutCIy1aXkOphERT8k7NWEdjBZlzO6_ClcUK9pOVIB5YfHKyas3cFjx_6QbWWpyW9Hv-BIz3LDH6_6rSx_pqwz2hRHYS0IiC_vfYDaTX4plUdzHrkbxSK4suqYMQAb_zsaqxCbqXJ9Ufomk1YMmRTcyhGayk0Z9r_g-I-ijM58Ujwbu1StNNPgqXl3Uh3zHYJf9UzyCQGKAhZCoWpt7QR2cXGks2wU_QcKDvLRKiusTHDWsfGkLRS8ktpnySfM16HR0jhUOW9Ri4vN0__7wWvhIWCFRWVKW0izgegFF9tLszdjTOVQJmWkQIYB3RVT2luV51L-1kl03TW4EJCJbHFCuZd-9kYeyknD-wdrQIuSA2FwXSnvguGkgPkzU3kyl5PWK6T3uZN3dktFuwM9gyi9x8iAetjFkSUJTItrDSEJVS7jY07B_glwPRaY61HWdsO8cGXwTBc7mR7BhDNuXOHryHupAmJsoLzaBLuJ9ae8ycZdq97Ad_cXzg8Gdvmxht-5EWeNhEIIS1o81lskD-G_4lFnd9jBz5Tnm8PjGdVDQ8_yI0Yq779Sn7q_ojoAaIZVU3Yu4vcGCPCMI_8XYC1Kg2U5wqAZcojwNoC1-IwcFH4NQJCw6FZADW6E3rGjgIBBIyAHKBCIObY_UxDCGKHgjJtloSYTO34CjekpkHyzoyP2rT3reKvY-2iMcAha71UlVcXGMYAWAB&bundleId=&ias_dspID=3&ias_campId=1010578566&ias_pubId=13760&ias_chanId=8&ias_placementId=19682516548&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i-Eq9PALqzcVhWUSvYe7jY
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.217.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-217-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
38acd59d612d52865fe390d09e089c55a2c0b81d837050e6b842bbcfa7592be7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
54098b2c-f036-4413-bc83-8ec007ee1c26
beacon-fra2.rubiconproject.com/beacon/d/ Frame AA1F 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/54098b2c-f036-4413-bc83-8ec007ee1c26?oo=0&accountId=13760&siteId=333016&zoneId=1746580&sizeId=9&e=6A1E40E384DA563B4E363627AE49F6C5A0ABFCAA9C17CEEE7B0E0F248ACC4F92CA1DF5D882B845FB3F392F48BA3B839F172DB22D3B21A9B50186CBFE7F4D79BCD446A0A808D200188DB70DA02D1440A58C6A390E176557DF037DEE0C326F452FBD0FDD6D5A89C89FEA378F86DCB748DCF5BC9DF3B6A7B1A99AB9C2C15566222AE03CBF4DFFDF633A2C771077CDA8B5BA302B878BD6E161C59A37E51A77F68B3F93E34532AEAC91DAC9D8F5EA2D7F16EE5D14A3BEF022137F
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::155 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:53 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
container.html
632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FFDA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:53 GMT
expires
Sat, 25 May 2024 10:18:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/032305221508000/ Frame 7467 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032305221508000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8899e1f00bcb4b65655babc2370193711055e7a7f391054da7b22849bb2b586c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 23 May 2023 22:15:44 GMT
age
216190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61840
x-xss-protection
0
server
sffe
etag
"69ad73dedccb8735"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 May 2024 22:15:44 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/032305221508000/v0/ Frame 7467 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032305221508000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 23 May 2023 22:15:44 GMT
age
216190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5228
x-xss-protection
0
server
sffe
etag
"68ea093d80ab2def"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 May 2024 22:15:44 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/032305221508000/v0/ Frame 7467 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032305221508000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 23 May 2023 22:15:44 GMT
age
216190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28884
x-xss-protection
0
server
sffe
etag
"52a0fa5b1f73dc96"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 May 2024 22:15:44 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/032305221508000/v0/ Frame 7467 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032305221508000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 23 May 2023 22:15:44 GMT
age
216190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1912
x-xss-protection
0
server
sffe
etag
"64a18d292337e38c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 May 2024 22:15:44 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/032305221508000/v0/ Frame 7467 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032305221508000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 23 May 2023 22:15:44 GMT
age
216190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12949
x-xss-protection
0
server
sffe
etag
"4886bdcdd7fc48e5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 May 2024 22:15:44 GMT
css
fonts.googleapis.com/ Frame 7467 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 May 2023 09:07:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 May 2023 10:18:54 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7467 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 19:04:08 GMT
x-content-type-options
nosniff
server
cafe
age
54886
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
expires
Fri, 26 May 2023 19:04:08 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7467 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
74624
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 26 May 2023 13:35:10 GMT
l
www.google.com/ads/measurement/ Frame 7467 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzcLbyo6zJJ3cdVbiVMhvrOM3b_gjxMzeEDQwBGCRMtMKiaQ-iO0N6Vo4eKkJ_g5SMXAuqTw8SRH_O48Bvz4-HhdL1DQ
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/5272758460245997298/ Frame 7467 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5272758460245997298/14763004658117789537?w=600&h=314
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61b77252a642fc6ff34ff173549ae2821e823040362717c336986b198059e209
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 14:42:25 GMT
x-content-type-options
nosniff
age
502589
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57151
x-xss-protection
0
last-modified
Sat, 08 Apr 2023 13:44:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 May 2024 14:42:25 GMT
truncated
/ Frame 7467 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7467 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7467 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
707e7bc84aee1d45831e741565e9095e40f1b6ea9ab3ffd6a4bfb0d0172ad05b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
container.html
632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1A78 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:53 GMT
expires
Sat, 25 May 2024 10:18:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame FFDA 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 14:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
588399
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 May 2024 14:52:15 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame FFDA 		135 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cf4f1e05ce507597dcaffc8c8434d1d1bf82466b9b0374872c0264a5624ac73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
Origin
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47229
x-xss-protection
0
server
cafe
etag
4352249389824613110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 26 May 2023 10:18:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FFDA 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 May 2023 10:18:54 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012305152039000/ Frame 7CF7 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305152039000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28f1451571c809f080980e5679bebad6b9b10a4d93233b37a991380d1e7d6828
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 17:49:51 GMT
age
318543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61839
x-xss-protection
0
server
sffe
etag
"c5e753c238beacad"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 May 2024 17:49:51 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012305152039000/v0/ Frame 7CF7 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305152039000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cede5e6b2d0201be197cfb96a9aeb4c5c95bd5749785a3e5473610e267f5de4f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 17:49:51 GMT
age
318543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5257
x-xss-protection
0
server
sffe
etag
"6147d0c60b11b4b1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 May 2024 17:49:51 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012305152039000/v0/ Frame 7CF7 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305152039000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213b087a5427c3b7e3a7d3acb2e179c6d43503c3f148e69edb8babb71dee622b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 17:49:51 GMT
age
318543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28959
x-xss-protection
0
server
sffe
etag
"e8b37e49415a2d9f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 May 2024 17:49:51 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012305152039000/v0/ Frame 7CF7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305152039000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6ba320adc868a92d71a8d20e0354206b22dafff65a7d4550f3bc6a08e9fd952
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 17:49:51 GMT
age
318543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1899
x-xss-protection
0
server
sffe
etag
"de1853be803cb92a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 May 2024 17:49:51 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012305152039000/v0/ Frame 7CF7 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305152039000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45aa8d5ea20712aff96d0f962875a64a3798e9d409b8a962ac6462357779f0e9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 17:49:51 GMT
age
318543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12945
x-xss-protection
0
server
sffe
etag
"6b8dcbc7470d864f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 May 2024 17:49:51 GMT
css
fonts.googleapis.com/ Frame 7CF7 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 May 2023 10:03:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 May 2023 10:18:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7CF7 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
74624
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 26 May 2023 13:35:10 GMT
tr_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7CF7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr_bl.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb8e687f8ef4d4838ea77f88aa15f238529f8273aa2d22b7efc8ff18460f7757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 03:27:17 GMT
x-content-type-options
nosniff
server
cafe
age
24697
etag
2395455429816220802
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3040
x-xss-protection
0
expires
Sat, 27 May 2023 03:27:17 GMT
l
www.google.com/ads/measurement/ Frame 7CF7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTB3YNmBqV2_KHgZnMYNCzsKAHfwduIp66blZ_9n0-hFXvMogptU2s6RMAPmCuoFHcdEIRyX8Oyf42iKYt7915Qs1KXmw
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 7CF7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CE8oEjodwZN-VBZL_gAfUhpSwDIiqwOdwl7bhvJ0RmKW2lYsDEAEgwLKCa2CV4pCCoAegAZ-miaMpyAEGqQKyk_JsigSyPuACAKgDAaoE-QFP0BMB7XXURQQuWr47QyyOAbjxApGd1NORHMyKe30OJp7HahyaMwtjPGrW-RSDu_vYJM3IrZ5NYf3WjUIitjbFaIGgsUZq58sqAE_pTThqxIYNZLwfKF1OorVjqHIQtH_xqDR6ymAzg8-Jl4V8ylvB9j79D6pITfIQymZqu7lXEX2IgqdDK2W0C_sez5EYXoXEAn2QZmJPNJKQO4WWgsWqWcwKaDQ-C_CNml--R5MxvXmj8YV_iGIsDB7EidLPv9II7LZz4nc4EobBI6_V07TqSiOJzAlO27bZTmUe-yukCC2AO9xeVnYOnjiYyYdO2CnE18Ua_-ZFeBTABMnPuqmvBOAEAZIFBAgEGAGSBQQIBRgEgAeyhPCfBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEOA10ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=qFYcesLR4Rk&uach_m=[UACH]&cid=CAQSOwBygQiDOc_qWoYDw54OSto7Xb6elxXUFWdsMytcTr9HkESZKyzPMi0_xp-yBctr1On7gUyF3AnzHabgGAE&template_id=492
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
m
ad.yieldlab.net/ Frame D351
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEIPBwZWesAwGONIiBiVGswI&google_cver=1
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEIPBwZWesAwGONIiBiVGswI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYicia3gEwAQ&v=APEucNVisNps_ALiG8wkkyzWSJRklzWCeSIbXAKmn7-q4Bqx8JMsW66Q9L_BLOqlBJa3611uyfxBruVKwsdjt-ProEK-4Q-CE2v-TyHr_6h7ZomkPzAYzQNfNg-LrV2at1kUoaxm6sUgQLGLc5ppctDUiTL98Psy4So7cdx4s5oGnpptP32Psgk
Protocol
HTTP/1.1
Server
23.215.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-16-120.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 May 2023 10:18:54 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Thu, 25 May 2023 10:18:54 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEIPBwZWesAwGONIiBiVGswI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame D351
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEAGonobI0CYhijBCkPf1tnA&google_cver=1&adform_v=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEAGonobI0CYhijBCkPf1tnA&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYicia3gEwAQ&v=APEucNVisNps_ALiG8wkkyzWSJRklzWCeSIbXAKmn7-q4Bqx8JMsW66Q9L_BLOqlBJa3611uyfxBruVKwsdjt-ProEK-4Q-CE2v-TyHr_6h7ZomkPzAYzQNfNg-LrV2at1kUoaxm6sUgQLGLc5ppctDUiTL98Psy4So7cdx4s5oGnpptP32Psgk
Protocol
H2
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
last-modified
Thu, 11 Apr 2019 08:33:12 GMT
server
nginx
accept-ranges
bytes
etag
"5caefbc8-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEAGonobI0CYhijBCkPf1tnA&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 7CF7 		161 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7CF7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
079d35a60960663363c8760913cf3f9717ba96d6cac260c0dbb95d87a6a96262

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012305152039000/ Frame 3C2E 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305152039000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28f1451571c809f080980e5679bebad6b9b10a4d93233b37a991380d1e7d6828
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 17:49:51 GMT
age
318543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61839
x-xss-protection
0
server
sffe
etag
"c5e753c238beacad"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 May 2024 17:49:51 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012305152039000/v0/ Frame 3C2E 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305152039000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cede5e6b2d0201be197cfb96a9aeb4c5c95bd5749785a3e5473610e267f5de4f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 17:49:51 GMT
age
318543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5257
x-xss-protection
0
server
sffe
etag
"6147d0c60b11b4b1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 May 2024 17:49:51 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012305152039000/v0/ Frame 3C2E 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305152039000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213b087a5427c3b7e3a7d3acb2e179c6d43503c3f148e69edb8babb71dee622b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 17:49:51 GMT
age
318543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28959
x-xss-protection
0
server
sffe
etag
"e8b37e49415a2d9f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 May 2024 17:49:51 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012305152039000/v0/ Frame 3C2E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305152039000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6ba320adc868a92d71a8d20e0354206b22dafff65a7d4550f3bc6a08e9fd952
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 17:49:51 GMT
age
318543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1899
x-xss-protection
0
server
sffe
etag
"de1853be803cb92a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 May 2024 17:49:51 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012305152039000/v0/ Frame 3C2E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305152039000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45aa8d5ea20712aff96d0f962875a64a3798e9d409b8a962ac6462357779f0e9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 17:49:51 GMT
age
318543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12945
x-xss-protection
0
server
sffe
etag
"6b8dcbc7470d864f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 May 2024 17:49:51 GMT
css
fonts.googleapis.com/ Frame 3C2E 		6 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 May 2023 09:15:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 May 2023 10:18:54 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3C2E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 19:04:08 GMT
x-content-type-options
nosniff
server
cafe
age
54886
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
expires
Fri, 26 May 2023 19:04:08 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3C2E 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
74624
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 26 May 2023 13:35:10 GMT
l
www.google.com/ads/measurement/ Frame 3C2E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMJ5sdzS7Zo89FKeuumS1dpWjMAMkBj9n0xhukKBAn0E6T0JVvPeTUOh7EiIm-OZ41oPV0UYd_WbJFTPko3GpxH5LZ1A
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
6592766407814317453
tpc.googlesyndication.com/simgad/15343391343411720395/ Frame 3C2E 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15343391343411720395/6592766407814317453
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa9c2f56169016b8711164d88fb2b40400983029b0c0ee869487da8deca7d9cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 09:40:55 GMT
x-content-type-options
nosniff
age
175079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43542
x-xss-protection
0
last-modified
Mon, 11 Jan 2021 19:25:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 23 May 2024 09:40:55 GMT
truncated
/ Frame 3C2E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5f1c20e04ace9c3e22bb2200969e46c4ff36d12f5ea990c7acad82ba27469e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ Frame A253 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A253 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5AB6 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334164&bpp=10&bdt=156&idt=327&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&nras=1&correlator=6910485774796&frm=8&ife=1&pv=2&ga_vid=1185872397.1685096335&ga_sid=1685096335&ga_hid=928252979&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074821%2C44788442%2C44789779&oid=2&pvsid=857899531715694&tmod=2054775726&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.uo93gk3g129b&fsb=1&dtd=351
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E97E 		30 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334174&bpp=2&bdt=166&idt=372&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6910485774796&frm=8&ife=1&pv=1&ga_vid=1185872397.1685096335&ga_sid=1685096335&ga_hid=928252979&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074821%2C44788442%2C44789779&oid=2&pvsid=857899531715694&tmod=2054775726&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.y48ed9rmbs8q&fsb=1&dtd=378
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a3ea7a02a85db3b1ceb6c29d79cfe8eebf3c9e80686301e60c09ccfb7c4da62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12708
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA1F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=908902764668&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA1F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=908902764668&version=m202301230201&ct=76&x=8&cor=5779211525343354000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame AA1F 		17 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CT-p3YVgvR9-o0YBZoYnFcikiVzhz1KzqQtKG2l5bvept51lYLmxjQHs6Ra9zJw2ePgDOoBv8ZUxe9NEthohpJSPHD9uBr9B5n21SNg3WMonAMQgXvYUmMRdP9oiq789vSKGhW1iM-bIKl8WQGpDaJJfh_eJPmWznUMqU6GdID84w5W_I&cry=1&dbm_d=AKAmf-CKuSRT60-gxOhhZu8Yomn9aAmzO5AFu28cbov8p7EEscg31o8Twjh35JSDONIsYXRbh6L4eCmx0SXSd4xjvC-WBl66btFfWNcGh4baGW-vDcQh3B_vtw-IoUIRVHxVuF73E5L2XBhG1GMEb8RZJDgA6vouqTkNUKUCkGGPDcN0aTfcLlaTmfSOPXgluMzlFhQIQ5XD_J-MW4R8wnYsYj-YnXnyT6vOroImkT3y877u_8HzmcKxFPaetNd0-0oWprVBlodSaNrcnWfD9NloMYs82yy9j0PCTdDodIpThfygiTP3nfQZlDvozvFO0MhW78OqYmv6bPzhbKCGL556UsMD7YGA_HV_djC3I_NZ4TcgU8ZXZQWouDKXJVggWtyXrzZ1P-jiDnZOmyEQeogFKp_hSSR5MboT7LLR49UZ0wlbEAZYOjQGhAKZeFhMsYLWfEuFM9OxqPTYF3zeX4aOA9cA3sFp2TnYlJFgqMrqn7Sr2vgMNbVfJdp8pJscw4rMGOy-2HWRqs2BtubxTSLQVYHUbsFKBgTRceud5OpanFnpZ1a4e0S7ksNE_4oymztMTLNWHc6Wy21LOFn1GJTqMYQ7PshMXWTq0HIQbG2JOepDM7HPRcwbAh05rWo65zHv-YxEwADCKiDtRaAR56GHdUSnVLEaYcV0pGdTgNq3TRI6LK43nBOEy6Ayku4cjoHqlJdUXNEizxVISnFXKkn5y33McYnptdcDHtS09oe0u9axUiWoGrnXJWTv7OVxfhaUrjaDgp-e4zwLDmrUahlAooAWxzKeTSMSUX3WavN8VrnA3nyb-gOAGTo_5kmr_JW7Qk8F_3zghcQs1rcIz0qi3JdWs1eBApconrX1znzZDXWWXhq5cuTtadwdbEoK5VWWnjFSC1Wb5UaDn6HcHzambogLhzOHHc4ZDPSHqTSy-cblYMuT5JFOWUA6o-0D5YxFT0d7QnFFikaLyKrxKO29b-OEcULLt6x1s6hH4nxoXxrNAkfQ8_5eNI3ftp_mo4tS3nzc-HpUymhcma06gZdc-KhdLVHVfPIV76UHYp1O9BRSM1eaaPUFb-z00yOjWpr_rbaKOcezk6tNp4IRz5xRuU6zatbjwJBEGj494WwpbIdaO74syRFYgo0PZcvejChqpFGdv-CtZaKFudVWdECaJ4pjpgLNU7AlUygELxequ_FeoM42DTnga4gsJxVQo6meAidB2G8TbzXSW3TyyFbxVDVoD68Se94bRlk8T1SLOnrAIY5EbfR6yg9uDpuMuT5HuPOS4vReytLLwEpi0uog1mMbOG6MjJ1mrgaqXsmlTBIsd4_I-zUld8lBBFzpCFhXZ6b83-yntLmWpfNUbG1bPtldBh3kXL7gtouR-5PK_Br-6nomPXTFkEjdUBKXyLGSnEJFjeC3HWvTx20qptyfVaEFemALVLUU0dYdWPp_mgT52G4rOer4gJhf1fMW-30O07-ZQDMaRMqnN2uyQ7V6G9F8kx9WpQROaOUQyUEd2_xZvdUHtzm1KmBAK67qwG4Cs5bl6rJfqCiTEJyB4pKOX15ABDrRU_sEFqs4bEfyD2_usu9Or3gFhjfQEA_Dkr_DCP0NSOF2gn7F9b-gA0aCXFBdoilC9UJtlObYMgQXF-GfC6u0SGPtSu2q2f3eOQU3IO7okcqZMQ24cyQMmX58yMNNkZ5KK_AVNGfxLeBU-Fw3Il6T7sVeIcUQ_F_6nxgwABFft6TezrWsIiCDxIwiX5ksoNzHcr-Gq0YHdrfe4meOXy8bs0HlYXgRbkX4iDNAGWrizSo9dgHf7hnJh90thAPKmevg8xeXEy00fUyvgs3imRs0D0CBmSyaaZY53WkwGusZeny7zp1A5DELNPRs2BS9MDTq_5wpVBZuxxNrde6ND7C3RPVNgeDk_GwMYrLfRxiXGQ85_L6YdvJIM3CkVrW4MoOI-TXHsY4xFjtEGtRS1wdE6YPCL-tWEczwJGv5fihANidAmDz6VBUKp7FeI13u3YPpUooW4L0m9CgFohFPAtkPpYdaZ4L3oxpqVmNLDMEtFkrYZky3rrHCj87-N10wKolW-qQWGyTxy8sGFPrT3LF8LhSX1ROSI7FsFIJv0Ul1NNVv3RoTJRqLphF4FEU3udCoqr15MpmGEvjfz-vRWbkZuZTQg7ovbNDoYHC2-NpvROCu1YO5hxfWadqcFmdBFYZDBjE-6ytfw2rGuGq315KV3RIBRSozlUGALgWNJbpDbi4OrOGcnPqfO5qaq85N7VbE-B5U_Zl6VCk3v1Xaz9tlD6SDLxwU9-_teMla1MKhiFBP8XaAZ7gX5wjjjheUP2MHhAoTuricdbtaZSqioay4TLWaR1GqHM4OO-drWTwzH1CsPhkZ5mFiL3OOqCd4PcAI_-qhExvHadCpbh2Kj94IAZ849_2cZyWFQkFhuIS4UcwntgsfUDKNtrQXRlsz2AMUomXGKjjS8i2Z8xI6AFYA-7u_6Y2WhbGrCMoqdrFH_3_JZy1jtFt2qZbcLgw6PHO3HQBXto9Le7cBNlPQAamg3X7iFVhb6S1A7zsIx83pFiEETxHWLDQQT3jMsYeoSFiHMkJUDjp7OmrjMtiAMVsRbTGktfraYFTnlwb0MV4MDuowmLZ5s5c-4q9VZRqrSPrgiencs3FBueq9w2hSUntwkWz5IQl4k1nHee2CW3fCzgbxxoXnp9bxYA2oCCHUyTEH1_O-4_PfJTKMwV1sS22ZTQ2Oi-8OhO0YFqWJU6zJJZHSReNnSetW2h9XiIkqYnJLQq9ltf9aeQq82BGgWtn9esceO_YPfeKe7TlYyfmN4oHzBdp9GWK6VPiUqyRBllE8_fqfGJTnKCczOniT2xGtSGmz1Yu8pHP-71QR0R6lGc2Q&pr=8%3A47CC87B0CFB4F74C&cid=CAQSMgBygQiDm2P1MQwhih4IybZaEmEzt-Ao3pKZB8s6Mj9q0963ir2PtojHAIWu9VJVXFxjGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=5779211525343354000&adk=1824332119&idt=120&cac=0&dtd=24
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2790be78aac1dca5f2e9f20cb336c14b8a5b862c18c30bb25f5ca015c008a34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12293
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1A78 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzSMzjodwZK7qBMeOgAf3m5voBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwGqBIoCT9AnoevuBKWx0oubYwQ01t8Cf3gyhRSu-awi96sj1Rw57m-uatw0Sidnp5ISTgtnoMm3sO4QYwL_Ql8MThrBVhUOq9aPShfUQNgx0u9Zse63ulWdeFF8wDifnVi1v-j0hqRzawt8HZrw1Niftu9cTKRXCIKam0mMWAZ9CU_BxdBwz6ZFyjCLejU2h0DSRLkuEyasN9azMzvqcY46Yiyix6Au1qDGmQDERloWbqJE6u7tueMggwswvTrA5924vflLSykmm--JoqCmd0Ma5ZqVMVNrZsiG4xPkE-MAz_JKTe1IQxQLGfPnCZqBzf3AMmMysm3Ps6JL102I3_16QLkPMIAeV9PQXKf2RgrgBAGABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTc5ODM2NTEyNTc4MzgyODIY6sFt&sigh=SoDpzXhJHAU&uach_m=[UACH]&cid=CAQSOwBygQiDsQD-tmxSuP58-BOJbv-_1f4n3QzLw-Llwy753Qf2-Tv4tMVXBNktUDW89DN-X9meWV8tIXNUGAE&tpd=AGWhJmv5TuYwyiz9pbw67ZVdPStjiIlVONMM9VgwKsUvKt9KG6FHlXmZdKbt4VrOoBFve9j3H2zp_unk_diNHIpv3hMBPB3tkYSlhg2Q3Erb_TEo5-h2igbYOBmWOOoqulF0A7kTHKe89jEzt4z_ulRVIWQ0iprqNCrfH9S5ffesxVwS3C820GYVYJMdyBuiqNKyA9nCp1foSN-dyD6ucC9rFAneJDl_WvyuodA2_MYvk5vV_HExEMOecK0qKoTjMHO5RNBpciDLU7KWh_RzxFzPFP2SNW54ULVrHhiG9RXmoK1qGP-TUvIyh3mrM9BY97GKTQbsbiviZ55IbMK72Ca0MFiJcypyIFF1EVy8_QwxSRsMyp9Lp0hCCaqYd24HPGVdVYEf5_7yUB2X1-RPtbGAYLKvu7qVJ66Tr8B30F4SmzrNWZHusZ0e-FSasls6czBbQIwVYVgOmv-p-UTBdQ6_uru9mlesHtDQAMkwGZ-6kDBy2asup3vqJNtM1ZmM1rYR0OeWfTXgZg0FU6m5esyRgCsKMYaODgyUzA6bbZ_gH7c8Zl-5Eql4Ckz9NPF37FaMwBcqiI39ai74h1d198TKKL9QitI6l4TrjTPjLmP4EYanKiXKDeSGCgyo2ucb41anbnmx9NQNwbfhSW5GLZ5de8l_faPiQKR2bEFSh5iZaMCog3wwaz8kU5zE8XdFk0yOqYAejlcBW_4nCGknvF0d3HW9DcmarEQbdrEw3FaP_cRQOyJe47MExHO9DgOZtlXtHH6B1qlNqo4TFRO3S_4Ok7v61AlHOsBIaXmoKKuCA9KB-O3hBPDMUS3AYaBmjmXR4F5aCBuJnLAZHs4zVQzF4eMvSQxbDp1wnqZX_lg4YFDcEl3e3NRwOEt6kwdz2jF-UYt3nvHD79pdHySYKE0HMtVJh0CFI5OPtwkbRdJy8pNxvADvxvr0qDtOeUBp77d_G4s3cna_yFwTWMsdnxNK3isA0AkS7Zakd8x-s7gHoExBI25eA8Pqy71Vv4vQk3QHkb6uwrm76f1iSVYY3Eq8hgOxi7F_TXwmDMyT_V2NwaeTR57tqcmnAUmuelRnpfyqzY2VSCjsVKZk5A-8O6kf0C-Wc1xtOy6owTcDCnLGb1iozQ4nHA
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
js
tags.mathtag.com/notify/ Frame 1A78 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkdRMU5qQTRPV1l0T1dSaE55MDNNVEJrTFRBd01EQXRNREF3TURBd01EQXdNREF3LzUyNzQ2NDM3NjUxMzk0MTQ0OTQvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1X1pDb2xsMzhLS3p6R1dJaGVaZVRuMC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81Mjc0NjQzNzY1MTM5NDE0NDk0L3pyaC8wLzI3MS81MS85OTkvMTYyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY4NTA5NjMzNC8xNjg1MTA4OTM0LzQvcHViLTc5ODM2NTEyNTc4MzgyODIv/SgjhtZSN8n36m5KP-HUsUSRFhac&nodeid=3816&group=zrh&auctionid=5274643765139414494&pbs_auctionid=5274643765139414494&shardkey=5274643765139414494&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.138&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP4lkjodwZK7qBMeOgAf3m5voBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwGqBI0CT9AnoevuBKWx0oubYwQ01t8Cf3gyhRSu-awi96sj1Rw57m-uatw0Sidnp5ISTgtnoMm3sO4QYwL_Ql8MThrBVhUOq9aPShfUQNgx0u9Zse63ulWdeFF8wDifnVi1v-j0hqRzawt8HZrw1Niftu9cTKRXCIKam0mMWAZ9CU_BxdBwz6ZFyjCLejU2h0DSRLkuEyasN9azMzvqcY46Yiyix6Au1qDGmQDERloWbqJE6u7tueMggwswvTrA5924vflLSykmm--JoqCmd0Ma5ZqVMVNrZsiG4xPkE-MAz_JKTe1IQxQLW_HGmzY9afpNliuZai1gQ79f3fGC8eWb_XlPn3q_Sf_I8j5KQYeOEILgBAGABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ewQPV9j1h2Shn8zF8bDlt8UqOaA%26client%3Dca-pub-7983651257838282%26adurl%3D
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.388.2 /
Resource Hash
0a44696263eca0ad2488b1b89924aabcc5e7792d931d576ad5cc71c77cff9dc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 10:18:54 GMT
x-mm-nodeid
3816
Content-Encoding
gzip
x-mm-bid-request-time
1685096334
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
close
x-mm-handled-by-owner
true
Last-Modified
Fri, 26 May 2023 10:18:54 GMT
Server
MMBD/3.388.2
x-mm-latency
22 (0)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
cdg-router-x94, zrh-bidder-x80
x-mm-lag
0
Expires
Fri, 26 May 2023 10:18:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 1A78 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:30:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
6518
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Jun 2023 08:30:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 1A78 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 14:12:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
72357
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7987
x-xss-protection
0
server
cafe
etag
5788035530912182302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 14:12:57 GMT
l
www.google.com/ads/measurement/ Frame 1A78 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJF6VHGhIjJFxWMASNhwAOHQ7W_DjnlyBLaKf4f6z3bpxvK53PgY_Lvt3EpcYdQwFaBWNLeYq24CoB0_Q-tow0BIBefQ
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1A78 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 14:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
588399
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 May 2024 14:52:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A78 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 May 2023 10:18:54 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7CF7 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 19:09:17 GMT
x-content-type-options
nosniff
age
227377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 May 2024 19:09:17 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7467 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 19:09:17 GMT
x-content-type-options
nosniff
age
227377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 May 2024 19:09:17 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3C2E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 17:04:15 GMT
x-content-type-options
nosniff
age
494079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 17:04:15 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3C2E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 15:24:53 GMT
x-content-type-options
nosniff
age
500041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 15:24:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3C2E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 02:06:17 GMT
x-content-type-options
nosniff
age
29557
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 May 2024 02:06:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FFDA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgx4qv2riZkwPTVmGbCsUbOgpR_7UQZEo6-O_WYSSPd026zXKwgLMdcqQygtdRg01SVyrb5sJUkqtuOKUZoBOe0JrJvMazT31p6x7vtA0WYv-w0lOWfsCTZydrmXktqEf5mJQJ-WN4tP9mX2epK_WN1G_TQLYqZwyb3hq05MGqWvsT-RdKJpiKRN38Nzk6gVmjRvOt67uU694sBJCOPCmH_b0i8nDmJMfW2BXfZHHunSt8F7J67exYOLV51WZV_0TyrhTHf4esPOTG0BkBgQaFnuEw5rxdA-iNGNONzJgXtZ6ZsXVskg8tVNm2xrLuWgEf8xGA1aLCmYB_sFmIVMSI56ZdDz0WI1CtQeP_&sai=AMfl-YSWH-7CPux7QMkpiCeB6M6YIAxKPqaI4KPtjor2BJhaAWazj3mcv78CIMjQ8HeO82bNFq1ZRpB848xCU7MViFdsoWiRMiN8GkZYHPDEAAQEsuNIoKSohU-wbCKzZg&sig=Cg0ArKJSzKiY27Jn-fKYEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/ Frame FFDA 		350 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com&bust=31074869
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
367311b199a022f641e3f473fcfb6a42acc7c78b492c68e3971d2cc3d9176f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120274
x-xss-protection
0
server
cafe
etag
17518515081196725930
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 26 May 2023 10:18:54 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7CF7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

date
Fri, 26 May 2023 10:18:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame AA1F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CT-p3YVgvR9-o0YBZoYnFcikiVzhz1KzqQtKG2l5bvept51lYLmxjQHs6Ra9zJw2ePgDOoBv8ZUxe9NEthohpJSPHD9uBr9B5n21SNg3WMonAMQgXvYUmMRdP9oiq789vSKGhW1iM-bIKl8WQGpDaJJfh_eJPmWznUMqU6GdID84w5W_I&cry=1&dbm_d=AKAmf-CKuSRT60-gxOhhZu8Yomn9aAmzO5AFu28cbov8p7EEscg31o8Twjh35JSDONIsYXRbh6L4eCmx0SXSd4xjvC-WBl66btFfWNcGh4baGW-vDcQh3B_vtw-IoUIRVHxVuF73E5L2XBhG1GMEb8RZJDgA6vouqTkNUKUCkGGPDcN0aTfcLlaTmfSOPXgluMzlFhQIQ5XD_J-MW4R8wnYsYj-YnXnyT6vOroImkT3y877u_8HzmcKxFPaetNd0-0oWprVBlodSaNrcnWfD9NloMYs82yy9j0PCTdDodIpThfygiTP3nfQZlDvozvFO0MhW78OqYmv6bPzhbKCGL556UsMD7YGA_HV_djC3I_NZ4TcgU8ZXZQWouDKXJVggWtyXrzZ1P-jiDnZOmyEQeogFKp_hSSR5MboT7LLR49UZ0wlbEAZYOjQGhAKZeFhMsYLWfEuFM9OxqPTYF3zeX4aOA9cA3sFp2TnYlJFgqMrqn7Sr2vgMNbVfJdp8pJscw4rMGOy-2HWRqs2BtubxTSLQVYHUbsFKBgTRceud5OpanFnpZ1a4e0S7ksNE_4oymztMTLNWHc6Wy21LOFn1GJTqMYQ7PshMXWTq0HIQbG2JOepDM7HPRcwbAh05rWo65zHv-YxEwADCKiDtRaAR56GHdUSnVLEaYcV0pGdTgNq3TRI6LK43nBOEy6Ayku4cjoHqlJdUXNEizxVISnFXKkn5y33McYnptdcDHtS09oe0u9axUiWoGrnXJWTv7OVxfhaUrjaDgp-e4zwLDmrUahlAooAWxzKeTSMSUX3WavN8VrnA3nyb-gOAGTo_5kmr_JW7Qk8F_3zghcQs1rcIz0qi3JdWs1eBApconrX1znzZDXWWXhq5cuTtadwdbEoK5VWWnjFSC1Wb5UaDn6HcHzambogLhzOHHc4ZDPSHqTSy-cblYMuT5JFOWUA6o-0D5YxFT0d7QnFFikaLyKrxKO29b-OEcULLt6x1s6hH4nxoXxrNAkfQ8_5eNI3ftp_mo4tS3nzc-HpUymhcma06gZdc-KhdLVHVfPIV76UHYp1O9BRSM1eaaPUFb-z00yOjWpr_rbaKOcezk6tNp4IRz5xRuU6zatbjwJBEGj494WwpbIdaO74syRFYgo0PZcvejChqpFGdv-CtZaKFudVWdECaJ4pjpgLNU7AlUygELxequ_FeoM42DTnga4gsJxVQo6meAidB2G8TbzXSW3TyyFbxVDVoD68Se94bRlk8T1SLOnrAIY5EbfR6yg9uDpuMuT5HuPOS4vReytLLwEpi0uog1mMbOG6MjJ1mrgaqXsmlTBIsd4_I-zUld8lBBFzpCFhXZ6b83-yntLmWpfNUbG1bPtldBh3kXL7gtouR-5PK_Br-6nomPXTFkEjdUBKXyLGSnEJFjeC3HWvTx20qptyfVaEFemALVLUU0dYdWPp_mgT52G4rOer4gJhf1fMW-30O07-ZQDMaRMqnN2uyQ7V6G9F8kx9WpQROaOUQyUEd2_xZvdUHtzm1KmBAK67qwG4Cs5bl6rJfqCiTEJyB4pKOX15ABDrRU_sEFqs4bEfyD2_usu9Or3gFhjfQEA_Dkr_DCP0NSOF2gn7F9b-gA0aCXFBdoilC9UJtlObYMgQXF-GfC6u0SGPtSu2q2f3eOQU3IO7okcqZMQ24cyQMmX58yMNNkZ5KK_AVNGfxLeBU-Fw3Il6T7sVeIcUQ_F_6nxgwABFft6TezrWsIiCDxIwiX5ksoNzHcr-Gq0YHdrfe4meOXy8bs0HlYXgRbkX4iDNAGWrizSo9dgHf7hnJh90thAPKmevg8xeXEy00fUyvgs3imRs0D0CBmSyaaZY53WkwGusZeny7zp1A5DELNPRs2BS9MDTq_5wpVBZuxxNrde6ND7C3RPVNgeDk_GwMYrLfRxiXGQ85_L6YdvJIM3CkVrW4MoOI-TXHsY4xFjtEGtRS1wdE6YPCL-tWEczwJGv5fihANidAmDz6VBUKp7FeI13u3YPpUooW4L0m9CgFohFPAtkPpYdaZ4L3oxpqVmNLDMEtFkrYZky3rrHCj87-N10wKolW-qQWGyTxy8sGFPrT3LF8LhSX1ROSI7FsFIJv0Ul1NNVv3RoTJRqLphF4FEU3udCoqr15MpmGEvjfz-vRWbkZuZTQg7ovbNDoYHC2-NpvROCu1YO5hxfWadqcFmdBFYZDBjE-6ytfw2rGuGq315KV3RIBRSozlUGALgWNJbpDbi4OrOGcnPqfO5qaq85N7VbE-B5U_Zl6VCk3v1Xaz9tlD6SDLxwU9-_teMla1MKhiFBP8XaAZ7gX5wjjjheUP2MHhAoTuricdbtaZSqioay4TLWaR1GqHM4OO-drWTwzH1CsPhkZ5mFiL3OOqCd4PcAI_-qhExvHadCpbh2Kj94IAZ849_2cZyWFQkFhuIS4UcwntgsfUDKNtrQXRlsz2AMUomXGKjjS8i2Z8xI6AFYA-7u_6Y2WhbGrCMoqdrFH_3_JZy1jtFt2qZbcLgw6PHO3HQBXto9Le7cBNlPQAamg3X7iFVhb6S1A7zsIx83pFiEETxHWLDQQT3jMsYeoSFiHMkJUDjp7OmrjMtiAMVsRbTGktfraYFTnlwb0MV4MDuowmLZ5s5c-4q9VZRqrSPrgiencs3FBueq9w2hSUntwkWz5IQl4k1nHee2CW3fCzgbxxoXnp9bxYA2oCCHUyTEH1_O-4_PfJTKMwV1sS22ZTQ2Oi-8OhO0YFqWJU6zJJZHSReNnSetW2h9XiIkqYnJLQq9ltf9aeQq82BGgWtn9esceO_YPfeKe7TlYyfmN4oHzBdp9GWK6VPiUqyRBllE8_fqfGJTnKCczOniT2xGtSGmz1Yu8pHP-71QR0R6lGc2Q&pr=8%3A47CC87B0CFB4F74C&cid=CAQSMgBygQiDm2P1MQwhih4IybZaEmEzt-Ao3pKZB8s6Mj9q0963ir2PtojHAIWu9VJVXFxjGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=5779211525343354000&adk=1824332119&idt=120&cac=0&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 19:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400419
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 May 2024 19:05:15 GMT
passback_160x600.js
static.adsafeprotected.com/ Frame AA1F
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1352960/69587979/xbbe/creative/adj?p=APEucNVqL6oAgioxGD8L0DyOT5YPZmBp5eyf8WrkQ25ro_9dx29sOtw&d=CokBAKAmf-A6HsJz9ezWhWodVa_XRk8gVw83AXwsO7J9fpoJRxmZDrHUjxqfO2F...
  • https://static.adsafeprotected.com/passback_160x600.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_160x600.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Server
2600:9000:223f:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95e9b520e4fa4708a1c77240f74659b7964412a25f37c656cb1cb05cfed6b324

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
8Lk6nwqXh6k6nfZmyjbOHVq75QkTtjZi
content-encoding
gzip
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
date
Tue, 23 May 2023 18:57:29 GMT
x-amz-cf-pop
FRA56-P5
age
466696
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:36 GMT
server
AmazonS3
etag
W/"e27cc778cdbd4fb2ab2c39d090d5c119"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
IfN_vP4xpSzfhdO8GC09znMtflNQzuGMJt52107eqBKLY7LK7PuEQA==

Redirect headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:54 GMT
server
nginx
x-server-name
app06.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/passback_160x600.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame DFB0 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
21321758
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
JejTbjW5LUywpskvrAx-wqAXCfoHxPABcusWF2x2kc8OxTk2pjtoMA==
k2vt83281pvm
hal9000.redintelligence.net/zone/ Frame 1A78 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/k2vt83281pvm?subid=&gdpr=1&gdpr_consent=li&rnd=5274643765139414494&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYIKY53cTyueaEVzLf3V8cA%26exch_seat%3D20035004448%26mt_aid%3D5274643765139414494%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D1c5d6470-878e-4a01-91e8-46721305ae64%26mt_cid%3D1c5d6470-878e-4a01-91e8-46721305ae64%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCP4lkjodwZK7qBMeOgAf3m5voBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwGqBI0CT9AnoevuBKWx0oubYwQ01t8Cf3gyhRSu-awi96sj1Rw57m-uatw0Sidnp5ISTgtnoMm3sO4QYwL_Ql8MThrBVhUOq9aPShfUQNgx0u9Zse63ulWdeFF8wDifnVi1v-j0hqRzawt8HZrw1Niftu9cTKRXCIKam0mMWAZ9CU_BxdBwz6ZFyjCLejU2h0DSRLkuEyasN9azMzvqcY46Yiyix6Au1qDGmQDERloWbqJE6u7tueMggwswvTrA5924vflLSykmm--JoqCmd0Ma5ZqVMVNrZsiG4xPkE-MAz_JKTe1IQxQLW_HGmzY9afpNliuZai1gQ79f3fGC8eWb_XlPn3q_Sf_I8j5KQYeOEILgBAGABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1ewQPV9j1h2Shn8zF8bDlt8UqOaA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
b7f2582814e582dda7d64502186a44ff08274e8a7f339dcabec44cf408ac4060

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 10:18:54 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3456
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 1A78 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=5274643765139414494&node_id=3816&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkdRMU5qQTRPV1l0T1dSaE55MDNNVEJrTFRBd01EQXRNREF3TURBd01EQXdNREF3LzUyNzQ2NDM3NjUxMzk0MTQ0OTQvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1X1pDb2xsMzhLS3p6R1dJaGVaZVRuMC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81Mjc0NjQzNzY1MTM5NDE0NDk0L3pyaC8wLzI3MS81MS85OTkvMTYyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY4NTA5NjMzNC8xNjg1MTA4OTM0LzQvcHViLTc5ODM2NTEyNTc4MzgyODIv/SgjhtZSN8n36m5KP-HUsUSRFhac&nodeid=3816&group=zrh&auctionid=5274643765139414494&pbs_auctionid=5274643765139414494&shardkey=5274643765139414494&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.138&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP4lkjodwZK7qBMeOgAf3m5voBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwGqBI0CT9AnoevuBKWx0oubYwQ01t8Cf3gyhRSu-awi96sj1Rw57m-uatw0Sidnp5ISTgtnoMm3sO4QYwL_Ql8MThrBVhUOq9aPShfUQNgx0u9Zse63ulWdeFF8wDifnVi1v-j0hqRzawt8HZrw1Niftu9cTKRXCIKam0mMWAZ9CU_BxdBwz6ZFyjCLejU2h0DSRLkuEyasN9azMzvqcY46Yiyix6Au1qDGmQDERloWbqJE6u7tueMggwswvTrA5924vflLSykmm--JoqCmd0Ma5ZqVMVNrZsiG4xPkE-MAz_JKTe1IQxQLW_HGmzY9afpNliuZai1gQ79f3fGC8eWb_XlPn3q_Sf_I8j5KQYeOEILgBAGABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ewQPV9j1h2Shn8zF8bDlt8UqOaA%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.388.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 10:18:54 GMT
Server
MMBD/3.388.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x106, zrh-bidder-x80
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Fri, 26 May 2023 10:18:53 GMT
img
pixel.mathtag.com/event/ Frame 1A78 		43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=5274643765139414494&v3=651871&v4=4562306&v5=6622324&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkdRMU5qQTRPV1l0T1dSaE55MDNNVEJrTFRBd01EQXRNREF3TURBd01EQXdNREF3LzUyNzQ2NDM3NjUxMzk0MTQ0OTQvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1X1pDb2xsMzhLS3p6R1dJaGVaZVRuMC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81Mjc0NjQzNzY1MTM5NDE0NDk0L3pyaC8wLzI3MS81MS85OTkvMTYyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY4NTA5NjMzNC8xNjg1MTA4OTM0LzQvcHViLTc5ODM2NTEyNTc4MzgyODIv/SgjhtZSN8n36m5KP-HUsUSRFhac&nodeid=3816&group=zrh&auctionid=5274643765139414494&pbs_auctionid=5274643765139414494&shardkey=5274643765139414494&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.138&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP4lkjodwZK7qBMeOgAf3m5voBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwGqBI0CT9AnoevuBKWx0oubYwQ01t8Cf3gyhRSu-awi96sj1Rw57m-uatw0Sidnp5ISTgtnoMm3sO4QYwL_Ql8MThrBVhUOq9aPShfUQNgx0u9Zse63ulWdeFF8wDifnVi1v-j0hqRzawt8HZrw1Niftu9cTKRXCIKam0mMWAZ9CU_BxdBwz6ZFyjCLejU2h0DSRLkuEyasN9azMzvqcY46Yiyix6Au1qDGmQDERloWbqJE6u7tueMggwswvTrA5924vflLSykmm--JoqCmd0Ma5ZqVMVNrZsiG4xPkE-MAz_JKTe1IQxQLW_HGmzY9afpNliuZai1gQ79f3fGC8eWb_XlPn3q_Sf_I8j5KQYeOEILgBAGABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ewQPV9j1h2Shn8zF8bDlt8UqOaA%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-198.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master cdg-pixel-x11 config_version:"unknown" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 10:18:54 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x11 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Fri, 26 May 2023 10:18:53 GMT
img
tags.mathtag.com/event/ Frame 1A78 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=5274643765139414494&st=4562306&time=1685096334&nodeid=3816
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkdRMU5qQTRPV1l0T1dSaE55MDNNVEJrTFRBd01EQXRNREF3TURBd01EQXdNREF3LzUyNzQ2NDM3NjUxMzk0MTQ0OTQvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1X1pDb2xsMzhLS3p6R1dJaGVaZVRuMC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81Mjc0NjQzNzY1MTM5NDE0NDk0L3pyaC8wLzI3MS81MS85OTkvMTYyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY4NTA5NjMzNC8xNjg1MTA4OTM0LzQvcHViLTc5ODM2NTEyNTc4MzgyODIv/SgjhtZSN8n36m5KP-HUsUSRFhac&nodeid=3816&group=zrh&auctionid=5274643765139414494&pbs_auctionid=5274643765139414494&shardkey=5274643765139414494&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.138&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP4lkjodwZK7qBMeOgAf3m5voBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwGqBI0CT9AnoevuBKWx0oubYwQ01t8Cf3gyhRSu-awi96sj1Rw57m-uatw0Sidnp5ISTgtnoMm3sO4QYwL_Ql8MThrBVhUOq9aPShfUQNgx0u9Zse63ulWdeFF8wDifnVi1v-j0hqRzawt8HZrw1Niftu9cTKRXCIKam0mMWAZ9CU_BxdBwz6ZFyjCLejU2h0DSRLkuEyasN9azMzvqcY46Yiyix6Au1qDGmQDERloWbqJE6u7tueMggwswvTrA5924vflLSykmm--JoqCmd0Ma5ZqVMVNrZsiG4xPkE-MAz_JKTe1IQxQLW_HGmzY9afpNliuZai1gQ79f3fGC8eWb_XlPn3q_Sf_I8j5KQYeOEILgBAGABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ewQPV9j1h2Shn8zF8bDlt8UqOaA%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.388.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 10:18:54 GMT
Server
MMBD/3.388.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x88, zrh-bidder-x80
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Fri, 26 May 2023 10:18:53 GMT
truncated
/ Frame FFDA 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc560f736448e4e296e9a861153ce0988140ce3f969f20a84315b3836767aad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame AA1F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3Ea67HMPdWYVQYiL8iAYBxzu6diCpwLp62_HiDdvimua-o7sa1vz7XD60mCKYpF2gme7sBO-XEhHBnI3OyuTYjeL96NiA2nAGulZ6Rr1LICiowixZxWDLFvK6NgQ9t3lRtG4MZBP2yWTwLCxnhDlnimkIft2jfaWG0_0KYaidODiKyGcvPbfDPalUbNAXl4iB-agyGLakozKGy2IiuEUzaVDu5bfJmH1WgNKCqQ1HKn5N9CodjPQeddL4a65t2AvWBB35UvGWCFcqVTOyZGyR7_6POmseQJaKi5mryxJNTvJXgU-eQ9M8RCzQOc6SiJ7eRZtt3Nxe_n3Tq1on9Q&sai=AMfl-YRljUrzKoc-CCEpzcg5zgIFyCd6H4wSX9t9JFMhqPjIDhWz6pH99MzpkVEsy9Muw6XZ95cVccNknV3Ru9NIFurHPfy6xfZ-nBmWAxrJh1C912v0p1COfRPJwu-2Bg&sig=Cg0ArKJSzA9KWK4nDXWREAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 26 May 2023 10:18:54 GMT
dt
dt.adsafeprotected.com/ Frame AA1F 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=94a131fa-d10e-8063-ab9e-fdbd6f30e251&tv=%7Bc:dIm1Ar,pingTime:-3,time:146,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:147,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B140~0%5D,as:%5B140~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tFmcuxv+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C117*.1352960-69587979%7C1171%7C118%7C119%7C11a%7C11b%7C11c,idMap:117*,rmeas:1,rend:0,renddet:IMG.us,siq:22%7D&br=c
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame AA1F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=94a131fa-d10e-8063-ab9e-fdbd6f30e251&tv=%7Bc:dIm1At,pingTime:-6,time:148,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:148,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B141~0%5D,as:%5B141~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tFmcuxv+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C117*.1352960-69587979%7C1171%7C118%7C119%7C11a%7C11b%7C11c,idMap:117*,rmeas:1,rend:0,renddet:IMG.us,siq:22%7D&tpiLookup=ao:pcloak.blob.core.windows.net*%2Cye-mek.net*&br=c
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3C2E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305152039000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 19:04:08 GMT
x-content-type-options
nosniff
server
cafe
age
54886
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
expires
Fri, 26 May 2023 19:04:08 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3C2E 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305152039000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
74624
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 26 May 2023 13:35:10 GMT
dt
dt.adsafeprotected.com/ Frame AA1F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=94a131fa-d10e-8063-ab9e-fdbd6f30e251&tv=%7Bc:dIm1Bd,pingTime:-2,time:194,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:487,beZ:488,mfA:490,cmA:491,inA:491,inZ:496,prA:496,prZ:502,si:508,poA:510,poZ:532,cmZ:532,mfZ:532,loA:634,loZ:637,ltA:680,ltZ:680%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:194,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B187~0%5D,as:%5B187~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tFmcuxv+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C117*.1352960-69587979%7C1171%7C118%7C119%7C11a%7C11b%7C11c,idMap:117*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:22,sinceFw:170,readyFired:false%7D&br=c
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
request.php
hal900010.redintelligence.net/ Frame 1A78 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=0501dcac20&subid=&uid=e787f7078c95c2e9&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYIKY53cTyueaEVzLf3V8cA%26exch_seat%3D20035004448%26mt_aid%3D5274643765139414494%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D1c5d6470-878e-4a01-91e8-46721305ae64%26mt_cid%3D1c5d6470-878e-4a01-91e8-46721305ae64%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCP4lkjodwZK7qBMeOgAf3m5voBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwGqBI0CT9AnoevuBKWx0oubYwQ01t8Cf3gyhRSu-awi96sj1Rw57m-uatw0Sidnp5ISTgtnoMm3sO4QYwL_Ql8MThrBVhUOq9aPShfUQNgx0u9Zse63ulWdeFF8wDifnVi1v-j0hqRzawt8HZrw1Niftu9cTKRXCIKam0mMWAZ9CU_BxdBwz6ZFyjCLejU2h0DSRLkuEyasN9azMzvqcY46Yiyix6Au1qDGmQDERloWbqJE6u7tueMggwswvTrA5924vflLSykmm--JoqCmd0Ma5ZqVMVNrZsiG4xPkE-MAz_JKTe1IQxQLW_HGmzY9afpNliuZai1gQ79f3fGC8eWb_XlPn3q_Sf_I8j5KQYeOEILgBAGABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1ewQPV9j1h2Shn8zF8bDlt8UqOaA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=3994178873109&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/k2vt83281pvm?subid=&gdpr=1&gdpr_consent=li&rnd=5274643765139414494&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYIKY53cTyueaEVzLf3V8cA%26exch_seat%3D20035004448%26mt_aid%3D5274643765139414494%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D1c5d6470-878e-4a01-91e8-46721305ae64%26mt_cid%3D1c5d6470-878e-4a01-91e8-46721305ae64%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCP4lkjodwZK7qBMeOgAf3m5voBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwGqBI0CT9AnoevuBKWx0oubYwQ01t8Cf3gyhRSu-awi96sj1Rw57m-uatw0Sidnp5ISTgtnoMm3sO4QYwL_Ql8MThrBVhUOq9aPShfUQNgx0u9Zse63ulWdeFF8wDifnVi1v-j0hqRzawt8HZrw1Niftu9cTKRXCIKam0mMWAZ9CU_BxdBwz6ZFyjCLejU2h0DSRLkuEyasN9azMzvqcY46Yiyix6Au1qDGmQDERloWbqJE6u7tueMggwswvTrA5924vflLSykmm--JoqCmd0Ma5ZqVMVNrZsiG4xPkE-MAz_JKTe1IQxQLW_HGmzY9afpNliuZai1gQ79f3fGC8eWb_XlPn3q_Sf_I8j5KQYeOEILgBAGABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1ewQPV9j1h2Shn8zF8bDlt8UqOaA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1f3c6db80aba5d34829a5eac777dd91b47bf7ab6a06f9688cc0e4ff8c6c7fd63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 May 2023 10:18:55 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
40778400054361700951395012336010
Connection
close
Content-Length
1099
Expires
Fri, 26 May 2023 11:18:55 +0200
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5B81 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
181212
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 07:58:43 GMT
expires
Thu, 23 May 2024 07:58:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame FFDA 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com&bust=31074869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FFDA 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com&bust=31074869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 757A 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407281013&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334695&bpp=3&bdt=298&idt=342&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&nras=1&correlator=3158054665860&frm=8&ife=1&pv=2&ga_vid=313650823.1685096335&ga_sid=1685096335&ga_hid=624338477&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074869%2C44788442%2C44789923&oid=2&pvsid=3659434229855259&tmod=909151483&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.a74zgik5xohk&fsb=1&dtd=359
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com&bust=31074869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F889 		30 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334698&bpp=1&bdt=302&idt=377&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3158054665860&frm=8&ife=1&pv=1&ga_vid=313650823.1685096335&ga_sid=1685096335&ga_hid=624338477&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074869%2C44788442%2C44789923&oid=2&pvsid=3659434229855259&tmod=909151483&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n6f0gnnu4uru&fsb=1&dtd=381
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com&bust=31074869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4347fc272b36759f23aeb8be9d989fcd88497c92871a1ffb240d8037d044541
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12749
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame E97E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334174&bpp=2&bdt=166&idt=372&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6910485774796&frm=8&ife=1&pv=1&ga_vid=1185872397.1685096335&ga_sid=1685096335&ga_hid=928252979&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074821%2C44788442%2C44789779&oid=2&pvsid=857899531715694&tmod=2054775726&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.y48ed9rmbs8q&fsb=1&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:30:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
6519
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Jun 2023 08:30:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame E97E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334174&bpp=2&bdt=166&idt=372&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6910485774796&frm=8&ife=1&pv=1&ga_vid=1185872397.1685096335&ga_sid=1685096335&ga_hid=928252979&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074821%2C44788442%2C44789779&oid=2&pvsid=857899531715694&tmod=2054775726&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.y48ed9rmbs8q&fsb=1&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 14:12:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
72358
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7987
x-xss-protection
0
server
cafe
etag
5788035530912182302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 14:12:57 GMT
l
www.google.com/ads/measurement/ Frame E97E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyNFNAIJCSEePyi7_1tShFLThHhnOEKMnf3iy1EaloFjLfFln2OmKV9bWjwBWwcVVWzqVWUimn6HPAQA3SKET4WG4UpA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334174&bpp=2&bdt=166&idt=372&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6910485774796&frm=8&ife=1&pv=1&ga_vid=1185872397.1685096335&ga_sid=1685096335&ga_hid=928252979&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074821%2C44788442%2C44789779&oid=2&pvsid=857899531715694&tmod=2054775726&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.y48ed9rmbs8q&fsb=1&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E97E 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334174&bpp=2&bdt=166&idt=372&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6910485774796&frm=8&ife=1&pv=1&ga_vid=1185872397.1685096335&ga_sid=1685096335&ga_hid=928252979&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074821%2C44788442%2C44789779&oid=2&pvsid=857899531715694&tmod=2054775726&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.y48ed9rmbs8q&fsb=1&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 May 2023 10:18:55 GMT
IAS_PassbackAds_160x600.png
static.adsafeprotected.com/ Frame AA1F 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_160x600.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13340dfc25a96d245772fb41c7aa01c32723b80d8dd8240864b747610d2ff745

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
Ax9g4_p37qT.TuZCPzwZssuxM41dY1J7
date
Sat, 20 May 2023 02:40:25 GMT
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
545911
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
16777
last-modified
Fri, 18 Feb 2022 23:28:48 GMT
server
AmazonS3
etag
"eef84d4a7321b73260b41707db98756f"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
Svk4ZH4C9WkRiUxHZuAWwULjGX_RXviSSaW9QNXG-5JTnrzXkoktAg==
usync.html
eus.rubiconproject.com/ Frame 29FE 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 26 May 2023 10:18:55 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AA1F 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 May 2023 10:18:55 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7467 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C9ypRjodwZLHxBMb1gQfWkbjABbGejeZw997lhagR6Kq2lYsDEAEgwLKCa2CV4pCCoAegAe7tjI0pyAEJ4AIAqAMByAMKqgSBAk_QvRoTl6AIqrf9hCYEEojrxyyZB3MEcxG67lb3aTrd7dTqKoy-hpI_ZDCg7knuf6sWIfM-2fMKXaMUR22QSKhd2Z0S_F40F3ofc3icEYGEzzC8TlHNb4Zxx6eTp-F1JA3HGx0ZvhCBTqhSEtF1jKMjzLyxK2WtDczaT_Z4KVplKvg_5c56Rw4hLP9MHRo4ZMDvzelfGqtzwts0DNFgA8OOmdQWuQjXLkNTk9Vs2SVySi89pqlYhKbiroVwzWXNptvZGdWrPCG7YvWyKS4n9Gp_5wTZpJFjf2Ie6vixdVY9xRjY2qe_hHFVaFrFckmQRn8e60dvdI2Ub2zTpf8pzyVvwATWuJKCogTgBAGSBQQIBBgBkgUECAUYBKAGLoAH7qXd7AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDA0AHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt&sigh=JB7kbqLL-Fs&uach_m=[]&cid=CAQSOwBygQiDnfLNsUghptiFqImx1MUj1VDL1uNN2vHZsY_DFaBEWzsg5esxSWL0Cfhbma5dYlk21wcXWpkCGAE&template_id=5000&cbvp=2
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame E97E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CJARRjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoErgFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLWpuIj6hKhnvl3mC91bHPJVsBX1O4hmXqB_nwGlDjPzPGAb97PeyABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY1OTM1MjMyMTAwMTAxNTQYAA&sigh=Z0vbA6_H9KI&uach_m=[UACH]&cid=CAQSKQBygQiDQ26BUnGDEYvoHd9jFipZGEoJYo-a9Pmdhjic3ALLZTvdMtH7GAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334174&bpp=2&bdt=166&idt=372&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6910485774796&frm=8&ife=1&pv=1&ga_vid=1185872397.1685096335&ga_sid=1685096335&ga_hid=928252979&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074821%2C44788442%2C44789779&oid=2&pvsid=857899531715694&tmod=2054775726&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.y48ed9rmbs8q&fsb=1&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334174&bpp=2&bdt=166&idt=372&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6910485774796&frm=8&ife=1&pv=1&ga_vid=1185872397.1685096335&ga_sid=1685096335&ga_hid=928252979&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074821%2C44788442%2C44789779&oid=2&pvsid=857899531715694&tmod=2054775726&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.y48ed9rmbs8q&fsb=1&dtd=378
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 26 May 2023 10:18:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame E97E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1h0qq649c1w6kh5tn6p8xrmnpebmttwv6msyb8mevarg4hwrz0fkt0mcpsac3tg1skxnx8115ghqayppcqfq5dtb8ch71yhj5aeqdp5campmct380mnme71eftnnqbdkqwqtj9rfsh6mhtdw404zxh0g9wbqhfbzha77mtzpj27pg6zrwzge18t3f8fmake01q3tbq8dvmkd4xb5j7mnb8q58w6wpe31petjsbdvdwvjn6ekgthn1g96bmva3drg73wqye6wnbp5fxfx14d8ftb6vvayj917f8n520awnyvbp526syhznnzhnr2c0r8xn5djcdd96arx5t9m81chvj3kkc7etxsw85saqx4gbm99t4rkav23cvfgwj74z9e112amej0tcvdw6z45&b=ZHCHjgAJ5VgGdg1WAANzBOHvQsVaswkVRkUyUg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334174&bpp=2&bdt=166&idt=372&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6910485774796&frm=8&ife=1&pv=1&ga_vid=1185872397.1685096335&ga_sid=1685096335&ga_hid=928252979&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074821%2C44788442%2C44789779&oid=2&pvsid=857899531715694&tmod=2054775726&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.y48ed9rmbs8q&fsb=1&dtd=378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 May 2023 10:18:55 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame E7B9 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jx7tr9gnjt2ce9sxx27t5m6m5xj36qs142xsvc0mwqr1eymyn8s779p7ksp0y4tnvndjegm8jddw5w6dj8edag5vk3k7fdbe3gz45n6rxjk9b13nqppjrn5ejmph57acgb4mtwe3g499984s69c0k12y8xd76hfvfwhsj4e3zhqzz0jd8tqbs9p4k3z476cxagcae339a383x752dzw0sx4xemq2h2yzgp9j3y64s64bx87v37dtez5n2ct6qk9rpw1x6c8vz509eqmt270zqsvst4bwsrjhah5gsjz4wb99wznfdq2pxrbj4ktdt6asejjmqgpsdm4n7hw3z85fq92gnp0f3yrdzrjhqqatzd6grbn3c6d3dxn1yevk7m5qaffj91wtdwgznmeyhmwpt7t8zdavf520fa9frp775rps8fzj9zcvc39x676tvevpmd4cr92q8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%26client%3Dca-pub-6593523210010154%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334174&bpp=2&bdt=166&idt=372&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6910485774796&frm=8&ife=1&pv=1&ga_vid=1185872397.1685096335&ga_sid=1685096335&ga_hid=928252979&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074821%2C44788442%2C44789779&oid=2&pvsid=857899531715694&tmod=2054775726&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.y48ed9rmbs8q&fsb=1&dtd=378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4da3dd6839cad717ede663547aac45abaacd46b280c0293c1b307b75e37183c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cd546deaa9a9bc2-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:55 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 015F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334174&bpp=2&bdt=166&idt=372&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6910485774796&frm=8&ife=1&pv=1&ga_vid=1185872397.1685096335&ga_sid=1685096335&ga_hid=928252979&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074821%2C44788442%2C44789779&oid=2&pvsid=857899531715694&tmod=2054775726&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.y48ed9rmbs8q&fsb=1&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
85519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 10:33:36 GMT
etag
48472445140208031
expires
Fri, 26 May 2023 10:33:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 3C2E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CRkedjodwZM_wBIu4gAe847aIAtXgjP9p8efrrsAKz8makp4BEAEgwLKCa2CV4pCCoAegAb2vlf0DyAEJqQKyk_JsigSyPuACAKgDAcgDCqoE_gFP0Hm1-quXCprmswLd6gO0VOoncfpWSHdktz8T4HROFTIWQDyXFbbCG63TaxQc6Vl8w1MzYZrm6QEGZ6S9KChfp2FT9wwrVRB5jFqkVojd_aJfRbYqIBrzt8rkEvyE1JQbvsitHF-8OGNIt65MKOkxKl_50xMXqEH0VPjYbD5q3LlKHEK0uHUfkE_jwyO7oWK6fUbB8-Ru6_Zdt2B7zx0S5XzaL_FSR9EvC0gXpuplXpFOC4kuVm0g_j4ZDs9Zz89wgdtLH-jP5f3sKoPU2phUk-beq5aAMySbz2oxxxx3QN5HzufoSd0Sh7430acZ2mqZ69vK9WDodsuklYM3v8AE0N6rq6MB4AQBkgUECAQYAZIFBAgFGASgBi6AB6vQ6gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCBqgHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsBuBPkA9gTDYgUB9AVAZgWAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=l_Y1Sz1NvX8&uach_m=[]&cid=CAQSOwBygQiDnw3xXHC5oZYTAgGZmf5Vx--SVqfWxKRCgMPlzw--UEaeiILZA-7hRP3JY2ZIBeIN997ouuZGGAE&template_id=484&cbvp=2
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
publishertag.prebid.135.js
static.criteo.net/js/ld/ Frame 92DB 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 27 May 2023 10:18:55 GMT
usync.js
eus.rubiconproject.com/ Frame 29FE 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
20746a1f4ef8a9f91266c9444ba0b786a3c79c530077d55a1a74210bf874ba17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 10:18:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 May 2023 16:28:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=22105
Connection
keep-alive
Content-Length
10085
Expires
Fri, 26 May 2023 16:27:20 GMT
/
adv.office-partner.de/ Frame 7AE5 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=0501dcac20&subid=&uid=e787f7078c95c2e9&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYIKY53cTyueaEVzLf3V8cA%26exch_seat%3D20035004448%26mt_aid%3D5274643765139414494%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D1c5d6470-878e-4a01-91e8-46721305ae64%26mt_cid%3D1c5d6470-878e-4a01-91e8-46721305ae64%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCP4lkjodwZK7qBMeOgAf3m5voBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwGqBI0CT9AnoevuBKWx0oubYwQ01t8Cf3gyhRSu-awi96sj1Rw57m-uatw0Sidnp5ISTgtnoMm3sO4QYwL_Ql8MThrBVhUOq9aPShfUQNgx0u9Zse63ulWdeFF8wDifnVi1v-j0hqRzawt8HZrw1Niftu9cTKRXCIKam0mMWAZ9CU_BxdBwz6ZFyjCLejU2h0DSRLkuEyasN9azMzvqcY46Yiyix6Au1qDGmQDERloWbqJE6u7tueMggwswvTrA5924vflLSykmm--JoqCmd0Ma5ZqVMVNrZsiG4xPkE-MAz_JKTe1IQxQLW_HGmzY9afpNliuZai1gQ79f3fGC8eWb_XlPn3q_Sf_I8j5KQYeOEILgBAGABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1ewQPV9j1h2Shn8zF8bDlt8UqOaA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=3994178873109&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Fri, 26 May 2023 10:18:55 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Fri, 02 Jun 2023 10:18:55 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame 8697 		208 B
575 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=40778400054361700951395012336010&gdpr=1&gdpr_consent=li
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=0501dcac20&subid=&uid=e787f7078c95c2e9&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYIKY53cTyueaEVzLf3V8cA%26exch_seat%3D20035004448%26mt_aid%3D5274643765139414494%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D1c5d6470-878e-4a01-91e8-46721305ae64%26mt_cid%3D1c5d6470-878e-4a01-91e8-46721305ae64%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCP4lkjodwZK7qBMeOgAf3m5voBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwGqBI0CT9AnoevuBKWx0oubYwQ01t8Cf3gyhRSu-awi96sj1Rw57m-uatw0Sidnp5ISTgtnoMm3sO4QYwL_Ql8MThrBVhUOq9aPShfUQNgx0u9Zse63ulWdeFF8wDifnVi1v-j0hqRzawt8HZrw1Niftu9cTKRXCIKam0mMWAZ9CU_BxdBwz6ZFyjCLejU2h0DSRLkuEyasN9azMzvqcY46Yiyix6Au1qDGmQDERloWbqJE6u7tueMggwswvTrA5924vflLSykmm--JoqCmd0Ma5ZqVMVNrZsiG4xPkE-MAz_JKTe1IQxQLW_HGmzY9afpNliuZai1gQ79f3fGC8eWb_XlPn3q_Sf_I8j5KQYeOEILgBAGABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1ewQPV9j1h2Shn8zF8bDlt8UqOaA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=3994178873109&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
4d0dfbfb911e53aabc73510102a8fcbeedef5c9b06ce54b6de361899edc3bd22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
208
Content-Type
application/javascript; charset=utf-8
Date
Fri, 26 May 2023 10:18:55 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40027
X-IPLB-Request-ID
B9D59BA7:9A5E_91EFC182:01BB_6470878F_E999965:6DD9
htlp
futalis.de/ Frame 0E7A
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=40778400054361700951395012336010&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2750622502
350 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2750622502
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=0501dcac20&subid=&uid=e787f7078c95c2e9&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYIKY53cTyueaEVzLf3V8cA%26exch_seat%3D20035004448%26mt_aid%3D5274643765139414494%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D1c5d6470-878e-4a01-91e8-46721305ae64%26mt_cid%3D1c5d6470-878e-4a01-91e8-46721305ae64%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCP4lkjodwZK7qBMeOgAf3m5voBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwGqBI0CT9AnoevuBKWx0oubYwQ01t8Cf3gyhRSu-awi96sj1Rw57m-uatw0Sidnp5ISTgtnoMm3sO4QYwL_Ql8MThrBVhUOq9aPShfUQNgx0u9Zse63ulWdeFF8wDifnVi1v-j0hqRzawt8HZrw1Niftu9cTKRXCIKam0mMWAZ9CU_BxdBwz6ZFyjCLejU2h0DSRLkuEyasN9azMzvqcY46Yiyix6Au1qDGmQDERloWbqJE6u7tueMggwswvTrA5924vflLSykmm--JoqCmd0Ma5ZqVMVNrZsiG4xPkE-MAz_JKTe1IQxQLW_HGmzY9afpNliuZai1gQ79f3fGC8eWb_XlPn3q_Sf_I8j5KQYeOEILgBAGABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1ewQPV9j1h2Shn8zF8bDlt8UqOaA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=3994178873109&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.14.134 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Fri, 26 May 2023 10:18:55 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2750622502
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
link.html
track.webgains.com/ Frame 1A78 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=40778400054361700951395012336010&nw=1
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.209.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-209-175.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e8f2c25d056ce99bbb20bb7a26c8678552f3cf546388b89487f932e2bceac244

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
last-modified
Fri, 26 May 2023 10:18:55 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 26 May 2023 10:19:55 GMT
request_content.php
hal900010.redintelligence.net/ Frame 65EB 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request_content.php?s=40778400054361700951395012336010&a=a53b8c18
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=0501dcac20&subid=&uid=e787f7078c95c2e9&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYIKY53cTyueaEVzLf3V8cA%26exch_seat%3D20035004448%26mt_aid%3D5274643765139414494%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D1c5d6470-878e-4a01-91e8-46721305ae64%26mt_cid%3D1c5d6470-878e-4a01-91e8-46721305ae64%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCP4lkjodwZK7qBMeOgAf3m5voBc-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwGqBI0CT9AnoevuBKWx0oubYwQ01t8Cf3gyhRSu-awi96sj1Rw57m-uatw0Sidnp5ISTgtnoMm3sO4QYwL_Ql8MThrBVhUOq9aPShfUQNgx0u9Zse63ulWdeFF8wDifnVi1v-j0hqRzawt8HZrw1Niftu9cTKRXCIKam0mMWAZ9CU_BxdBwz6ZFyjCLejU2h0DSRLkuEyasN9azMzvqcY46Yiyix6Au1qDGmQDERloWbqJE6u7tueMggwswvTrA5924vflLSykmm--JoqCmd0Ma5ZqVMVNrZsiG4xPkE-MAz_JKTe1IQxQLW_HGmzY9afpNliuZai1gQ79f3fGC8eWb_XlPn3q_Sf_I8j5KQYeOEILgBAGABqqbquOu2pKTuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1ewQPV9j1h2Shn8zF8bDlt8UqOaA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=3994178873109&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
453017d4b5ea1bc4846b6e5870e3cedd28c18ff84980dcfc603c754e045967d8

Request headers

Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2043
Content-Type
text/html; charset=utf-8
Date
Fri, 26 May 2023 10:18:55 GMT
Expires
Fri, 26 May 2023 11:18:55 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
native.png
ad-server.eu/wm/pb/ Frame 1A78
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=40778400054361700951395012336010&gdpr=1&gdpr_consent=li
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=40778400054361700951395012336010&gdpr=1&gdpr_consent=li
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
54.76.176.197 -, , ASN (),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 10:20:51 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Fri, 26 May 2023 10:18:55 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA7:9A60_91EFC182:01BB_6470878F_E9F923F:E32E
X-IPLB-Instance
40028
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js
pagead2.googlesyndication.com/bg/ Frame 5B81 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 02:30:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
114534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14642
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 May 2024 02:30:01 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3D65 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
85519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 10:33:36 GMT
etag
48472445140208031
expires
Fri, 26 May 2023 10:33:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1A78 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc23ef254280069e024f0318d91f2ce893c07b791d723204f216e97dcea17fd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 65EB 		5 KB
778 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=40778400054361700951395012336010&a=a53b8c18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
30ece5ac4e330eb0d7d2f0ff3096f914def5a156abfd9f6f0352d03bcf40311b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 May 2023 09:31:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 May 2023 10:18:55 GMT
/
hal9000.redintelligence.net/scale/ Frame 65EB 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=40778400054361700951395012336010&a=a53b8c18
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e32543d850c4dfe8d1cf2d5a0e716e266e5e8ccfa461b3329ee70e6e206ecb0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 10:18:55 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
25830
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 65EB 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=40778400054361700951395012336010&a=a53b8c18
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
5139871bdaf62c0f8f1b9088170a2e22dcebf41492144a051c334bea51bfa303

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 10:18:55 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
27134
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 65EB 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=40778400054361700951395012336010&a=a53b8c18
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
f418c90796a3e7228caf65dc113102278b510dff1c044b4bc41be04ae8981a45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 10:18:55 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
20627
Vary
Accept-Encoding
Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame E7B9 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jx7tr9gnjt2ce9sxx27t5m6m5xj36qs142xsvc0mwqr1eymyn8s779p7ksp0y4tnvndjegm8jddw5w6dj8edag5vk3k7fdbe3gz45n6rxjk9b13nqppjrn5ejmph57acgb4mtwe3g499984s69c0k12y8xd76hfvfwhsj4e3zhqzz0jd8tqbs9p4k3z476cxagcae339a383x752dzw0sx4xemq2h2yzgp9j3y64s64bx87v37dtez5n2ct6qk9rpw1x6c8vz509eqmt270zqsvst4bwsrjhah5gsjz4wb99wznfdq2pxrbj4ktdt6asejjmqgpsdm4n7hw3z85fq92gnp0f3yrdzrjhqqatzd6grbn3c6d3dxn1yevk7m5qaffj91wtdwgznmeyhmwpt7t8zdavf520fa9frp775rps8fzj9zcvc39x676tvevpmd4cr92q8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jx7tr9gnjt2ce9sxx27t5m6m5xj36qs142xsvc0mwqr1eymyn8s779p7ksp0y4tnvndjegm8jddw5w6dj8edag5vk3k7fdbe3gz45n6rxjk9b13nqppjrn5ejmph57acgb4mtwe3g499984s69c0k12y8xd76hfvfwhsj4e3zhqzz0jd8tqbs9p4k3z476cxagcae339a383x752dzw0sx4xemq2h2yzgp9j3y64s64bx87v37dtez5n2ct6qk9rpw1x6c8vz509eqmt270zqsvst4bwsrjhah5gsjz4wb99wznfdq2pxrbj4ktdt6asejjmqgpsdm4n7hw3z85fq92gnp0f3yrdzrjhqqatzd6grbn3c6d3dxn1yevk7m5qaffj91wtdwgznmeyhmwpt7t8zdavf520fa9frp775rps8fzj9zcvc39x676tvevpmd4cr92q8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%26client%3Dca-pub-6593523210010154%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
326378
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZL5XdO%2BHuyyoAzlv%2BtRIwnxxP9ryfJogYWlIL1Dp7IDgeh2iMufFGgF7McnSLENa63ZJLdsd2KjmTlNzRoojXE0NwXkqqYn18gVqkO7Vi9fh0cgx8pKXld78MXeUfx7DwXBE1zg5JI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cd546df1b169bc2-FRA
expires
Fri, 26 May 2023 11:18:55 GMT
r62eglto.js
ad4m.at/ Frame E7B9 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jx7tr9gnjt2ce9sxx27t5m6m5xj36qs142xsvc0mwqr1eymyn8s779p7ksp0y4tnvndjegm8jddw5w6dj8edag5vk3k7fdbe3gz45n6rxjk9b13nqppjrn5ejmph57acgb4mtwe3g499984s69c0k12y8xd76hfvfwhsj4e3zhqzz0jd8tqbs9p4k3z476cxagcae339a383x752dzw0sx4xemq2h2yzgp9j3y64s64bx87v37dtez5n2ct6qk9rpw1x6c8vz509eqmt270zqsvst4bwsrjhah5gsjz4wb99wznfdq2pxrbj4ktdt6asejjmqgpsdm4n7hw3z85fq92gnp0f3yrdzrjhqqatzd6grbn3c6d3dxn1yevk7m5qaffj91wtdwgznmeyhmwpt7t8zdavf520fa9frp775rps8fzj9zcvc39x676tvevpmd4cr92q8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
320121
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yob4KJJ7UWPK0Zw7zGrMQ87KWgF8G2h4QrieM6zugrYxSm7Z2d3gbn8viLinMeAJzd18OR8dWXGeEZv5W%2FxNG4Qm6HAPSmi77K6Whwv2%2BO8YbOpuuT8V3gKsdvYT40XFMk9Ja4o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7cd546df2b4d9bc2-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 May 2023 13:46:07 GMT
truncated
/ Frame AA1F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ceecb5269ddf6bbf497d87779ce3edd64050b5f475985ff1239bbc0a47355a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E97E 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d1f0c367645f186a25d18d9ddfbaa22bdadb69781e34d6aa0786d5b70878966

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame 92DB 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685096333184&userId=vnetc294117e-8508-46bf-9303-232e5aca3885
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 26 May 2023 10:18:55 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
dpixel
cms.quantserve.com/ Frame 015F 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEItm0Bjg0qIw-1a2Igh18FI&google_cver=1&google_push=ATf1kGMj_bNAPoctJdyVv8EskxZIIL_IQkMUTc6doqki96vWOI4e6Y6_aVWlx-d9rWM_lqXyP78BkNBqqIfg6O7J4DsWQWhXGaOzeA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334174&bpp=2&bdt=166&idt=372&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6910485774796&frm=8&ife=1&pv=1&ga_vid=1185872397.1685096335&ga_sid=1685096335&ga_hid=928252979&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074821%2C44788442%2C44789779&oid=2&pvsid=857899531715694&tmod=2054775726&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.y48ed9rmbs8q&fsb=1&dtd=378
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 015F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEE2movsbcqonKqDeKq9t_qk&google_cver=1&google_push=ATf1kGPKLs0WYP5ZI4f6jcHJ2389OvFy-8fmaDycwlo0FXotMb1j86xtjWvnsUGqOxzJ6io2QbvoBfYAn4JXKskUHjS7Dpj3MjlvG...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE2movsbcqonKqDeKq9t_qk&google_cver=1&google_push=ATf1kGPKLs0WYP5ZI4f6jcHJ2389OvFy-8fmaDycwlo0FXotMb1j86xtjWvnsUGqOxzJ6io2QbvoBfYAn4JXKskUHjS7Dpj3Mjl...
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE2movsbcqonKqDeKq9t_qk&google_cver=1&google_push=ATf1kGPKLs0WYP5ZI4f6jcHJ2389OvFy-8fmaDycwlo0FXotMb1j86xtjWvnsUGqOxzJ6io2QbvoBfYAn4JXKskUHjS7Dpj3MjlvGA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPKLs0WYP5ZI4f6jcHJ2389OvFy-8fmaDycwlo0FXotMb1j86xtjWvnsUGqOxzJ6io2QbvoBfYAn4JXKskUHjS7Dpj3MjlvGA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334174&bpp=2&bdt=166&idt=372&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6910485774796&frm=8&ife=1&pv=1&ga_vid=1185872397.1685096335&ga_sid=1685096335&ga_hid=928252979&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074821%2C44788442%2C44789779&oid=2&pvsid=857899531715694&tmod=2054775726&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.y48ed9rmbs8q&fsb=1&dtd=378
Protocol
H2
Server
2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7cd546e0fef71cc3-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
769
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE2movsbcqonKqDeKq9t_qk&google_cver=1&google_push=ATf1kGPKLs0WYP5ZI4f6jcHJ2389OvFy-8fmaDycwlo0FXotMb1j86xtjWvnsUGqOxzJ6io2QbvoBfYAn4JXKskUHjS7Dpj3MjlvGA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPKLs0WYP5ZI4f6jcHJ2389OvFy-8fmaDycwlo0FXotMb1j86xtjWvnsUGqOxzJ6io2QbvoBfYAn4JXKskUHjS7Dpj3MjlvGA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7cd546dfad981cc3-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 015F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHORGkl14n2dc-49u_kVlxo&google_cver=1&google_push=ATf1kGOArKScOYrnZF7_MdP_cfpg2PgWdIc98gu2tEbRvx58-0_Pv2x-pSGcY16scDDhhG-2YuO6Fdcl...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHORGkl14n2dc-49u_kVlxo&google_cver=1&google_push=ATf1kGOArKScOYrnZF7_MdP_cfpg2PgWdIc98gu2tEbRvx58-0_Pv2x-pSGcY16scDDhhG-2YuO...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzczMzAzNjg5NTU3MTkxMDkxMw&google_push=ATf1kGOArKScOYrnZF7_MdP_cfpg2PgWdIc98gu2tEbRvx58-0_Pv2x-pSGcY16scDDhhG-2YuO6Fd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzczMzAzNjg5NTU3MTkxMDkxMw&google_push=ATf1kGOArKScOYrnZF7_MdP_cfpg2PgWdIc98gu2tEbRvx58-0_Pv2x-pSGcY16scDDhhG-2YuO6FdclYm1erlkwcLfWHOEV-wa3DQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334174&bpp=2&bdt=166&idt=372&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6910485774796&frm=8&ife=1&pv=1&ga_vid=1185872397.1685096335&ga_sid=1685096335&ga_hid=928252979&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074821%2C44788442%2C44789779&oid=2&pvsid=857899531715694&tmod=2054775726&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.y48ed9rmbs8q&fsb=1&dtd=378
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzczMzAzNjg5NTU3MTkxMDkxMw&google_push=ATf1kGOArKScOYrnZF7_MdP_cfpg2PgWdIc98gu2tEbRvx58-0_Pv2x-pSGcY16scDDhhG-2YuO6FdclYm1erlkwcLfWHOEV-wa3DQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 015F 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgdzR8nCxbNLzefxd-Op9WpB9L_kXeTTLkgY8BvVJjtw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334174&bpp=2&bdt=166&idt=372&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6910485774796&frm=8&ife=1&pv=1&ga_vid=1185872397.1685096335&ga_sid=1685096335&ga_hid=928252979&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31074821%2C44788442%2C44789779&oid=2&pvsid=857899531715694&tmod=2054775726&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.y48ed9rmbs8q&fsb=1&dtd=378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gtm.js
www.googletagmanager.com/ Frame 7AE5 		110 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb611ec57f286c5d9d3cfeee91c08d81d68ac630f80bd81e53f465ba5336c9f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43296
x-xss-protection
0
last-modified
Fri, 26 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 26 May 2023 10:18:55 GMT
ts.js
cdn.retailads.net/ Frame 0E7A 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2750622502
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
current
dclk-match.dotomi.com/match/bounce/ Frame 3D65 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAXQJPuxOIP91sjuiWl3k1Y&google_cver=1&google_push=ATf1kGMe1F7rVJYpWPIjFJ3vLAd4gLKgFHO1tnfQ9k2w0D1V2jPNPbAGTAmAiQ4-O7_NEn8SR0FR2ldB-XpTrvHPwdtdd6h3jEMc
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame 3D65 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBAaCmx9mmn78vZMkhC2J7I&google_cver=1&google_push=ATf1kGPS1fJGHTQ6j8TPStlxzwIe6tGa-U7TfoQ69VVmCrUOiby7WXwmAJBK7hpjkQMAZDdpyTJujISI9MV9NNGz54LplozABIA
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 3D65
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM6QQX-bXFrCKEPNFTFQnqY&google_cver=1&google_push=ATf1kGOcK64u1nibIb4DgbLvLu1TK2UXD-uaDf0cPaYCoHxU2XLF4fnXXPH7oZETg2OaAxySIgywDKls...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM6QQX-bXFrCKEPNFTFQnqY&google_cver=1&google_push=ATf1kGOcK64u1nibIb4DgbLvLu1TK2UXD-uaDf0cPaYCoHxU2XLF4fnXXPH7oZETg2OaAxySIgy...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjczNzI1NDE5NTAzNzkwMjU0Ng&google_push=ATf1kGOcK64u1nibIb4DgbLvLu1TK2UXD-uaDf0cPaYCoHxU2XLF4fnXXPH7oZETg2OaAxySIgywDK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjczNzI1NDE5NTAzNzkwMjU0Ng&google_push=ATf1kGOcK64u1nibIb4DgbLvLu1TK2UXD-uaDf0cPaYCoHxU2XLF4fnXXPH7oZETg2OaAxySIgywDKlsipsSHwRaIN8YMKjHAfka
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjczNzI1NDE5NTAzNzkwMjU0Ng&google_push=ATf1kGOcK64u1nibIb4DgbLvLu1TK2UXD-uaDf0cPaYCoHxU2XLF4fnXXPH7oZETg2OaAxySIgywDKlsipsSHwRaIN8YMKjHAfka
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 3D65
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOonFeLvEtKaCnBMUYxHYCw&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOonFeLvEtKaCnBMUYxHYCw&google_push=AT...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOonFeLvEtKaCnBMUYxHYCw&google_hm=ZHCHj7a6V87YAuId5iD_IQAADLEAAAIB&google_nid=index&google_push=ATf1kGMn8TJZ6keWEdp4vg1KEHCtBtBYKc53S...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOonFeLvEtKaCnBMUYxHYCw&google_hm=ZHCHj7a6V87YAuId5iD_IQAADLEAAAIB&google_nid=index&google_push=ATf1kGMn8TJZ6keWEdp4vg1KEHCtBtBYKc53SWrsRR1s2vwipt8IVwuZbyiN9LNtTol_FFWAMc3ZjSqSjDX_1_DCSXB045HLPhB8
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 May 2023 10:18:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOonFeLvEtKaCnBMUYxHYCw&google_hm=ZHCHj7a6V87YAuId5iD_IQAADLEAAAIB&google_nid=index&google_push=ATf1kGMn8TJZ6keWEdp4vg1KEHCtBtBYKc53SWrsRR1s2vwipt8IVwuZbyiN9LNtTol_FFWAMc3ZjSqSjDX_1_DCSXB045HLPhB8
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3D65
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEG9mJHVhlvOeoijiFg_OR9E&google_cver=1&google_push=ATf1kGOzJId_I1MJcpk6vYIwJPbI3mmUnZtMBfdvOhYe95iKKRwC8Ip1Akcyw3ORvovH3VqkQqNZY-O3L4NUvJQY4WgF5h...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEG9mJHVhlvOeoijiFg_OR9E&google_cver=1&google_push=ATf1kGOzJId_I1MJcpk6vYIwJPbI3mmUnZtMBfdvOhYe95iKKRwC8Ip1Akcyw3ORvovH3VqkQqNZY-O3L4NUvJQY...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mPLUF-M4RySjvfk28q4vxQ&google_push=ATf1kGOzJId_I1MJcpk6vYIwJPbI3mmUnZtMBfdvOhYe95iKKRwC8Ip1Akcyw3ORvovH3VqkQqNZY-O3L4NUvJQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mPLUF-M4RySjvfk28q4vxQ&google_push=ATf1kGOzJId_I1MJcpk6vYIwJPbI3mmUnZtMBfdvOhYe95iKKRwC8Ip1Akcyw3ORvovH3VqkQqNZY-O3L4NUvJQY4WgF5h1Nrb1n
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mPLUF-M4RySjvfk28q4vxQ&google_push=ATf1kGOzJId_I1MJcpk6vYIwJPbI3mmUnZtMBfdvOhYe95iKKRwC8Ip1Akcyw3ORvovH3VqkQqNZY-O3L4NUvJQY4WgF5h1Nrb1n
access-control-allow-origin
*
date
Fri, 26 May 2023 10:18:55 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 3D65
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAvG5DF2p4D93jU9X_khwiY&google_cver=1&google_push=ATf1kGNQjABFkOaB-jEO-OzMZPfdeBB6GRztWOHV_Xv_HplS3Jm0o1ph40hKOK1HEDLuyI-dOL...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAvG5DF2p4D93jU9X_khwiY&google_cver=1&google_push=ATf1kGNQjABFkOaB-jEO-OzMZPfdeBB6GRztWOHV_Xv_HplS3Jm0o1ph40hKOK1HEDLuyI-dOL...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mWmFCRkIxRTJ1R0szdWc3d1BwMlZqVnJJZmFtMm1LS35B&google_push=ATf1kGNQjABFkOaB-jEO-OzMZPfdeBB6GRztWOHV_Xv_HplS3Jm0o1ph4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mWmFCRkIxRTJ1R0szdWc3d1BwMlZqVnJJZmFtMm1LS35B&google_push=ATf1kGNQjABFkOaB-jEO-OzMZPfdeBB6GRztWOHV_Xv_HplS3Jm0o1ph40hKOK1HEDLuyI-dOLRbvUQiYAZQvrS5lb8uQlH5IGzLcw
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mWmFCRkIxRTJ1R0szdWc3d1BwMlZqVnJJZmFtMm1LS35B&google_push=ATf1kGNQjABFkOaB-jEO-OzMZPfdeBB6GRztWOHV_Xv_HplS3Jm0o1ph40hKOK1HEDLuyI-dOLRbvUQiYAZQvrS5lb8uQlH5IGzLcw
date
Fri, 26 May 2023 10:18:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
report
sync.teads.tv/um/ Frame 3D65
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAS18eI7ndu0sMnfYHxRG5Y&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGMuHFYeSTfEP_BCXZKsH2GSjgDqJMZZzVuMSMIdGmOpQMfYoEjJ9vS0h3Gk58dOWipzoh2eyaNilJ9XQUfquzKLZkszZdF9cQ
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
104.102.35.84 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Fri, 26 May 2023 10:18:55 GMT
pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3D65 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JRz76BJj4iiHfviVNbtu0CauxzbLc-iaBRkBKDy-h-Jt0MkxEcC94tPpRn0oGqCCkfOC0_Ens
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 92DB 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 27 May 2023 10:18:55 GMT
viewability
hal900010.redintelligence.net/ Frame 65EB 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/viewability?s=40778400054361700951395012336010&a=978c8f4a&vb=m
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=40778400054361700951395012336010&a=a53b8c18
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/request_content.php?s=40778400054361700951395012336010&a=a53b8c18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 10:18:55 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
dt
dt.adsafeprotected.com/ Frame AA1F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=94a131fa-d10e-8063-ab9e-fdbd6f30e251&tv=%7Bc:dIm1HP,pingTime:0,time:604,type:pf,im:%7Bpci:%7Btdr:548%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:21%7D,%7Bpiv:100,vs:i,r:,t:604%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:604,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B597~0%5D,as:%5B597~160.600%5D%7D%7D,%7Bsl:i,t:604,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tFmcuxv+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C117*.1352960-69587979%7C1171%7C118%7C119%7C11a%7C11b%7C11c,idMap:117*,rmeas:1,rend:1,renddet:IMG.qs,siq:22,sis:317%7D&br=c
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame F889 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334698&bpp=1&bdt=302&idt=377&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3158054665860&frm=8&ife=1&pv=1&ga_vid=313650823.1685096335&ga_sid=1685096335&ga_hid=624338477&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074869%2C44788442%2C44789923&oid=2&pvsid=3659434229855259&tmod=909151483&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n6f0gnnu4uru&fsb=1&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:30:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
6519
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Jun 2023 08:30:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame F889 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334698&bpp=1&bdt=302&idt=377&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3158054665860&frm=8&ife=1&pv=1&ga_vid=313650823.1685096335&ga_sid=1685096335&ga_hid=624338477&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074869%2C44788442%2C44789923&oid=2&pvsid=3659434229855259&tmod=909151483&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n6f0gnnu4uru&fsb=1&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 14:12:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
72358
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7987
x-xss-protection
0
server
cafe
etag
5788035530912182302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 14:12:57 GMT
l
www.google.com/ads/measurement/ Frame F889 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSVi62HTyOPtMyDU3rTFrv2W1dFmjfbUh4ZF2nCVI_P-Zg1D_TMsl-Xs7gBWBI_K1l5XD7Nupr0eGEy7a3ifM77c_wPWQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334698&bpp=1&bdt=302&idt=377&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3158054665860&frm=8&ife=1&pv=1&ga_vid=313650823.1685096335&ga_sid=1685096335&ga_hid=624338477&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074869%2C44788442%2C44789923&oid=2&pvsid=3659434229855259&tmod=909151483&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n6f0gnnu4uru&fsb=1&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F889 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334698&bpp=1&bdt=302&idt=377&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3158054665860&frm=8&ife=1&pv=1&ga_vid=313650823.1685096335&ga_sid=1685096335&ga_hid=624338477&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074869%2C44788442%2C44789923&oid=2&pvsid=3659434229855259&tmod=909151483&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n6f0gnnu4uru&fsb=1&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 May 2023 10:18:55 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 65EB 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900010.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 03:23:58 GMT
x-content-type-options
nosniff
age
24897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 May 2024 03:23:58 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 65EB 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900010.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 17:12:56 GMT
x-content-type-options
nosniff
age
61559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 May 2024 17:12:56 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F889 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CccARj4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTSAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyyxr92mkghxDO-P1pmHB2kZaWLsEhjMFx7WoE9PJQ5DpgL6b-vtz4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjU5MzUyMzIxMDAxMDE1NBgA&sigh=SiGUew9Kp6A&uach_m=[UACH]&cid=CAQSKQBygQiDt3XAupjgW9ITFbsvT8nJ2ODHISsVEDyy9QhUfE4Ez5Dzc8MaGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334698&bpp=1&bdt=302&idt=377&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3158054665860&frm=8&ife=1&pv=1&ga_vid=313650823.1685096335&ga_sid=1685096335&ga_hid=624338477&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074869%2C44788442%2C44789923&oid=2&pvsid=3659434229855259&tmod=909151483&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n6f0gnnu4uru&fsb=1&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334698&bpp=1&bdt=302&idt=377&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3158054665860&frm=8&ife=1&pv=1&ga_vid=313650823.1685096335&ga_sid=1685096335&ga_hid=624338477&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074869%2C44788442%2C44789923&oid=2&pvsid=3659434229855259&tmod=909151483&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n6f0gnnu4uru&fsb=1&dtd=381
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 26 May 2023 10:18:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame F889 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1knv4vgg7y5n3ea800dgjzthr4by6cmf1ajsc0h9bnymf9m3xxc86244q2764q4ey8nqxhcj1cz0fkzrnwvh04d5vpsvwvgka3y51sm20pen4yfw6wfhd9casjy5w6q1makykpvrv33bbevw4gphxj3v7bypz7c03f05fg7hykdmc7mrpb8mv2tm37gw1f9wmjqe5mvfdkzstx1n6gtn8bfey5n2f9c42gd7tzcvt9mphc1kbkcb90fxxx3a3mxsgv2f0dydfajj6frt74x2gqdj0zk3z3gxndy4an64j13tb2pvhj1j0kwndep7k1qp83qwbgp2emctcnvqz1v3p8r40st5yjr06ajwrmgr2zfv2v86e1ndn1da1t6r8424vj71cev8ba2xmm1v&b=ZHCHjwAB1-0KsuKYAAHkXW7KhlYmL5hnQVQI8A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334698&bpp=1&bdt=302&idt=377&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3158054665860&frm=8&ife=1&pv=1&ga_vid=313650823.1685096335&ga_sid=1685096335&ga_hid=624338477&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074869%2C44788442%2C44789923&oid=2&pvsid=3659434229855259&tmod=909151483&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n6f0gnnu4uru&fsb=1&dtd=381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 May 2023 10:18:55 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 56ED 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hwjq04z8gjcgvze10r21wer768tvw7ey4n607d3x05b6eqadz7js3rfw521e36x6hhtq2m0b10s2w514wy70f7h91bcqca520p9wpaq5pp44arevscpbrvk3cmbhtdj1cfyvwkc0xtx6ckwsgesnshatpcm2yq4chdm96hszkv9stxyfad43sxtq6ykcn34g12exeyad7dhayhqv9kpqqfe6p8wtxppnxpx0kj5ser401wrj90ncf3zzbawdqnjme7m77061s2xqxg1myxe95z3q07dwzn28eb6qsp94pxkcfv465zg0z1bc43qkd976thtbesszgv3ch6xdtkarabq5qhetkk4p00v47e29p5nwfkcm9dy68h6mjmd96rnxfq72pyqywv7xxkfkkjr4pstmq4gx7ecn5tsxyt7as9sk041jb8twyrxsj6cx1dp33m2jeapj8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%26client%3Dca-pub-6593523210010154%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334698&bpp=1&bdt=302&idt=377&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3158054665860&frm=8&ife=1&pv=1&ga_vid=313650823.1685096335&ga_sid=1685096335&ga_hid=624338477&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074869%2C44788442%2C44789923&oid=2&pvsid=3659434229855259&tmod=909151483&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n6f0gnnu4uru&fsb=1&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
523512f2e363d1107d87f20e8ea2ca07e0aff96e957a60bab786e574c2aa91b4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cd546e08905199b-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:55 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6273 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334698&bpp=1&bdt=302&idt=377&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3158054665860&frm=8&ife=1&pv=1&ga_vid=313650823.1685096335&ga_sid=1685096335&ga_hid=624338477&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074869%2C44788442%2C44789923&oid=2&pvsid=3659434229855259&tmod=909151483&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n6f0gnnu4uru&fsb=1&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
85519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 May 2023 10:33:36 GMT
etag
48472445140208031
expires
Fri, 26 May 2023 10:33:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame E7B9 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1171
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slv4tJbNg%2FU7F%2FQqxUhVdpzSVyQET6a6ohU0uoI6L%2Be1TBXLwrt3Nvt5Z0KncqqiRmlj0daapqJJ2wC0HkotLbAaWAvuclylPStnZB5Lo1LNpoVGrxGsfzpLrraib1hh4SkCY0MRlFh4O7mx%2BuGqzs%2FQ"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7cd546e1de3c9a3b-FRA
expires
Fri, 26 May 2023 10:20:58 GMT
pvClk.min.js
analytics.webgains.io/ Frame 1A78 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=40778400054361700951395012336010&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 07:31:18 GMT
content-encoding
gzip
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
43851
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
s2is6hNk9n0Io1NJNZg2hdgHVE7lrgt6FpQAqYgXtTXUQhVv1wdplw==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame 1A78 		85 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1685096635&Signature=KGCbbVnYwraYT6hhoC628JWiKe6jLw5BQ1N6xxBsYnHiprISye8T2hRa7k7TW7CeQ2Z3Q6LF-2I~9b0CvdAOcyWTX6KRnWyKeZicaEJshwneaiDAF5qnKulR66GmnuK7kh6fllrx~Wh98DbFyfj-rpj8juozFk3UH-MMypUdcHooa-Qef~2sifXAHWMSxGtuZmlRovtbC18rFFwkvMaaPRDRA6vswFfV9wFVou6M1z1f77ZXqM0ZRojtpVvCWd~2-wqHAMaH7Zqi4sgUf9rKyJ3om41WnE6hQfV~DvRYp4KHNUJlt47VCOhZDKVQg0rqQxCxZcwGDrTwRXVmeulGfg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
URL: https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 26 May 2023 03:12:11 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
25605
etag
"70af33d70b6810475aae19743c8c435b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
JyW-FJ-5a2h1mgH9Z4bvG7X3HzY035qnUjTvt8o267B_kWD_VxQf5A==
dt
dt.adsafeprotected.com/ Frame AA1F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=94a131fa-d10e-8063-ab9e-fdbd6f30e251&tv=%7Bc:dIm1Ji,pingTime:-10,time:695,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi4xMjYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1685096335468%7C%7C4bead0d6dc8513dc6c303824637e66bf%7C%7Ce680db45f58fb4c44533cfaed40b3e29%7C%7C15403229abe80ae76e3e2892b2fa2b18%7C%7Cc4ec00d31918bded6ea9ab0447d20a6f%7C%7Cfb6bc446185e778e0eea0a0e5769d075%7C%7C05d79500ad96970e0fbf36287ea089da%7C%7Ce541d79652c7c3d9fb0cfe2b16db8cb5%7C%7C1663701684%7D
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
server
nginx
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
frame.html
ad4m.at/ Frame 4C4D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2495824
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7cd546e1cad7199b-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 26 May 2023 10:18:55 GMT
expires
Thu, 30 Mar 2023 21:56:13 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJ1kXCLprgyWyEIbj9EXgmtRxsnQQeyBQWeVnj6cLhKVB%2BpBaPm%2BCGG7gsLIQ46jh5VGz9Z%2F88nUP8zxMjXbG84rCwLI6SCkrUpwsbr3MZDIrkAZNUOwXHTarHlbHO6mFp0ADC8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 29FE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=t2Ln3nK3Q9Sx-Loz5Jq45A&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=t2Ln3nK3Q9Sx-Loz5Jq45A
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=t2Ln3nK3Q9Sx-Loz5Jq45A
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Server
52.46.151.131 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 May 2023 10:18:56 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6RDX367JP10X602A3PKJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=t2Ln3nK3Q9Sx-Loz5Jq45A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 29FE
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7tu_w5uTRVmVCCir61AyEg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=7tu_w5uTRVmVCCir61AyEg
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=7tu_w5uTRVmVCCir61AyEg
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Server
52.95.125.22 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 May 2023 10:18:56 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4W9YNP011GTG2CZ1DDJ1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=7tu_w5uTRVmVCCir61AyEg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 29FE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDYyOTY0OThhNzAxZDU2MTMzM2RiY2EzYjBmYzM0MzNkMGQ0MWQyNg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDYyOTY0OThhNzAxZDU2MTMzM2RiY2EzYjBmYzM0MzNkMGQ0MWQyNg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDYyOTY0OThhNzAxZDU2MTMzM2RiY2EzYjBmYzM0MzNkMGQ0MWQyNg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 29FE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI4EUKI4-A-69TX
0
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI4EUKI4-A-69TX
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: B6B88146C69349458DD236F87CB8B814 Ref B: FRAEDGE1312 Ref C: 2023-05-26T10:18:55Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX8lhCDKm4CpLQArsJSiw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI4EUKI4-A-69TX
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 29FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFQiWF4aNiXB8vHMJ47LFmw&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFQiWF4aNiXB8vHMJ47LFmw&google_cver=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFQiWF4aNiXB8vHMJ47LFmw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 29FE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/o9oYpT_0HxQr1Cz5WVs2vQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-419N31tE2oIBMfr.FsOVzT1_k9vtnjl4AdNYJA--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-419N31tE2oIBMfr.FsOVzT1_k9vtnjl4AdNYJA--~A
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 26 May 2023 10:18:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-419N31tE2oIBMfr.FsOVzT1_k9vtnjl4AdNYJA--~A
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 29FE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 29FE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEk0RVVLSTQtQS02OVRY
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDC8r5Ww1xkgLKQ7DG08aS0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEk0RVVLSTQtQS02OVRY&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEk0RVVLSTQtQS02OVRY&google_push=
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEk0RVVLSTQtQS02OVRY&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
truncated
/ Frame F889 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cdbaa7b77e0582b42a087f5e875f40107aed8c1b8e6f376777e82396b8368ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 56ED 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hwjq04z8gjcgvze10r21wer768tvw7ey4n607d3x05b6eqadz7js3rfw521e36x6hhtq2m0b10s2w514wy70f7h91bcqca520p9wpaq5pp44arevscpbrvk3cmbhtdj1cfyvwkc0xtx6ckwsgesnshatpcm2yq4chdm96hszkv9stxyfad43sxtq6ykcn34g12exeyad7dhayhqv9kpqqfe6p8wtxppnxpx0kj5ser401wrj90ncf3zzbawdqnjme7m77061s2xqxg1myxe95z3q07dwzn28eb6qsp94pxkcfv465zg0z1bc43qkd976thtbesszgv3ch6xdtkarabq5qhetkk4p00v47e29p5nwfkcm9dy68h6mjmd96rnxfq72pyqywv7xxkfkkjr4pstmq4gx7ecn5tsxyt7as9sk041jb8twyrxsj6cx1dp33m2jeapj8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hwjq04z8gjcgvze10r21wer768tvw7ey4n607d3x05b6eqadz7js3rfw521e36x6hhtq2m0b10s2w514wy70f7h91bcqca520p9wpaq5pp44arevscpbrvk3cmbhtdj1cfyvwkc0xtx6ckwsgesnshatpcm2yq4chdm96hszkv9stxyfad43sxtq6ykcn34g12exeyad7dhayhqv9kpqqfe6p8wtxppnxpx0kj5ser401wrj90ncf3zzbawdqnjme7m77061s2xqxg1myxe95z3q07dwzn28eb6qsp94pxkcfv465zg0z1bc43qkd976thtbesszgv3ch6xdtkarabq5qhetkk4p00v47e29p5nwfkcm9dy68h6mjmd96rnxfq72pyqywv7xxkfkkjr4pstmq4gx7ecn5tsxyt7as9sk041jb8twyrxsj6cx1dp33m2jeapj8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%26client%3Dca-pub-6593523210010154%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
59929
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2M3y670dzhmlQ1R%2BVlOSwbKw8S61UFQWWRI02LwgoxWSA06sPa%2FeD3UJAqwb%2FgiN0TRA4A4obE0j3%2FTXHjfrpQNxNelJMItQmEahseZHEJxdjlTTDXAsbvyEXCk7IYB4Mb%2BUuapSiU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cd546e1eb05199b-FRA
expires
Fri, 26 May 2023 11:18:55 GMT
r62eglto.js
ad4m.at/ Frame 56ED 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hwjq04z8gjcgvze10r21wer768tvw7ey4n607d3x05b6eqadz7js3rfw521e36x6hhtq2m0b10s2w514wy70f7h91bcqca520p9wpaq5pp44arevscpbrvk3cmbhtdj1cfyvwkc0xtx6ckwsgesnshatpcm2yq4chdm96hszkv9stxyfad43sxtq6ykcn34g12exeyad7dhayhqv9kpqqfe6p8wtxppnxpx0kj5ser401wrj90ncf3zzbawdqnjme7m77061s2xqxg1myxe95z3q07dwzn28eb6qsp94pxkcfv465zg0z1bc43qkd976thtbesszgv3ch6xdtkarabq5qhetkk4p00v47e29p5nwfkcm9dy68h6mjmd96rnxfq72pyqywv7xxkfkkjr4pstmq4gx7ecn5tsxyt7as9sk041jb8twyrxsj6cx1dp33m2jeapj8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
146148
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wezgn2xPQ7%2BPFi7dnpjWMgzcDQIG95H1wuVnn9truNkZukKL1dojAva9o2l%2BnkeUHx514TZtOWRH2GO5WKXiquHGHokMf8igLW3%2BQRfIPeZ6kFqaws9zgBsGvWO6NJpSg4fQSYo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7cd546e1eb06199b-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 23 May 2023 13:46:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A253 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwXxWfHnjJzC2EtFqPLtY-GVaeFDql07iylHFoTJTTVvwGafuGeTc5FWjUL5hJl0CVKTVuU7YwK1lxSQBHUGMGLZjxirl3mmsen7ifzDdaypvV2SfAxcU4kG0_4_tcWAC6TrTASm8EFpKu_GLnyXy2dtr8irVDYv4lHUNteFri0ZOw92jkgbcya4orhpdjgJ5MnBdfNTmB7qPkUzeqavV8cMFdaBfuJDWh4_v1B6-azzLY6DlA2eyWfll2w5Ex9hG4Q9jCsyZmw_BEdtLVMbltzvkOlc4duZjKtyqVCeL7C7YONGABLCzFbcXRz5dYnARM1SgcjOKbVhm-rA8FW6WBo9M3magJlklRNL3k91YpN8c066EE5Q&sai=AMfl-YRFiHElGWI8CC514AjD3Cc-h3l5MUWPIXYHdJeMg4q9yzFgqbukReU1Vl19os-q-kVwn3sYbr4WKJfyjiq-BlokM_j-TnXRCNxQbpHTPhc&sig=Cg0ArKJSzJxeqrEMdXedEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 26 May 2023 10:18:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A253 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230523&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c59e506451a1b64607790ad236e614cac824470a57b10e2332b3adede522f75b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11061
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B81 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiIA4jodwZJeMJZf03wPS75-ACwAAAAA4AeAEAg&bg=!REelRxPNAAZ8_aWmXP07ADkAdvg8Wsb2tMoRsn5mAzPRIpDNUXTlKspuRO9rFQa0Z1EVUAWdqQ3R5qS0h2G2L4BZ_FWeOOk4WdYCAAABZ1IAAAADaAEHmQLP9lncTjydNndXTEpx6MEROYW-bHlMh4zrYago0dPByODIqqMSOtFR01v0edP81I0TUgfH7CldchHAR6GeGs5lPf9KQArBmPglq9kIK1BM_S9Kf8CSCRcV1BbIBsWyAD0gQJ10MNI4ZoXE7SVAI4uEGadX99onihxIw96j6ixaqTLGuMcrXFsyHgEB1JrPQN346tfbG7wJVRyrd-c536Mjm8wfFEHDa4NBbgSe2MBjB-aESP5fuGuSWjPGgYQdXfHi53O7kdwFYIcloqfryrsgNrZcesVJhjhlzhyUIIlhfCqg620-Qc_8Ja8sTWHQ6QCcsnz1nVnSmPfC_aRiH9hHCk7tGUPPpo9jm2sTlITFc0BRBPRIwdMuLm2dlVt2XZFdtIn72SqFrev-OrAWpMj-L51ur1CvBXGKBkyC6_U214o79-YX_rlIZRiR-_yPgyZdJMN4PoIh2C39MhX5Nu7sIf9L3i_yCImJ3pwUR3g9o7ScxdN8BHLLrwtOHuvESYciA6IXVKjJrlkU-fzPFmFJ_vL-5MjupWW2PGG8TekwAbC4YSJvs0MlOYz3OFhO4ueqNqdFUO8_B0UHLCbbSIc3gftkJs_3SMzcEkA2mDm6svdymaiCR4QqxHYfkQNAZYZbeGp2YRY243tbctt2KOg4a7VOnb-CHAPKl0DGa3t-m5zbR6sp0LzvC6FCWQlSSsJqZrdHzFtk7e_zR0nn48T89RPmZn652lXjhqTXtIk7rAtGW5spiKlE-gYN8qodwz5vjYE4oxCmyKHHYv8Vb27vWTNn_yPJox1fucHx3RJ7r5i4RHa0wACl2H5C0VcHldLihMvcDZAyMcEjtIFtKd6Gfcw1D8uywn8uBo8Isw56m-mIVx0NewS4DlZAcl6KS54xFY81jxJO1lP_oUSQd2nhgxHEIAgBFWatyLp-hevQIKiTd2Nb7KbyB5GTSvjRfJw
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6273
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEItm0Bjg0qIw-1a2Igh18FI&google_cver=1&google_push=ATf1kGP6FO7-y4XAYnr35e0FjXgMKjtUsXInmWnXUDiklU4iYqiPUIX0lo...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGP6FO7-y4XAYnr35e0FjXgMKjtUsXInmWnXUDiklU4iYqiPUIX0loqsQZzK5abH2kF8UA5s1uxfCph-bMxZ38aKE0kz_gIBQTI&google_hm=mn0yiiiM9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGP6FO7-y4XAYnr35e0FjXgMKjtUsXInmWnXUDiklU4iYqiPUIX0loqsQZzK5abH2kF8UA5s1uxfCph-bMxZ38aKE0kz_gIBQTI&google_hm=mn0yiiiM97SBWzVuApxBSw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334698&bpp=1&bdt=302&idt=377&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3158054665860&frm=8&ife=1&pv=1&ga_vid=313650823.1685096335&ga_sid=1685096335&ga_hid=624338477&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074869%2C44788442%2C44789923&oid=2&pvsid=3659434229855259&tmod=909151483&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n6f0gnnu4uru&fsb=1&dtd=381
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGP6FO7-y4XAYnr35e0FjXgMKjtUsXInmWnXUDiklU4iYqiPUIX0loqsQZzK5abH2kF8UA5s1uxfCph-bMxZ38aKE0kz_gIBQTI&google_hm=mn0yiiiM97SBWzVuApxBSw
pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
a.tribalfusion.com/ Frame 6273 		43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEE2movsbcqonKqDeKq9t_qk&google_cver=1&google_push=ATf1kGOYWDSsyNscBDeRssYSbynfNpzt2_PpSPPXPejKZOEdWd7od0g_7AbhNNh31e5bOCUGzZIHnrXLObASoJtBEOO4uwerjrnPs-8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOYWDSsyNscBDeRssYSbynfNpzt2_PpSPPXPejKZOEdWd7od0g_7AbhNNh31e5bOCUGzZIHnrXLObASoJtBEOO4uwerjrnPs-8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334698&bpp=1&bdt=302&idt=377&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3158054665860&frm=8&ife=1&pv=1&ga_vid=313650823.1685096335&ga_sid=1685096335&ga_hid=624338477&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074869%2C44788442%2C44789923&oid=2&pvsid=3659434229855259&tmod=909151483&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n6f0gnnu4uru&fsb=1&dtd=381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7cd546e248a31cc3-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6273
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHORGkl14n2dc-49u_kVlxo&google_cver=1&google_push=ATf1kGNUK2WBZ9-YizGJPfGbAYDcELserllqcPhuSmBfwp2pBaNurMt2BI43ATx99jlQz0BsqyFUfJS8...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjczNzI1NDE5NTAzNzkwMjU0Ng&google_push=ATf1kGNUK2WBZ9-YizGJPfGbAYDcELserllqcPhuSmBfwp2pBaNurMt2BI43ATx99jlQz0BsqyFUfJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjczNzI1NDE5NTAzNzkwMjU0Ng&google_push=ATf1kGNUK2WBZ9-YizGJPfGbAYDcELserllqcPhuSmBfwp2pBaNurMt2BI43ATx99jlQz0BsqyFUfJS8NZ7wfsqrST7_ErqtO_94KA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334698&bpp=1&bdt=302&idt=377&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3158054665860&frm=8&ife=1&pv=1&ga_vid=313650823.1685096335&ga_sid=1685096335&ga_hid=624338477&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074869%2C44788442%2C44789923&oid=2&pvsid=3659434229855259&tmod=909151483&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n6f0gnnu4uru&fsb=1&dtd=381
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjczNzI1NDE5NTAzNzkwMjU0Ng&google_push=ATf1kGNUK2WBZ9-YizGJPfGbAYDcELserllqcPhuSmBfwp2pBaNurMt2BI43ATx99jlQz0BsqyFUfJS8NZ7wfsqrST7_ErqtO_94KA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 6273 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IaaNRqGEYLrYdagIUcHbM9t0ElWYiGZZpcIsei7Z4Ztg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791702&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096334698&bpp=1&bdt=302&idt=377&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3158054665860&frm=8&ife=1&pv=1&ga_vid=313650823.1685096335&ga_sid=1685096335&ga_hid=624338477&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3131852943&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074869%2C44788442%2C44789923&oid=2&pvsid=3659434229855259&tmod=909151483&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.n6f0gnnu4uru&fsb=1&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 56ED 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1171
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctjzOZTpvr6TPZWsSwxJ%2FmkB8bptYhKPtM6nSWOvr6O2ux%2Fxty1DSywOK8QQbLlxfZOpnU3WN2Kep9ZCcT2Btrru2%2F0EeC2t8jgcnKf22zOL5%2FpyHihTnUdhiJJCPJd%2B5qgZqr9p4tyqBQfd59SXtwMI"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7cd546e24ea49a3b-FRA
expires
Fri, 26 May 2023 10:20:58 GMT
frame.html
ad4m.at/ Frame 83ED 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2495824
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7cd546e24b8c199b-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 26 May 2023 10:18:55 GMT
expires
Thu, 30 Mar 2023 21:56:13 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BeNPor1nGNtSLBy9m%2BbkaVQcUXaop63hrIsur4kaMzJdEvpRwf5DqOtXVyFDemuzdH6kq4pYUOkl6Qrf7Ky7%2FC2mI6QEEfYaO3jgX6EeJfYrDAOEyvm%2BvS2Sm7k8NaDe1rQgJE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cd546e26fddbb77-FRA
content-length
24
content-type
text/plain
date
Fri, 26 May 2023 10:18:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7iddNL4gEg74aN26BDCgDyibCWUH%2F1aANTaHwz1eBy%2FCzroKtlj1YU29%2B6VdkerRdaDN4V6BVE9drvOA7icVntaJuNRYiekt5IGx77d%2Bkm4bB1oy3GtAUw8ubFq%2BdWCh2QvKXc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-3zc0
rs
ad4m.at/ Frame E7B9 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e7688b603d9df41744d51ad54e65e5a2e4d9f0d026b0239d297ee968741840aa

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZW%2Fsl1Og45mhbLkK4mvuVNoUE%2B7tQM%2F6waf%2FhirG3Y5HXSaU1Eu2%2Fh0%2BBZEVRZ5wps2ptUr%2B31Yr0KFk5Cg9dNzVfgROu3D0BC4LL%2F0v3D7L5%2F3sQM%2FfoL4%2BJ97%2FTsu%2F3ca1oc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7cd546e2a825bb77-FRA
x-backend-server
aa-reachservice-group-europe-west1-22mg
alt-svc
h3=":443"; ma=86400
view
securepubads.g.doubleclick.net/pcs/ Frame FFDA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTnq6DNKvbbQzshoDJrxLFAH-AiLsSgGp_L0XpjFdw1_E0cIVQThKG_5OBS6cxYkNoEI_USkqk7Ut2pyrlJm-rLtnH-ty6xLiiO2k9hOQBwRdaa1L2f7NdzatAt7kI6vR9OnDnrYkmA8cC2IwihRqM9PsInu2lWfs_ibgb8Hnt5qiD9WSXCGPLVUJqwZRoXSrgTdW3itgmJw4VsxLo7roVz-Qqa-if1ENf-KlGDpeqWtTWeEQLrAtZhx8bc8hKrM9svNWT0ldPilw5uMXxbJmdfsQXgMd7oX-OEdgY8Yz27bVTR-CYFY_UbZFpwKVV6uPt87z23knLo3scertPxX9lL0r5GVLdl5vUqXz20Ms&sai=AMfl-YQrpBoJOlfBWTRayEAeKE51MXJecCQX6GGircCqUrQXG_-xRbTzUPF7myj4bB_YfsgmLufQ80hN6xdEn1LmGYFw4Q36dbNev_eIC9fKiRwgxiJporNZk-d3Jca_Kg&sig=Cg0ArKJSzDd-20HHbF8bEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 26 May 2023 10:18:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FFDA 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230523&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com&bust=31074869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e51f1eaacbfa4339ded31c692d57f0de7785757d7e6ee6dd1c973233dd966bc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11061
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 92DB 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305220101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99ae45bac6e6de38ff2d16ab06fc561c0a7dd92406957ac95b218cd8e59b2050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11262
x-xss-protection
0
syncframe
gum.criteo.com/ Frame C9A9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:55 GMT
server
Kestrel
server-processing-duration-in-ticks
399052
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
rs
ad4m.at/ Frame 56ED 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ab041b4fba8654c6e2951f6e56bec777b2ac45585fa1df7e3d30d54c9cc3e1a4

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seY4wl086zgrEaDaOUWeNVrt96SchdgN5R%2B7OdKxrkgb6rc9zjc7iMaMAfigNCbnCoXIdqym3OZ8Y1lVXuCnplkPiVgXZ%2BcH%2F9UDmy4bq%2FZ6HUl068XUbHydBS8BGzpQHo5jo1c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7cd546e2d851bb77-FRA
x-backend-server
aa-reachservice-group-europe-west1-22mg
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cd546e29812bb77-FRA
content-length
24
content-type
text/plain
date
Fri, 26 May 2023 10:18:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wa2GTDepXy8iHKSw0VK87pOEQMNpiMsGTVLuhTDchjEi0REyte8XC%2Fx1TEXFWJVEkwVPvrVduXuClnLGNUv62OxmliXyLElOnp2lVaUUUnEi14FM2Ef4T%2BFtFQlun4%2BQ4LeKpXI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-22mg
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A253 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 26 May 2023 10:18:55 GMT
sid
mug.criteo.com/ Frame C9A9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=FqUoc3x5Q2t5dXJ1STR0STYybEIwTm42VlIzNU94Y0RhYVBWMjlvd1hWeC9KOFdMVGNZTm5leDc0V1RFY3padGRIclRNV0FyK3Eyakk3dVliVzYvWHkrQWZvd0NyZ3V5cmRlcUI2SXVkbVhCVXFGb1ZlaUZYelQ5bmlwcW...
415 B
643 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=FqUoc3x5Q2t5dXJ1STR0STYybEIwTm42VlIzNU94Y0RhYVBWMjlvd1hWeC9KOFdMVGNZTm5leDc0V1RFY3padGRIclRNV0FyK3Eyakk3dVliVzYvWHkrQWZvd0NyZ3V5cmRlcUI2SXVkbVhCVXFGb1ZlaUZYelQ5bmlwcWRvenVMbDNNcnVjQkNnMk1MdWVJNkdPbzFpbk5RSlhyRlNuSjNjUmNTVndodGliYUNUZXo4VEFqMWZ1Q0ZUektPVTF2a2FIbHRkOUtqSVNYY3grU1B5NC9PaGJxTHgvT1BlZXkxaThOOCtDaDN4Z3N4N0xnZnZaMUNHSlUvUHprWXlCZzZHb2V3ODVZVmtka0Vad0NseHFPRUFERE9GTTBXSGE5d2hUS3hlNHZLNGdxNGtXOD18&cppv=2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Server
178.250.7.13 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
111797c4644aa8bde0af1f6aabc8a98c9c74739ae2878fe916a66be18c4f64b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2564320
expires
0

Redirect headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=FqUoc3x5Q2t5dXJ1STR0STYybEIwTm42VlIzNU94Y0RhYVBWMjlvd1hWeC9KOFdMVGNZTm5leDc0V1RFY3padGRIclRNV0FyK3Eyakk3dVliVzYvWHkrQWZvd0NyZ3V5cmRlcUI2SXVkbVhCVXFGb1ZlaUZYelQ5bmlwcWRvenVMbDNNcnVjQkNnMk1MdWVJNkdPbzFpbk5RSlhyRlNuSjNjUmNTVndodGliYUNUZXo4VEFqMWZ1Q0ZUektPVTF2a2FIbHRkOUtqSVNYY3grU1B5NC9PaGJxTHgvT1BlZXkxaThOOCtDaDN4Z3N4N0xnZnZaMUNHSlUvUHprWXlCZzZHb2V3ODVZVmtka0Vad0NseHFPRUFERE9GTTBXSGE5d2hUS3hlNHZLNGdxNGtXOD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
411453
content-length
0
expires
0
rar
as.ad4m.at/ad/ Frame 27F6 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=109f293eca23ca430eb3378551e6ef2a%2F7165685274092907977&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxh06nqn6sq8sts054n5trc5zcnejwbdh5v6z4q6cdj6a7j6n8f204nrybn8hhfq94pxgzj69cqfe5gnwsjz505fhgx5j2n36qk9brtey1w2r60zftrgtr753ccyy9pejtnwxx3tyr3evm0qtxfqqp26sj01e2c6154dc41g8g2p23yjxwgvceh7m66jpekq92sa64awrddfxre5tjm0q48e009yq7ka9rpbb6ec15xrhdbps4tgqr35ea9san0nwe9xgxt6hhghgxp99zkke8d0m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
005b43444e96d518168c994efee875142fc7161f177696322fa127e077a4df39
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jx7tr9gnjt2ce9sxx27t5m6m5xj36qs142xsvc0mwqr1eymyn8s779p7ksp0y4tnvndjegm8jddw5w6dj8edag5vk3k7fdbe3gz45n6rxjk9b13nqppjrn5ejmph57acgb4mtwe3g499984s69c0k12y8xd76hfvfwhsj4e3zhqzz0jd8tqbs9p4k3z476cxagcae339a383x752dzw0sx4xemq2h2yzgp9j3y64s64bx87v37dtez5n2ct6qk9rpw1x6c8vz509eqmt270zqsvst4bwsrjhah5gsjz4wb99wznfdq2pxrbj4ktdt6asejjmqgpsdm4n7hw3z85fq92gnp0f3yrdzrjhqqatzd6grbn3c6d3dxn1yevk7m5qaffj91wtdwgznmeyhmwpt7t8zdavf520fa9frp775rps8fzj9zcvc39x676tvevpmd4cr92q8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%26client%3Dca-pub-6593523210010154%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cd546e2fc68199b-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:55 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F638 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1833
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 09:48:22 GMT
expires
Sat, 25 May 2024 09:48:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5AA5 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
72de7f194b64718913d5c112691235f9e6dbd8f79f66507a644c16149a4611d8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7oXRhGMjfRL7JS7GH7TXDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-7oXRhGMjfRL7JS7GH7TXDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:55 GMT
expires
Fri, 26 May 2023 10:18:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FFDA 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com&bust=31074869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 26 May 2023 10:18:55 GMT
rar
as.ad4m.at/ad/ Frame 1427 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=64c7e3725f1af83250c5ad033b4baff9%2F14934217882478561544&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335820&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
576a5893391b9a14516a7f6796c35247a20f896a94ed24a74a9c0249f239a2c3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hwjq04z8gjcgvze10r21wer768tvw7ey4n607d3x05b6eqadz7js3rfw521e36x6hhtq2m0b10s2w514wy70f7h91bcqca520p9wpaq5pp44arevscpbrvk3cmbhtdj1cfyvwkc0xtx6ckwsgesnshatpcm2yq4chdm96hszkv9stxyfad43sxtq6ykcn34g12exeyad7dhayhqv9kpqqfe6p8wtxppnxpx0kj5ser401wrj90ncf3zzbawdqnjme7m77061s2xqxg1myxe95z3q07dwzn28eb6qsp94pxkcfv465zg0z1bc43qkd976thtbesszgv3ch6xdtkarabq5qhetkk4p00v47e29p5nwfkcm9dy68h6mjmd96rnxfq72pyqywv7xxkfkkjr4pstmq4gx7ecn5tsxyt7as9sk041jb8twyrxsj6cx1dp33m2jeapj8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%26client%3Dca-pub-6593523210010154%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cd546e31c95199b-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:55 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 92DB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 26 May 2023 10:18:55 GMT
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 27F6 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=109f293eca23ca430eb3378551e6ef2a%2F7165685274092907977&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxh06nqn6sq8sts054n5trc5zcnejwbdh5v6z4q6cdj6a7j6n8f204nrybn8hhfq94pxgzj69cqfe5gnwsjz505fhgx5j2n36qk9brtey1w2r60zftrgtr753ccyy9pejtnwxx3tyr3evm0qtxfqqp26sj01e2c6154dc41g8g2p23yjxwgvceh7m66jpekq92sa64awrddfxre5tjm0q48e009yq7ka9rpbb6ec15xrhdbps4tgqr35ea9san0nwe9xgxt6hhghgxp99zkke8d0m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=109f293eca23ca430eb3378551e6ef2a%2F7165685274092907977&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxh06nqn6sq8sts054n5trc5zcnejwbdh5v6z4q6cdj6a7j6n8f204nrybn8hhfq94pxgzj69cqfe5gnwsjz505fhgx5j2n36qk9brtey1w2r60zftrgtr753ccyy9pejtnwxx3tyr3evm0qtxfqqp26sj01e2c6154dc41g8g2p23yjxwgvceh7m66jpekq92sa64awrddfxre5tjm0q48e009yq7ka9rpbb6ec15xrhdbps4tgqr35ea9san0nwe9xgxt6hhghgxp99zkke8d0m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
59929
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Q5B2VAYbvHhi2JJKvGnxSMLfIMlOzl4mv9q7P5jRIr0XtzMAoUFNkqN7LC8E0VIvt4%2F65xFRoUUBDKLJIYmxZG%2B1pC72Tubth52CWQ3bA%2Bfh%2F88c%2BZbFSO6vQc4rQOuuAIZMpub8QE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cd546e34cc6199b-FRA
expires
Fri, 26 May 2023 11:18:55 GMT
C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame 27F6 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=109f293eca23ca430eb3378551e6ef2a%2F7165685274092907977&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxh06nqn6sq8sts054n5trc5zcnejwbdh5v6z4q6cdj6a7j6n8f204nrybn8hhfq94pxgzj69cqfe5gnwsjz505fhgx5j2n36qk9brtey1w2r60zftrgtr753ccyy9pejtnwxx3tyr3evm0qtxfqqp26sj01e2c6154dc41g8g2p23yjxwgvceh7m66jpekq92sa64awrddfxre5tjm0q48e009yq7ka9rpbb6ec15xrhdbps4tgqr35ea9san0nwe9xgxt6hhghgxp99zkke8d0m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
309184
cf-polished
origFmt=png, origSize=10283
alt-svc
h3=":443"; ma=86400
content-length
4736
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Apr 2023 12:21:02 GMT
server
cloudflare
etag
"b90d04a587c2a1ab6749e51d8bb195d1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHGH3PaOZd7XZyPiuJqxt3LlSTIa6qpXhHgfn0ZxZyPrH6aDMfqf9Lvkq3AMwhCUVgckxz%2FmJOFPB4T0kml5tFkPbG0GxPAXwsj6r3ylIJ%2F%2FRTDN0TvqIFpEVd3p3Fb8S3mTdH4j5z6l9czC"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd546e34fe29bc2-FRA
expires
Sat, 27 May 2023 10:18:55 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 27F6 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=109f293eca23ca430eb3378551e6ef2a%2F7165685274092907977&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxh06nqn6sq8sts054n5trc5zcnejwbdh5v6z4q6cdj6a7j6n8f204nrybn8hhfq94pxgzj69cqfe5gnwsjz505fhgx5j2n36qk9brtey1w2r60zftrgtr753ccyy9pejtnwxx3tyr3evm0qtxfqqp26sj01e2c6154dc41g8g2p23yjxwgvceh7m66jpekq92sa64awrddfxre5tjm0q48e009yq7ka9rpbb6ec15xrhdbps4tgqr35ea9san0nwe9xgxt6hhghgxp99zkke8d0m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
432106
cf-polished
origSize=105738, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
92686
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5jS1i5Oq87k137Rkz3LLCHCtC6rMsgT9IAw0J9zlbArmCg2Ad9ytepv%2F0SRexTRVir7dQb8eTjE%2FzXK9ufOoG%2BqVxzClROwMsK1GA94zHJqxciY%2BhKjgIpRVlu3Py2Jp042kxjRwpY1SIWT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd546e34fea9bc2-FRA
expires
Sat, 27 May 2023 10:18:55 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 27F6 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=109f293eca23ca430eb3378551e6ef2a%2F7165685274092907977&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxh06nqn6sq8sts054n5trc5zcnejwbdh5v6z4q6cdj6a7j6n8f204nrybn8hhfq94pxgzj69cqfe5gnwsjz505fhgx5j2n36qk9brtey1w2r60zftrgtr753ccyy9pejtnwxx3tyr3evm0qtxfqqp26sj01e2c6154dc41g8g2p23yjxwgvceh7m66jpekq92sa64awrddfxre5tjm0q48e009yq7ka9rpbb6ec15xrhdbps4tgqr35ea9san0nwe9xgxt6hhghgxp99zkke8d0m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
118754
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmYTWbEUBcJ8Y9QptcCzQt3PXvcMq4yb0BZIYDasAqR%2B6JP6BUhBxuW5NeY05kAoF1wkEKTrMx7C9F1HSw0Uwr29QgJzOWuxIMoUT5OHLclLsK5g4oTkoxwKFoRQHyF6tOezYiTtOSCMeIo7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd546e34fed9bc2-FRA
expires
Sat, 27 May 2023 10:18:55 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 27F6 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=109f293eca23ca430eb3378551e6ef2a%2F7165685274092907977&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxh06nqn6sq8sts054n5trc5zcnejwbdh5v6z4q6cdj6a7j6n8f204nrybn8hhfq94pxgzj69cqfe5gnwsjz505fhgx5j2n36qk9brtey1w2r60zftrgtr753ccyy9pejtnwxx3tyr3evm0qtxfqqp26sj01e2c6154dc41g8g2p23yjxwgvceh7m66jpekq92sa64awrddfxre5tjm0q48e009yq7ka9rpbb6ec15xrhdbps4tgqr35ea9san0nwe9xgxt6hhghgxp99zkke8d0m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2377034
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xU8FkB8zuIjWnN6ceIPg0divLbvZKRhkOQZrolUlt5SbQBYwTAahXpm0TH%2FJx%2B6UsDhkCP4sVqUYjtIX3eQWSR%2FT2A6bLtxMaNkGBC1YSMXcF98It%2FPYm7OFSVGlQU5lgXMbD%2FSBHMu1sPFz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd546e34fef9bc2-FRA
expires
Sat, 27 May 2023 10:18:55 GMT
cshow.php
www.awin1.com/ Frame 27F6 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=109f293eca23ca430eb3378551e6ef2a%2F7165685274092907977&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxh06nqn6sq8sts054n5trc5zcnejwbdh5v6z4q6cdj6a7j6n8f204nrybn8hhfq94pxgzj69cqfe5gnwsjz505fhgx5j2n36qk9brtey1w2r60zftrgtr753ccyy9pejtnwxx3tyr3evm0qtxfqqp26sj01e2c6154dc41g8g2p23yjxwgvceh7m66jpekq92sa64awrddfxre5tjm0q48e009yq7ka9rpbb6ec15xrhdbps4tgqr35ea9san0nwe9xgxt6hhghgxp99zkke8d0m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 May 2023 10:18:56 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 27F6 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=109f293eca23ca430eb3378551e6ef2a%2F7165685274092907977&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxh06nqn6sq8sts054n5trc5zcnejwbdh5v6z4q6cdj6a7j6n8f204nrybn8hhfq94pxgzj69cqfe5gnwsjz505fhgx5j2n36qk9brtey1w2r60zftrgtr753ccyy9pejtnwxx3tyr3evm0qtxfqqp26sj01e2c6154dc41g8g2p23yjxwgvceh7m66jpekq92sa64awrddfxre5tjm0q48e009yq7ka9rpbb6ec15xrhdbps4tgqr35ea9san0nwe9xgxt6hhghgxp99zkke8d0m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
576641
cf-polished
origFmt=png, origSize=62828
alt-svc
h3=":443"; ma=86400
content-length
36446
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XWVUy%2BSreFRQFGpZ32oie2ZBdGxSElcxZyYbqcMBR15eC1GWlfEATodS3MKo9MEXTrQpoRhlGUCkYN8wd6iLt5vV%2FE7Ixo3ouPx1oEMQ7EfpaDn3Gc8MppkwgWlWPXxKtp5E8lRkSU5Xuiy"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd546e34ff09bc2-FRA
expires
Sat, 27 May 2023 10:18:55 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 27F6 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=109f293eca23ca430eb3378551e6ef2a%2F7165685274092907977&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxh06nqn6sq8sts054n5trc5zcnejwbdh5v6z4q6cdj6a7j6n8f204nrybn8hhfq94pxgzj69cqfe5gnwsjz505fhgx5j2n36qk9brtey1w2r60zftrgtr753ccyy9pejtnwxx3tyr3evm0qtxfqqp26sj01e2c6154dc41g8g2p23yjxwgvceh7m66jpekq92sa64awrddfxre5tjm0q48e009yq7ka9rpbb6ec15xrhdbps4tgqr35ea9san0nwe9xgxt6hhghgxp99zkke8d0m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
831682
cf-polished
qual=85, origFmt=jpeg, origSize=133780
alt-svc
h3=":443"; ma=86400
content-length
28740
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUGDSEow6XHFEQrQ5DVj%2FzbQsWt6rHTy2jFc1K6c9PZrDeTpTZq1GvI%2BAkg0z9UnBEn9%2FHQ5%2FB%2B19OINDrKLwzmcZhVUBFgskes6KWBLNUupsN4xmw%2B0Uaqu%2F8srdAjaECAa%2FUzFaqEm0vlF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd546e34ff29bc2-FRA
expires
Sat, 27 May 2023 10:18:55 GMT
cshow.php
www.awin1.com/ Frame 27F6 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=109f293eca23ca430eb3378551e6ef2a%2F7165685274092907977&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxh06nqn6sq8sts054n5trc5zcnejwbdh5v6z4q6cdj6a7j6n8f204nrybn8hhfq94pxgzj69cqfe5gnwsjz505fhgx5j2n36qk9brtey1w2r60zftrgtr753ccyy9pejtnwxx3tyr3evm0qtxfqqp26sj01e2c6154dc41g8g2p23yjxwgvceh7m66jpekq92sa64awrddfxre5tjm0q48e009yq7ka9rpbb6ec15xrhdbps4tgqr35ea9san0nwe9xgxt6hhghgxp99zkke8d0m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 May 2023 10:18:56 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 1427 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=64c7e3725f1af83250c5ad033b4baff9%2F14934217882478561544&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335820&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=64c7e3725f1af83250c5ad033b4baff9%2F14934217882478561544&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335820&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
59929
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kt30GH%2B6te5iV5S0HHgc%2B6b60xNXP6jHxhb5ZHx66SvsBx4sQW62WOHjpg5G35S4fMEXftEi1j%2B8I4%2BsWD6XolJE%2BXXtlSznBFk1okzXiYKDyHXzdrYGTU689kpI%2FlnCW%2FLpy0eY7UU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cd546e36d0a199b-FRA
expires
Fri, 26 May 2023 11:18:55 GMT
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 1427 		219 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=64c7e3725f1af83250c5ad033b4baff9%2F14934217882478561544&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335820&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ae6a18b973d0fbd53cd575408e3720cec1b94418b180ab6b83a82611eb1906

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
649880
cf-polished
origSize=233620, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
224653
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgNIg%2Bq4nVs2QQ9I%2ByxuxwmpcCf7g9%2BIgxyC5kt5HxG1fWfM1Wt1%2FCwRUH%2BpL%2F3Lh5gGx3ABTrN2vNq2YgQXRqTc1SrvWjbx5BIrWqtfw9qmoJQa9SgimII5ZFuIcW5eBpMr%2FW1rMr4splXm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd546e36d12199b-FRA
expires
Sat, 27 May 2023 10:18:55 GMT
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 1427 		637 KB
637 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=64c7e3725f1af83250c5ad033b4baff9%2F14934217882478561544&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335820&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1626632
cf-polished
origSize=731561, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
651990
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awYaQFVrtf8wLbH%2ByM09KdgYQ2pbW7jbzgq72dLku4UIi41vh9xnIBDodb5XP4%2FsINXBgfu3ZCKaT15mB3yXglhsJkv%2Fz9Q9Lv2Qa6Sl289G04b45oADg0dMTge%2FxwJiKaSl89ORsmq8zIVn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd546e37d1d199b-FRA
expires
Sat, 27 May 2023 10:18:55 GMT
A533E7F607EF62FE4723E8DFFC0713F0C73B1B2D9CE8A1C3EC9B01CFC3E94E0E60300B8201CEC78FF7CFB2870EBC0F2255A36A642116E896F244C9C3B760671D
assets.ad4m.at/logo/ Frame 1427 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A533E7F607EF62FE4723E8DFFC0713F0C73B1B2D9CE8A1C3EC9B01CFC3E94E0E60300B8201CEC78FF7CFB2870EBC0F2255A36A642116E896F244C9C3B760671D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=64c7e3725f1af83250c5ad033b4baff9%2F14934217882478561544&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335820&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e4888cce84b12f519ea6a2123dc8a3e27097a2fec4b8adbe9294dde6af8250a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23375
cf-polished
origSize=24038, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
12371
cf-bgj
imgq:85,h2pri
last-modified
Fri, 18 Nov 2022 09:02:58 GMT
server
cloudflare
etag
"42fdf98ab75c036923270a333e2d19d9"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jXzVw3seQDVtTwKIAQ5FtNxwLHUCeYcNJeM5zybmB%2BkO9NTxwEEHlyRUaBHX1kLBX8ao1m%2FpE767GxKacnRqwiGBd4qiaYj15%2BuzpXMJpTMkU%2BFi4DJCAVRslo5eZwA3GFYea273Yd7ZRKb"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd546e37d1f199b-FRA
expires
Sat, 27 May 2023 10:18:55 GMT
6CE771B21A8636F5C2024451E91C2D0F265D574A33091414717D7A9AD2DD6D650E6B7475ED8B65D4B666B69AB302F6ADFACD07EE68874124BBF350D45D9BAD1D
assets.ad4m.at/product_image/ Frame 1427 		545 KB
546 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/6CE771B21A8636F5C2024451E91C2D0F265D574A33091414717D7A9AD2DD6D650E6B7475ED8B65D4B666B69AB302F6ADFACD07EE68874124BBF350D45D9BAD1D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=64c7e3725f1af83250c5ad033b4baff9%2F14934217882478561544&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335820&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
002f1235c6484b5b45d65e285ac9623a469f9428889d6b7baa1b698593679321

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
142383
cf-polished
origSize=633427, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
558334
cf-bgj
imgq:85,h2pri
last-modified
Fri, 18 Nov 2022 08:58:33 GMT
server
cloudflare
etag
"873e08540c475526df27feecfd1eaf3f"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rF3HVGSIDbf34lERfbqVeC89cpWUJJhb6oZPjqmcBWFa7afpK6LL3syFRfqEHmS8ZQGJDwvWEUpf1HZ3MaIfcwF0eF4TzQee%2BCRjmnEv16Hy6YO2G7xZQlhGJ3%2BKXlghW1Fg8squjkvWwrFk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd546e37d20199b-FRA
expires
Sat, 27 May 2023 10:18:55 GMT
DD95FF88FA3D93F6F44D3AC31E55B69E88B3B4546FE4BC6F8B33238666415C0B819A6AF1FC78B5EC7D26C7715A6F49E85CEDA62985F3A5877BCD8483DC0580F8
assets.ad4m.at/logo/ Frame 1427 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DD95FF88FA3D93F6F44D3AC31E55B69E88B3B4546FE4BC6F8B33238666415C0B819A6AF1FC78B5EC7D26C7715A6F49E85CEDA62985F3A5877BCD8483DC0580F8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=64c7e3725f1af83250c5ad033b4baff9%2F14934217882478561544&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335820&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a87ab137847708c417f2fe0e4b40b13045387e5450b590e36569844e7d2749a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1839123
cf-polished
origFmt=png, origSize=29332
alt-svc
h3=":443"; ma=86400
content-length
17112
cf-bgj
imgq:85,h2pri
last-modified
Wed, 13 May 2020 13:33:22 GMT
server
cloudflare
etag
"122e7322a58f4a1954c70b4a17dfafb3"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1%2F%2BreFwwKpVccUsda%2BN43IT5q%2F82mCGzOHEqSkdcnIvGEZJoql8pRcgESxLtCt7Myq8wLrYL7%2Bw4OR9YvZFCeHzITQ9DxavZoyGJU3MX%2B53z31JiwapUSF%2BuTBOClNDnp8ZlJzNLlT7PVYV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd546e37d22199b-FRA
expires
Sat, 27 May 2023 10:18:55 GMT
0E5BFA76C26FC73E55AB6D68B83E55550C792CB830C69D31D329CEBDC2E4AB9165A435BB4F9054A5789B03CA381227A36BCB33A334DD00ADA2F66E01950FC2DD
assets.ad4m.at/product_image/ Frame 1427 		237 KB
238 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/0E5BFA76C26FC73E55AB6D68B83E55550C792CB830C69D31D329CEBDC2E4AB9165A435BB4F9054A5789B03CA381227A36BCB33A334DD00ADA2F66E01950FC2DD
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=64c7e3725f1af83250c5ad033b4baff9%2F14934217882478561544&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335820&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44524ce857ed39215d384600ade5aa4bc605ac8b8951398beae0ffca3f3cc659

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26686
cf-polished
origSize=270249, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
243189
cf-bgj
imgq:85,h2pri
last-modified
Tue, 13 Oct 2020 11:03:48 GMT
server
cloudflare
etag
"e93e5f11efcf3516506c022b6dda411d"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXyS8pDrllVJt%2FLSTOFEZl2w1vUB7vXx6ZyTZr0%2BnXR%2BG3HRF705FXMYmjJXl1hpeJtZBMEyPhtr%2FAX6UDmdK7WpXU%2BRPr4IGRPpLwlXcmHhlZwMTMPWmGrlxWAcvjTCoRnMv3quWLlf6KSc"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cd546e37d23199b-FRA
expires
Sat, 27 May 2023 10:18:55 GMT
link.html
track.webgains.com/ Frame 27F6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kz6a0b1d1nqybvm14fejtebc0sbvgahyzn3d61nm7gdm2rytenre8myk34f9ayfa112k1763w95mhnd6ge1vchrzf96qfd9n838h0rw8dffmxpc8v4ap0rc5ar427yrrz991h17d9k1aak4typwahawh5dchxtne3rhf4pg1jg8xcs3rxf0h9zjfp6vazkj29q467eexwdq3sws0zwt81z61ndgsm1hh6fcxhvmdh4bsjjv8116v8qztb8bzth0ms4g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hxh06nqn6sq8sts054n5trc5zcnejwbdh5v6z4q6cdj6a7j6n8f204nrybn8hhfq94pxgzj69cqfe5gnwsjz505fhgx5j2n36qk9brtey1w2r60zftrgtr753ccyy9pejtnwxx3tyr3evm0qtxfqqp26sj01e2c6154dc41g8g2p23yjxwgvceh7m66jpekq92sa64awrddfxre5tjm0q48e009yq7ka9rpbb6ec15xrhdbps4tgqr35ea9san0nwe9xgxt6hhghgxp99zkke8d0m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=109f293eca23ca430eb3378551e6ef2a%2F7165685274092907977&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxh06nqn6sq8sts054n5trc5zcnejwbdh5v6z4q6cdj6a7j6n8f204nrybn8hhfq94pxgzj69cqfe5gnwsjz505fhgx5j2n36qk9brtey1w2r60zftrgtr753ccyy9pejtnwxx3tyr3evm0qtxfqqp26sj01e2c6154dc41g8g2p23yjxwgvceh7m66jpekq92sa64awrddfxre5tjm0q48e009yq7ka9rpbb6ec15xrhdbps4tgqr35ea9san0nwe9xgxt6hhghgxp99zkke8d0m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.209.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-209-175.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
dc9280b05aed7188828bef3ea8fcaf1338e5b405208135eb825291305ae6e804

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:56 GMT
last-modified
Fri, 26 May 2023 10:18:55 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 26 May 2023 10:19:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8C09 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1834
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 09:48:22 GMT
expires
Sat, 25 May 2024 09:48:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0121 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a6a620b7b182e66293bd59eaa833d419f20adc106ce6cb2667724a85ac602cae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ByuxlcFUX1lHyvKhxyMI-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-ByuxlcFUX1lHyvKhxyMI-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:56 GMT
expires
Fri, 26 May 2023 10:18:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame AA1F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSN21pwHUs1igNXaOFjBBipnigAlc8X1oNL-i5bvso5cQgRIDmtAOt7MFMLC043WnmCWICDNVTfuNimHZpOmtS794NR8rNtbrW9nRPwwk2uSd_e4bo&sig=Cg0ArKJSzMKJqmWueP76EAE&id=lidar2&mcvt=1015&p=0,0,600,160&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3299242717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685096334287&rpt=604&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0626 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1834
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 09:48:22 GMT
expires
Sat, 25 May 2024 09:48:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BE0C 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cf02f2c546c9d5fc438d930b59cd8c201ac33f0ecaecc2d38b3d44424b1b4c87
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AlRp8d1uzc6nnaifNyR1-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-AlRp8d1uzc6nnaifNyR1-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:56 GMT
expires
Fri, 26 May 2023 10:18:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 5AA5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230523&jk=857899531715694&rc=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js
pagead2.googlesyndication.com/bg/ Frame F638 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6baad695662882ffb60b2b087b6017d3e20c1b08f4b35fb40d5c664a38656da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 14:26:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
244321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14729
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 May 2024 14:26:54 GMT
link.html
track.webgains.com/ Frame 1427 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jy3q54kqe4qn2xk9wgb221rjfkhf1qc6p43tjyb6ep4mz2mr48ws5ar789f5zv9804v7baym2f1wxh0h3tpdnpb4jmkd4phat45m0acaxhw7m4tye4jrpbrjdd5t0403qggrrz6bczszxfqwjzwy8kcy3860339qdx67ynvnjd6tjq4k92sp6x57334v185qxghazm3e1yzcv5dpxyqyqmatwh8vfnxm34zp5g6495k2q8f3b2dxacb5cq2jmcemz2qy%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=64c7e3725f1af83250c5ad033b4baff9%2F14934217882478561544&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335820&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.209.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-209-175.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
baa6863403d4f20ab2701f925258efcb690d50a334cb8d702bae94b33679d5d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:56 GMT
last-modified
Fri, 26 May 2023 10:18:56 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 26 May 2023 10:19:56 GMT
link.html
track.webgains.com/ Frame 1427 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=4452068&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g6d5jvqzyqzydwhg7as58dqarbt6p8kwvsns90ybv23djm196sjh2amwjyk2ke6ea96saakem5rx662r1pm1e29j9wphqm8xaf58wpy43v9fnmygfme0zb22m4sxjfsvf8acs8r55ccmrb7g1cj8djgmrwbc4xatk6yzzxq1sc9s941re4gz4skdr65bd41d49w6h3sf6p1a615e1n7dbxabxxwnewv427a0nad4mbz6am7tdg0t5sbny2jdp98zdx01ng%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4Eoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=64c7e3725f1af83250c5ad033b4baff9%2F14934217882478561544&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335820&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.209.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-209-175.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
09d7a1ee358956b1e2b4ba9d361822e953856e7930314c2127f3bb83e5520db9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:56 GMT
last-modified
Fri, 26 May 2023 10:18:56 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 26 May 2023 10:19:56 GMT
link.html
track.webgains.com/ Frame 1427 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2100065&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hbaz19gk6xfy4tqcgvcqmnnxhh0zmd3e69g1gtkaecz1y7fzxy74d7kwf0ymnf1jvxypp6t21zwh84wrs9bez8347hdq46cxx13fkcqt6cs96szfw8z6j6xewhxj56gk7mfxq1nhzgf1jd638r3p1m0dmfjb0dy472gx39vh2t25mvkvsm8rs1n3bmaw7rqw5x0p739c4r70casc41sdnb8skmp9hnpf3gjhj4wjmcbm37a8x21rr0jyxbpxfn4hzwg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=64c7e3725f1af83250c5ad033b4baff9%2F14934217882478561544&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335820&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.209.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-209-175.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c80661013836a84a6e52d5d1016ccab70b2be0883b2bc2aa0408fcee37a160f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:56 GMT
last-modified
Fri, 26 May 2023 10:18:56 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 26 May 2023 10:19:56 GMT
pvClk.min.js
analytics.webgains.io/ Frame 27F6 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kz6a0b1d1nqybvm14fejtebc0sbvgahyzn3d61nm7gdm2rytenre8myk34f9ayfa112k1763w95mhnd6ge1vchrzf96qfd9n838h0rw8dffmxpc8v4ap0rc5ar427yrrz991h17d9k1aak4typwahawh5dchxtne3rhf4pg1jg8xcs3rxf0h9zjfp6vazkj29q467eexwdq3sws0zwt81z61ndgsm1hh6fcxhvmdh4bsjjv8116v8qztb8bzth0ms4g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hxh06nqn6sq8sts054n5trc5zcnejwbdh5v6z4q6cdj6a7j6n8f204nrybn8hhfq94pxgzj69cqfe5gnwsjz505fhgx5j2n36qk9brtey1w2r60zftrgtr753ccyy9pejtnwxx3tyr3evm0qtxfqqp26sj01e2c6154dc41g8g2p23yjxwgvceh7m66jpekq92sa64awrddfxre5tjm0q48e009yq7ka9rpbb6ec15xrhdbps4tgqr35ea9san0nwe9xgxt6hhghgxp99zkke8d0m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 07:31:18 GMT
content-encoding
gzip
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
43852
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
isAhDX7tjJc0n9LQcslaaHPIsCjL3f8S5YQTwaMjdLMr2Bz1GrXkTg==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 27F6 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1685096636&Signature=a4sydFbViUqw~bRZ4~flVP4ccWh2TciPh36HxZHTk1Y4d1-JscITClDavhuhvYTTH6GwbYzxNiTmxxuG3pPYxgAYsFX8zrU0kg25PRIICqRfBD1qYtM8beMFLJVnqi~vDCbnHlMTkDeFDfw7yi9Ltwnk~0f0on~ShPdLa3vGmcvCYEia-PzsFF6yPZsK-ThBVWwBdsB8P2pmuyC44-F3Xe2fFj4uDZP3gbUVB9yPWOlkQqSLAhkzDbA15TeyQA4IUwQ4l1xxS3ZVMJY3gmVBzzlFPXxZ4Dinz6JBR7Mjs5F3GNItCvl7Z7BseO5BYk7FwpTc2oqO6JamNZh69qqYog__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=109f293eca23ca430eb3378551e6ef2a%2F7165685274092907977&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxh06nqn6sq8sts054n5trc5zcnejwbdh5v6z4q6cdj6a7j6n8f204nrybn8hhfq94pxgzj69cqfe5gnwsjz505fhgx5j2n36qk9brtey1w2r60zftrgtr753ccyy9pejtnwxx3tyr3evm0qtxfqqp26sj01e2c6154dc41g8g2p23yjxwgvceh7m66jpekq92sa64awrddfxre5tjm0q48e009yq7ka9rpbb6ec15xrhdbps4tgqr35ea9san0nwe9xgxt6hhghgxp99zkke8d0m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 00:08:59 GMT
x-amz-version-id
null
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
36598
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
KGOxNyJ5Z-LDeZjVjFoPK8eFpHLl7Edja3rlesG1xICYYNtumHfhsQ==
activeview
pagead2.googlesyndication.com/pcs/ Frame 7467 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmO5mWWD8LvMrbq9763EBZF3yrZXVBzyV_wg0w54-XvdIyQrnK1I6hhcstt7vxgZpWTVSkaL7kADiB1rSUXlcMg0-ri68p8Fsqv_kmNGq5PCrNbNlsYTRhK9W_vhUB1InI5FJoUA&sai=AMfl-YSNcSR1TRVZHBW5ny_kqv7iXvsO2Fi-bSeSJBC7M3lMOBbjktQrhl1RfVPspAsBbZumpX1_IWbM7R7okQxb0Jj4tbYfOZNsxH5ij18ZtxPSqqVWydfNqB_fm7c&sig=Cg0ArKJSzJgiU970oh3DEAE&cid=CAQSOwBygQiDnfLNsUghptiFqImx1MUj1VDL1uNN2vHZsY_DFaBEWzsg5esxSWL0Cfhbma5dYlk21wcXWpkCGAE&id=ampim&o=0,251&d=996,250&ss=1600,1200&bs=996,250&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=700&tls=1701&g=100&h=100&tt=1701&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7CF7 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTr9lD14L-Nob2XkjHrN6QzWMreyEXMp4fTyK3H9ZzOFGD5fwXmSLgihZiEOJcMl_lZAvhXnvCf8E5_uXbEBzBZoqNPjR0z6TbOsjoPXjrdI6oEt0YXf4goaqZ9GE2oawIKUs3tg&sai=AMfl-YQjkcG1-UypGyYmQ9Tv1a9WFuLzbdiOeYRviP4ZpP3tdvEuO_XmkzyvQfYr1FrTElLtjjAY0NGm3folUWW4SM_ehq2A93I-WhzOvrCMukOnVbCF-WlrXQqji18&sig=Cg0ArKJSzLD9EZyb36JpEAE&cid=CAQSOwBygQiDOc_qWoYDw54OSto7Xb6elxXUFWdsMytcTr9HkESZKyzPMi0_xp-yBctr1On7gUyF3AnzHabgGAE&id=ampim&o=0,91&d=976,90&ss=1600,1200&bs=976,90&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=668&tls=1668&g=100&h=100&tt=1668&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame 92DB 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685096333184&userId=vnetc294117e-8508-46bf-9303-232e5aca3885
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 26 May 2023 10:18:56 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A78 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueLV7_oaqFhQzD2HE0FaLR4P8LzpVqZcyi3KBb_MmkvkTTnZzQMvx1ySxsvkqBRWKt8W6bnD6gpQHRBlPMD9I1ycLf&sig=Cg0ArKJSzIFVvHST2A7KEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3203893797&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685096334410&rpt=766&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900010.redintelligence.net/ Frame 65EB 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/viewability?s=40778400054361700951395012336010&a=978c8f4a&vb=v
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=40778400054361700951395012336010&a=a53b8c18
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/request_content.php?s=40778400054361700951395012336010&a=a53b8c18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 10:18:56 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
pvClk.min.js
analytics.webgains.io/ Frame 1427 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jy3q54kqe4qn2xk9wgb221rjfkhf1qc6p43tjyb6ep4mz2mr48ws5ar789f5zv9804v7baym2f1wxh0h3tpdnpb4jmkd4phat45m0acaxhw7m4tye4jrpbrjdd5t0403qggrrz6bczszxfqwjzwy8kcy3860339qdx67ynvnjd6tjq4k92sp6x57334v185qxghazm3e1yzcv5dpxyqyqmatwh8vfnxm34zp5g6495k2q8f3b2dxacb5cq2jmcemz2qy%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 07:31:18 GMT
content-encoding
gzip
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
43852
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
JTsOFnw0aItUcIBzzB8OXszwWbJKXLkIG6BA5DvxUdt5qV_Ug1ErEg==
link.html
track.webgains.com/ Frame 1427 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2194035
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=64c7e3725f1af83250c5ad033b4baff9%2F14934217882478561544&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335820&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.209.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-209-175.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:56 GMT
last-modified
Fri, 26 May 2023 10:18:56 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 26 May 2023 10:19:56 GMT
5ed7638be4b07a92411bbffe
ng.virgul.com/tck/i_vb2/ Frame 92DB 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed7638be4b07a92411bbffe?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1685096336507&userId=vnetc294117e-8508-46bf-9303-232e5aca3885
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 26 May 2023 10:18:56 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame 92DB 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1685096336507&userId=vnetc294117e-8508-46bf-9303-232e5aca3885
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 26 May 2023 10:18:56 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed771bae4b07a92411bc04c
ng.virgul.com/tck/i_vb2/ Frame 92DB 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1685096336507&userId=vnetc294117e-8508-46bf-9303-232e5aca3885
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 26 May 2023 10:18:56 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed771e3e4b07a92411bc04e
ng.virgul.com/tck/i_vb2/ Frame 92DB 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1685096336507&userId=vnetc294117e-8508-46bf-9303-232e5aca3885
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 26 May 2023 10:18:56 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
dt
dt.adsafeprotected.com/ Frame AA1F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=94a131fa-d10e-8063-ab9e-fdbd6f30e251&tv=%7Bc:dIm204,pingTime:1,time:1735,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:21%7D,%7Bpiv:100,vs:i,r:,t:604%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1131,o:604,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B597~0%5D,as:%5B597~160.600%5D%7D%7D,%7Bsl:i,t:604,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1131~100%5D,as:%5B1131~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:127,fm:tFmcuxv+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C117*.1352960-69587979%7C1171%7C118%7C119%7C11a%7C11b%7C11c,idMap:117*,rmeas:1,rend:1,renddet:IMG.qs,siq:22,sis:317%7D&br=c
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:56 GMT
server
nginx
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame AA1F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=94a131fa-d10e-8063-ab9e-fdbd6f30e251&tv=%7Bc:dIm205,pingTime:1,time:1736,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:21%7D,%7Bpiv:100,vs:i,r:,t:604%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1132,o:604,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B597~0%5D,as:%5B597~160.600%5D%7D%7D,%7Bsl:i,t:604,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1132~100%5D,as:%5B1132~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:127,fm:tFmcuxv+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C117*.1352960-69587979%7C1171%7C118%7C119%7C11a%7C11b%7C11c,idMap:117*,rmeas:1,rend:1,renddet:IMG.qs,siq:22,sis:317,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:56 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
link.html
track.webgains.com/ Frame 1427 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4Eoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=4452068
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=64c7e3725f1af83250c5ad033b4baff9%2F14934217882478561544&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335820&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.209.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-209-175.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c7bc8098c1b013492c04c1f333e56d3980945b0882c7f57441bf0688362eef29

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:56 GMT
last-modified
Fri, 26 May 2023 10:18:56 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 26 May 2023 10:19:56 GMT
link.html
track.webgains.com/ Frame 1427 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2100065
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=64c7e3725f1af83250c5ad033b4baff9%2F14934217882478561544&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335820&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.209.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-209-175.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
6f0918a5bbcba67238bceb4ee89b68394124d02bc618afdd06ec915556521a3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:56 GMT
last-modified
Fri, 26 May 2023 10:18:56 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 26 May 2023 10:19:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0121 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230523&jk=3659434229855259&rc=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame BE0C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305220101&jk=4135818972219998&rc=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
tracking-event
api.webgains.io/ Frame 1A78 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.253.51 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 May 2023 10:18:56 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.253.51 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 26 May 2023 10:18:56 GMT
server
nginx
9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js
pagead2.googlesyndication.com/bg/ Frame 8C09 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6baad695662882ffb60b2b087b6017d3e20c1b08f4b35fb40d5c664a38656da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 14:26:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
244322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14729
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 May 2024 14:26:54 GMT
9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js
pagead2.googlesyndication.com/bg/ Frame 0626 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6baad695662882ffb60b2b087b6017d3e20c1b08f4b35fb40d5c664a38656da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 14:26:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
244322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14729
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 May 2024 14:26:54 GMT
generate_204
tpc.googlesyndication.com/ Frame F638 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?9bjzDg
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA1F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=908902764668&version=m202301230201&ct=76&x=8&cor=5779211525343354000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AA1F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuiQ2lnC8mE2bRk_-UTB1jtPQowuCM5TrZqjnVyanpGB9aZCO3fqPhpenmxyRdlqyvC97bTA9lUelA-ywkVVPRUdEnzE82fOc&sig=Cg0ArKJSzIKUqoa0bxUIEAE&id=lidar2&mcvt=1070&p=0,0,604,160&mtos=0,1070,1070,1070,1070&tos=0,1070,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=32&adk=1824332119&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685096334287&rpt=1310&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 8C09 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?tLQ6bA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 0626 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?QDlWTQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rid
match.adsrvr.org/track/ Frame 92DB 		63 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f918b503be092a6eb8cf2bc0a95af8bae0eceae2f65b353ba2ca57fb6b8b9c4

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 26 May 2023 10:18:56 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ye-mek.net
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sun, 25 Jun 2023 10:18:56 GMT
check.html
biddr.brealtime.com/ Frame EE9B 		0
0
usync.html
eus.rubiconproject.com/ Frame 3D06 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 26 May 2023 10:18:56 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 89B7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
8452
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 26 May 2023 10:18:56 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 24 May 2023 07:58:00 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
406, 60233
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230076-FRA
X-Timer
S1685096337.940537,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C19E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=139850
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 26 May 2023 10:18:56 GMT
expires
Sun, 28 May 2023 01:09:46 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame C19E 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=98124078&p=159432&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c75a448f7425ff3855619d28dce6331375ef961a8d9d3b8dca65da8e3a2f116

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 26 May 2023 10:18:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame 89B7 		0
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 May 2023 10:18:56 GMT
AN-X-Request-Uuid
87a11b8c-ba23-4706-9c8f-726268076cde
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.167; 185.213.155.167; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 3D06 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
20746a1f4ef8a9f91266c9444ba0b786a3c79c530077d55a1a74210bf874ba17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 10:18:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 May 2023 16:28:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=22103
Connection
keep-alive
Content-Length
10085
Expires
Fri, 26 May 2023 16:27:20 GMT
5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame 92DB 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685096333184&userId=vnetc294117e-8508-46bf-9303-232e5aca3885
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 26 May 2023 10:18:57 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
avw.gif
c.4dex.io/ Frame 92DB 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&evt=vsbl&pv_id=4266d8cc-2613-4583-b5e3-3bbab48f6a8c&adu_el_id=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&v=0&tz_off=0&js_late=1&js_ts=&size=160x600&pbjs_sizes=160x600%2C120x600%2C300x600%2C300x800%2C300x250%2C120x240%2C160x800&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=3016&pg_durat=4731&pg_paused=0&pg_exp=4731&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=-66&clk_time=&reset=1&adsrv_adu_exp=0&navs_ts=1685096332383&trgr_ts=1685096334297&init_ts=1685096334298&start_ts=1685096334298&reset_ts=1685096334355&vsbl_ts=1685096335520&adsrv_vsbl_ts=1685096335357&auct_id=1f5a0dfc-d5ae-4096-9ed9-e3d447f599aa&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_left_tower&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4837683725&adsrv_cmpgn_id=2819855254&adsrv_crea_id=138339352911&adsrv_empty=0&adsrv_lnitem_id=5615630541&adsrv_size=88x31&adgjsv=1.16.2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:57 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
avw.gif
c.4dex.io/ Frame 92DB 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&evt=start&pv_id=4266d8cc-2613-4583-b5e3-3bbab48f6a8c&adu_el_id=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&v=0&tz_off=0&js_late=1&js_ts=&size=728x90&pbjs_sizes=728x90%2C468x60&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=0&pg_durat=4743&pg_paused=0&pg_exp=4743&vsbl=0&adsrv_vsbl=0&adsrv_att_delta=0&clk_time=&reset=0&adsrv_adu_exp=0&navs_ts=1685096332383&trgr_ts=1685096334353&init_ts=1685096334353&start_ts=1685096334354&reset_ts=&vsbl_ts=&adsrv_vsbl_ts=&auct_id=1f5a0dfc-d5ae-4096-9ed9-e3d447f599aa&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_kategori_sayfalari_728x90_2&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4640999434&adsrv_cmpgn_id=3155472641&adsrv_crea_id=138425219174&adsrv_empty=0&adsrv_lnitem_id=6241543851&adsrv_size=728x90&adgjsv=1.16.2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:57 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
avw.gif
c.4dex.io/ Frame 92DB 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead&evt=vsbl&pv_id=4266d8cc-2613-4583-b5e3-3bbab48f6a8c&adu_el_id=div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead&v=0&tz_off=0&js_late=1&js_ts=&size=996x250&pbjs_sizes=970x250%2C970x90%2C728x90%2C468x60%2C300x250%2C200x200%2C250x250%2C160x160%2C640x205&is_pbjs_size=0&is_iab_size=0&msrbl=1&adu_exp=3016&pg_durat=4743&pg_paused=0&pg_exp=4743&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=-79&clk_time=&reset=0&adsrv_adu_exp=3016&navs_ts=1685096332383&trgr_ts=1685096334377&init_ts=1685096334378&start_ts=1685096334378&reset_ts=&vsbl_ts=1685096335569&adsrv_vsbl_ts=1685096335454&auct_id=1f5a0dfc-d5ae-4096-9ed9-e3d447f599aa&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_masthead&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4640999434&adsrv_cmpgn_id=2414810363&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=996x250&adgjsv=1.16.2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:57 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
avw.gif
c.4dex.io/ Frame 92DB 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&evt=vsbl_actvw&pv_id=4266d8cc-2613-4583-b5e3-3bbab48f6a8c&adu_el_id=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&v=0&tz_off=0&js_late=1&js_ts=&size=160x600&pbjs_sizes=160x600%2C120x600%2C300x600%2C300x800%2C300x250%2C120x240%2C160x800&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=2928&pg_durat=4788&pg_paused=0&pg_exp=4788&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=1216&clk_time=&reset=0&adsrv_adu_exp=1700&navs_ts=1685096332383&trgr_ts=1685096334418&init_ts=1685096334418&start_ts=1685096334419&reset_ts=&vsbl_ts=1685096335664&adsrv_vsbl_ts=1685096336762&auct_id=1f5a0dfc-d5ae-4096-9ed9-e3d447f599aa&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_right_tower&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4640999434&adsrv_cmpgn_id=2414810363&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=160x600&adgjsv=1.16.2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:57 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
avw.gif
c.4dex.io/ Frame 92DB 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&evt=vsbl&pv_id=4266d8cc-2613-4583-b5e3-3bbab48f6a8c&adu_el_id=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&v=0&tz_off=0&js_late=1&js_ts=&size=976x90&pbjs_sizes=728x90%2C468x60&is_pbjs_size=0&is_iab_size=0&msrbl=1&adu_exp=2918&pg_durat=4806&pg_paused=0&pg_exp=4806&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=-62&clk_time=&reset=0&adsrv_adu_exp=2918&navs_ts=1685096332383&trgr_ts=1685096334440&init_ts=1685096334440&start_ts=1685096334440&reset_ts=&vsbl_ts=1685096335595&adsrv_vsbl_ts=1685096335569&auct_id=1f5a0dfc-d5ae-4096-9ed9-e3d447f599aa&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_kategori_sayfalari_ust_728x90&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4640999434&adsrv_cmpgn_id=2414810363&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=976x90&adgjsv=1.16.2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:57 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
firstevent
unilever.demdex.net/ Frame 92DB
Redirect Chain
  • https://unilever.demdex.net/event?d_sid=25453995&cs=1685096337672
  • https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1685096337672
42 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1685096337672
Protocol
HTTP/1.1
Server
54.73.43.225 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-034cd99df.edge-irl1.demdex.com 7 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
QEdxJKjQT94=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v048-090260c2d.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
M/lQgWIlS/A=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1685096337672
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
avw.gif
c.4dex.io/ Frame 92DB 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&evt=start&pv_id=4266d8cc-2613-4583-b5e3-3bbab48f6a8c&adu_el_id=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&v=0&tz_off=0&js_late=1&js_ts=&size=976x90&pbjs_sizes=728x90%2C468x60&is_pbjs_size=0&is_iab_size=0&msrbl=1&adu_exp=0&pg_durat=4825&pg_paused=0&pg_exp=4825&vsbl=0&adsrv_vsbl=0&adsrv_att_delta=0&clk_time=&reset=0&adsrv_adu_exp=0&navs_ts=1685096332383&trgr_ts=1685096334481&init_ts=1685096334482&start_ts=1685096334482&reset_ts=&vsbl_ts=&adsrv_vsbl_ts=&auct_id=1f5a0dfc-d5ae-4096-9ed9-e3d447f599aa&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_kategori_sayfalari_728x90_repeating&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4640999434&adsrv_cmpgn_id=2414810363&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=976x90&adgjsv=1.16.2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:57 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
tracking-event
api.webgains.io/ Frame 27F6 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.253.51 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 May 2023 10:18:57 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.253.51 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 26 May 2023 10:18:57 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 1427 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.253.51 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 May 2023 10:18:57 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.253.51 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 26 May 2023 10:18:57 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.253.51 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 26 May 2023 10:18:57 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 1427 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.253.51 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 May 2023 10:18:57 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
Pug
simage2.pubmatic.com/AdServer/ Frame CE6B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1c5d6470-878e-4a01-91e8-46721305ae64&gdpr=0&gdpr_consent=
42 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1c5d6470-878e-4a01-91e8-46721305ae64&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 26 May 2023 10:18:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 26 May 2023 10:18:57 GMT
Expires
Fri, 26 May 2023 10:18:56 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master cdg-pixel-x27 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1c5d6470-878e-4a01-91e8-46721305ae64&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 6030
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455419360081138
42 B
425 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455419360081138
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 26 May 2023 10:18:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 26 May 2023 10:18:57 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455419360081138
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame 872A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 26 May 2023 10:18:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 10:18:57 GMT
expires
Fri, 26 May 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1226354
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 88D3
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2986613357033322857
42 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2986613357033322857
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 26 May 2023 10:18:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2986613357033322857
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dcm
aax-eu.amazon-adsystem.com/s/ Frame D1C8 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=63B1B3CE-38C4-4E27-87EE-D73BE236EA9F&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 26 May 2023 10:18:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
FJ52NFVK5N01BM4PKFHF
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C19E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Y7GzzjjETieH7tc74jbqnw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
23.32.184.192 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:57 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=139849
accept-ranges
bytes
content-length
5554
expires
Sun, 28 May 2023 01:09:46 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame C19E 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=63B1B3CE-38C4-4E27-87EE-D73BE236EA9F&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.92.86 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:57 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.44
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame C19E
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=660090068
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=63B1B3CE-38C4-4E27-87EE-D73BE236EA9F
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=63B1B3CE-38C4-4E27-87EE-D73BE236EA9F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
34.111.131.239 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:56 GMT
via
1.1 google
last-modified
Fri, 26 May 2023 10:18:57 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=63B1B3CE-38C4-4E27-87EE-D73BE236EA9F
date
Fri, 26 May 2023 10:18:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
/
dmp.adform.net/serving/cookie/match/ Frame C19E
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=63B1B3CE-38C4-4E27-87EE-D73BE236EA9F
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ODhoOHJnWnUwTWRTWTJlbjJsYkRWeEJsUQ==&google_redir=http%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIi...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W3sibmFtZSI6ImFkZm9ybSJ9XX0%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W119&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame C19E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjNCMUIzQ0UtMzhDNC00RTI3LTg3RUUtRDczQkUyMzZFQTlG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 26 May 2023 10:18:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C19E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAq4zqCN3mn165yDm57SEYE&google_cver=1
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAq4zqCN3mn165yDm57SEYE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 26 May 2023 10:18:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAq4zqCN3mn165yDm57SEYE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame C19E 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 10:18:57 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 25 May 2023 10:18:57 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C19E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6737254195037902546
42 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6737254195037902546
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 26 May 2023 10:18:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 26 May 2023 10:18:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6737254195037902546
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame C19E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 26 May 2023 10:18:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sodar
pagead2.googlesyndication.com/pagead/ Frame A253 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230523&jk=857899531715694&bg=!ZWalZjLNAAZu7ficTu07ADkAdvg8WqTOS11lrHITHmTku0xvrHBrmT138-QNEbQoJVmCXf1anOD_noR5av3HxNBhtlsxZIA6l4sCAAABAlIAAAADaAEHmQMKAWYOuJgjvOpUSgbzSRK_-D4Bqpzt7vt6Hhn-poSeJX-HiSMat1tWWQkMFD3XaFBJI6HmQMCtlOChwQOxE-qnrH6g_qA-EGbaOrc3LAvplb6ClE7u-4VGAAG-4A60LAPRzQCVdBFxStzELMawzMKWrIL60DELG3GNEFWQX23xASHVfMchKbD8IEJ8eYoLX0inGmPxU7I5FTN2TVND78g7hFZGYk8DnpPKMqmw2QvZGeLsdQ0uBfKLQCRvGldo5dvH7iBVDiDslmUBKQl0BmNGJuObSqb20DUdixkJr2ePc-ytNgDaE7wpAhmaqBXMdyhHDiPPcXx0gXEMzW21m2_byO76T4NfB5FxrhlG6fmgdZ_dPBSjng9WOwZzPpSxJzIPeApkLramRLg-O8zF6Dk9CN9xMQN11AyP3CPPhC1vXivBTB33zhKAimnW84shNMsaXZyEVCaPG751mPUCYe_s-8A7fGkE6xobUFKCYcBMxO6_zRitFC4mhy32mbXhbpa1SBf4zPCmIT4lSx_-0D9B89FfMxzx6vL4MHEy2DM842lpxXhjJcymVPlua9-rSHceVfd2EwAWyBuTsEGkogFPqJ9EeM_h-4LNLfQmLjFnxKnFL9s0c9EV5_oqm9RXjpZ4IFPZ8VKf733s3FEXTxcmcyMSvVcXWJs0R5bSNcVDzTPmoxAK8dQkA-KDwYdalIldwUSqfpctzaRz12M5HxCI_Edj5s1OrpngZEkFwEysjUrDIKJFAVm0TgpV7E0p_Y-zx9uDBiI-QHb3iJGu_N_4sP0HvxYqivIh9Cvzyyet9oiLZVfUe5mLChlTqOFvaR-MULTDK7orKSZUzrpWRcBG7dIVStycNp6OWjiQAemiILmFYIU1B7Amm3rX0fFlqyMzIAWlu-T0HgWm7Jdw9EyXOCB7iMzEib8z2E03QFhtp0xPnnRBabvUImCT7CN_N_6LPkFcmSisk-C5QnGRXedAJEflbRocPR2lckrFuc6rCFrFYNwXLxTnHE9kEExHam8shtcPELBDBFc7mw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame FFDA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230523&jk=3659434229855259&bg=!2dql2o7NAAZu7ficTu07ADkAdvg8Wq_bwUVcbDB5QReEfmY45PTn6sSjyoYD-twiKPNdQRw9uC1pBIDPKArK31d98HQ0mrjW6iACAAAAuFIAAAADaAEHCgAJ5dU3c3YwOtyimQMUoifgMVd1T3w98TQvU5Y7I-_QOXrLdYBgBH0Ho9FKAlAkXhfaLYGFf8cOVNb8DzOPe-0vsuat4zRyLoCFai0mnd9aYoETgcU-GKVB88br9jzG61udloIkOzkx7AefZ6jJt9jBhfyD5JmLwSViU3rD4YP4rZ9IugUYJcxsWkmEEWTx-CRCX2jr1bFRHaEfzEaIoCkMOwAC4ubH25r2UZPEo2U-4cK9nXP2Iy7hE_ZdT1-BU8Q4cpHCYnUFlPte8CV-hRetqX5nz9-inL7HldVK5qUu2cE3xXYuYppzJnGP1gLf3DJMAPTisO0rMJDBlRa0vGRmVASOirqpqC4hCDnOA1A4RApZpqMtnVbHIcT41Rm5-fn2JFxsMTH7LxU0P2o6ns8GUOk4nEkyaNx5PlW1TUIeu1AUP8LOSRBY2WdpLMW8CZow1stwO532vhFPnJHT_K4pq8M2jDx_BrNTGWyKbD8cl4GTzjR18LBWuZaBbEd8D4ZB3ymDfY8M5vWQqB2UX4sNI8Zv69tA-c-decjJ3G2WZblyf-Zjgqo4RvoVD8GU_PzOXOqoPgjh6IBphcduNt7fF4nokF7pJDAKDNTUBWYWgb-cmvbKxXU9wlnw-udxuth1QpKVNpQM3PiVbG1058OShPSI6f-DABdzqQFw9MbgKtG7Ka9I1FXfUOenC4Nx1Kt3M5A8TgBCCoUmuzIIEHaqgCK6tpZO_qFY_Kmv25LVClJ2IvSCTK9Y0kN0seHaTxebX4mqSO6dJj_0Lhis5R5OdOaTDp5EUNy-pSGaWojB99AuhUGrzSdvbv-JV8eJoxENDx_xyFBfAWn0n0ibeJy_hyuBzaOsMea06d5um74DrVO8YJAUN1lBHh6WkFJlnIsFvxkcxCxBqZx5PX9bSarcQZc9CN8-lzlQmndS_aVft9ntBXAW8ZTHVbJ2BfLyru6Fy1HildwpT1PVfvG-v7UJqHMQ7t5YLvcq2E-mE6fws-Ki3zdVnEMq9CZOik1pat_4TunjGXdCUTnMabePHDbbSX_nPCV95-W22wpqu5Kb-C4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 92DB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305220101&jk=4135818972219998&bg=!-_il-KzNAAZu7ficTu07ADkAdvg8WvTXiRFyn-cdbfFZN_uVXinIn91fC0wJIO7s5kGiLeQZGWLofdiMLlza3cPn-mreK8b5_oECAAAApFIAAAADaAEHCgA1jG_qsL8qY2IIhQPYaL60EDt4ihuzXpzWDkoQ0HMh86QbxoMWGxlqg-aoYev9rPuvojjqLDyZAsDkhPFMVHlJqxciF7mo0Mdig6ZkvM9ZgJvSB3TjC1oB7TdADA7XSPFyywcAawYm-7y4aS_AZxyubY7wEWlPGVm-T9Xq9FxeUzoSKKeXeqe_7lfeLuQnlSp8uXyLE1VAtteTTrRqVTYsx2gDpBdDK-JHsUu2FzwxD8YpYOX_riyEPpuBfHec1Wvm27zB-WsrZwA-IorCdJm6O-N-1Qh-qcG7fPhuXBbBDP7qk__H0HhfX_DU4QxPE9nEi95QuWLeb4l99ci_XTuNrIhC21nJ3muqCRUb_cgvLjXyV6wc9cHbntv9MIiXvqYtkpAGdEh9Gson3yGjT9MvnZpIDBzztPpLoweGIJ4cADbowwUbkVfYUmZfPlXCesYsq9UdMbR0qYs9FTeJR9NKt5wHAsLsGSY4sKjn5ZYcZ_THgLEw-s-Oh1Ib7xU3iZQzPT2y_GarOCVRHLoTFt7JoLyIjoaphwvPxl-bibylk4q3UDHp-go2ExJXAUKvdNizLX-U1qTXol9tAzhVNWww-SpGpYH9n7lyS3Z8n3NI7ReKjSq3cZzxMsrLwSxevI3rJUBQ_5wFIplSHVJgyx_6oNzEwICSl4TO7KTHzO5Hqo8mPwn4K7xLzlaKR05vxmsYe_y6lc1C699ji__Q66vYna5nT0DTkio9h1C9X8NQ2zKCF8hSZhVA1Oz_0C2GsFIEVfR5CYIwvnkJXWM-Q3VcjR-4OGsHftFUTBKmoXVPE_dmlbu0FBNHZEgU8xpjIDJSED0JxbMa4VllEdD81Xj3s5X1uy4iozMfNyoRMvlT2Pp-3bEHElj8VNtRZSx6QoeqY14m_T8VsKqdRuc5WeBqZGNY9NbgUGwvRRkCl71kCsOXSc81_aWsr3wmMU4TJpgPJXsl_CeQxIftfZ3-1i82TTctFSFnCtn-ypI0azYMxOeM29nll6RLcQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.253.51 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 26 May 2023 10:18:57 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 1427 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.253.51 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 May 2023 10:18:57 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame 92DB 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685096333184&userId=vnetc294117e-8508-46bf-9303-232e5aca3885
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 26 May 2023 10:18:57 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
async_usersync
ib.adnxs.com/ Frame 89B7 		0
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 May 2023 10:18:57 GMT
AN-X-Request-Uuid
169e9990-bb86-4d1f-8c52-84b7c2d642d7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.167; 185.213.155.167; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/js/300/addthis_widget.js
Domain
hb.emxdgt.com
URL
https://hb.emxdgt.com/?t=1500&ts=1685096333621&src=pbjs
Domain
biddr.brealtime.com
URL
https://biddr.brealtime.com/check.html
Domain
dmp.adform.net
URL
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W119&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| cloakan string| data object| xmlHttp number| data2 string| hash object| ifrm

24 Cookies

Domain/Path Name / Value
.adnxs.com/ Name: icu
Value: ChgIlrpzEAoYASABKAEwjY_CowY4AUABSAEQjY_CowYYAA..
.adnxs.com/ Name: uuid2
Value: 342056122432816383
.rubiconproject.com/ Name: khaos
Value: LI4EUKI4-A-69TX
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB14rsK29QR6Cz5APvdogVCbaTd6KyMQnau+SmvwaNDOnqp/pS5GOrIuDqDbQAwtYdFN+011ZXQEx2pNjxJ85LHdsqlSNZOaaDQ=
.doubleclick.net/ Name: IDE
Value: AHWqTUk7h9xAbiwOa7cozLZP9avsosch71vX1aeNPIqmFvngZ_xfOmVhw_otW6Ue8zI
.mathtag.com/ Name: uuid
Value: 1c5d6470-878e-4a01-91e8-46721305ae64
.doubleclick.net/ Name: DSID
Value: NO_DATA
.retailads.net/ Name: ppb2172
Value: 2750622502
.quantserve.com/ Name: d
Value: EDsBCQGKKYEA
.quantserve.com/ Name: mc
Value: 6470878f-4b6cd-465d6-10f9c
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBI-HcGQCEC8RHeCl4U2VQaj8wfb8EwQFEgEBAQHZcWR6ZOANyiMA_eMAAA&S=AQAAAg76Vcd8cCKrjNe-MOFZslE
.casalemedia.com/ Name: CMID
Value: ZHCHj7a6V87YAuId5iD-IQAA
.casalemedia.com/ Name: CMPS
Value: 3249
.casalemedia.com/ Name: CMPRO
Value: 3249
.futalis.de/ Name: raSIDb
Value: 2750622502
.adform.net/ Name: uid
Value: 6737254195037902546
.360yield.com/ Name: tuuid
Value: 98f2d417-e338-4724-a3bd-f936f2ae2fc5
.360yield.com/ Name: tuuid_lu
Value: 1685096335
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~2buy
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1685096335519,"clickCookie":false}}
.tribalfusion.com/ Name: ANON_ID
Value: aknseFtlix98qyTAZbCavRpFcvB0gKho2dUiHbPYGC94DUbMRbQ2MsYZbZb1igZdZcOx50lCYZbSMG5WVDv7u8JNsZc
.amazon-adsystem.com/ Name: ad-id
Value: A_0BIx703Umir2i77Nb2UtU|t
.criteo.com/ Name: uid
Value: ea3d5b54-448f-4bef-85ec-8b3f77da22b8

30 Console Messages

Source Level URL
Text
network error URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript error URL: https://ye-mek.net/(Line 39)
Message:
Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network error URL: https://hb.emxdgt.com/?t=1500&ts=1685096333621&src=pbjs
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685096333431&bpp=4&bdt=832&idt=338&shv=r20230523&mjsv=m202305240101&ptt=9&saldr=aa&nras=1&correlator=7632003967368&frm=24&ife=1&pv=2&ga_vid=1193860383.1685096333&ga_sid=1685096334&ga_hid=2062951008&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C31074870%2C44788441%2C44789923%2C44792013&oid=2&pvsid=4135818972219998&tmod=1380910158&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.5qwjfievpui7&fsb=1&dtd=372
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://s7.addthis.com/js/300/addthis_widget.js#pubid=ra-51c60ec002340f16
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://as.ad4m.at/ad/dr?ed=1jx7tr9gnjt2ce9sxx27t5m6m5xj36qs142xsvc0mwqr1eymyn8s779p7ksp0y4tnvndjegm8jddw5w6dj8edag5vk3k7fdbe3gz45n6rxjk9b13nqppjrn5ejmph57acgb4mtwe3g499984s69c0k12y8xd76hfvfwhsj4e3zhqzz0jd8tqbs9p4k3z476cxagcae339a383x752dzw0sx4xemq2h2yzgp9j3y64s64bx87v37dtez5n2ct6qk9rpw1x6c8vz509eqmt270zqsvst4bwsrjhah5gsjz4wb99wznfdq2pxrbj4ktdt6asejjmqgpsdm4n7hw3z85fq92gnp0f3yrdzrjhqqatzd6grbn3c6d3dxn1yevk7m5qaffj91wtdwgznmeyhmwpt7t8zdavf520fa9frp775rps8fzj9zcvc39x676tvevpmd4cr92q8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%26client%3Dca-pub-6593523210010154%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/dr?ed=1hwjq04z8gjcgvze10r21wer768tvw7ey4n607d3x05b6eqadz7js3rfw521e36x6hhtq2m0b10s2w514wy70f7h91bcqca520p9wpaq5pp44arevscpbrvk3cmbhtdj1cfyvwkc0xtx6ckwsgesnshatpcm2yq4chdm96hszkv9stxyfad43sxtq6ykcn34g12exeyad7dhayhqv9kpqqfe6p8wtxppnxpx0kj5ser401wrj90ncf3zzbawdqnjme7m77061s2xqxg1myxe95z3q07dwzn28eb6qsp94pxkcfv465zg0z1bc43qkd976thtbesszgv3ch6xdtkarabq5qhetkk4p00v47e29p5nwfkcm9dy68h6mjmd96rnxfq72pyqywv7xxkfkkjr4pstmq4gx7ecn5tsxyt7as9sk041jb8twyrxsj6cx1dp33m2jeapj8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%26client%3Dca-pub-6593523210010154%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=109f293eca23ca430eb3378551e6ef2a%2F7165685274092907977&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335791&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxh06nqn6sq8sts054n5trc5zcnejwbdh5v6z4q6cdj6a7j6n8f204nrybn8hhfq94pxgzj69cqfe5gnwsjz505fhgx5j2n36qk9brtey1w2r60zftrgtr753ccyy9pejtnwxx3tyr3evm0qtxfqqp26sj01e2c6154dc41g8g2p23yjxwgvceh7m66jpekq92sa64awrddfxre5tjm0q48e009yq7ka9rpbb6ec15xrhdbps4tgqr35ea9san0nwe9xgxt6hhghgxp99zkke8d0m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmV_pjodwZNjKJ9aa2OMPhOaN4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQKyk_JsigSyPqgDAaoEsQFP0O-yzfPkErtAUV6npZ9dW7X9N_iHZJNO_2C_uneIDexH6XU9bU9ULIjcAkFBZCV_Am8I2TKmg2H73SH-KrHhj2XEMh_j610w6OVY4-CdhXps7BqBsLD6yCyjkOmqTKAGf8kHm8pnQN77pAuxgtiBdrIUfifumlxFNhrtc1RmBjATT0myryhLGJmpHX-zATstWSgrD_hd12IVVf6yqH03hzu5iKh3IR_e1GPkfST3ggOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2G2gBuJjH3D23J74MHuLEbuy_XVw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=64c7e3725f1af83250c5ad033b4baff9%2F14934217882478561544&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685096335820&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4x960ykmsn3ppt21bgkz3wtr8ye43wwrw90fj7x3c5vd577zv9nwbr23tnpks0nh1555vj4hkrasjv9d8gke0vvw1yzhxq5rdwsp97dk7tkcxzfn387tp7srs5pw9phkphjn4xqq5mb7h3yfkdtwkkmzmxd31mbg3fy240k4jkrhg1nzcdec5x08hh90s6m3ve6b7t2r4bezjxv61cf4sg21a6tmds3ft0vpgrem9s05zrk4m799z22eb829szjv9kewm35c5pw2fnypbmb7agyc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmlY7j4dwZO2vB5jFywXdyIeoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpArKT8myKBLI-qAMBqgTVAU_QACXdHgmjEax--uGYRe61-z4lZkCCOAQWxaD3B6f1zPrt7nD41Rqb3Y9fDqc56q7kLlGhZGysLllhIf_568BPF-5FcWq5lUe9IWbnNgmBfUIfRnQcPpeyR65mKsv4Kma02Qn4zURwz13YLfKZiVHTZqvS6iu6Ge5vgoeZJsmgKxy-0XrJEMHYVpYlBsQAq2C-2T5VMEF7WH56ZnPjmDyhBFiJefrIP2g8Cyzzrfw0RfH2TCcIng9dTvvrUHbmvxLiD8NWYgbd3Zpdihovs3StB1brBIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3OMaJHnK6_q4ZatKQ5d7qhcS7B_g%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=63B1B3CE-38C4-4E27-87EE-D73BE236EA9F&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

632aaa02c9ba123c816001c6abff4273.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-server.eu
ad.yieldlab.net
ad4m.at
ads.pubmatic.com
adservice.google.com
adservice.google.de
adv.office-partner.de
adx.adform.net
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
beacon-fra2.rubiconproject.com
bidder.criteo.com
biddr.brealtime.com
c.4dex.io
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.retailads.net
cdn.track.production.webgains.team
cdn.ye-mek.net
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cpm.programattik.com
cr.frontend.weborama.fr
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dt.adsafeprotected.com
eus.rubiconproject.com
fastlane.rubiconproject.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
futalis.de
fw.adsafeprotected.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900010.redintelligence.net
hb.emxdgt.com
hbopenbid.pubmatic.com
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images.dmca.com
imasdk.googleapis.com
match.360yield.com
match.adsrvr.org
medialead.de
mp.4dex.io
mug.criteo.com
ng.virgul.com
ng2.virgul.com
p.rfihub.com
pagead2.googlesyndication.com
pcloak.blob.core.windows.net
pghub.io
pixel.mathtag.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.adnxs.com
prod-rtb.ad4mat.net
pv.medialead.de
px.ads.linkedin.com
s.amazon-adsystem.com
s.tribalfusion.com
s7.addthis.com
script.4dex.io
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.adsafeprotected.com
static.criteo.net
static.virgul.com
sync.crwdcntrl.net
sync.mathtag.com
sync.teads.tv
tags.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
unilever.demdex.net
ups.analytics.yahoo.com
www.awin1.com
www.cloakan.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
ye-mek.net
biddr.brealtime.com
dmp.adform.net
hb.emxdgt.com
s7.addthis.com
104.102.35.84
104.102.45.165
13.32.119.77
138.201.63.145
142.250.184.226
144.76.91.199
145.239.193.130
15.197.193.217
151.101.1.108
151.139.128.10
167.233.14.134
178.250.1.9
178.250.7.13
18.133.209.175
18.66.147.120
184.30.21.51
185.29.134.248
185.29.134.249
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.7.176.221
185.7.176.222
185.80.39.216
185.89.208.11
185.89.211.132
193.0.160.131
20.60.220.36
213.155.156.165
216.52.2.48
23.201.255.110
23.215.16.120
23.32.184.192
2600:1901:0:76b9::
2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
2600:9000:223f:c200:8:48e:53c0:93a1
2602:803:c004:200::140
2602:803:c004:200::155
2606:4700:20::681a:9a9
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700::6812:18ad
2606:4700::6812:372
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2001
2a00:1450:4001:811::2001
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:830::200e
2a01:4f8:d0a:2321::2
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::a
2a02:6ea0:c700::10
2a02:fa8:8806:16::1400
2a03:2880:f083:9:face:b00c:0:3
2a04:4e42:200::485
2a05:d018:d29:3605:ce3c:c11f:c01c:6fb9
2a0b:4d07:102::1
3.122.161.136
3.71.149.231
34.102.243.38
34.111.129.221
34.111.131.239
34.252.177.111
35.204.158.49
35.241.34.106
35.241.45.217
37.157.5.132
37.157.6.241
37.157.6.242
52.222.208.154
52.46.151.131
52.48.217.237
52.56.253.51
52.95.125.22
54.73.43.225
54.76.176.197
54.76.92.86
69.173.144.139
69.173.144.165
77.245.159.14
85.111.6.48
94.138.206.83
94.23.99.218
95.101.148.198
99.86.4.52
002f1235c6484b5b45d65e285ac9623a469f9428889d6b7baa1b698593679321
005b43444e96d518168c994efee875142fc7161f177696322fa127e077a4df39
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00c9a53acb8d16de693b30eaf3111656cc8e0c5e378cb4ae4d538a6a47b08559
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
079d35a60960663363c8760913cf3f9717ba96d6cac260c0dbb95d87a6a96262
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570
098358c1667c388c5bc608a4108420d3a2e3f73fc819ab3c140e271fbe31573c
09b60b8645ea0d8386950e615246c3a25a57c1925061f17d2a7ea15aaa4c846f
09d7a1ee358956b1e2b4ba9d361822e953856e7930314c2127f3bb83e5520db9
0a44696263eca0ad2488b1b89924aabcc5e7792d931d576ad5cc71c77cff9dc9
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
111797c4644aa8bde0af1f6aabc8a98c9c74739ae2878fe916a66be18c4f64b9
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13340dfc25a96d245772fb41c7aa01c32723b80d8dd8240864b747610d2ff745
153e16434e35bbd9bbcff26425cd7d24a240b15f44b9e04cd8f9c3efb3d052f8
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19ebf576dcb0c71fdb5edcbb97d06e5807d78dad0161d6b46f2c1f681493d6fc
1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cdbaa7b77e0582b42a087f5e875f40107aed8c1b8e6f376777e82396b8368ea
1e4888cce84b12f519ea6a2123dc8a3e27097a2fec4b8adbe9294dde6af8250a
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
1f3c6db80aba5d34829a5eac777dd91b47bf7ab6a06f9688cc0e4ff8c6c7fd63
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
20746a1f4ef8a9f91266c9444ba0b786a3c79c530077d55a1a74210bf874ba17
213b087a5427c3b7e3a7d3acb2e179c6d43503c3f148e69edb8babb71dee622b
22c974ca84d1beebef37b4c95335f8ae6f597563bbb9246eed2f4f647a176128
22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437
25384b36677ec71b3678443817eb7d4876fdeb68a889bdd6ea15a16864f00308
28f1451571c809f080980e5679bebad6b9b10a4d93233b37a991380d1e7d6828
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2a646361d717e3337f62c383f8eb15a66bf52a57d50e8d11d217313255f941c9
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2b63c800e6d85663c9e3918ab6e68412d267e7bb0962bde855d9058061e65844
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30208b675fa5e78df537b2aaac01f81879d49d2e86790814957fc74e7078ec92
30ece5ac4e330eb0d7d2f0ff3096f914def5a156abfd9f6f0352d03bcf40311b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad
33ab06805ad1d9432f466a08a1d556341545f34af9932d78809b866e09fd4163
367311b199a022f641e3f473fcfb6a42acc7c78b492c68e3971d2cc3d9176f42
369916248342a7075561d9d0cbb07bf8fb928481573208c4e31d37fc8d656b92
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38acd59d612d52865fe390d09e089c55a2c0b81d837050e6b842bbcfa7592be7
3a55a81ee41fb052562bfb3751492caf7ce85c5c029a7a7b03fa55797707b85a
3a7cdd2a8d457a3a736abdd116f27948e56ad18163f6f31bc4191240fe28e312
3d1f0c367645f186a25d18d9ddfbaa22bdadb69781e34d6aa0786d5b70878966
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
3f6ee7a2e0fbfccf450421186da7d532b52c5764d7dcb9c9b4413a8c4c83af71
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
42957ef601fd013119bccbb5d1a6a656f89851c80a3e5a1482315b87251f53be
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
44524ce857ed39215d384600ade5aa4bc605ac8b8951398beae0ffca3f3cc659
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
453017d4b5ea1bc4846b6e5870e3cedd28c18ff84980dcfc603c754e045967d8
45aa8d5ea20712aff96d0f962875a64a3798e9d409b8a962ac6462357779f0e9
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f
4a87ab137847708c417f2fe0e4b40b13045387e5450b590e36569844e7d2749a
4d0dfbfb911e53aabc73510102a8fcbeedef5c9b06ce54b6de361899edc3bd22
4d48e43269f7cad6a232025f91828c3ec6421080eafb41c9578f329aad384025
4db3292f4d48701915b46f5de3cc365ad20985486373d51af771c1e3d9ce7baa
4e0a07ec787f2e0dbb5b2d9b2fda1a14fc819cdfbede1b6eb8a1a63d05cb8fd3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5139871bdaf62c0f8f1b9088170a2e22dcebf41492144a051c334bea51bfa303
523512f2e363d1107d87f20e8ea2ca07e0aff96e957a60bab786e574c2aa91b4
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
52fedf0c6c75e944816784929f6948c93f1019a88a84dfcc6323e40d2fdd47b4
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5687b49f792b9dd66f69e7ff2b2365ae5ab3dfb950f97e492a540503be95c201
576a5893391b9a14516a7f6796c35247a20f896a94ed24a74a9c0249f239a2c3
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
58712a4f1909f78e6b3cb7b01dfbb8e2952037880985e4fc91ccf08d37a7bd84
58fa8288d109b6525ab6ced54d659e79cc4e2a925f61d6c76da140f0a689ef59
5a73e07cbf6a42298677ad0672ea18daffc2c94e582311f434d6c460ac4e8dad
5ad3c720a0a8aae30a239c8ee1c3e99dcefd0f1fefef6bd8cf70d9f8604e010a
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5edbd7e44da663fe3154846ac383a1516e681e69cd5fe15fa24331914a73904e
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61b77252a642fc6ff34ff173549ae2821e823040362717c336986b198059e209
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62feea2323c73e3d98a3e737a9215f712161785f34a880349d0e8238b73d1ab8
6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541
685efbbe0fcee0314c018ab36843882716c564d2ad58897516215964a080ea88
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6c75a448f7425ff3855619d28dce6331375ef961a8d9d3b8dca65da8e3a2f116
6cfa18df741a5e28d02ebb4881b859d88dcd85873a3734d463f924de9a01780b
6e1330041e6221db02bceb99117262e8223c801c9c2708e99630521939b3f0d7
6f0918a5bbcba67238bceb4ee89b68394124d02bc618afdd06ec915556521a3c
707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb
707e7bc84aee1d45831e741565e9095e40f1b6ea9ab3ffd6a4bfb0d0172ad05b
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72aabac673a1dc8624ebb13f61fe42f8acc8c3a2041d25a36ec936b8b53a2f98
72de7f194b64718913d5c112691235f9e6dbd8f79f66507a644c16149a4611d8
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75bac8aebfef81111d89ce3abc24127b9e61097efc4e29f6b5d142a8170ab8c7
78aa3d973a83de17d8b856934f19a2613483fbfd3cd2b6c5bc50865014924659
7a3ea7a02a85db3b1ceb6c29d79cfe8eebf3c9e80686301e60c09ccfb7c4da62
7b74b15c0e0224974c8f830453f4141254e43fc02d4d95a8bce9c1a27a893079
7e6fdf90b8d7276855ef7a54d0040f294a690086f77c0a6b11bb95053a6c721a
7f77595ef2e4eb11d9f19fd5858399d25663ea63168d0efdf4042b9d85a7dadf
7f918b503be092a6eb8cf2bc0a95af8bae0eceae2f65b353ba2ca57fb6b8b9c4
81094d7429b2724dd8b5fda43a631235b3bd0f26421a7da4d7b277aaa464f1bc
81e566e70ca8804ec2feea476a39833bf39fb650efffdf3530cb0e94072990dd
824d537cc6beb823d12a61fe03ccd10fef4383f2881f031474b8466de36ae902
84e0a76e554aac2e2ca085d90eb6db1e13c3293986053e546c081e0fd9aed164
8696856d40a33bb1143b9f31c9d507fccab76523f0f3e431bf6e03997017950e
8899e1f00bcb4b65655babc2370193711055e7a7f391054da7b22849bb2b586c
8c691489ae412e38f611fc7eb1a439446d14e075bcf221d4c244ec4eaf131cc1
8ceecb5269ddf6bbf497d87779ce3edd64050b5f475985ff1239bbc0a47355a1
8cf4f1e05ce507597dcaffc8c8434d1d1bf82466b9b0374872c0264a5624ac73
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
95e9b520e4fa4708a1c77240f74659b7964412a25f37c656cb1cb05cfed6b324
987661af2505d84576a6058c6afa89ebbfa78c0c6de5ab5a48fe3a8bead6cdf0
99ae45bac6e6de38ff2d16ab06fc561c0a7dd92406957ac95b218cd8e59b2050
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d
a0847b5e0373e2fd011803f2dc04baa326f849fe2b2684b4e89cb11122cb5b17
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a2bd03a89a32099068ca9ca2a7f6a61ed04029d3f196d8ab9285d32de87a07f7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4da3dd6839cad717ede663547aac45abaacd46b280c0293c1b307b75e37183c
a5f1c20e04ace9c3e22bb2200969e46c4ff36d12f5ea990c7acad82ba27469e1
a6a620b7b182e66293bd59eaa833d419f20adc106ce6cb2667724a85ac602cae
a795c2b7135beaff5f12fe97d58f1e019a056383ff9ebca7b22c464a90f24858
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a7e17d550d41b7654e64d27d1f37bcd33e2cf6bdf7a45e00a158ff4a2933b04d
a7fe9caf3097b900fe4584c14eac69d82dcf3bccf9f53de5513dacc0b0c7e1d9
a9e0c3f2f8aa72179351f0b5edcde6cfcf708285785c4a358331e05da8bff5a3
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab041b4fba8654c6e2951f6e56bec777b2ac45585fa1df7e3d30d54c9cc3e1a4
ab5558c65028fcdf7b5e9fe065a81cfe389e5e279eb60b9ee70630e96b2b4413
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
af07705eb7e434ddc33426eb84d9ba31bba2b5cc9d022239df1c1376e437f1d7
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4347fc272b36759f23aeb8be9d989fcd88497c92871a1ffb240d8037d044541
b4c828e4d4f2491bd148c79e458134d68fd6b05c226e8cfcfdca70eab082a6e6
b61525fc22c0235c8f753203a130ca5a877a972fd62d7c7ca5d1c0be9d09416b
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b7f2582814e582dda7d64502186a44ff08274e8a7f339dcabec44cf408ac4060
b8061d56c3273b448e8867e7dee12cae9a3f78656303a124b85b7be2ca041466
b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2
baa6863403d4f20ab2701f925258efcb690d50a334cb8d702bae94b33679d5d1
bc23ef254280069e024f0318d91f2ce893c07b791d723204f216e97dcea17fd8
bc560f736448e4e296e9a861153ce0988140ce3f969f20a84315b3836767aad9
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bcb412b3576eba95c714723b9827d13af8f6a592fa4635c4b3d501984c84964a
bcd5fa5d7dbca071d56d8dbd96ea4b73018dabd55ba191b2cd111719765f384c
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ae6a18b973d0fbd53cd575408e3720cec1b94418b180ab6b83a82611eb1906
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c3269d90b3fdb58e163c5d9a037b8d8873beb5688f1b00506ad9cf28c1c65892
c3c8f737c2c30356f2b788246c529049e20b42a6454539265981b00d318536ae
c41d45ce496bdd3b628f19f22e7d848a36736434bf182e54bef14a8381800428
c59e506451a1b64607790ad236e614cac824470a57b10e2332b3adede522f75b
c65630af1469e49f86f196899c3a0cf165fb5326f0cda0d260d1928223e5a17c
c6ba320adc868a92d71a8d20e0354206b22dafff65a7d4550f3bc6a08e9fd952
c7bc8098c1b013492c04c1f333e56d3980945b0882c7f57441bf0688362eef29
c80661013836a84a6e52d5d1016ccab70b2be0883b2bc2aa0408fcee37a160f4
c8b8a04e2b2bc2639aed8be4457061a27db9b3133e033aafe2c715581fc74b18
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827
ca10a6d1f922242d3eb6e073be7cd39bfc20ed0a557c0b346cd280c16caa29be
caba686e8a0a57536805240ee1ac6b56d9f5b5add5a8bf88fd6ff83d8a860b63
cede5e6b2d0201be197cfb96a9aeb4c5c95bd5749785a3e5473610e267f5de4f
cf02f2c546c9d5fc438d930b59cd8c201ac33f0ecaecc2d38b3d44424b1b4c87
cf2dca4748855e6e8c666c1b072f409e3b33d61589b70d1e9c99913dd1ed7593
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d394419ae2b292353b5bd8c15921fd154189ad3957a89ed7d33d411a4f230469
d5544013c9c882cd032a4ed06f6f8338f6fce934e82311a1267f59b5e717c4c7
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
dc9280b05aed7188828bef3ea8fcaf1338e5b405208135eb825291305ae6e804
dfd9a5c0bb1644bc374d77486e9da375da18ac81d1476f25466329c0cb8c437c
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
e2790be78aac1dca5f2e9f20cb336c14b8a5b862c18c30bb25f5ca015c008a34
e32543d850c4dfe8d1cf2d5a0e716e266e5e8ccfa461b3329ee70e6e206ecb0c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51f1eaacbfa4339ded31c692d57f0de7785757d7e6ee6dd1c973233dd966bc1
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e7688b603d9df41744d51ad54e65e5a2e4d9f0d026b0239d297ee968741840aa
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e8f2c25d056ce99bbb20bb7a26c8678552f3cf546388b89487f932e2bceac244
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
eb611ec57f286c5d9d3cfeee91c08d81d68ac630f80bd81e53f465ba5336c9f3
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eb8e687f8ef4d4838ea77f88aa15f238529f8273aa2d22b7efc8ff18460f7757
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee5686347454be5a9a6034fe3e2f99ccd79c15c8833d6b30ed45e8a4b330e22d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f418c90796a3e7228caf65dc113102278b510dff1c044b4bc41be04ae8981a45
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6baad695662882ffb60b2b087b6017d3e20c1b08f4b35fb40d5c664a38656da
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fa9c2f56169016b8711164d88fb2b40400983029b0c0ee869487da8deca7d9cc
fab9d74fcce7689dea0bacb41bb6137fc0840109018ebb0c34e20ee62e68aeeb