urlscan.io logo urlscan.io
SecurityTrails logo

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36  Public Scan

Go To Rescan Add Verdict Report
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Submission: On May 09 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 82 IPs in 11 countries across 68 domains to perform 409 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.
This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 20.60.220.36 8075 (MICROSOFT...)
2 77.245.159.14 42868 (NIOBEBILI...)
3 94.138.206.83 49126 (AS49126)
1 2a00:1450:400... 15169 (GOOGLE)
40 2a02:6ea0:c70... 60068 (CDN77 ^_^)
3 2a00:1450:400... 15169 (GOOGLE)
2 151.139.128.10 20446 (STACKPATH...)
8 104.75.88.126 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
19 185.7.176.223 42910 (PREMIERDC...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 69.192.161.152 16625 (AKAMAI-AS)
17 2a00:1450:400... 15169 (GOOGLE)
37 2a00:1450:400... 15169 (GOOGLE)
3 13.224.192.181 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 143.204.100.231 16509 (AMAZON-02)
1 35.241.45.217 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.58.219.83 16509 (AMAZON-02)
6 2602:803:c003... 26667 (RUBICONPR...)
1 88.221.169.49 16625 (AKAMAI-AS)
4 85.111.6.48 9121 (TTNET)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
1 4 185.83.142.19 29990 (ASN-APPNEX)
2 37.157.4.40 198622 (ADFORM)
1 185.64.189.112 62713 (AS-PUBMATIC)
3 4 216.52.2.91 30282 (AS-INAPCD...)
2 185.7.176.222 42910 (PREMIERDC...)
1 34.102.243.38 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.89.208.11 29990 (ASN-APPNEX)
1 26 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:7... 15169 (GOOGLE)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
4 8 2001:678:cb4:... 56396 (AMOBEE)
12 40 142.250.185.226 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 151.101.194.49 54113 (FASTLY)
3 3 185.64.190.78 62713 (AS-PUBMATIC)
2 2 69.173.144.138 26667 (RUBICONPR...)
3 5 185.80.39.216 27381 (CASALE-MEDIA)
1 1 35.186.193.173 15169 (GOOGLE)
2 2a04:4e42:600... 54113 (FASTLY)
3 185.29.132.246 30419 (MEDIAMATH...)
10 2.18.235.93 16625 (AKAMAI-AS)
2 95.101.54.194 20940 (AKAMAI-ASN1)
12 23.35.228.23 16625 (AKAMAI-AS)
2 151.101.1.108 54113 (FASTLY)
8 185.89.210.46 29990 (ASN-APPNEX)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 18.195.195.61 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
3 8 104.102.35.84 16625 (AKAMAI-AS)
1 1 185.89.210.212 29990 (ASN-APPNEX)
4 4 52.58.153.178 16509 (AMAZON-02)
2 2a02:2638:d::2 44788 (ASN-CRITE...)
2 35.244.159.8 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 78.46.23.46 24940 (HETZNER-AS)
1 2.18.233.201 16625 (AKAMAI-AS)
10 2a00:1450:400... 15169 (GOOGLE)
4 176.9.26.250 24940 (HETZNER-AS)
1 4 138.201.220.30 24940 (HETZNER-AS)
3 104.102.45.165 16625 (AKAMAI-AS)
2 172.217.18.2 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 37.157.5.132 198622 (ADFORM)
1 35.186.253.211 15169 (GOOGLE)
2 2 54.76.7.236 16509 (AMAZON-02)
3 3 13.248.245.213 16509 (AMAZON-02)
4 145.239.193.130 16276 (OVH)
2 2a0b:4d07:102::1 44239 (PROINITY ...)
1 2 2a01:4f8:d0a:... 24940 (HETZNER-AS)
1 49.12.16.151 24940 (HETZNER-AS)
3 18.133.36.104 16509 (AMAZON-02)
2 4 142.250.181.230 15169 (GOOGLE)
2 2 94.23.99.218 16276 (OVH)
1 34.96.105.8 ()
1 1 85.114.159.93 ()
1 1 51.89.9.251 ()
2 2 20.127.253.7 ()
2 141.95.33.111 ()
3 18.66.147.98 ()
3 99.86.4.94 ()
2 2 18.203.106.14 ()
1 1 3.75.62.37 ()
1 2 2a02:2638:d::d ()
1 178.250.1.11 ()
6 18.133.81.67 ()
409 82
4    20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pcloak.blob.core.windows.net
2    77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com
www.cloakan.co
3    94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)
ye-mek.net
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
40    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.ye-mek.net
3    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
images.dmca.com
8    104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
19    185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
static.virgul.com
ng.virgul.com
ng2.virgul.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    69.192.161.152 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-161-152.deploy.static.akamaitechnologies.com
z.moatads.com
17    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
37    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net
c.amazon-adsystem.com
10    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    143.204.100.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-100-231.fra50.r.cloudfront.net
aax.amazon-adsystem.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    52.58.219.83 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-219-83.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
6    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    88.221.169.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-49.deploy.static.akamaitechnologies.com
a.teads.tv
4    85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns2.ttidc.com.tr
cpm.programattik.com
1    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
4    185.83.142.19 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    216.52.2.91 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    185.7.176.222 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
c1.imgiz.com
1    34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com
pandg.tapad.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net
prebid.adnxs.com
26    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
14    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
8    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
40    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
1    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
10    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
2    95.101.54.194 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-194.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
12    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
hblg.media.net
2    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
8    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ams3-ib.adnxs.com
4    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    18.195.195.61 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-195-61.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    2a05:d018:d29:3602:f7ac:e0cd:cc15:97d3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
8    104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com
sync.teads.tv
1    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
4    52.58.153.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-153-178.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
3    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de
hal9000.redintelligence.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
10    2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de
hal900014.redintelligence.net
4    138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de
hal900016.redintelligence.net
3    104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com
www.awin1.com
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
googleads4.g.doubleclick.net
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    54.76.7.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-7-236.eu-west-1.compute.amazonaws.com
match.360yield.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
2    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    2a01:4f8:d0a:2321::2 (Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
1    49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de
futalis.de
3    18.133.36.104 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-36-104.eu-west-2.compute.amazonaws.com
track.webgains.com
4    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
5994599.fls.doubleclick.net
2    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
1    34.96.105.8 (None, )

ASN- ()
tr.blismedia.com
1    85.114.159.93 (None, )

ASN- ()
dsp.adfarm1.adition.com
1    51.89.9.251 (None, )

ASN- ()
onetag-sys.com
2    20.127.253.7 (None, )

ASN- ()
sync.inmobi.com
2    141.95.33.111 (None, )

ASN- ()
id5-sync.com
3    18.66.147.98 (None, )

ASN- ()
analytics.webgains.io
3    99.86.4.94 (None, )

ASN- ()
cdn.track.production.webgains.team
2    18.203.106.14 (None, )

ASN- ()
r.scoota.co
1    3.75.62.37 (None, )

ASN- ()
ups.analytics.yahoo.com
2    2a02:2638:d::d (None, )

ASN- ()
gum.criteo.com
1    178.250.1.11 (None, )

ASN- ()
mug.criteo.com
6    18.133.81.67 (None, )

ASN- ()
api.webgains.io
Apex Domain
Subdomains		 Transfer
72 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 357
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 196787
321 KB
69 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
661 KB
43 ye-mek.net
ye-mek.net — Cisco Umbrella Rank: 399852
cdn.ye-mek.net
648 KB
22 media.net
contextual.media.net — Cisco Umbrella Rank: 635
warp.media.net — Cisco Umbrella Rank: 2557
lg3.media.net — Cisco Umbrella Rank: 5916
hblg.media.net — Cisco Umbrella Rank: 2153
264 KB
19 virgul.com
static.virgul.com — Cisco Umbrella Rank: 63243
ng.virgul.com — Cisco Umbrella Rank: 65891
ng2.virgul.com — Cisco Umbrella Rank: 73693
231 KB
16 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 33010
hal900014.redintelligence.net — Cisco Umbrella Rank: 255016
hal900016.redintelligence.net — Cisco Umbrella Rank: 207610
93 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
prebid.adnxs.com — Cisco Umbrella Rank: 1681
cdn.adnxs.com — Cisco Umbrella Rank: 1649
ams3-ib.adnxs.com — Cisco Umbrella Rank: 7955
secure.adnxs.com — Cisco Umbrella Rank: 440
84 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 31186
ad4m.at — Cisco Umbrella Rank: 11978
assets.ad4m.at — Cisco Umbrella Rank: 41727
515 KB
12 google.com
adservice.google.com — Cisco Umbrella Rank: 83
www.google.com — Cisco Umbrella Rank: 2
2 KB
10 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 311
141 KB
9 webgains.io
analytics.webgains.io
api.webgains.io
94 KB
9 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1435
sync.teads.tv — Cisco Umbrella Rank: 1347
2 KB
9 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 948
fastlane.rubiconproject.com — Cisco Umbrella Rank: 491
pixel.rubiconproject.com — Cisco Umbrella Rank: 352
6 KB
8 turn.com
ad.turn.com — Cisco Umbrella Rank: 949
r.turn.com — Cisco Umbrella Rank: 3697
3 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
419 KB
7 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1865
m.addthis.com
220 KB
6 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 50654
medialead.de — Cisco Umbrella Rank: 50209
2 KB
6 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 385
imasdk.googleapis.com — Cisco Umbrella Rank: 468
fonts.googleapis.com — Cisco Umbrella Rank: 50
156 KB
5 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
4 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 324
2 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
61 KB
4 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 4619
pixel.mathtag.com — Cisco Umbrella Rank: 1097
3 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 639
2 KB
4 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 506
image6.pubmatic.com — Cisco Umbrella Rank: 746
2 KB
4 adform.net
adx.adform.net — Cisco Umbrella Rank: 4323
c1.adform.net — Cisco Umbrella Rank: 585
2 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 733
gum.criteo.com
mug.criteo.com
8 KB
4 programattik.com
cpm.programattik.com — Cisco Umbrella Rank: 59847
565 B
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax.amazon-adsystem.com — Cisco Umbrella Rank: 406
60 KB
4 windows.net
pcloak.blob.core.windows.net
3 KB
3 webgains.team
cdn.track.production.webgains.team
21 KB
3 webgains.com
track.webgains.com — Cisco Umbrella Rank: 29871
6 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 389
1 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 17733
2 KB
3 openx.net
us-u.openx.net — Cisco Umbrella Rank: 472
rtb.openx.net — Cisco Umbrella Rank: 1307
768 B
3 google.de
adservice.google.de — Cisco Umbrella Rank: 7680
818 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1651
mp.4dex.io — Cisco Umbrella Rank: 2234
25 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
129 KB
2 scoota.co
r.scoota.co
1 KB
2 id5-sync.com
id5-sync.com
2 KB
2 inmobi.com
sync.inmobi.com
1 KB
2 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 140982
6 KB
2 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 200925
2 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2410
809 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 664
59 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448
ups.analytics.yahoo.com
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 817
s.tribalfusion.com — Cisco Umbrella Rank: 2073
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 848
2 KB
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2195
592 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
52 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 153404
static-de.ad4mat.net — Cisco Umbrella Rank: 199770
4 KB
2 imgiz.com
c1.imgiz.com — Cisco Umbrella Rank: 124947
131 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
89 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 13164
6 KB
2 cloakan.co
www.cloakan.co
706 B
1 addthisedge.com
v1.addthisedge.com
1 KB
1 onetag-sys.com
onetag-sys.com
380 B
1 adition.com
dsp.adfarm1.adition.com
628 B
1 blismedia.com
tr.blismedia.com
173 B
1 futalis.de
futalis.de — Cisco Umbrella Rank: 216608
401 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 6378
554 B
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 7558
670 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 682
589 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3063
104 B
1 tapad.com
pandg.tapad.com — Cisco Umbrella Rank: 1936
257 B
1 pghub.io
pghub.io — Cisco Umbrella Rank: 1834
5 KB
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 499
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
21 KB
0 emxdgt.com Failed
hb.emxdgt.com Failed
409 68
Domain Requested by
40 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
ye-mek.net
pcloak.blob.core.windows.net
40 cdn.ye-mek.net ye-mek.net
cdn.ye-mek.net
37 pagead2.googlesyndication.com static.virgul.com
pagead2.googlesyndication.com
04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
googleads.g.doubleclick.net
pcloak.blob.core.windows.net
tpc.googlesyndication.com
ye-mek.net
securepubads.g.doubleclick.net
www.googletagservices.com
26 tpc.googlesyndication.com 1 redirects 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
ye-mek.net
securepubads.g.doubleclick.net
pcloak.blob.core.windows.net
17 securepubads.g.doubleclick.net static.virgul.com
securepubads.g.doubleclick.net
04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
pcloak.blob.core.windows.net
www.googletagservices.com
10 s0.2mdn.net pcloak.blob.core.windows.net
s0.2mdn.net
ye-mek.net
10 contextual.media.net static.virgul.com
contextual.media.net
pcloak.blob.core.windows.net
ye-mek.net
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
8 hal9000.redintelligence.net pcloak.blob.core.windows.net
04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
hal900014.redintelligence.net
hal900016.redintelligence.net
8 sync.teads.tv 3 redirects ye-mek.net
googleads.g.doubleclick.net
04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
8 ams3-ib.adnxs.com static.virgul.com
ye-mek.net
cdn.adnxs.com
8 www.googletagservices.com 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
8 ng.virgul.com static.virgul.com
ye-mek.net
pcloak.blob.core.windows.net
7 www.google.com googleads.g.doubleclick.net
04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 static.virgul.com ye-mek.net
static.virgul.com
pcloak.blob.core.windows.net
6 api.webgains.io analytics.webgains.io
6 assets.ad4m.at as.ad4m.at
6 lg3.media.net ye-mek.net
contextual.media.net
pcloak.blob.core.windows.net
6 fastlane.rubiconproject.com static.virgul.com
6 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 s7.addthis.com ye-mek.net
s7.addthis.com
5 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5994599.fls.doubleclick.net
4 5994599.fls.doubleclick.net 2 redirects pcloak.blob.core.windows.net
4 pv.medialead.de hal900014.redintelligence.net
04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
hal900016.redintelligence.net
4 hal900016.redintelligence.net 1 redirects 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
hal900016.redintelligence.net
4 hal900014.redintelligence.net hal9000.redintelligence.net
hal900014.redintelligence.net
4 hblg.media.net ye-mek.net
pcloak.blob.core.windows.net
4 x.bidswitch.net 4 redirects
4 fonts.googleapis.com 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
hal900014.redintelligence.net
hal900016.redintelligence.net
s0.2mdn.net
4 ad4m.at as.ad4m.at
ad4m.at
4 r.turn.com googleads.g.doubleclick.net
04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
4 ad.turn.com 4 redirects
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
4 ng2.virgul.com ye-mek.net
pcloak.blob.core.windows.net
4 ap.lijit.com 3 redirects static.virgul.com
4 ib.adnxs.com 1 redirects static.virgul.com
googleads.g.doubleclick.net
4 cpm.programattik.com static.virgul.com
4 pcloak.blob.core.windows.net pcloak.blob.core.windows.net
3 cdn.track.production.webgains.team 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
as.ad4m.at
track.webgains.com
3 analytics.webgains.io track.webgains.com
3 track.webgains.com pcloak.blob.core.windows.net
as.ad4m.at
3 eb2.3lift.com 3 redirects
3 www.awin1.com as.ad4m.at
04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
3 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
3 tags.mathtag.com 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
tags.mathtag.com
3 image6.pubmatic.com 3 redirects
3 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 c.amazon-adsystem.com static.virgul.com
c.amazon-adsystem.com
3 www.googletagmanager.com ye-mek.net
adv.office-partner.de
3 ye-mek.net www.cloakan.co
ye-mek.net
2 gum.criteo.com 1 redirects static.criteo.net
2 r.scoota.co 2 redirects
2 id5-sync.com pcloak.blob.core.windows.net
2 sync.inmobi.com 2 redirects
2 medialead.de 2 redirects
2 cdn.retailads.net 1 redirects futalis.de
2 adv.office-partner.de hal900014.redintelligence.net
hal900016.redintelligence.net
2 match.360yield.com 2 redirects
2 c1.adform.net 2 redirects
2 googleads4.g.doubleclick.net pcloak.blob.core.windows.net
2 us-u.openx.net googleads.g.doubleclick.net
2 static.criteo.net static.virgul.com
static.criteo.net
2 pm.w55c.net 2 redirects
2 cdn.adnxs.com static.virgul.com
2 warp.media.net static.virgul.com
2 qsearch-a.akamaihd.net static.virgul.com
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
2 ssum-sec.casalemedia.com 2 redirects
2 pixel.rubiconproject.com 2 redirects
2 c1.imgiz.com static.virgul.com
c1.imgiz.com
2 adx.adform.net static.virgul.com
2 script.4dex.io static.virgul.com
script.4dex.io
2 connect.facebook.net ye-mek.net
connect.facebook.net
2 images.dmca.com ye-mek.net
2 www.cloakan.co pcloak.blob.core.windows.net
1 mug.criteo.com pcloak.blob.core.windows.net
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 ups.analytics.yahoo.com 1 redirects
1 onetag-sys.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 tr.blismedia.com 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
1 futalis.de hal900014.redintelligence.net
1 rtb.openx.net 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 pixel.mathtag.com tags.mathtag.com
1 secure.adnxs.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 s.tribalfusion.com ye-mek.net
1 a.tribalfusion.com 1 redirects
1 static-de.ad4mat.net as.ad4m.at
1 www.gstatic.com 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
1 ius.ctnsnet.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 prod-rtb.ad4mat.net googleads.g.doubleclick.net
1 prebid.adnxs.com static.virgul.com
1 imasdk.googleapis.com c1.imgiz.com
1 pandg.tapad.com pghub.io
1 hbopenbid.pubmatic.com static.virgul.com
1 bidder.criteo.com static.virgul.com
1 a.teads.tv static.virgul.com
1 prebid-server.rubiconproject.com static.virgul.com
1 mp.4dex.io static.virgul.com
1 pghub.io static.virgul.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 z.moatads.com s7.addthis.com
1 www.google-analytics.com www.googletagmanager.com
1 ajax.googleapis.com ye-mek.net
0 hb.emxdgt.com Failed static.virgul.com
409 111

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2023-03-22 -
2024-03-22		 a year crt.sh
cpanel.cloakan.co
R3		 2023-05-03 -
2023-08-01		 3 months crt.sh
www.ye-mek.net
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-11-29 -
2023-07-07		 7 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
1099124734.rsc.cdn77.org
R3		 2023-04-04 -
2023-07-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
images.dmca.com
R3		 2023-03-14 -
2023-06-12		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
*.virgul.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-24 -
2023-09-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-16 -
2023-05-17		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-08		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-31 -
2023-08-31		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
teads.tv
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
*.programattik.com
GeoTrust RSA CA 2018		 2022-10-25 -
2023-10-25		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.imgiz.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-27 -
2023-09-09		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2022-05-26 -
2023-06-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-04-09 -
2023-07-08		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
redintelligence.net
R3		 2023-04-10 -
2023-07-09		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
pv.medialead.de
R3		 2023-04-15 -
2023-07-14		 3 months crt.sh
adv.office-partner.de
R3		 2023-05-01 -
2023-07-30		 3 months crt.sh
*.futalis.de
R3		 2023-04-17 -
2023-07-16		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-07-13		 5 months crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G1		 2022-06-17 -
2023-06-18		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-04-12 -
2023-07-11		 3 months crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh

This page contains 52 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Frame ID: 0AD1B744ECF1DF2A33757BD712878FAC
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: 237094207AD0C823A8057F54BC882D2E
Requests: 128 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 7A7F0E289A5370E39E5F37F41444E28D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230508/r20190131/zrt_lookup.html
Frame ID: 9F562F96C2CD7FDA63D067DFEAA17D1D
Requests: 1 HTTP requests in this frame

Frame: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 936C74894E6888829928DEE02D84C17F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657116883&bpp=3&bdt=685&idt=229&shv=r20230508&mjsv=m202305080101&ptt=9&saldr=aa&nras=1&correlator=2477421507668&frm=24&ife=1&pv=2&ga_vid=1458859635.1683657116&ga_sid=1683657117&ga_hid=707820496&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44773810%2C44759875%2C31074432%2C31074459%2C44788442%2C44790154&oid=2&pvsid=2459006068698418&tmod=1341516609&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.1njzhooodvth&fsb=1&dtd=240
Frame ID: 0E0C8F634D2BD3E9CB176A359D32FD4A
Requests: 1 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 7FA64628CBF1A1320697653F3CD44EE7
Requests: 1 HTTP requests in this frame

Frame: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5E8222F43F7C236FD234BF8B47FC59C9
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407280060&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117599&bpp=9&bdt=92&idt=236&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&nras=1&correlator=7020289652949&frm=8&ife=1&pv=2&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.gzvlu46728pd&fsb=1&dtd=251
Frame ID: 01D4A5595CD99F9F70450EC95629BE2D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
Frame ID: B702C30F955256972FA74F62953D78A6
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ggd0g5rasbeh38r682z7j0wmc05667wvyfab4zpeddz9b7easef42smwpw5meb3mjtpmaw5zxkr6s89hv1hx9sj0w157werfv3w1yx6j1rdfn1c0bpk3p13cq9xp6fvnrecazjvft4gmxm31ny07z4cz6efmfp3d6k3fp14fbze0bbv7zqsyx90d6xwq3f9w7vzz1cr4er3w5k9s201ee1tebqk4dp6vceagb97tenj055aft6ng07dye186qqkcff1wz6a7w00c6gkvb7y2rsd0stgapmeyrfjjvt93fhqb8k6mdjyzydv7qatm40k6rbke31qfnmbnnzpwv2sz1vrzy4cv9d5evczyawcjdk3z0bvay47pkzf9yxh9e4sa0rhs2wjdkeqfrbhg3ea61rp03ajgp29kc2h97y2csrg8crzp3pqq5x55hxpmyhfx55bzf4jnm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%26client%3Dca-pub-6593523210010154%26adurl%3D
Frame ID: 52C5F5B2DEAF2FF36BF57044BE26D2F1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8DE7C93F8463D1705579719C03E7FA24
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT6-j08JtMrUikeFXj05npt8aNkeb2okOoPKI1OVpGhoW8xM2p7g6XdVzGwzY6a4D63lhN6HD8xS8lhp0yySZ9WXq6Y76muwLa6IlO4_gIGSGHs9bzpFQad1Q3ssqYvmyS8xBKr0rUoalGVO-115qceMUSBpBlg2228U1SQcMlAmMqyznwZ9LTvejNJM-5Oapy6sEQXvoiQuDrllYlaDZLHVMEx8cPl1QPFR2ayczwtsbv-guLJKBiL6uxpejEGef2zqtIA6L4sDyS4Tz2TzmjVZ0qyQxagTAuGRpICPyU0ymhxAAdSgU5jSYGp9XEdIFqWoUy2qSHGc51bps&sai=AMfl-YQOTSaF1AMJZBUxSh1eyDg7l6qkZBVFqE0IO9zkvr2_IR8NSL0SXRQM3eejVGL_YMuLAk3aMXxN1zkxSj3OjZ519kgBqCplZPeUKRAvaCgZuaYRIHe91jllVJrkxw&sig=Cg0ArKJSzLjo-gnlPHxwEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 22255E35D575D1AFEB89A862F691372C
Requests: 18 HTTP requests in this frame

Frame: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D4FE7860FF05B3CD5CFCCCDEAA0360DC
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-Tdism3dVc_Bx_G4KFoxOwhFGiKuS0QWvo3ol-L0ZvMUhc6Li9Ml5q4qwp_0nsK_UpFqlyFJH1EqimX-XEN_rLhru416fsfVTzVcqDf3A2cXx7xD_D8duM6U5GJzz92G860ylMH0rHS9mS46bNK1Z2-OFO42AWC2FzEuTRYpdCtcD3nX_I6NyvvAnEmqgFgeTF7qCP9WU4FpId3eu0vWqFLV9br3VzSlE7zY2dN-vnJB-6l72IGuxR56BYiyEemcaGXvflTinjX9Nss80yQQEubPdkuycRcKk5MziC22pXExt_YLJcy9p2DRXppkopwrg6QpFWT5O3lI&sai=AMfl-YTr9JbNGSGA0IJq6P1iooJ3dPieWeoLxLtjHeLZZNRobx9mOdtW8-A-mG4K_WxHOJBg457QVDXwleXtVZI19Bl0XxyVXereZBVDjXV3zPTVph3M4xOhgsoKw3nyxA&sig=Cg0ArKJSzAuwriQB948TEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DDCEFC78F8DE8F86FA48890C9F7CADBE
Requests: 18 HTTP requests in this frame

Frame: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 202A18C08A378EE89DBDA0624AB66134
Requests: 20 HTTP requests in this frame

Frame: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3578EFD5D13BA49EB9C926E76944C249
Requests: 21 HTTP requests in this frame

Frame: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6595A06D6DBB49C9EEC459D2262A8C27
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNVIFTWFRqP5K3HprVqAfi9Sd_MqHvzrWlfGFDkTUlJZpxoACJv7HuKKu1B6t46PhT0ROJNfe6hOLgKmoEbaqgiMvXWkTwxMyACmOP5iIxUjcqOV3TW-Uk1MuAo_-x2pcIJtKtkz5fQZSjQ35RV4Hh2TOnP9eLEZtCcpoBDF048NVSINqWI
Frame ID: C6EAB06D9A1AE07F5937DAA68CC6A90F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXcTvXZI4sBi_3wXxaN0Ho62YCYXeKiHrea65jW6brQ2No3LQYVKH5fqq-TMUAy4CcY0ev2pmxr77-YJIJezm8Ua0JTW7w2c4jKHknRNMKI4719MUiHfy16H0OCTUVr38jBNnyjMHy9tPvRyGi9IlzraM409lemNrICr51D3B8KUxxSOPU
Frame ID: 41E9A0F954FD4152BEC2F5B0C5884B3F
Requests: 5 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: DC739C4274C98C1FC5036E1CAA58BF40
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E7BF14D5BF26415FCCCFBF2C80EA027B
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683657118202529058&gdpr=1&tsce=L128&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=875143658&size=300x600&cc=DE&sc=HE&chnm=no_strategy&pid=8PO15FLE3&tpid=T57IE0C&https=1&rrr=tzR-hLcl-L8S0csJTOWsHrB8bbSdlDto&nse=5&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&ebdata=~G-MjJzvuAuH~GwEv9~G8Ov9.uA9~G-M1yjf1Mjv9~G-M1QzvfWhXA~G-MNQv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MLwvHhr4gEdWqR~G-MLENv99999u9~G-MQ8lJvA99-F99~G-M7Y1-vFX9~G-M7YjMQxkk8-vS~N875vRKrrPDDq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.9Au~OYYMYuv9.9Wi~OYYMYu9vu.999~OYYMYuuv9.iFF~OYYMYufvu.AAF~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.AAH~OYYMYuhvu.999~OYYMYfv9.9fA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvi.999~OYYMYAFvi.999~OYYMYAivii9W.999~OYYMYH9vii9W.999~OYYMYHHvu.999~OYYMYHhvHFifF.999~OYYMYHWvuA9Wh9fi.999~OYYMYXvu.999~OYYMYX9vu.999~OYYMYXuvi.999~OYYMYXfv9.XFu~OYYMYFvu.999~OYYMYhvu.AAF~OYYMYivu.999~OYYMLv9.fWh~JMLEYv9.9Wi~JLEYv9.9Wi~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~LMNNvr4~LM8EvAh.XW.XW.9~LMQNvRp~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvffHFA9fh~QyY7vJYE75~Q7OvffHFA9fh~eGLv9~e8Q8G8j875v9~QxEEj5M71yM8OvffHFA9fh~e8JB1G8j875v9.XFuHX~NGOEv9.uA9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQv9~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.uA9~875EJM8OvuF~QJjjJLM71yM8OvffHFA9fh~N1LL8JLVOv9~~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1327519835t202305091831&essld=Ah.XW.XW.9~r4~Rp~G1OnOxLLwJ8Y&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Frame ID: BD8636D750DF99D01C1E3F6FD6AD663D
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Frame ID: D89AB51809246D5060435C5710218D9C
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: B56D3AB15C0005A52BB28BFC99D6747A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
Frame ID: 289958B63FE399290FB613783D17C90F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DED36E2B6481F34545BCB20CD7C05E8B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0F2D72C7BAAF98B9D2FDF931C3E3CC44
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=af1688c8d66e027fdbd118f8aa0947c7%2F11453764225808850446&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683657118828&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxfmv3kh4g4maab2vz3effx6azg0xmve5crehywj26dqd6m1rnwvdt6pqh5109a0ssv4s93dahr2pgqhwyeym4j3716z7xr44xksyr44m90rtv4k5dx0adxpxfarjn7ec8j0987sypsqmeeg9hehzayb9gs9j72mta2091f90rncykn4sxtwv1qrfr2yj371rbgabt9bb8txh0y51bacr15nsyw6sf1xczy61pphnn5ta3gd2mkk0p3wpjqpmqgqzf2wadsyzsh6fy414stb0jqvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Frame ID: C0FDEA209E03EB144EF81CAF9D0F8C12
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 32457FBBEE7D79490D289AD25EDA0274
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 413BAA34BB0BD6E1B127967EAB09362C
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683657118522709374&gdpr=1&tsce=L128&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=844206516&size=200x200&cc=DE&sc=HE&chnm=no_strategy&pid=8PO15FLE3&tpid=TJT3376&https=1&rrr=tzR-hLcl-L8S0csJTOWsHrB8bbSdlDto&nse=5&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&ebdata=~G-MjJzvuAAW~GwEv9~G8Ov9.uH9~G-M1yjf1Mjv9~G-M1QzvfWhXA~G-MNQv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvf99-f99~G-M7Y1-vFX9~G-M7YjMQxkk8-vS~N875vRKrrPDDq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.9Au~OYYMYuv9.9ii~OYYMYu9vu.999~OYYMYuuv9.ihH~OYYMYufvu.AAh~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.AFX~OYYMYuhvu.999~OYYMYfv9.9fA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvu~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvi.999~OYYMYAFvi.999~OYYMYAivii9W.999~OYYMYH9vii9W.999~OYYMYHAv9.fu9~OYYMYHHvu.999~OYYMYHhvHFifF.999~OYYMYHWvuA9Wh9XW.999~OYYMYXvu.999~OYYMYX9vu.999~OYYMYXuvi.999~OYYMYXfv9.AWi~OYYMYFvu.999~OYYMYhvu.AAh~OYYMYivu.999~OYYMLv9.Auh~JMLEYv9.9ii~JLEYv9.9ii~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~LMNNvr4~LM8EvAh.XW.XW.9~LMQNvRp~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvffHFfFXh~QyY7vJYE75~Q7OvffHFfFXh~eGLv9~e8Q8G8j875v9~QxEEj5M71yM8OvffHFfFXh~e8JB1G8j875v9.AWWhHA~NGOEv9.uH9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQv9~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.uH9~875EJM8OvuF~QJjjJLM71yM8OvffHFfFXh~N1LL8JLVOv9~~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1327519835t202305091831&essld=Ah.XW.XW.9~r4~Rp~G1OnOxLLwJ8Y&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Frame ID: FEC248EF4ADB6509431AF54774FECAA2
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Frame ID: DEC7C572AC54CE8723F7271DBEB786AE
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 3F651A1B327951A1FF333DB39D12E347
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 73CD8741D7FDA3A1857DC0747CF8F7BB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8193307247526017021/index.html
Frame ID: 7F459C053B29279B872DFCBBFC9DEAC8
Requests: 12 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=48065000152271500951389012319014&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=li
Frame ID: 92605CF10A524084F7E6359E12E3C9AA
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 8E643313CEFBE14625163C46FD1F8722
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2701254914
Frame ID: 9ECBE2828E8982C6EDB2F5482215D36A
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJTYhcTv6P4CFTdZwgodpkIIAA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2971405573823.553
Frame ID: 2D8BE8B25E977900D1EA7A79010411E3
Requests: 2 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=48065000152271500951389012319014&a=be0cfc20
Frame ID: 30B1835897F959CF811027359EAA0964
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C5BD7091818E706AFF87F494E23EB126
Requests: 9 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=88087000163259104444550012319016&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=
Frame ID: FFFF92B0FFFA05C6EE95FC8833CE4168
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 6D61A1967E50716E4B45376899F36405
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CI2HkcTv6P4CFQ5NHgIdV40F5g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1361081033438.3118
Frame ID: 0802AC06BAC5F375F28DF9AAD4E8BDD3
Requests: 2 HTTP requests in this frame

Frame: https://hal900016.redintelligence.net/request_content.php?s=88087000163259104444550012319016&a=d018bf0e
Frame ID: 839DB023BFEB7664B3AD3226D8A68223
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 46FC7960F59F6237E3FFD2AE1821F2FB
Requests: 9 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 35A8A23CE1DCAF67BA1F7AC99BAA5B66
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: CCD5E23AA8E0D9661A8B16E3F7FF1E83
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Frame ID: 9332849D97BEA34954E86D28AA33C9EA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 59DC57A0E7FC543D3400E6BBC6560A01
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E65BB05E39BA54BDF20DC622921C4577
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

409
Requests

89 %
HTTPS

35 %
IPv6

68
Domains

111
Subdomains

82
IPs

11
Countries

4555 kB
Transfer

10591 kB
Size

36
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 140
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1&google_push=ATf1kGPxq74oPs7nSecPPLZf-hnXbm3MKEUkEFdkIvzdXhpL9kqTIpfJ9_fYyYGujoA6EJ-vT8Lyy4WAkYHM4DuyaTDdMTrJy54XRdUQjCrNOJLXFv0Iy17Sraw3T-WKFF8P_0cu6DmyRsf6D7G1sak_j1ugtQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM2NTQ0MjA4MzI1OTM0MjM2NQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1
Request Chain 142
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELtaD3duxLAsR-qDhgws9XM&google_cver=1&google_push=ATf1kGMChsoHx2g3TpsdZNUa-gXB7UCeJYd8sbek5AFQi-ugOx7mHaE4fvYwFPTZWYo-0Mn9WlA32JYQU0gRsbzXnoB9O5u4z1NkBzs7fRNsaRpJuv3BX08us2XIUdSfA8pjUx2fQeeMzP-HzXf-zdqkO_sT3SA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELtaD3duxLAsR-qDhgws9XM&google_push=ATf1kGMChsoHx2g3TpsdZNUa-gXB7UCeJYd8sbek5AFQi-ugOx7mHaE4fvYwFPTZWYo-0Mn9WlA32JYQU0gRsbzXnoB9O5u4z1NkBzs7fRNsaRpJuv3BX08us2XIUdSfA8pjUx2fQeeMzP-HzXf-zdqkO_sT3SA
Request Chain 143
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAg7JBY6DIgf2BNL1Fb50uE&google_cver=1&google_push=ATf1kGPNvI_J7ujs32Cry0N30vNdrXgJOuF9Dt7lqWgGizejyBrHI_jaLEYPJDyeIJfGjqOPlrIDTbMV4k941PFmhfHCc7h04cUabJ9f0PBCXg-CT9MFQON5NA4hi9lr65HghNwZ8S-b1tT_eDYo1ogrmgYezw HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAg7JBY6DIgf2BNL1Fb50uE&google_cver=1&google_push=ATf1kGPNvI_J7ujs32Cry0N30vNdrXgJOuF9Dt7lqWgGizejyBrHI_jaLEYPJDyeIJfGjqOPlrIDTbMV4k941PFmhfHCc7h04cUabJ9f0PBCXg-CT9MFQON5NA4hi9lr65HghNwZ8S-b1tT_eDYo1ogrmgYezw&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kqb9xCUUQ0Kx_ghyimY7yQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPNvI_J7ujs32Cry0N30vNdrXgJOuF9Dt7lqWgGizejyBrHI_jaLEYPJDyeIJfGjqOPlrIDTbMV4k941PFmhfHCc7h04cUabJ9f0PBCXg-CT9MFQON5NA4hi9lr65HghNwZ8S-b1tT_eDYo1ogrmgYezw
Request Chain 144
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJyDpDO7RUMUhSTenVbJaSU&google_cver=1&google_push=ATf1kGOqOQPanyPuFjJuh9D7pixTZETTzDpWCKT6kxi-FBlj5ZXE1pfgM9w5RYsmYhOUx_TCKR7BTlYMJIFebq80a8TbsS2fLY0nHRfY1Y5vn-9aOldY_CX3n6s0yZxFY6vTVNqDQOKhpFXy_qdB2XTWm5hbrg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhHTFo1WUktRy1JOUZD&google_push=ATf1kGOqOQPanyPuFjJuh9D7pixTZETTzDpWCKT6kxi-FBlj5ZXE1pfgM9w5RYsmYhOUx_TCKR7BTlYMJIFebq80a8TbsS2fLY0nHRfY1Y5vn-9aOldY_CX3n6s0yZxFY6vTVNqDQOKhpFXy_qdB2XTWm5hbrg
Request Chain 145
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGt59vdL4QFC-AcpsKqTUTI&google_cver=1&google_push=ATf1kGMGXKLohnyBLWGzbyheHXymuNZwDXGT4QGyJJLdY4t1q3Z5Wrza4tRtD9ZSrtCvUtkiPjqkEqDgQjT6srntTB3b1ujZKl00gyWauOfy9D0ZdZ8mdk4TVcCDcYiEoSE7tAvAvUzfWOmewnT8xSrsVui4yQc HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGt59vdL4QFC-AcpsKqTUTI&google_push=ATf1kGMGXKLohnyBLWGzbyheHXymuNZwDXGT4QGyJJLdY4t1q3Z5Wrza4tRtD9ZSrtCvUtkiPjqkEqDgQjT6srntTB3b1ujZKl00gyWauOfy9D0ZdZ8mdk4TVcCDcYiEoSE7tAvAvUzfWOmewnT8xSrsVui4yQc&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGt59vdL4QFC-AcpsKqTUTI&google_hm=ZFqRnjYXR228CivwdFvtxQAAFBsAAAIB&google_nid=index&google_push=ATf1kGMGXKLohnyBLWGzbyheHXymuNZwDXGT4QGyJJLdY4t1q3Z5Wrza4tRtD9ZSrtCvUtkiPjqkEqDgQjT6srntTB3b1ujZKl00gyWauOfy9D0ZdZ8mdk4TVcCDcYiEoSE7tAvAvUzfWOmewnT8xSrsVui4yQc
Request Chain 146
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEOalGSVytNxthZcAKxECwi0&google_cver=1&google_push=ATf1kGPVwpGB0yeSUHGi-i_35X6w4X93venXjaOsxXzMfhUURdAN1Ot2kQL4cy1ZYbXHDvM9gn2RTDpPDUVzKgt4jug5wQEIQBD1BAgenHvDohCDHUTNMT_l_wpa_Hz2LmeDFyuD6cHXW89Q3m4dtNf1iy5uegF0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGPVwpGB0yeSUHGi-i_35X6w4X93venXjaOsxXzMfhUURdAN1Ot2kQL4cy1ZYbXHDvM9gn2RTDpPDUVzKgt4jug5wQEIQBD1BAgenHvDohCDHUTNMT_l_wpa_Hz2LmeDFyuD6cHXW89Q3m4dtNf1iy5uegF0&google_hm=I3JSOpeyR5GOEZY7LxlayPg
Request Chain 205
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
  • https://tpc.googlesyndication.com/simgad/624907996767536446
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA1CFVIVjMAoBgZiK6IFcZI&google_cver=1
Request Chain 209
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFqRnjYXR228CivwdFvtxQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA1CFVIVjMAoBgZiK6IFcZI&google_cver=1
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGq07ItKF-YDgCXRuFYb5wg&google_cver=1
Request Chain 211
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5MTcwODA0MzMyMDYyNTYx
Request Chain 212
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELi6pGimng_Z2TxD2ctp2Kk&google_cver=1&google_push=ATf1kGM7Wo5nBwugKK0czqk_6FUuT277TuiTsXqLdlkoZCd7fh0xqmE2zKQsFazK9PxyEm0XY-rBLFznB5WX8n8NBYgigEWN_zM HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELi6pGimng_Z2TxD2ctp2Kk&google_cver=1&google_push=ATf1kGM7Wo5nBwugKK0czqk_6FUuT277TuiTsXqLdlkoZCd7fh0xqmE2zKQsFazK9PxyEm0XY-rBLFznB5WX8n8NBYgigEWN_zM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TjZweFNZM2oxUFdzN1k1&google_gid=CAESELi6pGimng_Z2TxD2ctp2Kk&google_cver=1&google_push=ATf1kGM7Wo5nBwugKK0czqk_6FUuT277TuiTsXqLdlkoZCd7fh0xqmE2zKQsFazK9PxyEm0XY-rBLFznB5WX8n8NBYgigEWN_zM
Request Chain 213
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBD6Z44AireTH8sugMPa7Gs&google_cver=1&google_push=ATf1kGNZkvJPLlKyHpmvBzdPcwUeqkC3e9d9fTzV4mtEt8L18Gf7Ycht-N5pdbyDfRIEPfCWTCOEcd-OY4O4WwrSHM8b0Q4qiCBx&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNZkvJPLlKyHpmvBzdPcwUeqkC3e9d9fTzV4mtEt8L18Gf7Ycht-N5pdbyDfRIEPfCWTCOEcd-OY4O4WwrSHM8b0Q4qiCBx%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBD6Z44AireTH8sugMPa7Gs&google_cver=1&google_push=ATf1kGNZkvJPLlKyHpmvBzdPcwUeqkC3e9d9fTzV4mtEt8L18Gf7Ycht-N5pdbyDfRIEPfCWTCOEcd-OY4O4WwrSHM8b0Q4qiCBx&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNZkvJPLlKyHpmvBzdPcwUeqkC3e9d9fTzV4mtEt8L18Gf7Ycht-N5pdbyDfRIEPfCWTCOEcd-OY4O4WwrSHM8b0Q4qiCBx%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 214
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPDJJ-gb3OlUJudvAb2X0xk&google_cver=1&google_push=ATf1kGOHTEOKaxhd1uqt_EWBvvpZPF-VhS7aIloOsSCe1wQ4D2KuD_QnPrf06b3ofDk32VDGf9W3Y_UZxFuTghvhrMmY3s7tQ9ep HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOHTEOKaxhd1uqt_EWBvvpZPF-VhS7aIloOsSCe1wQ4D2KuD_QnPrf06b3ofDk32VDGf9W3Y_UZxFuTghvhrMmY3s7tQ9ep&google_hm=eS1kcGR3a0NoRTJwRmhlUzlrQXZFeUY5a3gzSHljbHljMX5B
Request Chain 215
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEH7NoLwG1uYeVObEVqit8pk&google_cver=1&google_push=ATf1kGPdgHf7O6o2kE1uBz-vPlM1SjaeMmF2JnKUZRHbTREn7myZWAq9q0uesdtKB3Q9lJ5nmHeZ9f96u30YfvcfEhvgo9Hkr8Rx HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEH7NoLwG1uYeVObEVqit8pk&google_cver=1&google_push=ATf1kGPdgHf7O6o2kE1uBz-vPlM1SjaeMmF2JnKUZRHbTREn7myZWAq9q0uesdtKB3Q9lJ5nmHeZ9f96u30YfvcfEhvgo9Hkr8Rx&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPdgHf7O6o2kE1uBz-vPlM1SjaeMmF2JnKUZRHbTREn7myZWAq9q0uesdtKB3Q9lJ5nmHeZ9f96u30YfvcfEhvgo9Hkr8Rx&google_hm=GnjXpGZHNs6m3ECwSA-60rKZ
Request Chain 216
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHjQYe79V7U0iaK-5_G1fg4&google_cver=1&google_push=ATf1kGP_gH0vaHlWEF-Rh53Y6UnOOEbt5OxYV7a8qvMB2P38wQ2d6Dy4UrDAe9xINjZdIkM6pBrsCbuWL9YkLeuojJAYy5zkaXHq4w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGP_gH0vaHlWEF-Rh53Y6UnOOEbt5OxYV7a8qvMB2P38wQ2d6Dy4UrDAe9xINjZdIkM6pBrsCbuWL9YkLeuojJAYy5zkaXHq4w HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 217
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEv5yzk2wkGvWw3lpj9NlPQ&google_cver=1&google_push=ATf1kGPNIH9yYzwpfMp4QVFKaJ_aSy2fPFTv14Kf47bg02Bgjok3Zo_gos0OrADLJS97vfEXZm3MpujI5sIXVyNJe6fKWBj4HeOgDQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Nzk5MTcwODA0MzMyMDYyNTYx&google_gid=CAESEEv5yzk2wkGvWw3lpj9NlPQ&google_cver=1&google_push=ATf1kGPNIH9yYzwpfMp4QVFKaJ_aSy2fPFTv14Kf47bg02Bgjok3Zo_gos0OrADLJS97vfEXZm3MpujI5sIXVyNJe6fKWBj4HeOgDQ
Request Chain 218
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENVZVgWpPis39dKaGbRPXYc&google_cver=1&google_push=ATf1kGOCLf8pkJAaAjoaD6sty1u8k-bZQFMOFLWx474uuCpLt4H2Z_WzFw4Lcfp3jvsc7ea3x9IjWTsbuEuRLrQUYOeJL2LsP77JwA HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENVZVgWpPis39dKaGbRPXYc&google_cver=1&google_push=ATf1kGOCLf8pkJAaAjoaD6sty1u8k-bZQFMOFLWx474uuCpLt4H2Z_WzFw4Lcfp3jvsc7ea3x9IjWTsbuEuRLrQUYOeJL2LsP77JwA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ef47b96a-2c71-4aae-97bb-3f233298d08d&%%GOOGLE_PUSH_PAIR%%
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM7yxnAMC9400cjY3Nz9xvo&google_cver=1
Request Chain 223
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEJM44mJD9z9D6GZWUk0L4Is&google_cver=1
Request Chain 266
  • https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c98237d1e9&subid=&uid=93ae5285b05edf52&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwUE-npFaZLarCJmP1waO1pfIBKblvaBphZWcp8kP8C4QASDAsoJrYJUCyAEJqQK4Sb-1M2eyPqgDAaoE_QFP0MtDmZaHIi9AOL8SjblL31zFTaKywN4cFnFlpPE_xJVcTN9s8q_0wncrVF-qZN3y1yYNwRX25suVXH_ORoNBW-HzmXyHR_-46DDLfOHdmFChGzjM4K4BuDoLHnn9H0GFWgd0W6-j_6y_-VT4lsqn6Z-EBTmAZs1ppOS6QiSD81buBA_zSP8c7EZ7Pxsl5i2MMYJkl7Bmur4hB83r1ek3smQEyWgYlsjAB7UYUUosr4ZEP6wn4e_1WX-FRJz-vctEH9c_0BUYV7lWvPBsa_XXa58S9WIoB-1qbmY37XE0_bZaadye1oD-bGe5IPHJRL1JxXqlgf0suMvpBLxzwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDV5jeuGzhuN3LK-Qz2ck3OBY4Oi90RC0EtoJEKqUlAT8ijbiFZGwYuIC9bg-ghlK0xl4aqH-0GAE%26sig%3DAOD64_3Mob73B0Kbl9HIl1bc6ZX48JXssA%26client%3Dca-pub-7983651257838282%26dbm_c%3DAKAmf-BbQOn6FF9ra8S4YfBkhrU1a_PyHeXWu9XhqZsHD1-wOR3-e7OQNDzMxSMDKLF718eU83fLh3qWbcuzzeARYBlx13PPCCOMeQzPPaUT9S0ME8Ad5KlEZS2NAC0BcGmalJCvOtjgXkLNkRB35quMIQ3LyCofqiJxw5u40_2lIpcC_eN0T88%26cry%3D1%26dbm_d%3DAKAmf-ADtz_O_Is0tnmm-LugcQzrfTiuBOu56EX90J7x1nnnZYVRwnnvndSggQyShcytZ5jGrjYxi9rz5kbmBMfRt6mn0O0o6DB1PurVw3UGST0gNO8bE254RWlb-VjJ_veDRZJ7We0b1KC_FKhycHaTw3tSeRlcrAGA3g7kZvhSG2Tl5rRAd7pJNc9n0j7llNKTID3c2XaePRSXITC5JPOlYfWvA3LaPrScCsXxu5GEj1fpTXc-6njxbJoNNxRwPWdjNkUyLxR_Zd6ppcmlIUsFP1IRqWWoIX4OYXj-0fjGj9tqOlr-pcJi-kuQ2AkgxrOd2qR7EiDJNwmt9vCtqwfriRCxNwGvkP67YQ4DFn-DP7I22OXHHn1iUqhqb7aS8CiKXvVLsNiigMlIKBdq7RMb7k2LBYUCILNq3Q_yxGIRloaNGTM-T06akOFTxfHKTdQ6C89SmNvQnH4dECElwQc26hC8BtqFXFE2Enkab9UUS-Gr1H67f7KuduUR-j_8DZuiSUjgl2bOIhRyzMaf5uBotZC0FyYfzg%26adurl%3D&documentReferer=https%3A%2F%2Fye-mek.net%2F&ancestorOrigins=https%3A%2F%2Fye-mek.net%2Chttps%3A%2F%2Fpcloak.blob.core.windows.net&random=368930642987&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c98237d1e9&subid=&uid=93ae5285b05edf52&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwUE-npFaZLarCJmP1waO1pfIBKblvaBphZWcp8kP8C4QASDAsoJrYJUCyAEJqQK4Sb-1M2eyPqgDAaoE_QFP0MtDmZaHIi9AOL8SjblL31zFTaKywN4cFnFlpPE_xJVcTN9s8q_0wncrVF-qZN3y1yYNwRX25suVXH_ORoNBW-HzmXyHR_-46DDLfOHdmFChGzjM4K4BuDoLHnn9H0GFWgd0W6-j_6y_-VT4lsqn6Z-EBTmAZs1ppOS6QiSD81buBA_zSP8c7EZ7Pxsl5i2MMYJkl7Bmur4hB83r1ek3smQEyWgYlsjAB7UYUUosr4ZEP6wn4e_1WX-FRJz-vctEH9c_0BUYV7lWvPBsa_XXa58S9WIoB-1qbmY37XE0_bZaadye1oD-bGe5IPHJRL1JxXqlgf0suMvpBLxzwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDV5jeuGzhuN3LK-Qz2ck3OBY4Oi90RC0EtoJEKqUlAT8ijbiFZGwYuIC9bg-ghlK0xl4aqH-0GAE%26sig%3DAOD64_3Mob73B0Kbl9HIl1bc6ZX48JXssA%26client%3Dca-pub-7983651257838282%26dbm_c%3DAKAmf-BbQOn6FF9ra8S4YfBkhrU1a_PyHeXWu9XhqZsHD1-wOR3-e7OQNDzMxSMDKLF718eU83fLh3qWbcuzzeARYBlx13PPCCOMeQzPPaUT9S0ME8Ad5KlEZS2NAC0BcGmalJCvOtjgXkLNkRB35quMIQ3LyCofqiJxw5u40_2lIpcC_eN0T88%26cry%3D1%26dbm_d%3DAKAmf-ADtz_O_Is0tnmm-LugcQzrfTiuBOu56EX90J7x1nnnZYVRwnnvndSggQyShcytZ5jGrjYxi9rz5kbmBMfRt6mn0O0o6DB1PurVw3UGST0gNO8bE254RWlb-VjJ_veDRZJ7We0b1KC_FKhycHaTw3tSeRlcrAGA3g7kZvhSG2Tl5rRAd7pJNc9n0j7llNKTID3c2XaePRSXITC5JPOlYfWvA3LaPrScCsXxu5GEj1fpTXc-6njxbJoNNxRwPWdjNkUyLxR_Zd6ppcmlIUsFP1IRqWWoIX4OYXj-0fjGj9tqOlr-pcJi-kuQ2AkgxrOd2qR7EiDJNwmt9vCtqwfriRCxNwGvkP67YQ4DFn-DP7I22OXHHn1iUqhqb7aS8CiKXvVLsNiigMlIKBdq7RMb7k2LBYUCILNq3Q_yxGIRloaNGTM-T06akOFTxfHKTdQ6C89SmNvQnH4dECElwQc26hC8BtqFXFE2Enkab9UUS-Gr1H67f7KuduUR-j_8DZuiSUjgl2bOIhRyzMaf5uBotZC0FyYfzg%26adurl%3D&documentReferer=https%3A%2F%2Fye-mek.net%2F&ancestorOrigins=https%3A%2F%2Fye-mek.net%2Chttps%3A%2F%2Fpcloak.blob.core.windows.net&random=368930642987&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 285
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1&google_push=ATf1kGPehVWoovkDw97Ro11TmspmTQ_uxkktGMIORexzgDm1yWqNCUpjsJAt62ls1sXCkLTu2-uV25vT76kCvJHQfCI2AP8OyBzSXA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM2NTQ0MjA4MzI1OTM0MjM2NQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1
Request Chain 286
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEKO4tGz6A9liq9fIHtLCs4c&google_cver=1&google_push=ATf1kGNBUYdHe90K-Z-0--BwANlXc3bok0yMLQ7PuFJ8VLFNdP2Z3Jfs1OCjmD_MFAPh0rQSnsq2j-lHWLRxAXSJKgm93wddQqa4DQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sQ47M-p2TOKR4YkssgyhfA2&google_push=ATf1kGNBUYdHe90K-Z-0--BwANlXc3bok0yMLQ7PuFJ8VLFNdP2Z3Jfs1OCjmD_MFAPh0rQSnsq2j-lHWLRxAXSJKgm93wddQqa4DQ
Request Chain 287
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBPMhP9nD3r_KkyO-JhlGU4&google_cver=1&google_push=ATf1kGM1swLWetrbUP-Y-kj_nKU4WzZfTt0UzshbUWl59wMZZF3mkwvLjluXKzmQP4FPZcCE-xJmSuzF0IA-N2ol9QpY6GQFryF7lQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBPMhP9nD3r_KkyO-JhlGU4&google_cver=1&google_push=ATf1kGM1swLWetrbUP-Y-kj_nKU4WzZfTt0UzshbUWl59wMZZF3mkwvLjluXKzmQP4FPZcCE-xJmSuzF0IA-N2ol9QpY6GQFryF7lQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjE4MDU0NDAyNzM2ODEzMDcyNQ&google_push=ATf1kGM1swLWetrbUP-Y-kj_nKU4WzZfTt0UzshbUWl59wMZZF3mkwvLjluXKzmQP4FPZcCE-xJmSuzF0IA-N2ol9QpY6GQFryF7lQ
Request Chain 289
  • https://match.360yield.com/match/ebda?google_gid=CAESECJ4puR2pfF00aXX-rmpr2c&google_cver=1&google_push=ATf1kGOPbsrSNFAfysw_ND0i5AKC7hzV_pmOur-V6YMn6-hPp_XATA8tEm_5m0IaH63BGjKMkmSoOGM9oc1w_forr2dCqamPeJTR HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESECJ4puR2pfF00aXX-rmpr2c&google_cver=1&google_push=ATf1kGOPbsrSNFAfysw_ND0i5AKC7hzV_pmOur-V6YMn6-hPp_XATA8tEm_5m0IaH63BGjKMkmSoOGM9oc1w_forr2dCqamPeJTR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f6SdvXMhSJq2linTdnkrmw&google_push=ATf1kGOPbsrSNFAfysw_ND0i5AKC7hzV_pmOur-V6YMn6-hPp_XATA8tEm_5m0IaH63BGjKMkmSoOGM9oc1w_forr2dCqamPeJTR
Request Chain 290
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAabW7euHIqXxLZTgbeILic&google_cver=1&google_push=ATf1kGMqcAyeaPmL1sHan-0_rW1Yle4dF7kCbbwAzM4JzP16utVTpQ58CbDagl_McKErEm44I5TDphGKDLJyhfg0loFXBnnLn65crQ HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGMqcAyeaPmL1sHan-0_rW1Yle4dF7kCbbwAzM4JzP16utVTpQ58CbDagl_McKErEm44I5TDphGKDLJyhfg0loFXBnnLn65crQ&google_gid=CAESEAabW7euHIqXxLZTgbeILic HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU0NDA2MTc5MTExMjc2NDU0MjE1Nw%3D%3D&google_push=ATf1kGMqcAyeaPmL1sHan-0_rW1Yle4dF7kCbbwAzM4JzP16utVTpQ58CbDagl_McKErEm44I5TDphGKDLJyhfg0loFXBnnLn65crQ
Request Chain 291
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHjQYe79V7U0iaK-5_G1fg4&google_cver=1&google_push=ATf1kGO9xAgySYHGbXYWN-tt02BBOMirr5-iE3T0Dyo7puYu7hssBEQNT0vSneP1uwLYLaizRUrfjv2TnyJGPwxNwf4Y3GsLps-WLfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGO9xAgySYHGbXYWN-tt02BBOMirr5-iE3T0Dyo7puYu7hssBEQNT0vSneP1uwLYLaizRUrfjv2TnyJGPwxNwf4Y3GsLps-WLfg HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 297
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=48065000152271500951389012319014&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2701254914
Request Chain 299
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2971405573823.553 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CJTYhcTv6P4CFTdZwgodpkIIAA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2971405573823.553
Request Chain 301
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=48065000152271500951389012319014&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=li HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=48065000152271500951389012319014&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=li
Request Chain 324
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1361081033438.3118 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CI2HkcTv6P4CFQ5NHgIdV40F5g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1361081033438.3118
Request Chain 326
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=88087000163259104444550012319016&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=88087000163259104444550012319016&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=
Request Chain 329
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1&google_push=ATf1kGOg1_Z0meiUDcFVhygXe-TWxAQKXtx8fcorp7uytC0kIM1C1cAn2aQqdoK-j8CrH-gEzEezp9oh-RODrdFZg0LlqcijkSNsNTCFS7He7kNy4qbhjoycnNppFNlMCs0FVsCeqvVF7BDM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM2NTQ0MjA4MzI1OTM0MjM2NQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1
Request Chain 331
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPFmtdJmi4jRLgshE4t8eXw&google_cver=1&google_push=ATf1kGOmLBSZAHw5_3Xc-cD2aczp6-mXBiJ2InW-1rweXxLMcHip-z28hoxCYKvwn6sNbTtHDWaFom6FbJJChujx0AigArD_XrKTNkYJC8LZCKiILP9DrcIp8CE3QtPs2A4WE81r7cWeR13S HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMTI1MjI2Mzc5MzEyOTYyMA%3D%3D&google_push=ATf1kGOmLBSZAHw5_3Xc-cD2aczp6-mXBiJ2InW-1rweXxLMcHip-z28hoxCYKvwn6sNbTtHDWaFom6FbJJChujx0AigArD_XrKTNkYJC8LZCKiILP9DrcIp8CE3QtPs2A4WE81r7cWeR13S
Request Chain 332
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAg7JBY6DIgf2BNL1Fb50uE&google_cver=1&google_push=ATf1kGNq6xiC4ydJV8g0l8U7doJ9zpV9xk7b9c4sIX7DpOIU8mwYcG5Z_SUJdmLQ5lKQ37LWt9rJEGshu-w-Hk9lb2L0JV54ZUU0P0DN4vDXfjJJ3smUYkMTatZHRj5YCiQtMGbevd1rak3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kqb9xCUUQ0Kx_ghyimY7yQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNq6xiC4ydJV8g0l8U7doJ9zpV9xk7b9c4sIX7DpOIU8mwYcG5Z_SUJdmLQ5lKQ37LWt9rJEGshu-w-Hk9lb2L0JV54ZUU0P0DN4vDXfjJJ3smUYkMTatZHRj5YCiQtMGbevd1rak3U
Request Chain 333
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKi78XV_6T1urxviq0EwLWc&google_cver=1&google_push=ATf1kGMUd05dRiEXtF-psPpj5pIl3LrTID5KJFnR-WesB4zZnG6GfKRd8DDo7CjCvE8y-gCOVi0-VNmIg3OYh3UW3L19cHbx2gYpqV_M2X7UvIsdwkJVnddUdiJt0m3EY1WzAmyi5HM7CZIR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMUd05dRiEXtF-psPpj5pIl3LrTID5KJFnR-WesB4zZnG6GfKRd8DDo7CjCvE8y-gCOVi0-VNmIg3OYh3UW3L19cHbx2gYpqV_M2X7UvIsdwkJVnddUdiJt0m3EY1WzAmyi5HM7CZIR
Request Chain 334
  • https://sync.inmobi.com/gob?google_gid=CAESELSreWCyT6lJLlLSOStP0Kw&google_cver=1&google_push=ATf1kGMfP0ZIz6r6mWGaUoBsH2CmxYjSaMWZ_jvvarRzX-1doDxKyoRQx20EV5WR2xv-iNRbsvAIDgvynT18vWLTKWCOZ15b-t8J8VxKfw1gRku9a9yOAgcoJIXX1dYV67ie0rQo-WzxHZP6cg HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMfP0ZIz6r6mWGaUoBsH2CmxYjSaMWZ_jvvarRzX-1doDxKyoRQx20EV5WR2xv-iNRbsvAIDgvynT18vWLTKWCOZ15b-t8J8VxKfw1gRku9a9yOAgcoJIXX1dYV67ie0rQo-WzxHZP6cg
Request Chain 335
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHjQYe79V7U0iaK-5_G1fg4&google_cver=1&google_push=ATf1kGNbim7y7yc4YvDT65-YC8E2yu_YIP7mcOV88ev4djI2RrP3JwLxQgs62RoxYvT6Q6a1y52DWfVMRdftf7GQqZFLec-JR7RiIgboETmOk6BMgTLgdULqcFTZLSP_1JVZJJ6wCBclzTiw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGNbim7y7yc4YvDT65-YC8E2yu_YIP7mcOV88ev4djI2RrP3JwLxQgs62RoxYvT6Q6a1y52DWfVMRdftf7GQqZFLec-JR7RiIgboETmOk6BMgTLgdULqcFTZLSP_1JVZJJ6wCBclzTiw HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 359
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1&google_push=ATf1kGNG6QDd9cG3eFCTeaU-rffJDLmRiffPIMaWt4kYUc93dLC2rXTl7Ggo3X5qy51KWUAcuZ6J5jM99j5qIrZTUAyQ2a-lObG2r6gL0U0yoIyfEDSIBFtJrfisH3MoZ5mVJOfFSKORFnnr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM2NTQ0MjA4MzI1OTM0MjM2NQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1
Request Chain 360
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOoRotqVfVEQA79qgxHTHdk&google_cver=1&google_push=ATf1kGP49RRlbZ0WLNrS5iBfmxFoT7k0mToe5cXOqz8lC5Rbdlox1-Yfi4knp3zsGFqad3Yfc2uf4WRKe54pAuzMORYs2h3-yTjhWbqU_dh5H8UhiH3ttvAXwqCwscQY6AiExe90gaXbDVxn HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=9476bdd1-23fc-405f-9798-295964833a66&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP49RRlbZ0WLNrS5iBfmxFoT7k0mToe5cXOqz8lC5Rbdlox1-Yfi4knp3zsGFqad3Yfc2uf4WRKe54pAuzMORYs2h3-yTjhWbqU_dh5H8UhiH3ttvAXwqCwscQY6AiExe90gaXbDVxn&google_hm=70e5aixxSq6Xuz8jMpjQjQ==
Request Chain 361
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJyDpDO7RUMUhSTenVbJaSU&google_cver=1&google_push=ATf1kGNaYoucKJ-c23IJdv5CGpHaYsMmnujSn-FbpxjdGLiZo2WJhKLn4jgwiEmlMGx8D-jc9ZlMtlD1m0_2BPBLgaHdO0ngu32Ofeq2D7rr01EbMo_qeijHhhZPFWfpEczi_q7Jexuva29Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhHTFo1WUktRy1JOUZD&google_push=ATf1kGNaYoucKJ-c23IJdv5CGpHaYsMmnujSn-FbpxjdGLiZo2WJhKLn4jgwiEmlMGx8D-jc9ZlMtlD1m0_2BPBLgaHdO0ngu32Ofeq2D7rr01EbMo_qeijHhhZPFWfpEczi_q7Jexuva29Q
Request Chain 362
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEH7NoLwG1uYeVObEVqit8pk&google_cver=1&google_push=ATf1kGPb3CenVm5wY01sB5tBiCK8EEQF1KhHCc62R_XJmh-L4M8_5zw-s8PW_HHI1d8U7K_f-cKkfWb333KH_arZj73zRP5zq9--cpr7-yihA-7NZLCVk_q8fX7TFBPwnZVTGx_Nayz1ZBTR HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPb3CenVm5wY01sB5tBiCK8EEQF1KhHCc62R_XJmh-L4M8_5zw-s8PW_HHI1d8U7K_f-cKkfWb333KH_arZj73zRP5zq9--cpr7-yihA-7NZLCVk_q8fX7TFBPwnZVTGx_Nayz1ZBTR&google_hm=GnjXpGZHNs6m3ECwSA-60rKZ
Request Chain 363
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAabW7euHIqXxLZTgbeILic&google_cver=1&google_push=ATf1kGPB-JKrGD7hUt6j3H0eyQyxzsOk3lbdcQDey6tT9BGVQnE-ii49CcTJ56cHXdTVSeBu1iJBYuGrW1zhJHU-lMYB3VlOqXD6blmEuspULEViCZx3ilb0ghi5r3PbHNSdkYQ8XAUplB4_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU0NDA2MTc5MTExMjc2NDU0MjE1Nw%3D%3D&google_push=ATf1kGPB-JKrGD7hUt6j3H0eyQyxzsOk3lbdcQDey6tT9BGVQnE-ii49CcTJ56cHXdTVSeBu1iJBYuGrW1zhJHU-lMYB3VlOqXD6blmEuspULEViCZx3ilb0ghi5r3PbHNSdkYQ8XAUplB4_
Request Chain 364
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDOBaiP3uNIE2439aOm0MdQ&google_cver=1&google_push=ATf1kGPSIOKRq83MBcOO_Z3lAKeRuBnDzBrnuZXIEooNEcGHjNqrhr2GSZ3HO4kabYQ65yFTRLXDCZHPGaBi2iwvbCAVU92ypG7mU8YjB2Pf8qzs4VMc0VAqVlZepKMMsMjYQJmklqxlI2U84w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uX1QwS0psRTJ1RnBlelZFenhEWVdiaXFleE0xbEpNYn5B&google_push=ATf1kGPSIOKRq83MBcOO_Z3lAKeRuBnDzBrnuZXIEooNEcGHjNqrhr2GSZ3HO4kabYQ65yFTRLXDCZHPGaBi2iwvbCAVU92ypG7mU8YjB2Pf8qzs4VMc0VAqVlZepKMMsMjYQJmklqxlI2U84w
Request Chain 365
  • https://sync.inmobi.com/gob?google_gid=CAESELSreWCyT6lJLlLSOStP0Kw&google_cver=1&google_push=ATf1kGNsSli0495BH9JI98G9G2UGJouQkNtdtlcIdAOj-NAHcHPykrzTMjO4eSPdgujc5Y4yp6wd9csRI_6FC6UR8tElRu7qZCbNBpeYod3fEGS1DrsWM2Xs0eTtlHTnHmU2GV6aROKA7LN2kg HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGNsSli0495BH9JI98G9G2UGJouQkNtdtlcIdAOj-NAHcHPykrzTMjO4eSPdgujc5Y4yp6wd9csRI_6FC6UR8tElRu7qZCbNBpeYod3fEGS1DrsWM2Xs0eTtlHTnHmU2GV6aROKA7LN2kg
Request Chain 391
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=j0FRlHw5dmNRK2hkbittSnppUFFNM1VZTEExZW1mZTZmMDd6WlBzOGdoSHVmRHEyeTV1RTR1MjRFbmtjS3pQQmJIcWJCREhoSTZ2STV4ZnpsOUowOHlOZ2JXZFZkSll4WjZKRWUzU3F2SnBQMHNWdmRMaGlGV1NvU1hlSlZBakNBUnNvR25DV1loR29UN1VzTFhTQnM2UFFIZnVrSXhVSFI5M0E0QlJrVi9QMDVDZkRCOWFSVEs3NmttUHVrMnVPUit5Y2tCS3dEQW5ReU96WHJmRFR6OEovbnB5dWdOOFFTTlBDYzVBZ1JVK213dDd3UXNXdHlnR2FsZmI4aktoUTBzbVpaeXFMZ1F4UU5PeG5YVHJkdFdQRmJtVm9Id3Y1WGdVNHk2b0tJQ3hyRkk2az18&cppv=2

409 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6x6uf5z9e3262.html
pcloak.blob.core.windows.net/web/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
1324
Content-MD5
XPHdOVCmWyxrVVstkB9xGw==
Content-Type
text/html
Date
Tue, 09 May 2023 18:31:54 GMT
ETag
0x8DB304DFD1C41BC
Last-Modified
Wed, 29 Mar 2023 12:06:12 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
b14a55f3-901e-002c-4ba4-82aea2000000
x-ms-version
2009-09-19
jquery.min.js
pcloak.blob.core.windows.net/web/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-request-id
b14a5646-901e-002c-17a4-82aea2000000
Date
Tue, 09 May 2023 18:31:54 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
cloakan.js
pcloak.blob.core.windows.net/web/ 		308 B
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 09 May 2023 18:31:54 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zPiKctHo6j8i1UGOFPpInw==
ETag
0x8DA4D4A263C11C2
Content-Type
text/javascript
x-ms-request-id
b14a5709-901e-002c-33a4-82aea2000000
x-ms-version
2009-09-19
Content-Length
308
style.css
pcloak.blob.core.windows.net/web/ 		166 B
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/style.css
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 09 May 2023 18:31:54 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
9ruAIrm4XHnQO3/sM8J0AQ==
ETag
0x8DA4D4A26527CA0
Content-Type
text/css
x-ms-request-id
b14a569f-901e-002c-69a4-82aea2000000
x-ms-version
2009-09-19
Content-Length
166
px.php
www.cloakan.co/ 		55 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/px.php?id=6x6uf5z9e3262
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
a9f55a9e4658a9960455f9485c446ea9874f2590ae283801311d84e908536cc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:52 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
45
nv.php
www.cloakan.co/ 		232 B
385 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:52 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
112
/
ye-mek.net/ Frame 2370 		77 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/
Requested by
Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d8070dc118244a41d42c2b02f2dd3b91b733dd0149c9a0c18bbd38441642fad2

Request headers

Referer
https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-length
78999
content-type
text/html; charset=utf-8
date
Tue, 09 May 2023 18:31:55 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 2370 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:52:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178748
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 May 2024 16:52:48 GMT
yemeknet.js
ye-mek.net/js/ Frame 2370 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/js/yemeknet.js?v=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 09 May 2023 18:31:55 GMT
content-encoding
br
last-modified
Tue, 20 Aug 2019 13:15:54 GMT
server
Microsoft-IIS/10.0
etag
"0a144655957d51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=691200
accept-ranges
bytes
content-length
2179
maincss.css
cdn.ye-mek.net/ Frame 2370 		40 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ye-mek.net/maincss.css?v=434
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
1847663
x-accel-date
1681809453
x-77-nzt
AcO1qhHMWRX/bzEcAA
x-accel-expires
@1713345453
last-modified
Tue, 24 Nov 2020 00:00:32 GMT
server
CDN77-Turbo
etag
W/"5fbc4d20-9e5b"
x-77-nzt-ray
4c15622401ab29569c915a64f372ff14
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/ Frame 2370 		116 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-38733763-1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a58159698e48085e6df7437e71cf0138a890c419929fb3e844564fd3c875f1ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46308
x-xss-protection
0
last-modified
Tue, 09 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 May 2023 18:31:56 GMT
WebResource.axd
ye-mek.net/ Frame 2370 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/WebResource.axd?d=YeedoL8dFzo5gymDuarFXngFaaXpLN8jYlixY-HzMyr_r8lEwXsCQefYQgi2kFzYfrVacpu_9us1eVTBWQamZuI0ynrH9LDfafZF-A5wZF41&t=637811837229275428
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 09 May 2023 18:31:55 GMT
last-modified
Wed, 23 Feb 2022 00:28:42 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/x-javascript
cache-control
public
content-length
23063
expires
Sat, 04 May 2024 23:14:43 GMT
searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame 2370 		542 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1847728
x-accel-date
1681809388
content-length
542
x-77-nzt
AcO1qhHuRor/sDEcAA
x-accel-expires
@1713345388
last-modified
Sat, 22 Oct 2022 20:00:57 GMT
server
CDN77-Turbo
etag
"63544bf9-21e"
x-77-nzt-ray
4c15622401ab29569c915a645ac41c15
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ara.png
cdn.ye-mek.net/App_UI/Img/ Frame 2370 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1847663
x-accel-date
1681809453
content-length
1651
x-77-nzt
AcO1qhEA6lL/bzEcAA
x-accel-expires
@1713345453
last-modified
Mon, 14 May 2018 22:41:08 GMT
server
CDN77-Turbo
etag
"5afa1084-673"
x-77-nzt-ray
4c15622401ab29569c915a64460c4217
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
karnabahar-yapragi-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 2370 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/karnabahar-yapragi-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3f064267c64c1eeca604b20f9d60538c32c14e90528441d0524c2f30161f8b47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
71651
x-accel-date
1683585465
content-length
14031
x-77-nzt
AcO1qhGV3k3/4xcBAA
x-accel-expires
@1715121465
last-modified
Mon, 08 May 2023 22:19:39 GMT
server
CDN77-Turbo
etag
"6459757b-36cf"
x-77-nzt-ray
4c15622401ab29569c915a64c1124a17
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
zeytinyagli-enginar-salatasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 2370 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/zeytinyagli-enginar-salatasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
efa0aa8f99033bd687f63ef2f19f84814fdd5edb4d9fafceeb0e0f940a2bac17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
154570
x-accel-date
1683502546
content-length
18456
x-77-nzt
AcO1qhGlMdr/ylsCAA
x-accel-expires
@1715038546
last-modified
Sun, 07 May 2023 23:11:37 GMT
server
CDN77-Turbo
etag
"64583029-4818"
x-77-nzt-ray
4c15622401ab29569c915a644c56f617
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ciris-otu-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 2370 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ciris-otu-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
08312dffbe6174bc11fb0bcef11263bfbb5837002aba7f264c1d6e22afa6a18e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
246298
x-accel-date
1683410818
content-length
17778
x-77-nzt
AcO1qhGqeVv/GsIDAA
x-accel-expires
@1714946818
last-modified
Sat, 06 May 2023 21:50:54 GMT
server
CDN77-Turbo
etag
"6456cbbe-4572"
x-77-nzt-ray
4c15622401ab29569c915a64527afe17
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
domatesli-sucuklu-yumurta-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 2370 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/domatesli-sucuklu-yumurta-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6600e1694c2b233a40d34171684358f1e526b3c4bb984d3ce2de4d625867f8e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
329390
x-accel-date
1683327726
content-length
17321
x-77-nzt
AcO1qhFLN8f/rgYFAA
x-accel-expires
@1714863726
last-modified
Fri, 05 May 2023 22:47:09 GMT
server
CDN77-Turbo
etag
"6455876d-43a9"
x-77-nzt-ray
4c15622401ab29569c915a64bb4b0a18
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ramazan-pidesinden-yalanci-iskender-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2013/07/ Frame 2370 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2013/07/ramazan-pidesinden-yalanci-iskender-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3002b527e1cb5e6d8601854825ff1a291b37dfe3e190c02eb7ac1ad76cb12898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1846748
x-accel-date
1681810368
content-length
17200
x-77-nzt
AcO1qhGH8ij/3C0cAA
x-accel-expires
@1713346368
last-modified
Wed, 01 May 2019 22:16:10 GMT
server
CDN77-Turbo
etag
"5cca1aaa-4330"
x-77-nzt-ray
4c15622401ab29569c915a64cfbb0d18
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-sebzeli-kofte-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/10/ Frame 2370 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/10/firinda-sebzeli-kofte-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1bcc8d5cdbed6a33503d2ae64747a7836b86b5772d02199b93ca2b6b86c65563

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1847092
x-accel-date
1681810024
content-length
12025
x-77-nzt
AcO1qhGwB/L/NC8cAA
x-accel-expires
@1713346024
last-modified
Wed, 01 May 2019 23:25:31 GMT
server
CDN77-Turbo
etag
"5cca2aeb-2ef9"
x-77-nzt-ray
4c15622401ab29569c915a645db11018
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
nohutlu-misket-kofte-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2014/02/ Frame 2370 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2014/02/nohutlu-misket-kofte-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
50282fee83281adfa1bd8aa7771950d435a2799ca90959ae8f3a483ff4fb0be0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1846748
x-accel-date
1681810368
content-length
13272
x-77-nzt
AcO1qhGb+pv/3C0cAA
x-accel-expires
@1713346368
last-modified
Wed, 01 May 2019 22:22:18 GMT
server
CDN77-Turbo
etag
"5cca1c1a-33d8"
x-77-nzt-ray
4c15622401ab29569c915a6431b81318
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
soslu-tavuk-kizartmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/02/ Frame 2370 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/02/soslu-tavuk-kizartmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9ceb7464fd907c8a73e70b85c142e987072812977b9a17e742a734b50be481ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1846866
x-accel-date
1681810250
content-length
14314
x-77-nzt
AcO1qhEHImj/Ui4cAA
x-accel-expires
@1713346250
last-modified
Sat, 26 Feb 2022 22:43:44 GMT
server
CDN77-Turbo
etag
"621aad20-37ea"
x-77-nzt-ray
4c15622401ab29569c915a64462f1618
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
mantarli-et-sote-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2014/08/ Frame 2370 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2014/08/mantarli-et-sote-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
17161789662498342bcddeec410c1700c09eddcbace6cef97762e1b657553c75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1847350
x-accel-date
1681809766
content-length
13860
x-77-nzt
AcO1qhHcuQb/NjAcAA
x-accel-expires
@1713345766
last-modified
Wed, 01 May 2019 22:27:51 GMT
server
CDN77-Turbo
etag
"5cca1d67-3624"
x-77-nzt-ray
4c15622401ab29569c915a648dbaca18
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
acem-koftesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/03/ Frame 2370 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/03/acem-koftesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b0a9edd9406b9e846d2613b16def49dca3d2307816622cb274acc4d0d2314245

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1847087
x-accel-date
1681810029
content-length
14065
x-77-nzt
AcO1qhF6ObH/Ly8cAA
x-accel-expires
@1713346029
last-modified
Sun, 15 Mar 2020 20:02:10 GMT
server
CDN77-Turbo
etag
"5e6e89c2-36f1"
x-77-nzt-ray
4c15622401ab29569c915a648be4ce18
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
etli-sogan-dolmasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/03/ Frame 2370 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2015/03/etli-sogan-dolmasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f973d75ead19729433907ba993cee75784ac0ba25a5f229c3091e7f45966b1a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1847022
x-accel-date
1681810094
content-length
12894
x-77-nzt
AcO1qhFTrmn/7i4cAA
x-accel-expires
@1713346094
last-modified
Wed, 01 May 2019 22:39:26 GMT
server
CDN77-Turbo
etag
"5cca201e-325e"
x-77-nzt-ray
4c15622401ab29569c915a64b579d118
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
falafel-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/10/ Frame 2370 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/10/falafel-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
25b0fc18fa46dfcb28fdab9b486f78a11dc35790fdfc410b1af2c062410e14d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1847502
x-accel-date
1681809614
content-length
13336
x-77-nzt
AcO1qhFhhjX/zjAcAA
x-accel-expires
@1713345614
last-modified
Wed, 07 Oct 2020 22:28:47 GMT
server
CDN77-Turbo
etag
"5f7e411f-3418"
x-77-nzt-ray
4c15622401ab29569c915a648c39d418
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavada-domates-soslu-kofte-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame 2370 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/tavada-domates-soslu-kofte-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6ce801c9b5a18d6e9a2b6914f7fcbb927cacf7199e21c2318ac42e594102e2a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1845433
x-accel-date
1681811683
content-length
14222
x-77-nzt
AcO1qhEn/Qj/uSgcAA
x-accel-expires
@1713347683
last-modified
Thu, 07 Apr 2022 21:23:55 GMT
server
CDN77-Turbo
etag
"624f566b-378e"
x-77-nzt-ray
4c15622401ab29569c915a64148bd618
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sebzeli-yahni-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/11/ Frame 2370 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2019/11/sebzeli-yahni-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
89aaa0ce1877279f39fc4f3451e07fbbbafadc7a46827a4d56e88fcc98a7c3c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1842040
x-accel-date
1681815076
content-length
11422
x-77-nzt
AcO1qhE76T7/eBscAA
x-accel-expires
@1713351076
last-modified
Thu, 28 Nov 2019 21:35:18 GMT
server
CDN77-Turbo
etag
"5de03d96-2c9e"
x-77-nzt-ray
4c15622401ab29569c915a64f9e7d818
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sulu-et-kavurma-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/02/ Frame 2370 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/02/sulu-et-kavurma-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f5bc40f0b27ed579e44b85aa0f4f6213464143adc31ae92ad6894f8b5f37698c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1844017
x-accel-date
1681813099
content-length
14369
x-77-nzt
AcO1qhEfxx7/MSMcAA
x-accel-expires
@1713349099
last-modified
Mon, 27 Feb 2023 20:59:38 GMT
server
CDN77-Turbo
etag
"63fd19ba-3821"
x-77-nzt-ray
4c15622401ab29569c915a64a726dc18
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tencerede-etli-patlican-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/08/ Frame 2370 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/08/tencerede-etli-patlican-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8e2b2033aae5f2ebbc9b92291c3cdfa7a084429d21d85b382e39dfbd875b5f55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1843228
x-accel-date
1681813888
content-length
13086
x-77-nzt
AcO1qhHQinL/HCAcAA
x-accel-expires
@1713349888
last-modified
Wed, 01 May 2019 23:03:11 GMT
server
CDN77-Turbo
etag
"5cca25af-331e"
x-77-nzt-ray
4c15622401ab29569c915a64d919e018
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-tavuk-kanat-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/11/ Frame 2370 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/11/firinda-tavuk-kanat-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
81e566e70ca8804ec2feea476a39833bf39fb650efffdf3530cb0e94072990dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1845636
x-accel-date
1681811480
content-length
15895
x-77-nzt
AcO1qhGy8En/hCkcAA
x-accel-expires
@1713347480
last-modified
Mon, 31 Oct 2022 23:01:54 GMT
server
CDN77-Turbo
etag
"636053e2-3e17"
x-77-nzt-ray
4c15622401ab29569c915a648ecce218
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tencerede-tavuk-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame 2370 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/tencerede-tavuk-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8cf97490bbe44aa43c01097db31f7bea02acaf111fbc3b6dde31745faf9d8d18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1845675
x-accel-date
1681811441
content-length
13718
x-77-nzt
AcO1qhHTeZX/qykcAA
x-accel-expires
@1713347441
last-modified
Sat, 23 Apr 2022 23:47:42 GMT
server
CDN77-Turbo
etag
"6264901e-3596"
x-77-nzt-ray
4c15622401ab29569c915a64e0a8e518
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
lokanta-usulu-tavuk-sote-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/05/ Frame 2370 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/05/lokanta-usulu-tavuk-sote-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d6350ccbc96e6f4089866ba29b8e2fcdf961c3c5b428e8611226d39922e1fce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1847350
x-accel-date
1681809766
content-length
15502
x-77-nzt
AcO1qhH3boX/NjAcAA
x-accel-expires
@1713345766
last-modified
Tue, 17 May 2022 22:25:33 GMT
server
CDN77-Turbo
etag
"628420dd-3c8e"
x-77-nzt-ray
4c15622401ab29569c915a6435c3e718
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavuklu-kereviz-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/10/ Frame 2370 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2019/10/tavuklu-kereviz-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4c6847d6c187314e234ace1a963c78c659d2429c0790444c674b5d72180822bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
691281
x-accel-date
1682965835
content-length
12025
x-77-nzt
AcO1qhG0Uyr/UYwKAA
x-accel-expires
@1714501835
last-modified
Wed, 09 Oct 2019 22:00:21 GMT
server
CDN77-Turbo
etag
"5d9e5875-2ef9"
x-77-nzt-ray
4c15622401ab29569c915a64c19dea18
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
karnabahar-boregi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/01/ Frame 2370 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/01/karnabahar-boregi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8bd59dbd2de433805f99595ba87016b5127da170c0ca22506f610ed251b43d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1844669
x-accel-date
1681812447
content-length
12168
x-77-nzt
AcO1qhEEqM3/vSUcAA
x-accel-expires
@1713348447
last-modified
Fri, 03 Jan 2020 22:54:30 GMT
server
CDN77-Turbo
etag
"5e0fc626-2f88"
x-77-nzt-ray
4c15622401ab29569c915a6465ecec18
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
zeytinyagli-havuclu-taze-fasulye-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/09/ Frame 2370 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/09/zeytinyagli-havuclu-taze-fasulye-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
372e646203759b4bf2ddab1f01469d03dd8bc920f187a3a09bb316f4edf6d604

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1844602
x-accel-date
1681812514
content-length
14135
x-77-nzt
AcO1qhFfyrT/eiUcAA
x-accel-expires
@1713348514
last-modified
Sat, 11 Sep 2021 20:22:26 GMT
server
CDN77-Turbo
etag
"613d1002-3737"
x-77-nzt-ray
4c15622401ab29569c915a64b1e4ee18
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
mastave-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/01/ Frame 2370 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/01/mastave-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ec5725d4053198fbf31e6d9122e875de3dc5434a7f80748fb848704caf82b322

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
257421
x-accel-date
1683399695
content-length
13465
x-77-nzt
AcO1qhGdutD/je0DAA
x-accel-expires
@1714935695
last-modified
Thu, 16 Jan 2020 13:07:50 GMT
server
CDN77-Turbo
etag
"5e206026-3499"
x-77-nzt-ray
4c15622401ab29569c915a642e16f118
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
domatesli-kabak-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/06/ Frame 2370 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/06/domatesli-kabak-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c43a592c09224db2985a3e074e7b50afe274ddce2b680b73e8f3a9c5cda4d35b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1847011
x-accel-date
1681810105
content-length
14650
x-77-nzt
AcO1qhEYzTn/4y4cAA
x-accel-expires
@1713346105
last-modified
Wed, 16 Jun 2021 22:40:57 GMT
server
CDN77-Turbo
etag
"60ca7df9-393a"
x-77-nzt-ray
4c15622401ab29569c915a6490a0f318
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
mahluta-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/11/ Frame 2370 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/11/mahluta-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
837d63620657b055c980948022e01ba5c63c986d3d08ca7db80558411eab45d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1845619
x-accel-date
1681811497
content-length
12542
x-77-nzt
AcO1qhGF+zz/cykcAA
x-accel-expires
@1713347497
last-modified
Wed, 01 May 2019 23:07:46 GMT
server
CDN77-Turbo
etag
"5cca26c2-30fe"
x-77-nzt-ray
4c15622401ab29569c915a647a68f618
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kiymali-eriste-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/10/ Frame 2370 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/10/kiymali-eriste-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b7f9dd809e14987cdbb5ee6fbd75e26d393b2ebe2334d207c22f3c667f572527

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1846700
x-accel-date
1681810416
content-length
12703
x-77-nzt
AcO1qhFW5Fn/rC0cAA
x-accel-expires
@1713346416
last-modified
Wed, 14 Oct 2020 19:09:41 GMT
server
CDN77-Turbo
etag
"5f874cf5-319f"
x-77-nzt-ray
4c15622401ab29569c915a64baa5f818
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sakala-carpan-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 2370 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/sakala-carpan-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
efb6dfb64e21ed016f93813c7b6995a3e3692b1cc0eb1baeaa282c63a2982931

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1847087
x-accel-date
1681810029
content-length
14165
x-77-nzt
AcO1qhEghzP/Ly8cAA
x-accel-expires
@1713346029
last-modified
Mon, 11 May 2020 23:56:30 GMT
server
CDN77-Turbo
etag
"5eb9e62e-3755"
x-77-nzt-ray
4c15622401ab29569c915a64fdb2fa18
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
lokanta-usulu-tavuk-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/05/ Frame 2370 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2018/05/lokanta-usulu-tavuk-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
dcec8e322946988e0dc8c0a1da7a7df028ed2b63b35975780ffa05c62ba9a89c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1847166
x-accel-date
1681809950
content-length
9571
x-77-nzt
AcO1qhEvEJH/fi8cAA
x-accel-expires
@1713345950
last-modified
Wed, 01 May 2019 23:34:26 GMT
server
CDN77-Turbo
etag
"5cca2d02-2563"
x-77-nzt-ray
4c15622401ab29569c915a64226ffc18
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kadayifli-muhallebi-tatlisi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/10/ Frame 2370 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/10/kadayifli-muhallebi-tatlisi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a5364714410c6f8279a8656b3840c8e219f8181a8cce8d15ea1d95508d429ca0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1847325
x-accel-date
1681809791
content-length
11611
x-77-nzt
AcO1qhFwvLX/HTAcAA
x-accel-expires
@1713345791
last-modified
Wed, 01 May 2019 23:25:19 GMT
server
CDN77-Turbo
etag
"5cca2adf-2d5b"
x-77-nzt-ray
4c15622401ab29569c915a64538bfe18
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
hazir-yufkadan-tahinli-corek-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/10/ Frame 2370 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/10/hazir-yufkadan-tahinli-corek-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5182022130b0a566e7428e13a6504ea855e11c82e27b7ccd3b0c0ae05184506f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1845500
x-accel-date
1681811616
content-length
16218
x-77-nzt
AcO1qhHxK47//CgcAA
x-accel-expires
@1713347616
last-modified
Fri, 16 Oct 2020 22:56:35 GMT
server
CDN77-Turbo
etag
"5f8a2523-3f5a"
x-77-nzt-ray
4c15622401ab29569c915a64942e0019
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sade-kek-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/11/ Frame 2370 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/11/sade-kek-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a498ff757038abe0601ed0855c1b760ee237e42f5c40b97e936dc057e1970762

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1843900
x-accel-date
1681813216
content-length
10222
x-77-nzt
AcO1qhHkY4D/vCIcAA
x-accel-expires
@1713349216
last-modified
Wed, 01 May 2019 23:26:29 GMT
server
CDN77-Turbo
etag
"5cca2b25-27ee"
x-77-nzt-ray
4c15622401ab29569c915a646ff00119
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sutlu-rulo-tatli-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/03/ Frame 2370 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/03/sutlu-rulo-tatli-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fd79c048494ceddf0d76c4404607554bfe9c3f85a400875a769f260be2228506

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1847365
x-accel-date
1681809751
content-length
12656
x-77-nzt
AcO1qhFw1aT/RTAcAA
x-accel-expires
@1713345751
last-modified
Tue, 17 Mar 2020 22:34:58 GMT
server
CDN77-Turbo
etag
"5e715092-3170"
x-77-nzt-ray
4c15622401ab29569c915a64574e0419
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-incir-receli-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/09/ Frame 2370 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/09/firinda-incir-receli-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
990bbe1e3b4f91ae63065bede517e70cb1b6db8d2cf5f134fee2cf1caa88ef09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1836773
x-accel-date
1681820343
content-length
17031
x-77-nzt
AcO1qhFU3IL/5QYcAA
x-accel-expires
@1713356343
last-modified
Tue, 27 Sep 2022 21:48:31 GMT
server
CDN77-Turbo
etag
"63336faf-4287"
x-77-nzt-ray
4c15622401ab29569c915a64bce20619
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
patatesli-serit-pogaca-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/02/ Frame 2370 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/02/patatesli-serit-pogaca-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
252b9f0c25fe0a0fa1fbc01ad75bea88b71de9879beba50db46cd05948573b63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1846179
x-accel-date
1681810937
content-length
15791
x-77-nzt
AcO1qhESoJv/oyscAA
x-accel-expires
@1713346937
last-modified
Wed, 01 May 2019 22:54:25 GMT
server
CDN77-Turbo
etag
"5cca23a1-3daf"
x-77-nzt-ray
4c15622401ab29569c915a646d720a19
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-peynirli-sucuklu-ekmek-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/06/ Frame 2370 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/06/firinda-peynirli-sucuklu-ekmek-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a3f85d0932cdef1a67dd25b58aa323a482829c5a05553f11af79f22205227b78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
946434
x-accel-date
1682710682
content-length
16524
x-77-nzt
AcO1qhFDkUH/AnEOAA
x-accel-expires
@1714246682
last-modified
Fri, 18 Jun 2021 22:39:33 GMT
server
CDN77-Turbo
etag
"60cd20a5-408c"
x-77-nzt-ray
4c15622401ab29569c915a6417240d19
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tepsi-pizzasi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/04/ Frame 2370 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/04/tepsi-pizzasi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
409e0aab336d8c46e59dd95de86d035fa8f05975848f2e24f2c5f7cd6a5b6981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1843945
x-accel-date
1681813171
content-length
16551
x-77-nzt
AcO1qhFgF6n/6SIcAA
x-accel-expires
@1713349171
last-modified
Fri, 10 Apr 2020 23:07:36 GMT
server
CDN77-Turbo
etag
"5e90fc38-40a7"
x-77-nzt-ray
4c15622401ab29569c915a64dfae0f19
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
_dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame 2370 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:56 GMT
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
Microsoft-IIS/10.0
etag
"8ae3cdbd420cc1:0"
x-powered-by
ASP.NET
x-hw
1683657116.cds334.fr8.hn,1683657116.cds153.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length
5605
addthis_widget.js
s7.addthis.com/js/300/ Frame 2370 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Tue, 09 May 2023 18:31:56 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
x-host
s7.addthis.com
content-length
116356
DMCABadgeHelper.min.js
images.dmca.com/Badges/ Frame 2370 		465 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:56 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
Microsoft-IIS/10.0
etag
"26b181f16d28d51:0"
x-powered-by
ASP.NET
x-hw
1683657116.cds334.fr8.hn,1683657116.cds057.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length
395
analytics.js
www.google-analytics.com/ Frame 2370 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 May 2023 17:05:00 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
5216
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 09 May 2023 19:05:00 GMT
outside.js
static.virgul.com/theme/mockups/adcode/ Frame 2370 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19486
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
3bf48016240e2a08d327f70eed169e186b2fca957544ed5c02e9b7c6c9af7d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:56 GMT
content-encoding
gzip
last-modified
Tue, 18 Apr 2023 08:37:30 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
sdk.js
connect.facebook.net/tr_TR/ Frame 2370 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dd1a556fbb800176f7d5a44697d519b5866497298a80d86ce71258878a1699dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 May 2023 18:31:56 GMT
content-md5
UqoIuxmjGj99Zb1otbJD+g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
uPuEkxoNt9CnIPQFdbjGU96gP5dJURpdiC9Jo7h7wimQ4OtnjfNdbCGFyLtfmEmbDCyo3e7//v5RKQjaimSabA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
92b1ef208e4bba5c711f3e796280081a
cross-origin-opener-policy
same-origin-allow-popups
etag
"2c78577b462613e4e6f40943cb92354a"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=()
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 09 May 2023 18:48:31 GMT
sprite_3.png
cdn.ye-mek.net/grafik/ Frame 2370 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by
Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ye-mek.net/maincss.css?v=434
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 09 May 2023 18:31:56 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1847663
x-accel-date
1681809453
content-length
21525
x-77-nzt
AcO1qhHCspv/bzEcAA
x-accel-expires
@1713345453
last-modified
Mon, 14 May 2018 20:55:05 GMT
server
CDN77-Turbo
etag
"5af9f7a9-5415"
x-77-nzt-ray
4c15622401ab29569c915a64e5f41119
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sdk.js
connect.facebook.net/tr_TR/ Frame 2370 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js?hash=6c1243ab88da24be1baa82ba9032f51a
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a6a40a037a323ea0193d12da9fbe0e2ffa846926b02e5f4113c737b54b9df2b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 May 2023 18:31:56 GMT
content-md5
Ct3UGYeA3OdhT6we+AY/sw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88756
x-fb-rlafr
0
x-fb-debug
oNpugs2xUcm/kOTUYTIjQiMJD51jlfyWA7WIRo2O7opePYEzXdoF9JE+V/lOQNyOGoVAOl7xxZXZ5I/w46uXkA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
71d659fa3969b3e3d8cc82f4567358c0
cross-origin-opener-policy
same-origin-allow-popups
etag
"f7c14a0d4af67e2a43f983386757f755"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Wed, 08 May 2024 15:48:35 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ Frame 2370 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-152.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
date
Tue, 09 May 2023 18:31:56 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=57569
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2370 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
394784db8f1548580be30b4f13128de9ffe9324758ba926b9fddf4eb9fd5d34d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25001
x-xss-protection
0
server
cafe
etag
265 / 19486 / 31074455 / config-hash: 16246440820329187477
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 09 May 2023 18:31:56 GMT
ads.js
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame 2370 		120 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:56 GMT
last-modified
Wed, 21 Dec 2022 18:47:42 GMT
server
openresty/1.15.8.3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
120
str.html
static.virgul.com/theme/mockups/outside/ Frame 7A7F 		891 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=5184000
content-length
891
content-type
text/html
date
Tue, 09 May 2023 18:31:56 GMT
last-modified
Wed, 28 Sep 2022 10:07:57 GMT
server
openresty/1.15.8.3
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2370 		137 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acac9ddaca9bc322ef1bd381f8d7a6ce1e86642d386187aa318324da93db7132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47516
x-xss-protection
0
server
cafe
etag
16065168302868920475
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 09 May 2023 18:31:56 GMT
prebid7.38.0.js
static.virgul.com/theme/mockups/outside/ Frame 2370 		489 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:56 GMT
content-encoding
gzip
last-modified
Mon, 27 Mar 2023 14:56:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
apstag.js
c.amazon-adsystem.com/aax2/ Frame 2370 		227 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e81437bacb2eadf8e9892f7c4423437a86ed8249bf77dcf71770909857779174

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:20:37 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
last-modified
Wed, 03 May 2023 19:16:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
680
x-amz-server-side-encryption
AES256
etag
W/"e301ce991ef543783521cd0156a962ee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
80eOog8W789PRA3nPWO349TXOiuBNxtHgjcTulpNnw-OX4SWNVu4lg==
pageview
ng.virgul.com/ Frame 2370 		33 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/pageview?c=site_geneli&mt=1683657116746&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.45910989763484444
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
2a82fb8b7b9217af38c4b984de5bbffaadf100667dc4adca701c2da34174c9a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:56 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://ye-mek.net
content-type
application/javascript
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
yemek_net.js
static.virgul.com/theme/mockups/fallback/ Frame 2370 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19486
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
58712a4f1909f78e6b3cb7b01dfbb8e2952037880985e4fc91ccf08d37a7bd84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:56 GMT
content-encoding
gzip
last-modified
Sun, 07 May 2023 21:23:14 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
hb
ng.virgul.com/ Frame 2370 		49 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=467682
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
97c2fc64b3e83e9ac47982492b088765849276f8b5f494ff3d53bb6c6a32ea33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:56 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://ye-mek.net
content-type
application/javascript
cache-control
max-age=3600
access-control-allow-credentials
true
config
c.amazon-adsystem.com/cdn/prod/ Frame 2370 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 13:19:44 GMT
via
1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
18731
x-cache
Hit from cloudfront
access-control-allow-origin
https://ye-mek.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
kJL2b5Sxdeb1DLCABBR89_BkyhkwXQLUN1-NIwtOhy4qrO_o1Eyqpw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 2370 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
a.HbuOpmjkJB1GB8lMAKg2zkvv8bzRE7
content-encoding
gzip
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
date
Mon, 08 May 2023 22:08:06 GMT
x-amz-cf-pop
FRA2-C1
age
73431
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 04 May 2023 22:07:52 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
cRNoXbyOGY3hfqXZux4BiPmopOUrEhFaC4-apFcdP5yDWkIIvtP4DQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/ Frame 2370 		403 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e5abf2e9f21e9e0431e2d8f6b3b27bd5922f522c534ea519bcec87b40e64d04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
1167
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127538
x-xss-protection
0
server
cafe
etag
14255841817258122496
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 08 May 2024 18:12:29 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/ Frame 2370 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31074459
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fd673e3ba670884963694c9429d853658a07d134bca1b6528eba769d98e8be1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122728
x-xss-protection
0
server
cafe
etag
1521234308856375244
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 09 May 2023 18:31:56 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230508/r20190131/ Frame 9F56 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230508/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
66835
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 May 2023 23:58:01 GMT
etag
15057649708203361565
expires
Mon, 22 May 2023 23:58:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
empowerwebplayer3.js
static.virgul.com/theme/mockups/outside/ Frame 2370 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:56 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 09:38:48 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
localstore.js
script.4dex.io/ Frame 2370 		483 B
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:31:57 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
428227
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAUg%2FLmHGH82YyUxNXxFT2I0YJKsL7RL2g7BYqOnGEajCom7AYK90gH0hlZJEgNhJtA%2FUs7af%2BiZjj8dGwgU3EmpwwmiDN%2FKAyJyO1XrWwdGKm2SMIrWThWBdzMV3e0uSpT72wvJIv8OKXpG"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7c4c05b59dc2364b-FRA
bid
aax.amazon-adsystem.com/e/dtb/ Frame 2370 		23 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=RW21rp9T2Jv9P&cb=0&ws=1600x1200&v=23.426.459&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_masthead%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.100.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-100-231.fra50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:57 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
7G780ZG5JKRQA2XGSKWM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
OK1RolDdEVQY6Y1oRdARChCAEgSuWe-1CWfAHnYcQodN8V2IVwiHHA==
yemek_net.js
static.virgul.com/theme/mockups/sites/ Frame 2370 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=467682
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:57 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 09:08:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
pandg-sdk.js
pghub.io/js/ Frame 2370 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:09:42 GMT
content-encoding
gzip
age
1335
x-guploader-uploadid
ADPycduz5ma7DhS1eku6p2_ON6gsI5hT6vgBn6fZ4E0KG_j9bwwyeBzyoNBL21lexwHgwwTs3CZdef0wzS_ktPj-DcYGGOvNVGWw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4955
last-modified
Fri, 20 Jan 2023 18:31:19 GMT
server
UploadServer
etag
"b3517e216253857ea8c4209cb84004df"
vary
Accept-Encoding
x-goog-generation
1674239479122517
x-goog-hash
crc32c=rClt4g==, md5=s1F+IWJThX6oxCCcuEAE3w==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
4955
accept-ranges
bytes
content-type
application/javascript
zoneview
ng.virgul.com/ Frame 2370 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1683657117002&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnet5556f0e9-5e3a-4f4c-8d6a-ebc834cb3dcd&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.4648076616098411
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 09 May 2023 18:31:57 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
integrator.js
adservice.google.de/adsid/ Frame 2370 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2370 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2370 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2459006068698418&correlator=1928923902907930&eid=31074302%2C31074455&output=ldjh&gdfp_req=1&vrg=202305080101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683657116746%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet5556f0e9-5e3a-4f4c-8d6a-ebc834cb3dcd%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet5556f0e95e3a4f4c8d6aebc834cb3dcd&sc=1&cdm=ye-mek.net&abxe=1&dt=1683657117041&lmt=1683657117&dlt=1683657116198&idt=731&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=aj98utf3qrs8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1458859635.1683657116&ga_sid=1683657117&ga_hid=707820496&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce669aa1d3fdd13f88acee69e5caba142115b701825921e5e29d7b81b1f9ec55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10446
x-xss-protection
0
google-lineitem-id
6241543851
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425219174
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 936C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:57 GMT
expires
Wed, 08 May 2024 18:31:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
prebid
mp.4dex.io/ Frame 2370 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:57 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7c4c05b5ed5c3a6a-FRA
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 2370 		173 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.219.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-219-83.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e1c00f1706c4ffb70ada4d484c98cb4b3bae74bef1e74f185d3ea6f6c1369dc6

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:57 GMT
content-encoding
gzip
x-prebid
pbs-java/1.118.0
content-type
application/json
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2370 		416 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862172&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=fc91a3c0-0ca3-4bf6-924a-9c50422e1ecd%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&tk_flint=pbjs_lite_v7.38.0&x_source.tid=dd30952e-5a89-4a60-9866-5cea42a9b8e5&l_pb_bid_id=9ed2079560637c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.24998070962105423
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d66aa9b9300aba037749e91968c3e5a3ea3d371e41af51ec49ed77779f08515d

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:57 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
416
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2370 		410 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862174&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=fc91a3c0-0ca3-4bf6-924a-9c50422e1ecd%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&tk_flint=pbjs_lite_v7.38.0&x_source.tid=8db40925-7ede-433b-92de-06619f3bfb0a&l_pb_bid_id=10938055c01d78&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9227884894064198
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
43f98b305d6c2d9e6e4935db09b76182181fc0b651fa0e1c7792f8c3777f0b93

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:57 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
410
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2370 		404 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746578&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C55%2C57&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=fc91a3c0-0ca3-4bf6-924a-9c50422e1ecd%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead&tk_flint=pbjs_lite_v7.38.0&x_source.tid=e6c8a6e2-dde4-4c5c-8692-d951e995ffaf&l_pb_bid_id=117ce686048d2bc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8006590750064109
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c64429b61bcd79d65619faf32939a7380da154cf75e26a0336050277e87c0b36

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:57 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
404
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2370 		398 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746730&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=fc91a3c0-0ca3-4bf6-924a-9c50422e1ecd%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=2d75c2c8-89c5-46ca-9f3f-620d35b901fd&l_pb_bid_id=1257834771cbc63&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9795652451156944
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0647cb44260740713301fce8344994673dc3c78e95d1d19ca9435cfbf4d79a4f

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:57 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
398
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2370 		397 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746580&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=fc91a3c0-0ca3-4bf6-924a-9c50422e1ecd%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=54d0c61b-6d71-49cc-aaa2-2b0c10d7fe1b&l_pb_bid_id=1303723e502fd5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.38991657918585076
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8504d2d3013d96044405b0d3539f49c20fa39a64863679978d9169c883eb5813

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:57 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2370 		408 B
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862158&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=fc91a3c0-0ca3-4bf6-924a-9c50422e1ecd%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&tk_flint=pbjs_lite_v7.38.0&x_source.tid=f61246ee-f30d-4304-9c08-f57a7fb18e13&l_pb_bid_id=151673d7ef6aa41&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7945939686607428
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
612be35d487ad9a8bd85ae3053c5a4d7ad9075d42a9af4b428698ce52969ca15

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:57 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
408
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid-request
a.teads.tv/hb/ Frame 2370 		16 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:57 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 09 May 2023 18:31:57 GMT
hb
cpm.programattik.com/ Frame 2370 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=43&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Tue, 09 May 2023 18:31:57 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
hb
cpm.programattik.com/ Frame 2370 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=45&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Tue, 09 May 2023 18:31:57 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
hb
cpm.programattik.com/ Frame 2370 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=44&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Tue, 09 May 2023 18:31:57 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
hb
cpm.programattik.com/ Frame 2370 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=80&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Tue, 09 May 2023 18:31:57 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
cdb
bidder.criteo.com/ Frame 2370 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.38.0&cb=17743152651&lsavail=0
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 May 2023 18:31:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://ye-mek.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
/
hb.emxdgt.com/ Frame 2370 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 2370 		32 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f876337424774dee1b2ec0c7a5c38f946ef67b78598ccfbb70f97f8e3d3212e9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 09 May 2023 18:31:57 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.248; 37.58.58.248; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
669bfc06-b8d8-4989-b9d6-0e1a37996c14
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ye-mek.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 2370 		0
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/ Frame 2370 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 09 May 2023 18:31:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
adx.adform.net/adx/ Frame 2370 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame 2370 		9 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
70d7a7544e82898773336d5aca91edf781d08db7f27359b575a261cdacf16ffc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 09 May 2023 18:31:57 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.248; 37.58.58.248; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
13b6eed9-9911-454b-8be2-588d83d1b4f2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ye-mek.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 2370 		94 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.38.0
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
055cb98724324898a393d226390d40b189091e1f94710a116bc0bc6c5252612d

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 09 May 2023 18:31:57 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ye-mek.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
NoktaNpmPlayerApi.js
c1.imgiz.com/player_others/html5/ Frame 2370 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19486
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:57 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 11:58:21 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Tue, 16 May 2023 18:31:57 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0E0C 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657116883&bpp=3&bdt=685&idt=229&shv=r20230508&mjsv=m202305080101&ptt=9&saldr=aa&nras=1&correlator=2477421507668&frm=24&ife=1&pv=2&ga_vid=1458859635.1683657116&ga_sid=1683657117&ga_hid=707820496&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44773810%2C44759875%2C31074432%2C31074459%2C44788442%2C44790154&oid=2&pvsid=2459006068698418&tmod=1341516609&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.1njzhooodvth&fsb=1&dtd=240
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31074459
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zoneview
ng.virgul.com/ Frame 2370 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1683657117136&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnet5556f0e9-5e3a-4f4c-8d6a-ebc834cb3dcd&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.7735228892947794
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 09 May 2023 18:31:57 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
adagio.js
script.4dex.io/ Frame 2370 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:31:57 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
139540
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwsVh8knd9%2F9mofFlmTJtP33HywcHeRycHf1%2FyEOfw3u3PXR5EwNa85zrmbDLUiOyMDev%2FSKm5WAr9DOFtWn9nUJ%2B%2BI19a7vyUYSHFDjJNOmjNsxiJinmKTXO%2FPle%2B6i6nPrJAUqyYqS4zOd"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7c4c05b63a552baf-FRA
tag
pandg.tapad.com/ Frame 7FA6 		13 B
257 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pandg.tapad.com/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Tue, 09 May 2023 18:31:57 GMT
strict-transport-security
max-age=31536000
via
1.1 google
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 2370 		360 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122883
x-xss-protection
0
expires
Tue, 09 May 2023 18:31:57 GMT
NoktaPlayer.js
c1.imgiz.com/player_others/html5/ Frame 2370 		399 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=5/9/2023
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e183dfed35d6921278c39359a5d34fbb9dfaaf4f990ec6d210a7217a95e897db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:57 GMT
content-encoding
gzip
last-modified
Mon, 06 Mar 2023 16:42:16 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Tue, 16 May 2023 18:31:57 GMT
cache
prebid.adnxs.com/pbc/v1/ Frame 2370 		63 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9224f567069bad20e5318a70d946b00524d0c5f93152294da9750eb7e1dd8f8c

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 09 May 2023 18:31:57 GMT
Server
nginx/1.21.3
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://ye-mek.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
container.html
04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5E82 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:57 GMT
expires
Wed, 08 May 2024 18:31:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5E82 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 09:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
292308
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 05 May 2024 09:20:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 5E82 		137 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c6a040cba33e7847c821f0b6c227f5f89e0e4d719eb823a692999cafbe46a92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Origin
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47372
x-xss-protection
0
server
cafe
etag
11793494559429422996
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 09 May 2023 18:31:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5E82 		169 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53510
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683545318771348"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 May 2023 18:31:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5E82 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNwh0_u4EThchJeKGMubAniryst7iFXCgSycYnslDpi2nunXlboYVrb7pFDwNLjql_V-8fizHE-tO6yY3PDZIZCZ_mtmXoy9plw2ZmJjVyAyHmTQut5uGnT0AC-Zrx2jSMbXCNwV6IpsXaEyJEwd6knTXI4xF8L--TMZgkqX6cvaSew1iLmUOfaorL3AgJPLtGcYc2bbBzMfUw9OCXOMJiPwUJsQNAoLAIWODh2l_XTzZ9Vg2SgqRKm9n9HAsVQAXBgo40xFgEGxdVJ4DRRDf6HqtvDHHbFbj73jHD7foh1HKjDJhefnCho2OLMCrclMZkwKizJqPSZ7FfsY_jPnU3TU7KLFIG0SB_fYUS56A8TCj3&sai=AMfl-YSc6Ro6UHQHhnGIVjKH86x1JuH6QABSGZUTlLAJCzgHN_WMQBric8dhpuwpU1qqFZmCIHeEBj4Vld2PgF3cuNsK5KTWIIAN5SQwNTHrftY&sig=Cg0ArKJSzEcPcQfoKVYTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 09 May 2023 18:31:57 GMT
truncated
/ Frame 5E82 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83bb386a4d21a15eac4300cf0721ba357926d5033ad7958011bf8166845599b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/ Frame 5E82 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bac7273dd110b1f0c1d1adca8c47771dc3e71533675f68639224527bdae9fd6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122341
x-xss-protection
0
server
cafe
etag
16607490061087746321
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 09 May 2023 18:31:57 GMT
integrator.js
adservice.google.de/adsid/ Frame 5E82 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5E82 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 01D4 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407280060&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117599&bpp=9&bdt=92&idt=236&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&nras=1&correlator=7020289652949&frm=8&ife=1&pv=2&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.gzvlu46728pd&fsb=1&dtd=251
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B702 		28 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d249b0531be7b4b05de54292bf54f570f3e4b522b2b6c9fface89a9e8e8da5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
13191
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
5ed7638be4b07a92411bbffe
ng2.virgul.com/tck/imp/ Frame 2370 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7638be4b07a92411bbffe?g=1&t=gb&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1683657116746&userId=vnet5556f0e9-5e3a-4f4c-8d6a-ebc834cb3dcd
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 09 May 2023 18:31:57 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
integrator.js
adservice.google.de/adsid/ Frame 2370 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2370 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2370 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2459006068698418&correlator=3428164963247346&eid=31074302%2C31074455&output=ldjh&gdfp_req=1&vrg=202305080101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=3&adks=3299242717&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683657116746%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet5556f0e9-5e3a-4f4c-8d6a-ebc834cb3dcd%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet5556f0e95e3a4f4c8d6aebc834cb3dcd&sc=1&cdm=ye-mek.net&abxe=1&dt=1683657118042&lmt=1683657118&dlt=1683657116198&idt=731&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=lxb5cqahhyd1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCviDAyT23aVvkyQkA-fMmHFY9EZxI9KDbO2rNxO2wQQ0zmyYoEPq1evrsoAoPr9dNkaaGn3dMZGHBHyv088kVw&ga_vid=1458859635.1683657116&ga_sid=1683657117&ga_hid=707820496&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77e3f0731187a20fecf2f6ca80484f2b8c99cdff857ff37b6c089105b610c325
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8900
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 2370 		111 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2459006068698418&correlator=483884423533115&eid=31074302%2C31074455&output=ldjh&gdfp_req=1&vrg=202305080101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=4&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683657116746%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet5556f0e9-5e3a-4f4c-8d6a-ebc834cb3dcd%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet5556f0e95e3a4f4c8d6aebc834cb3dcd&sc=1&cdm=ye-mek.net&abxe=1&dt=1683657118046&lmt=1683657118&dlt=1683657116198&idt=731&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=lg39e4vw1wfe&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCviDAyT23aVvkyQkA-fMmHFY9EZxI9KDbO2rNxO2wQQ0zmyYoEPq1evrsoAoPr9dNkaaGn3dMZGHBHyv088kVw&ga_vid=1458859635.1683657116&ga_sid=1683657117&ga_hid=707820496&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e8a505ea2bd394d094c046e56b2d4096255f2a05469ea7b1b1643cc1c66c659
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37294
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 2370 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2459006068698418&correlator=1474918903526588&eid=31074302%2C31074455&output=ldjh&gdfp_req=1&vrg=202305080101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=5&adks=3203893797&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D1.66%26hb_adid%3D71757727e185d09%26hb_bidder%3Dprojectagora%26hb_format_projectago%3Dbanner%26hb_size_projectagora%3D300x600%26hb_pb_projectagora%3D1.66%26hb_adid_projectagora%3D71757727e185d09%26hb_bidder_projectago%3Dprojectagora%26hg_pb%3D1.66&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683657116746%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet5556f0e9-5e3a-4f4c-8d6a-ebc834cb3dcd%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet5556f0e95e3a4f4c8d6aebc834cb3dcd&sc=1&cdm=ye-mek.net&abxe=1&dt=1683657118050&lmt=1683657118&dlt=1683657116198&idt=731&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=olg9fxtesdt0&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCviDAyT23aVvkyQkA-fMmHFY9EZxI9KDbO2rNxO2wQQ0zmyYoEPq1evrsoAoPr9dNkaaGn3dMZGHBHyv088kVw&ga_vid=1458859635.1683657116&ga_sid=1683657117&ga_hid=707820496&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d4dfaf91d90aef391661d53f943538e50101d0730b285ba673b616cd15c695e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10752
x-xss-protection
0
google-lineitem-id
5616789811
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339352911
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 2370 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2459006068698418&correlator=2072231118351316&eid=31074302%2C31074455&output=ldjh&gdfp_req=1&vrg=202305080101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160%7C640x205&fluid=height&ifi=6&adks=3050045420&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D200x200%26hb_pb%3D1.78%26hb_adid%3D70350adca93263e%26hb_bidder%3Dprojectagora%26hb_format_projectago%3Dbanner%26hb_size_projectagora%3D200x200%26hb_pb_projectagora%3D1.78%26hb_adid_projectagora%3D70350adca93263e%26hb_bidder_projectago%3Dprojectagora%26hg_pb%3D1.78&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683657116746%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet5556f0e9-5e3a-4f4c-8d6a-ebc834cb3dcd%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet5556f0e95e3a4f4c8d6aebc834cb3dcd&sc=1&cdm=ye-mek.net&abxe=1&dt=1683657118053&lmt=1683657118&dlt=1683657116198&idt=731&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=sjd60c4g7dy3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=996x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCviDAyT23aVvkyQkA-fMmHFY9EZxI9KDbO2rNxO2wQQ0zmyYoEPq1evrsoAoPr9dNkaaGn3dMZGHBHyv088kVw&ga_vid=1458859635.1683657116&ga_sid=1683657117&ga_hid=707820496&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e2563b50f3eb4c72bc0f8c663730bf37a327a1ba64960d75819fc576d50807e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10727
x-xss-protection
0
google-lineitem-id
5615614986
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339352911
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 2370 		30 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2459006068698418&correlator=4321965904371515&eid=31074302%2C31074455&output=ldjh&gdfp_req=1&vrg=202305080101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=7&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683657116746%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet5556f0e9-5e3a-4f4c-8d6a-ebc834cb3dcd%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet5556f0e95e3a4f4c8d6aebc834cb3dcd&sc=1&cdm=ye-mek.net&abxe=1&dt=1683657118056&lmt=1683657118&dlt=1683657116198&idt=731&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=lfi5bonpjeyg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCviDAyT23aVvkyQkA-fMmHFY9EZxI9KDbO2rNxO2wQQ0zmyYoEPq1evrsoAoPr9dNkaaGn3dMZGHBHyv088kVw&ga_vid=1458859635.1683657116&ga_sid=1683657117&ga_hid=707820496&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d9048e6f948ec2623cb57dc67a5dce46a7191987d4570e4b6bdc421381646fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13856
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 2370 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2459006068698418&correlator=2482388046166521&eid=31074302%2C31074455&output=ldjh&gdfp_req=1&vrg=202305080101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=8&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683657116746%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet5556f0e9-5e3a-4f4c-8d6a-ebc834cb3dcd%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet5556f0e95e3a4f4c8d6aebc834cb3dcd&sc=1&cdm=ye-mek.net&abxe=1&dt=1683657118059&lmt=1683657118&dlt=1683657116198&idt=731&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ja2ks9r51o5k&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCviDAyT23aVvkyQkA-fMmHFY9EZxI9KDbO2rNxO2wQQ0zmyYoEPq1evrsoAoPr9dNkaaGn3dMZGHBHyv088kVw&ga_vid=1458859635.1683657116&ga_sid=1683657117&ga_hid=707820496&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e948b6c6043fb4ac7a06bbae39f5df251717af2bba670ecf379de74a85646dde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10351
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame B702 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:44:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
85619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 May 2023 18:44:59 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame B702 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:44:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
85619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7958
x-xss-protection
0
server
cafe
etag
8677084837583379376
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 May 2023 18:44:59 GMT
l
www.google.com/ads/measurement/ Frame B702 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTZidoZGlamkVR1n7VbLXL0YlCnB7nbJtoFRrnAZ2v4CYAKo3O4nNcb15tb5wnbrynHZ6TfDdDJLyHCQA4ykpK9q3-wMg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B702 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53510
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683545318771348"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 May 2023 18:31:58 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B702 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CBGZsnZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNIBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXdkITO-oTv7UesJh1CP0kYp4-G8Xrm_EFan8-Ql4AzKXVj9kqxkQgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02NTkzNTIzMjEwMDEwMTU0GAA&sigh=9O8E2kX9nMY&uach_m=[UACH]&cid=CAQSKQBygQiDPDXxVkSG1OZbiJXrWykzzRrRZs9EYScMaFXmGXZByslEhaC-GAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 09 May 2023 18:31:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame B702 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jrpgr5602vrwhwb77ha4xvxmrn74yap0bpg2js17tyx883cb6gx0737qwgk4cht2p67s79ynt52xd7b7bd31mm35cqaeb5xj9kqa0wtedn9rey68x8xcsnd7823wczm8pv9xqc3jwb2re6bgqab39w0wh1qqp1yw7ra9yg4tetrm4pp0ag4x0ay7w6vg7b2edck01mg7adhjb6em5fvq283h77egz1h730f6jc857jdn9ka58btgsjrdh1pzkr4ngjkehgv87fxsarvf0sp66c17bcknbpb8jnch52mnp7w7c5dkntww3pvz1bjzbkygf1em9mkkvwh8z49anqf26zqrr59kd2dqqwd5bgxb9wr48cnchf383z4xkzh0e1nxvn7r38dy1ksa6fm&b=ZFqRnQAOkJoK7JKSAApkh5TTQkb7bMPaEk-rlw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 May 2023 18:31:58 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 52C5 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1ggd0g5rasbeh38r682z7j0wmc05667wvyfab4zpeddz9b7easef42smwpw5meb3mjtpmaw5zxkr6s89hv1hx9sj0w157werfv3w1yx6j1rdfn1c0bpk3p13cq9xp6fvnrecazjvft4gmxm31ny07z4cz6efmfp3d6k3fp14fbze0bbv7zqsyx90d6xwq3f9w7vzz1cr4er3w5k9s201ee1tebqk4dp6vceagb97tenj055aft6ng07dye186qqkcff1wz6a7w00c6gkvb7y2rsd0stgapmeyrfjjvt93fhqb8k6mdjyzydv7qatm40k6rbke31qfnmbnnzpwv2sz1vrzy4cv9d5evczyawcjdk3z0bvay47pkzf9yxh9e4sa0rhs2wjdkeqfrbhg3ea61rp03ajgp29kc2h97y2csrg8crzp3pqq5x55hxpmyhfx55bzf4jnm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%26client%3Dca-pub-6593523210010154%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e64eb7aef36051354450d933b2e43aebe7697a972678b0d8ab9773e3ae0043
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c4c05bdbef33662-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:58 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8DE7 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84693
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 May 2023 19:00:25 GMT
etag
48472445140208031
expires
Tue, 09 May 2023 19:00:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B702 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6991bf232088ecad392ba5aa81bffacd607873a40936f4ee8c5295c67c146bbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8DE7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1&google_push=ATf1kGPxq74oPs7nSecPPLZf-hnXbm3MKEUkEFdkIvzdXhpL9kqTIpfJ9_fYyYGujoA6EJ-vT8Lyy4WAkYHM4DuyaTDdMTrJy54XR...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM2NTQ0MjA4MzI1OTM0MjM2NQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 8DE7 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDIzsd2IxsRhXnGvtQuO_7Y&google_cver=1&google_push=ATf1kGOuykxGQqp5jp6hR26RrFo-JnRScKH4Oh-dp9JWAUCjIvQ4VHaquJEhFhKOOki6tywIBuLfBv8a56FyiHJ_k2ke3pewFeTHxaRfTK5MY9X6SSyOH0t85sbSSb84PuNctdsMBbIKJ218C8F4X6bZFgCkyc0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 8DE7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELtaD3duxLAsR-qDhgws9XM&google_push=ATf1kGMChsoHx2g3TpsdZNUa-gXB7UCeJYd8sbek5AFQi-ugOx7mHaE4fv...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELtaD3duxLAsR-qDhgws9XM&google_push=ATf1kGMChsoHx2g3TpsdZNUa-gXB7UCeJYd8sbek5AFQi-ugOx7mHaE4fvYwFPTZWYo-0Mn9WlA32JYQU0gRsbzXnoB9O5u4z1NkBzs7fRNsaRpJuv3BX08us2XIUdSfA8pjUx2fQeeMzP-HzXf-zdqkO_sT3SA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230091-FRA
pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1683657118.352816,VS0,VE91
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELtaD3duxLAsR-qDhgws9XM&google_push=ATf1kGMChsoHx2g3TpsdZNUa-gXB7UCeJYd8sbek5AFQi-ugOx7mHaE4fvYwFPTZWYo-0Mn9WlA32JYQU0gRsbzXnoB9O5u4z1NkBzs7fRNsaRpJuv3BX08us2XIUdSfA8pjUx2fQeeMzP-HzXf-zdqkO_sT3SA
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 8DE7
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kqb9xCUUQ0Kx_ghyimY7yQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kqb9xCUUQ0Kx_ghyimY7yQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPNvI_J7ujs32Cry0N30vNdrXgJOuF9Dt7lqWgGizejyBrHI_jaLEYPJDyeIJfGjqOPlrIDTbMV4k941PFmhfHCc7h04cUabJ9f0PBCXg-CT9MFQON5NA4hi9lr65HghNwZ8S-b1tT_eDYo1ogrmgYezw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kqb9xCUUQ0Kx_ghyimY7yQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPNvI_J7ujs32Cry0N30vNdrXgJOuF9Dt7lqWgGizejyBrHI_jaLEYPJDyeIJfGjqOPlrIDTbMV4k941PFmhfHCc7h04cUabJ9f0PBCXg-CT9MFQON5NA4hi9lr65HghNwZ8S-b1tT_eDYo1ogrmgYezw
date
Tue, 09 May 2023 18:31:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 8DE7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJyDpDO7RUMUhSTenVbJaSU&google_cver=1&google_push=ATf1kGOqOQPanyPuFjJuh9D7pixTZETTzDpWCKT6kxi-FBlj5ZXE1pfgM9w5RYsmYhOUx_TCKR7...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhHTFo1WUktRy1JOUZD&google_push=ATf1kGOqOQPanyPuFjJuh9D7pixTZETTzDpWCKT6kxi-FBlj5ZXE1pfgM9w5RYsmYhOUx_TCKR7BTlYMJIFebq80a8TbsS2fLY0nHRfY1...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhHTFo1WUktRy1JOUZD&google_push=ATf1kGOqOQPanyPuFjJuh9D7pixTZETTzDpWCKT6kxi-FBlj5ZXE1pfgM9w5RYsmYhOUx_TCKR7BTlYMJIFebq80a8TbsS2fLY0nHRfY1Y5vn-9aOldY_CX3n6s0yZxFY6vTVNqDQOKhpFXy_qdB2XTWm5hbrg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhHTFo1WUktRy1JOUZD&google_push=ATf1kGOqOQPanyPuFjJuh9D7pixTZETTzDpWCKT6kxi-FBlj5ZXE1pfgM9w5RYsmYhOUx_TCKR7BTlYMJIFebq80a8TbsS2fLY0nHRfY1Y5vn-9aOldY_CX3n6s0yZxFY6vTVNqDQOKhpFXy_qdB2XTWm5hbrg
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
pixel
cm.g.doubleclick.net/ Frame 8DE7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGt59vdL4QFC-AcpsKqTUTI&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGt59vdL4QFC-AcpsKqTUTI&google_push=AT...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGt59vdL4QFC-AcpsKqTUTI&google_hm=ZFqRnjYXR228CivwdFvtxQAAFBsAAAIB&google_nid=index&google_push=ATf1kGMGXKLohnyBLWGzbyheHXymuNZwDXGT4...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGt59vdL4QFC-AcpsKqTUTI&google_hm=ZFqRnjYXR228CivwdFvtxQAAFBsAAAIB&google_nid=index&google_push=ATf1kGMGXKLohnyBLWGzbyheHXymuNZwDXGT4QGyJJLdY4t1q3Z5Wrza4tRtD9ZSrtCvUtkiPjqkEqDgQjT6srntTB3b1ujZKl00gyWauOfy9D0ZdZ8mdk4TVcCDcYiEoSE7tAvAvUzfWOmewnT8xSrsVui4yQc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGt59vdL4QFC-AcpsKqTUTI&google_hm=ZFqRnjYXR228CivwdFvtxQAAFBsAAAIB&google_nid=index&google_push=ATf1kGMGXKLohnyBLWGzbyheHXymuNZwDXGT4QGyJJLdY4t1q3Z5Wrza4tRtD9ZSrtCvUtkiPjqkEqDgQjT6srntTB3b1ujZKl00gyWauOfy9D0ZdZ8mdk4TVcCDcYiEoSE7tAvAvUzfWOmewnT8xSrsVui4yQc
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 8DE7
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEOalGSVytNxthZcAKxECwi0&google_cver=1&google_push=ATf1kGPVwpGB0yeSUHGi-i_35X6w4X93venXjaOsxXzMfhUURdAN1Ot2kQL4cy1ZYb...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGPVwpGB0yeSUHGi-i_35X6w4X93venXjaOsxXzMfhUURdAN1Ot2kQL4cy1ZYbXHDvM9gn2RTDpPDUVzKgt4jug5wQEIQBD1BAgenHvDohCDHU...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGPVwpGB0yeSUHGi-i_35X6w4X93venXjaOsxXzMfhUURdAN1Ot2kQL4cy1ZYbXHDvM9gn2RTDpPDUVzKgt4jug5wQEIQBD1BAgenHvDohCDHUTNMT_l_wpa_Hz2LmeDFyuD6cHXW89Q3m4dtNf1iy5uegF0&google_hm=I3JSOpeyR5GOEZY7LxlayPg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:57 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGPVwpGB0yeSUHGi-i_35X6w4X93venXjaOsxXzMfhUURdAN1Ot2kQL4cy1ZYbXHDvM9gn2RTDpPDUVzKgt4jug5wQEIQBD1BAgenHvDohCDHUTNMT_l_wpa_Hz2LmeDFyuD6cHXW89Q3m4dtNf1iy5uegF0&google_hm=I3JSOpeyR5GOEZY7LxlayPg
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8DE7 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JSBoV47XYjtLPyK1ouR8jXcCxbN-CMsLGqGS01jZjMqD_RJDwCG8epvd_cHJWDQn35Aqgsjw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657117608&bpp=1&bdt=101&idt=244&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7020289652949&frm=8&ife=1&pv=1&ga_vid=1078207340.1683657118&ga_sid=1683657118&ga_hid=905887285&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2057014497&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44773809%2C44759926%2C44759875%2C42531705%2C44788442%2C44789925&oid=2&pvsid=1566515330355644&tmod=1210977912&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.980bxe8c8eky&fsb=1&dtd=248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame 2225 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT6-j08JtMrUikeFXj05npt8aNkeb2okOoPKI1OVpGhoW8xM2p7g6XdVzGwzY6a4D63lhN6HD8xS8lhp0yySZ9WXq6Y76muwLa6IlO4_gIGSGHs9bzpFQad1Q3ssqYvmyS8xBKr0rUoalGVO-115qceMUSBpBlg2228U1SQcMlAmMqyznwZ9LTvejNJM-5Oapy6sEQXvoiQuDrllYlaDZLHVMEx8cPl1QPFR2ayczwtsbv-guLJKBiL6uxpejEGef2zqtIA6L4sDyS4Tz2TzmjVZ0qyQxagTAuGRpICPyU0ymhxAAdSgU5jSYGp9XEdIFqWoUy2qSHGc51bps&sai=AMfl-YQOTSaF1AMJZBUxSh1eyDg7l6qkZBVFqE0IO9zkvr2_IR8NSL0SXRQM3eejVGL_YMuLAk3aMXxN1zkxSj3OjZ519kgBqCplZPeUKRAvaCgZuaYRIHe91jllVJrkxw&sig=Cg0ArKJSzLjo-gnlPHxwEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 2225 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 09 May 2023 18:31:58 GMT
x-content-type-options
nosniff
age
19825
x-jsd-version
1.15.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26200
x-served-by
cache-fra-eddf8230056-FRA
x-jsd-version-type
version
etag
W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2225 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53510
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683545318771348"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 May 2023 18:31:58 GMT
container.html
04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D4FE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:57 GMT
expires
Wed, 08 May 2024 18:31:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 52C5 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ggd0g5rasbeh38r682z7j0wmc05667wvyfab4zpeddz9b7easef42smwpw5meb3mjtpmaw5zxkr6s89hv1hx9sj0w157werfv3w1yx6j1rdfn1c0bpk3p13cq9xp6fvnrecazjvft4gmxm31ny07z4cz6efmfp3d6k3fp14fbze0bbv7zqsyx90d6xwq3f9w7vzz1cr4er3w5k9s201ee1tebqk4dp6vceagb97tenj055aft6ng07dye186qqkcff1wz6a7w00c6gkvb7y2rsd0stgapmeyrfjjvt93fhqb8k6mdjyzydv7qatm40k6rbke31qfnmbnnzpwv2sz1vrzy4cv9d5evczyawcjdk3z0bvay47pkzf9yxh9e4sa0rhs2wjdkeqfrbhg3ea61rp03ajgp29kc2h97y2csrg8crzp3pqq5x55hxpmyhfx55bzf4jnm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1ggd0g5rasbeh38r682z7j0wmc05667wvyfab4zpeddz9b7easef42smwpw5meb3mjtpmaw5zxkr6s89hv1hx9sj0w157werfv3w1yx6j1rdfn1c0bpk3p13cq9xp6fvnrecazjvft4gmxm31ny07z4cz6efmfp3d6k3fp14fbze0bbv7zqsyx90d6xwq3f9w7vzz1cr4er3w5k9s201ee1tebqk4dp6vceagb97tenj055aft6ng07dye186qqkcff1wz6a7w00c6gkvb7y2rsd0stgapmeyrfjjvt93fhqb8k6mdjyzydv7qatm40k6rbke31qfnmbnnzpwv2sz1vrzy4cv9d5evczyawcjdk3z0bvay47pkzf9yxh9e4sa0rhs2wjdkeqfrbhg3ea61rp03ajgp29kc2h97y2csrg8crzp3pqq5x55hxpmyhfx55bzf4jnm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%26client%3Dca-pub-6593523210010154%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
96762
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otc2mn%2FbcR6F%2FJevZokUGw8U60%2BcsDDgOyZ4uKyeZmQ9SEyRZb3fpaeQTI7r2reIsASBwcYVXHvOXJVvkJeINO2R5VTzJIhJJunHOBl%2FVPXCZY9vgvtgJ7GxLQSH7TmEeOOjA6waZ6g%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7c4c05be3f7d3662-FRA
expires
Tue, 09 May 2023 19:31:58 GMT
r62eglto.js
ad4m.at/ Frame 52C5 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ggd0g5rasbeh38r682z7j0wmc05667wvyfab4zpeddz9b7easef42smwpw5meb3mjtpmaw5zxkr6s89hv1hx9sj0w157werfv3w1yx6j1rdfn1c0bpk3p13cq9xp6fvnrecazjvft4gmxm31ny07z4cz6efmfp3d6k3fp14fbze0bbv7zqsyx90d6xwq3f9w7vzz1cr4er3w5k9s201ee1tebqk4dp6vceagb97tenj055aft6ng07dye186qqkcff1wz6a7w00c6gkvb7y2rsd0stgapmeyrfjjvt93fhqb8k6mdjyzydv7qatm40k6rbke31qfnmbnnzpwv2sz1vrzy4cv9d5evczyawcjdk3z0bvay47pkzf9yxh9e4sa0rhs2wjdkeqfrbhg3ea61rp03ajgp29kc2h97y2csrg8crzp3pqq5x55hxpmyhfx55bzf4jnm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
17167
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxppLZUWpl2adISf3SqYJx8d9McJLD0T1tHfZJlqnb0gYJwphyONsZFeVXtV0ESjgiYjrlPu12XJzZHwxPT0J4u0ujXNSGgLbKyU6FHUbHcGC8ZvT0jbZW6RF9c8foQjyuVd730%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7c4c05be4f9f3662-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 02 May 2023 13:46:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DDCE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-Tdism3dVc_Bx_G4KFoxOwhFGiKuS0QWvo3ol-L0ZvMUhc6Li9Ml5q4qwp_0nsK_UpFqlyFJH1EqimX-XEN_rLhru416fsfVTzVcqDf3A2cXx7xD_D8duM6U5GJzz92G860ylMH0rHS9mS46bNK1Z2-OFO42AWC2FzEuTRYpdCtcD3nX_I6NyvvAnEmqgFgeTF7qCP9WU4FpId3eu0vWqFLV9br3VzSlE7zY2dN-vnJB-6l72IGuxR56BYiyEemcaGXvflTinjX9Nss80yQQEubPdkuycRcKk5MziC22pXExt_YLJcy9p2DRXppkopwrg6QpFWT5O3lI&sai=AMfl-YTr9JbNGSGA0IJq6P1iooJ3dPieWeoLxLtjHeLZZNRobx9mOdtW8-A-mG4K_WxHOJBg457QVDXwleXtVZI19Bl0XxyVXereZBVDjXV3zPTVph3M4xOhgsoKw3nyxA&sig=Cg0ArKJSzAuwriQB948TEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame DDCE 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 09 May 2023 18:31:58 GMT
x-content-type-options
nosniff
age
19825
x-jsd-version
1.15.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26200
x-served-by
cache-fra-eddf8230056-FRA
x-jsd-version-type
version
etag
W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DDCE 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53510
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683545318771348"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 May 2023 18:31:58 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D4FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cyew6npFaZOTBCNmg1ga57bKIDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBCeACAKgDAaoEmwJP0FJzEn_ZH7s0BsM3wcpL-jh3ojvAOAuWMOAmC9_LHByapJf2FY_JMpSn0RusahOztS3UyW0eeU2SnpSvwqp_psa5WHt_L3r1tjWseD25uyzT0Z4TWFkaW3iLqw5zk3zmRohESitQ0oIU57cMh5a7ac1pOfwv_qcB622bRjJ2c3v_Upd0baqcIBsNgW0yfVo_6IGcpybm37Zt_gwk0pjddw49Hw0rmQkqSJ2YtFXV5D0wUnai5ooboQgyoN-FcmJmokJsOFXGSLhmU51GLVgxvJqRiN3S_d527IlPsXRlwpky-gWzYFic2J3vH1tErwlMHzO4MHWSHceZeC5HIjKNZ1Pex9HvATQr7ki-XL8JefPEfzPlPMjVYDhZ4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=fs7XkVMV5j8&uach_m=[UACH]&cid=CAQSOwBygQiDWXgjp3mIdkJigXu4z2y8CD908Jn7yuX9RqOW7c_Z5RfP_bb2d9j1V1R5kJdjbk-G5yV57pGWGAE&tpd=AGWhJmseZxFe_WLZnn7sARiHyx9gziU9MeJ1g5ayYC91Xj1CVGbO4HCwZ6IMh16isu_-JstxvjGhXYlTvL2jOlKtIzm-0YhSknh9PCraneP2Db3xcZsy0T5qTmqQbdsz3Jd-Mp1tkt5BoiD6hgoUfG-v8tmrwagpT9RT5keWQbK5mZYAotNIe_bbJFUuH6CyTAj9ISROTjIVhlRSXhPJ8i0jesvE9ii7KvHh-c5oJR4DgfsgX8WJbhNa1RplXiIIKKk0_nVp0JbNgy8Oo0JE9fWPzgrFDBh84Wk0f16-Eeip_1lZANWQcJSMVp0-Akq2rPLMdOdVGtJogHSVqc3yCmow8vpnOd77AlGHUhAp4HOLBYJdRRfQ-I7AWnOJuuwccOafCVfoonQ7RgtuVHU7YZ9ylgK2BDlQALDoVQT6iTiLcXxbz38OPbcSVPZxUukGpjzl7ih3yH0HNpFfXrHWyYV6Wh0eYL1tvHjKuOluT5DrdnjQRnIB9kwt32qSeN58EB60KRnXEOY25KqKpKJZIdk1Sbkl-Q3PnvdMJxW6893SW0pZW5mJwhZ1AQm6pbrWB57TMX9oM8K97y4ObkL5gVHmR_x_0whidyUN6mtUQfJhs09dDNCVoSOXbkcffJpyVDYPBhEpj4V8WI5iDTtta_Tz-SCjlJgQJH9JXxhNml0hYCDzIcuPBd8qGcvO-NO2CE8CJJ2kHgbSxXT14VjFAL9FW-6bTugLAYe0Y0F43x4UaJgKFDHx68ZXtTiFOoSc31hviCnWV2vU_HOI6TtE6qH-ztbG501WekI74uJQjElauEi68QuTpvuIGx-hwq12yPi_DIJcPkFPlxh8091qHLLDJJ-KwHZ3_RBq5p5AmanmJ7tMqs6lbQ8sgwxnLaQhhoG10aC-JV6uyLrzsP_hn5xoxWd76EbJvaP_Au9U96MSryOpH81W3sF76A3cd8spfEOtozAGv0cO96bw8iQonlzO9IBhXrpRX8SRsiwMh_bXhjRAnUOTCuVf0svb5X5rvTGQRssbl-j7rAiGT0phAD8VqO0RmZ2rFfxKQ4fhhdV4OPCG1uIk6Add9vPeb7BEbbLhtIqQCE-5-xC0EA-RFTE_bG7iO9a76YH9MDaDpqy0opsh_WM4nNySyA
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
js
tags.mathtag.com/notify/ Frame D4FE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT1dJMk9EVTNOV1l0WXpjMFppMDNPVFEyTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMTU1NDA4NzQ4ODIyOTQ1MDgvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1OUZpdVNpd1p5bEt6cVN1SFFVZXZQcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTE1NTQwODc0ODgyMjk0NTA4L2Ftcy8wLzQxOS84NS85OTkvMzIyLzJhMDA6Yzk4OjIwMzA6Oi8wLjAwMC8xNjgzNjU3MTE4LzE2ODM2Njk3MTgvNC9wdWItNzk4MzY1MTI1NzgzODI4Mi8/qBZfN2wyUlZoOoa8PHHOFsdjHLg&nodeid=4013&group=cdg&auctionid=4115540874882294508&pbs_auctionid=4115540874882294508&shardkey=4115540874882294508&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.143&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5KQnpFaZOTBCNmg1ga57bKIDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBCeACAKgDAaoEngJP0FJzEn_ZH7s0BsM3wcpL-jh3ojvAOAuWMOAmC9_LHByapJf2FY_JMpSn0RusahOztS3UyW0eeU2SnpSvwqp_psa5WHt_L3r1tjWseD25uyzT0Z4TWFkaW3iLqw5zk3zmRohESitQ0oIU57cMh5a7ac1pOfwv_qcB622bRjJ2c3v_Upd0baqcIBsNgW0yfVo_6IGcpybm37Zt_gwk0pjddw49Hw0rmQkqSJ2YtFXV5D0wUnai5ooboQgyoN-FcmJmokJsOFXGSLhmU51GLVgxvJqRiN3S_d527IlPsXRlwpky-gWzYFic2J3vH1tErwlMHzO4MDeQPFU1xIpAr5bFzIueaCHyFT6X5GamvQLJOVw-3i3JJGZM3D_Uccqw4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0GP8XuscQkZS_CazTU7cmMMBG2nQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.387.1 /
Resource Hash
ea24d1e7d9bf9c750ced3805bb31ec02d3dc7e4a8b8fbe5ed68475849fe89dd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:31:58 GMT
x-mm-nodeid
4013
Content-Encoding
gzip
x-mm-bid-request-time
1683657118
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
close
x-mm-handled-by-owner
true
Last-Modified
Tue, 09 May 2023 18:31:58 GMT
Server
MMBD/3.387.1
x-mm-latency
23 (0)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
zrh-router-x42, cdg-bidder-x152
x-mm-lag
0
Expires
Tue, 09 May 2023 18:31:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame D4FE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/window_focus_fy2021.js
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:44:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
85619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 May 2023 18:44:59 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame D4FE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:44:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
85619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7958
x-xss-protection
0
server
cafe
etag
8677084837583379376
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 May 2023 18:44:59 GMT
l
www.google.com/ads/measurement/ Frame D4FE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSuYO8Whyylh6U8GDcJst3ltPaueM9c5zmn8gikiBlXafwGpe-1NFCCBommuEyXDbaOGkopc0IgF_ipV2YWDx4FzVFHOQ
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D4FE 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 09:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
292309
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 05 May 2024 09:20:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D4FE 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53510
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683545318771348"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 May 2023 18:31:58 GMT
nmedianet.js
contextual.media.net/ Frame 2225 		122 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUL2446F&ydspr=1
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b40526ea9fda390b4b5fd206b0ea779c956609f6050493b38656d859b98c9d5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-mnt-h
21-76z2
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 09 May 2023 18:31:58 GMT
server
Apache
etag
"9a5d03294b7f329b2e47838dd47bcb8a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-ks67
timing-allow-origin
*
content-length
44842
expires
Tue, 09 May 2023 18:36:58 GMT
log
qsearch-a.akamaihd.net/ Frame 2225 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&vplcmtt=-1&lper=&app_type=&bdr_typ=2&ogerpm=0.0&stid=22463027&content_context=-1&content_channel=&other_prv=462&jar_err=&adtyp=0&req_id=7615065297151075726&bidfp=0.0000&pvag_id=&ugd=4&exp=0&deal_id=&ctr=-1.0&fdbk_id=&second_bidder=*&gpid_format=DEFAULT&seat=462&rc=-1&size=300x600&f_seg=&prdp=0.1300&ogcbdp=0.1300&dfpbd=0.1300&server=&ogerpm_wd_bkt=0-1&vskip=-1&viewability=0.56&dmm_r=&dmm_l=0.287&tcyerpm=&content_language=&sc=BW&send_erpm=true&sd=&hb_exp=&seg=&ugd_ver=&requrl=ye-mek.net%2F&bidrestime=1683657117219&cc=DE&strg=no_strategy&ss=&video_maxdur=-1&time_stamp=2023-05-09+18%3A31%3A57&content_network=&rvshhon=1&bdp=0.1300&ct=bad+durrheim&akey=&mnckfl=0&content_genre=&asn=28753&algo=no_strategy&dc=eu_be&splid=22463027&dn=ye-mek.net&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F113.0.5672.92+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=85734df57f9444368f2b8956a435d849&zone=b&infl=0&o_ver=NT+10.0&br_ver=113.0.5672.92&ver=9.4.2&totalTimeBucket=0&visibility=0&totalTime=3800&e_rpm=&dmm_m22=&gdpr=&vsid=&content_userrating=&gpid_sent=true&ogerpm_used=false&sfm_key=&cid=8CU6M287B&bcrid=424784951&rawbid=0.13&sub_bidder=99&pst=EMS&pbshr=100.0000&dmm_d10=0&o_id=101&clisp=rtb-common-864b4cb6cf-xqdst.BE&adblk=&itype=appnexus&pvid_seat=462_462&vcmplrt=-1.0&video_mindur=-1&cliIP=624572928&advurl=generalsearch.net%2F&crid=856004011&sat=2&br_id=265&gpid=22463027&iwb=1&second_bid=0.0&sc_pvid=462&capd=0&other_bids=0.13
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.101.54.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-194.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:58 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 09 May 2023 18:31:58 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame 2225 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Tue, 09 May 2023 18:31:58 GMT
x-guploader-uploadid
ADPycdt-ZvS1Ng69KUEm5bGJxJYo3adbUJK4J6ysZsmUH8-RjB8SdR6U1w2HqxRloagNZksp-7OciBeCH3y1tmsnAC2Vxg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Tue, 09 May 2023 19:31:58 GMT
trk.js
cdn.adnxs.com/v/s/232/ Frame 2225 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/232/trk.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires
Thu, 25 Apr 2024 08:42:19 GMT
Date
Tue, 09 May 2023 18:31:58 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1158579
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27631
X-Served-By
cache-lga21975-LGA, cache-fra-eddf8230085-FRA
Last-Modified
Wed, 26 Apr 2023 08:42:13 GMT
Server
AkamaiNetStorage
X-Timer
S1683657119.517032,VS0,VE0
ETag
"c342094e8bdad308ac07817d751fb315:1682498533.672161"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
14, 1251338
it
ams3-ib.adnxs.com/ Frame 2225 		0
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fye-mek.net%252F&e=wqT_3QK_BOg_AgAAAwDWAAUBCJ2j6qIGEKT438fTma7GRBgAKjYJpHA9CtejwD8RfT81XrpJvD8ZAAAAoJmZ9T8hfQ0SACkRJPQ0ATEAAABA4XrEPzCzhNsKOKUVQJUJSGBQt-jGygFYupyOAWAAaLO3K3iV9AWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgApOcW-oCE2h0dHBzOi8veWUtbWVrLm5ldC-AAwCIAwGQAwCYAxegAwGqA0ESGDc2MTUwNjUyOTcxNTEwNzU3MjZfc2JpZBoTNDkzOTUyNjA4Mjg4MjE3Mzk4OCIJNDI0Nzg0OTUxKgVNMTE3M8ADrALIAwDYA_LZOOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwzNy41OC41OC4yNDioBACyBBAIABABGKABINgEKAAwADgCuAQAwASPpqUiyAQA2gQCCAHgBAHwBCUeWIgFAZgFAKAFjsvg0KmxiddpwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Aav8QHaBhYKEAkSGQF8EAAYAOAGAfIGAggAgAcBiAcAmAcBoAcByAeV9AXSBw0VaAEpCNoHBgFhcBgA4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=587b50bbecbeb056ad4b064810c5b586a303914d
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:58 GMT
AN-X-Request-Uuid
016f4cfb-2ac3-4c20-a184-11ea9c7401f3
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.248; 37.58.58.248; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 202A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:57 GMT
expires
Wed, 08 May 2024 18:31:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3578 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:57 GMT
expires
Wed, 08 May 2024 18:31:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6595 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:57 GMT
expires
Wed, 08 May 2024 18:31:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
nmedianet.js
contextual.media.net/ Frame DDCE 		122 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUL2446F&ydspr=1
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4f3fad6484e3a7f42bf7a7129fc6ec09ae85ec59dad2f7b6765975ee1f7d7d8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-mnt-h
21-76z2
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 09 May 2023 18:31:58 GMT
server
Apache
etag
"9a5d03294b7f329b2e47838dd47bcb8a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-ks67
timing-allow-origin
*
content-length
44841
expires
Tue, 09 May 2023 18:36:58 GMT
log
qsearch-a.akamaihd.net/ Frame DDCE 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&vplcmtt=-1&lper=&app_type=&bdr_typ=2&ogerpm=0.0&stid=22462657&content_context=-1&content_channel=&other_prv=462&jar_err=&adtyp=0&req_id=7615065297151075726&bidfp=0.0000&pvag_id=&ugd=4&exp=0&deal_id=&ctr=-1.0&fdbk_id=&second_bidder=*&gpid_format=DEFAULT&seat=462&rc=-1&size=200x200&f_seg=&prdp=0.1400&ogcbdp=0.1400&dfpbd=0.1400&server=&ogerpm_wd_bkt=0-1&vskip=-1&viewability=0.39&dmm_r=&dmm_l=0.317&tcyerpm=&content_language=&sc=BW&send_erpm=true&sd=&hb_exp=&seg=&ugd_ver=&requrl=ye-mek.net%2F&bidrestime=1683657117223&cc=DE&strg=no_strategy&ss=&video_maxdur=-1&time_stamp=2023-05-09+18%3A31%3A57&content_network=&rvshhon=1&bdp=0.1400&ct=bad+durrheim&akey=&mnckfl=0&content_genre=&asn=28753&algo=no_strategy&dc=eu_be&splid=22462657&dn=ye-mek.net&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F113.0.5672.92+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=8df990f1816c4b1093c884f828bf4796&zone=b&infl=0&o_ver=NT+10.0&br_ver=113.0.5672.92&ver=9.4.2&totalTimeBucket=0&visibility=0&totalTime=2311&e_rpm=&dmm_m22=&gdpr=&vsid=&content_userrating=&gpid_sent=true&ogerpm_used=false&sfm_key=&cid=8CU6M287B&bcrid=424785930&rawbid=0.14&sub_bidder=99&pst=EMS&pbshr=100.0000&dmm_d10=0&o_id=101&clisp=rtb-common-864b4cb6cf-xqdst.BE&adblk=&itype=appnexus&pvid_seat=462_462&vcmplrt=-1.0&video_mindur=-1&cliIP=624572928&advurl=generalsearch.net%2F&crid=856004011&sat=2&br_id=265&gpid=22462657&iwb=1&second_bid=0.0&sc_pvid=462&capd=0&other_bids=0.14
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.101.54.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-194.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:58 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 09 May 2023 18:31:58 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame DDCE 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Tue, 09 May 2023 18:31:58 GMT
x-guploader-uploadid
ADPycdt-ZvS1Ng69KUEm5bGJxJYo3adbUJK4J6ysZsmUH8-RjB8SdR6U1w2HqxRloagNZksp-7OciBeCH3y1tmsnAC2Vxg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Tue, 09 May 2023 19:31:58 GMT
trk.js
cdn.adnxs.com/v/s/232/ Frame DDCE 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/232/trk.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires
Thu, 25 Apr 2024 08:42:19 GMT
Date
Tue, 09 May 2023 18:31:58 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1158579
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27631
X-Served-By
cache-lga21975-LGA, cache-fra-eddf8230085-FRA
Last-Modified
Wed, 26 Apr 2023 08:42:13 GMT
Server
AkamaiNetStorage
X-Timer
S1683657119.530925,VS0,VE0
ETag
"c342094e8bdad308ac07817d751fb315:1682498533.672161"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
14, 1251339
it
ams3-ib.adnxs.com/ Frame DDCE 		0
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fye-mek.net%252F&e=wqT_3QK-BOg-AgAAAwDWAAUBCJ2j6qIGELqh1ci_geakBBgAKjYJ7FG4HoXrwT8REVg5tMh2vj8ZAAAAoJmZ9T8hEQ0SACkRJPQ0ATEAAAAA16PAPzDBgdsKOKUVQJUJSGBQivDGygFYupyOAWAAaLO3K3iV9AWAAQGKAQNVU0SSAQNFVVKYAcgBoAHIAagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgApOcW-oCE2h0dHBzOi8veWUtbWVrLm5ldC-AAwCIAwGQAwCYAxegAwGqA0ASGDc2MTUwNjUyOTcxNTEwNzU3MjZfc2JpZBoSMzA4OTQ1MjI2NjQyNTc1NTQ2Igk0MjQ3ODU5MzAqBU0xMTczwAOsAsgDANgD8tk44AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDM3LjU4LjU4LjI0OKgEALIEEAgAEAEYygcg-gEoADAAOAK4BADABI-mpSLIBADaBAIIAeAEAfAEiiEdVIgFAZgFAKAFjsvg0KmxiddpwAUAyQUhThwAAPA_0gUJCQkMeAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGr_EB2gYWChAJEhkBfBAAGADgBgHyBgIIAIAHAYgHAJgHAaAHAcgHlfQF0gcNFWgBKQjaBwYBYXAYAOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=2b0b899f67e5419919893a5efee27127d904d4e7
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:58 GMT
AN-X-Request-Uuid
669d7a6d-f772-46db-9ade-7f6d597c6b7e
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.248; 37.58.58.248; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C6EA 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNVIFTWFRqP5K3HprVqAfi9Sd_MqHvzrWlfGFDkTUlJZpxoACJv7HuKKu1B6t46PhT0ROJNfe6hOLgKmoEbaqgiMvXWkTwxMyACmOP5iIxUjcqOV3TW-Uk1MuAo_-x2pcIJtKtkz5fQZSjQ35RV4Hh2TOnP9eLEZtCcpoBDF048NVSINqWI
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 202A 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 09 May 2023 18:31:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 202A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C2WRbGdp2A9yHHVvBwREuuDMTZDM1W1HknydKw93cdcJh80NxL0htMZ-wdfVA-_-Rrc1HUbloy1jkEffsEY8y62P0LywAcNMhxCRldhfBEVrHD2CA
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 202A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18383705655026945597&x=1&ct=76
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame 202A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/window_focus_fy2021.js
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:44:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
85619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 May 2023 18:44:59 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame 202A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:44:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
85619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7958
x-xss-protection
0
server
cafe
etag
8677084837583379376
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 May 2023 18:44:59 GMT
l
www.google.com/ads/measurement/ Frame 202A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSscf5fqv6hv4h86RFKaFj70e7jUfsG1CpchuPQCx5XaE1HICYkaFU5SSNdvxomWfrI72_5M7sGDknCdWKM4XHMxlSNOQ
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 202A 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53510
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683545318771348"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 May 2023 18:31:58 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 41E9 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXcTvXZI4sBi_3wXxaN0Ho62YCYXeKiHrea65jW6brQ2No3LQYVKH5fqq-TMUAy4CcY0ev2pmxr77-YJIJezm8Ua0JTW7w2c4jKHknRNMKI4719MUiHfy16H0OCTUVr38jBNnyjMHy9tPvRyGi9IlzraM409lemNrICr51D3B8KUxxSOPU
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3578 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 09 May 2023 18:31:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3578 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ASU9iN34hBzpyzlbz39J_msQ2pExhj8931aOlKiYCP0k7MsW9zNqGZ4kv2OZI8pjetkqB5UbwfsW1Ou3Zs21ARJCCxVIoQorgnY8sME5RI3pM-Zcc
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3578 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13872484356092321146&x=1&ct=77
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame 3578 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/window_focus_fy2021.js
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:44:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
85619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 May 2023 18:44:59 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame 3578 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:44:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
85619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7958
x-xss-protection
0
server
cafe
etag
8677084837583379376
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 May 2023 18:44:59 GMT
l
www.google.com/ads/measurement/ Frame 3578 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnSi3-pfjYAjZSarlwpDn3JpwiQb8JcpQ9h7eQWWR7mlfK3Ouh1N22v3O--y0usu0t_aU3d-vNPrwB68zWvKEAyqswWw
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3578 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53510
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683545318771348"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 May 2023 18:31:58 GMT
css
fonts.googleapis.com/ Frame 6595 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 May 2023 18:04:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 May 2023 18:31:58 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame 6595 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:44:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
85619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 May 2023 18:44:59 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6595 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cy2aqnpFaZOCHCIXbmwexvLmYBb2Npq9vn8yvrL8O6p_coNQBEAEgwLKCa2CVAqABsLqh1wPIAQmpArhJv7UzZ7I-4AIAqAMByAPLBKoE_wFP0O_sA24ekV2Ao6opdRvCgkfuMlLHqwK1CL3OpWd-h-u9Z0NGpIjqusCRB7Cw1MHYeURh0ikoqyNH-JeSLvEq8Z-lZO7DLq_Mhy9x-ZRwUatRMJhZJmkhhokge6OfuqEjAScgaiDRl-PUqJTx77b3DaRGB2HuMYQnfp33ste40hYhshcBpkvRUF15o58LykuwXAQZ3E4MkMoMvZp66DHpC-PouBDa_UKl_mIbPxOnxOq36DX4vl-4w54KZwI1hlZmbea5lBcrG-uYzjcXxI9k7QrHWrpbtZy7p_s8xqZY0yXX5JdjLerPDjfiS5-qKbc4g5qjSsVNZRLOhb2TVR3ABKmcqargA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfF960-qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEJrEAtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgPICwHYEwyIFALQFQGAFwGyFx4KHAgAEhRwdWItNjU5MzUyMzIxMDAxMDE1NBjqwW0&sigh=Vjwlint-1Hg&uach_m=[UACH]&cid=CAQSOwBygQiDEGuH6Xxf1azuAJboh1jhDvWoeDI3b_Gt3MqioZIffnlMcMEYgAVNhB7i408MEk7fq2g6DZKhGAE&template_id=494
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/ Frame 6595 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/abg_lite_fy2021.js
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec25a2a97a622751d1ec7a9f41e37b52e978d5482fa38c16391f5ce1eb732c22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:44:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
85619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8785
x-xss-protection
0
server
cafe
etag
9540740394202920180
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 May 2023 18:44:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame 6595 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/window_focus_fy2021.js
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:44:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
85619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 May 2023 18:44:59 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame 6595 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:44:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
85619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7958
x-xss-protection
0
server
cafe
etag
8677084837583379376
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 May 2023 18:44:59 GMT
l
www.google.com/ads/measurement/ Frame 6595 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTq9sTjeXa-kVWS1IZ0KmxVZKnsaYx3AB3geRUKErU-DG6OSqRxMV7oOJXd3Px6Oza6PM6vhNa6erd6QSXGW9jMwJiRuA
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6595 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53510
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683545318771348"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 May 2023 18:31:58 GMT
fe5bb951bcb64b0813d5b031a6a87c6d.js
www.gstatic.com/mysidia/ Frame 6595 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fe5bb951bcb64b0813d5b031a6a87c6d.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f15cc4cd8b473731e005ce00c1dcbda3d2bc464bb05f8838eb9c0a5991323fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 05 May 2023 14:47:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
359088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13644
x-xss-protection
0
last-modified
Fri, 05 May 2023 14:26:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 03 Aug 2023 14:47:10 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 52C5 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
811
x-guploader-uploadid
ADPycdu_bETbAO3L7E3ZwmLe8QxiVBASGCjfRAxwlm_tkXJYko3jNEaJxZb3LISJ1TPqVw-ds5Su5eyQQRqdQCYhbG3a5A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agHC4KFrWvu2lF5P8G%2Bq2BqAvwOZMwK1T7tPMIZA1yDF2FNLvr2BKKlZrL7wrdzCO9Q627xQSX0Zjuv6KRcflCaUJ7wY08HwqUjcCjw4cIuO2D%2FWX8qhoYyOLU3eB1CjceiU5R%2BhlX%2B5HeCjHn%2BE55dZ"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7c4c05bf494618e6-FRA
expires
Tue, 09 May 2023 19:02:19 GMT
frame.html
ad4m.at/ Frame DC73 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1056607
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7c4c05befd2d19b1-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 09 May 2023 18:31:58 GMT
expires
Thu, 30 Mar 2023 21:56:13 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZSSmrtqCwFKBAzSBbFNrHV9y7QOhLyxpjVMUrgAcR7lGzdeYjXM5paM%2F7lu9SVzSlFux1eRGGRa%2BxB2Y7drOFXEVkFrdRdY7hpPLLPvmZ6nE%2F5KpxZZs%2Fdd3qAvYUxC%2B7TS%2F5A%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ Frame 6595 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
624907996767536446
tpc.googlesyndication.com/simgad/ Frame 6595
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
  • https://tpc.googlesyndication.com/simgad/624907996767536446
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/624907996767536446
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 20:07:58 GMT
x-content-type-options
nosniff
age
253440
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8502
x-xss-protection
0
last-modified
Tue, 09 Apr 2019 09:00:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 05 May 2024 20:07:58 GMT

Redirect headers

date
Tue, 09 May 2023 04:41:59 GMT
x-content-type-options
nosniff
server
cafe
age
49799
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/624907996767536446
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 08 Jun 2023 04:41:59 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E7BF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84693
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 May 2023 19:00:25 GMT
etag
48472445140208031
expires
Tue, 09 May 2023 19:00:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6595 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c84b9e3d6a58529cf5986fd7022e2b631bcb4c4e66a8288926a78ef0c7870d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame C6EA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA1CFVIVjMAoBgZiK6IFcZI&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA1CFVIVjMAoBgZiK6IFcZI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNVIFTWFRqP5K3HprVqAfi9Sd_MqHvzrWlfGFDkTUlJZpxoACJv7HuKKu1B6t46PhT0ROJNfe6hOLgKmoEbaqgiMvXWkTwxMyACmOP5iIxUjcqOV3TW-Uk1MuAo_-x2pcIJtKtkz5fQZSjQ35RV4Hh2TOnP9eLEZtCcpoBDF048NVSINqWI
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA1CFVIVjMAoBgZiK6IFcZI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C6EA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFqRnjYXR228CivwdFvtxQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA1CFVIVjMAoBgZiK6IFcZI&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA1CFVIVjMAoBgZiK6IFcZI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNVIFTWFRqP5K3HprVqAfi9Sd_MqHvzrWlfGFDkTUlJZpxoACJv7HuKKu1B6t46PhT0ROJNfe6hOLgKmoEbaqgiMvXWkTwxMyACmOP5iIxUjcqOV3TW-Uk1MuAo_-x2pcIJtKtkz5fQZSjQ35RV4Hh2TOnP9eLEZtCcpoBDF048NVSINqWI
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA1CFVIVjMAoBgZiK6IFcZI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C6EA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGq07ItKF-YDgCXRuFYb5wg&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGq07ItKF-YDgCXRuFYb5wg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNVIFTWFRqP5K3HprVqAfi9Sd_MqHvzrWlfGFDkTUlJZpxoACJv7HuKKu1B6t46PhT0ROJNfe6hOLgKmoEbaqgiMvXWkTwxMyACmOP5iIxUjcqOV3TW-Uk1MuAo_-x2pcIJtKtkz5fQZSjQ35RV4Hh2TOnP9eLEZtCcpoBDF048NVSINqWI
Protocol
HTTP/1.1
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:58 GMT
AN-X-Request-Uuid
ec050c22-11cc-47fe-baea-bd33e000c254
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
37.58.58.248; 37.58.58.248; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGq07ItKF-YDgCXRuFYb5wg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C6EA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5MTcwODA0MzMyMDYyNTYx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5MTcwODA0MzMyMDYyNTYx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNVIFTWFRqP5K3HprVqAfi9Sd_MqHvzrWlfGFDkTUlJZpxoACJv7HuKKu1B6t46PhT0ROJNfe6hOLgKmoEbaqgiMvXWkTwxMyACmOP5iIxUjcqOV3TW-Uk1MuAo_-x2pcIJtKtkz5fQZSjQ35RV4Hh2TOnP9eLEZtCcpoBDF048NVSINqWI
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 09 May 2023 18:31:58 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.248; 37.58.58.248; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4828ebb9-001e-43da-b662-5d3330e4b32b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5MTcwODA0MzMyMDYyNTYx
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E7BF
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELi6pGimng_Z2TxD2ctp2Kk&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELi6pGimng_Z2TxD2ctp2Kk&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TjZweFNZM2oxUFdzN1k1&google_gid=CAESELi6pGimng_Z2TxD2ctp2Kk&google_cver=1&google_push=ATf1kGM7Wo5nBwugKK0czqk_6FUuT277TuiTsXqLdlkoZCd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TjZweFNZM2oxUFdzN1k1&google_gid=CAESELi6pGimng_Z2TxD2ctp2Kk&google_cver=1&google_push=ATf1kGM7Wo5nBwugKK0czqk_6FUuT277TuiTsXqLdlkoZCd7fh0xqmE2zKQsFazK9PxyEm0XY-rBLFznB5WX8n8NBYgigEWN_zM
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:58 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TjZweFNZM2oxUFdzN1k1&google_gid=CAESELi6pGimng_Z2TxD2ctp2Kk&google_cver=1&google_push=ATf1kGM7Wo5nBwugKK0czqk_6FUuT277TuiTsXqLdlkoZCd7fh0xqmE2zKQsFazK9PxyEm0XY-rBLFznB5WX8n8NBYgigEWN_zM
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame E7BF
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBD6Z44AireTH8sugMPa7Gs&google_cver=1&google_push=ATf1kGNZkvJPLlKyHpmvBzdPcwUeqkC3e9d9fTzV4mtEt8L18Gf7Ycht-N5pdbyDfRIEPfCWTCOEcd-OY4O4WwrSHM8b0Q4qiCBx&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBD6Z44AireTH8sugMPa7Gs&google_cver=1&google_push=ATf1kGNZkvJPLlKyHpmvBzdPcwUeqkC3e9d9fTzV4mtEt8L18Gf7Ycht-N5pdbyDfRIEPfCWTCOEcd-OY4O4WwrSHM8b0Q4qiCB...
43 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBD6Z44AireTH8sugMPa7Gs&google_cver=1&google_push=ATf1kGNZkvJPLlKyHpmvBzdPcwUeqkC3e9d9fTzV4mtEt8L18Gf7Ycht-N5pdbyDfRIEPfCWTCOEcd-OY4O4WwrSHM8b0Q4qiCBx&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNZkvJPLlKyHpmvBzdPcwUeqkC3e9d9fTzV4mtEt8L18Gf7Ycht-N5pdbyDfRIEPfCWTCOEcd-OY4O4WwrSHM8b0Q4qiCBx%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c4c05c0fd795ca4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
187
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBD6Z44AireTH8sugMPa7Gs&google_cver=1&google_push=ATf1kGNZkvJPLlKyHpmvBzdPcwUeqkC3e9d9fTzV4mtEt8L18Gf7Ycht-N5pdbyDfRIEPfCWTCOEcd-OY4O4WwrSHM8b0Q4qiCBx&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNZkvJPLlKyHpmvBzdPcwUeqkC3e9d9fTzV4mtEt8L18Gf7Ycht-N5pdbyDfRIEPfCWTCOEcd-OY4O4WwrSHM8b0Q4qiCBx%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c4c05bf8b785ca4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E7BF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPDJJ-gb3OlUJudvAb2X0xk&google_cver=1&google_push=ATf1kGOHTEOKaxhd1uqt_EWBvvpZPF-VhS7aIloOsSCe1wQ4D2KuD_QnPrf06b3ofDk32VDGf9W3Y_UZxFuTghvhrMmY3s7...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOHTEOKaxhd1uqt_EWBvvpZPF-VhS7aIloOsSCe1wQ4D2KuD_QnPrf06b3ofDk32VDGf9W3Y_UZxFuTghvhrMmY3s7tQ9ep&google_hm=eS1kcGR3a0NoRTJwRmhlUz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOHTEOKaxhd1uqt_EWBvvpZPF-VhS7aIloOsSCe1wQ4D2KuD_QnPrf06b3ofDk32VDGf9W3Y_UZxFuTghvhrMmY3s7tQ9ep&google_hm=eS1kcGR3a0NoRTJwRmhlUzlrQXZFeUY5a3gzSHljbHljMX5B
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 09 May 2023 18:31:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOHTEOKaxhd1uqt_EWBvvpZPF-VhS7aIloOsSCe1wQ4D2KuD_QnPrf06b3ofDk32VDGf9W3Y_UZxFuTghvhrMmY3s7tQ9ep&google_hm=eS1kcGR3a0NoRTJwRmhlUzlrQXZFeUY5a3gzSHljbHljMX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame E7BF
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEH7NoLwG1uYeVObEVqit8pk&google_cver=1&google_push=ATf1kGPdgHf7O6o2kE1uBz-vPlM1SjaeMmF2JnKUZRHbTREn7myZWAq9q0uesdtKB3Q9lJ5nmHeZ9f96u30YfvcfE...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEH7NoLwG1uYeVObEVqit8pk&google_cver=1&google_push=ATf1kGPdgHf7O6o2kE1uBz-vPlM1SjaeMmF2JnKUZRHbTREn7myZWAq9q0uesdtKB3Q9lJ5nmHeZ9f96u30YfvcfE...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPdgHf7O6o2kE1uBz-vPlM1SjaeMmF2JnKUZRHbTREn7myZWAq9q0uesdtKB3Q9lJ5nmHeZ9f96u30YfvcfEhvgo9Hkr8Rx&google_hm=GnjXpGZHNs6m3ECwSA-60rKZ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPdgHf7O6o2kE1uBz-vPlM1SjaeMmF2JnKUZRHbTREn7myZWAq9q0uesdtKB3Q9lJ5nmHeZ9f96u30YfvcfEhvgo9Hkr8Rx&google_hm=GnjXpGZHNs6m3ECwSA-60rKZ
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 09 May 2023 18:31:58 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPdgHf7O6o2kE1uBz-vPlM1SjaeMmF2JnKUZRHbTREn7myZWAq9q0uesdtKB3Q9lJ5nmHeZ9f96u30YfvcfEhvgo9Hkr8Rx&google_hm=GnjXpGZHNs6m3ECwSA-60rKZ
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
report
sync.teads.tv/um/ Frame E7BF
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHjQYe79V7U0iaK-5_G1fg4&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGP_gH0vaHlWEF-Rh53Y6UnOOEbt5OxYV7a8qvMB2P38wQ2d6Dy4UrDAe9xINjZdIkM6pBrsCbuWL9YkLeuojJAYy5zkaXHq4w
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires
Tue, 09 May 2023 18:31:58 GMT
pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E7BF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEv5yzk2wkGvWw3lpj9NlPQ&google_cver=1&google_push=ATf1kGPNIH9yYzwpf...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Nzk5MTcwODA0MzMyMDYyNTYx&google_gid=CAESEEv5yzk2wkGvWw3lpj9NlPQ&google_cver=1&google_push=ATf1kGPNIH9yYzwpfMp4QVFKaJ_aSy2fPFTv14Kf47...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Nzk5MTcwODA0MzMyMDYyNTYx&google_gid=CAESEEv5yzk2wkGvWw3lpj9NlPQ&google_cver=1&google_push=ATf1kGPNIH9yYzwpfMp4QVFKaJ_aSy2fPFTv14Kf47bg02Bgjok3Zo_gos0OrADLJS97vfEXZm3MpujI5sIXVyNJe6fKWBj4HeOgDQ
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 09 May 2023 18:31:58 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.248; 37.58.58.248; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d0cddd98-2fd1-47b4-b7b1-9fa317577006
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Nzk5MTcwODA0MzMyMDYyNTYx&google_gid=CAESEEv5yzk2wkGvWw3lpj9NlPQ&google_cver=1&google_push=ATf1kGPNIH9yYzwpfMp4QVFKaJ_aSy2fPFTv14Kf47bg02Bgjok3Zo_gos0OrADLJS97vfEXZm3MpujI5sIXVyNJe6fKWBj4HeOgDQ
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E7BF
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENVZVgWpP...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENV...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ef47b96a-2c71-4aae-97bb-3f233298d08d&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ef47b96a-2c71-4aae-97bb-3f233298d08d&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ef47b96a-2c71-4aae-97bb-3f233298d08d&%%GOOGLE_PUSH_PAIR%%
date
Tue, 09 May 2023 18:31:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame E7BF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I6mum0fhDBYEbltxnk334aLIjykP0z7mevVMCb-M0PXs5ynXsrsGX7-tMOCAsjHEL66F0MGAaF
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
publishertag.prebid.135.js
static.criteo.net/js/ld/ Frame 2370 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 18:31:58 GMT
sd
us-u.openx.net/w/1.0/ Frame 41E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM7yxnAMC9400cjY3Nz9xvo&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM7yxnAMC9400cjY3Nz9xvo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXcTvXZI4sBi_3wXxaN0Ho62YCYXeKiHrea65jW6brQ2No3LQYVKH5fqq-TMUAy4CcY0ev2pmxr77-YJIJezm8Ua0JTW7w2c4jKHknRNMKI4719MUiHfy16H0OCTUVr38jBNnyjMHy9tPvRyGi9IlzraM409lemNrICr51D3B8KUxxSOPU
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM7yxnAMC9400cjY3Nz9xvo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 41E9 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXcTvXZI4sBi_3wXxaN0Ho62YCYXeKiHrea65jW6brQ2No3LQYVKH5fqq-TMUAy4CcY0ev2pmxr77-YJIJezm8Ua0JTW7w2c4jKHknRNMKI4719MUiHfy16H0OCTUVr38jBNnyjMHy9tPvRyGi9IlzraM409lemNrICr51D3B8KUxxSOPU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 41E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEJM44mJD9z9D6GZWUk0L4Is&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEJM44mJD9z9D6GZWUk0L4Is&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXcTvXZI4sBi_3wXxaN0Ho62YCYXeKiHrea65jW6brQ2No3LQYVKH5fqq-TMUAy4CcY0ev2pmxr77-YJIJezm8Ua0JTW7w2c4jKHknRNMKI4719MUiHfy16H0OCTUVr38jBNnyjMHy9tPvRyGi9IlzraM409lemNrICr51D3B8KUxxSOPU
Protocol
H2
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires
Tue, 09 May 2023 18:31:58 GMT
pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEJM44mJD9z9D6GZWUk0L4Is&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 41E9 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXcTvXZI4sBi_3wXxaN0Ho62YCYXeKiHrea65jW6brQ2No3LQYVKH5fqq-TMUAy4CcY0ev2pmxr77-YJIJezm8Ua0JTW7w2c4jKHknRNMKI4719MUiHfy16H0OCTUVr38jBNnyjMHy9tPvRyGi9IlzraM409lemNrICr51D3B8KUxxSOPU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires
Tue, 09 May 2023 18:31:58 GMT
pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 202A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4133749957766&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 202A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4133749957766&version=m202301230201&ct=76&x=1&cor=18383705655026946000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 202A 		84 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BsRu2xhZf4VDbJP46zLyBJCdROP5Zgnd3t0XDab9iYohXqUGB3cyq71bws0luYinzfyJVVraXqhN3KhbpHuUH__vGgOA&cry=1&dbm_d=AKAmf-CaUi8iFOrsiH4ExsEXIRTak9cTlp2Mo6XMbVYGOZFU1RbvyOh_gd6Nb9sc9nW6u8TnvDn1Xz8cnKGRSdD5UOya-E6Iym4Nc7RjENXSRpaBWca0fuhaptWAw8t1Qpt5pTfmth4b5bzHvm3nGyBVNNJl3S6oou7iHGQrrh6nlKjD-DQp84RA3NT6eLYRNAvNHG2UjpCSvyzIbLiJkJEgma4Nbuvagqjddn-7VHV9f05-omhVvN-fhQ5L5g7QCMqb9O0fEKC7tefvO78Ydacka8PKqJNz13C5ndxDwcoIeKiUY5gsIzp2ZTY3BxHpbMHwBdwJS3PozVZpOc76DlY7OCwAxlXT_4KBizCdXJbrQrBIB-eHBFsRpqxKUakqwvXDFUbfpaEhaz0fQMKB_rRrnd07xK40Ex0b9oAOQuIT1_P4PnDJyOrDbI8IdsASZ6LPpVa5Pja75y0u_wGv50iG8r4dSzsCWsmH1KoUYxCWofQq_4o4r1SNMbSGTI-qeznlcc2epdYl0oC0kkKYCLhn3TtRK7c24vRFQ1cgGGSeDTRHB6xXy83dkjAzVi74RxXP61lFVy7_x56Jj-iFurmz8TwdN7GzXBsxl9vSoMcFFX2dKFlQbqRsjCQsEA0CIh1ouwtAYa3JFXPhwRIj1E01GLizQMH67JDSQ_xljtn3IkugGbIjKQqbbqkid9ZBsPuZ_GjoQtCExopwOTcKDEb2fI-hbrXWElGdpNM2WD9kvgIVoLCQi1OVSY6iujkqAoZpehcCD4c7iZqTdN8jo_Wcd55AGY8-4E7s5Fa0AMxJQ_IuLXs2weDmfhmBFOxhUp75F9gDmzEkFh6E9GKr8tr2tmx6eVQ6UOXeJIoU9doZHHcS-cnKcARf9-A-WNH3xQZo1cx4GBDfSNB0sctbVr156YHi2UCzVeEHO2e5ErajURxGbj6_F91KKvr_4uWrZNTUKajogEF5h00RyV7kquaYFbD1ddPtSxl3YJ0O7qcAhhQvHj0YWBix0tSio1wut2-lDZOi9sR23mKltZADhyj96G19MUZEz6agvcirQxs4mtf_6-toRNpC3AkE9wo_0pFHxLTWcSEOKAGa02-eU7isP9WfmiTTLdLGvU9K_zfWcEqAaAF90HRvHjsqvxibkbsyvodPg7Ll3SPQtzH8tFJ5CX6H8W8j47PkDjVfTjScLxEuuY0w07VIlFrxlpf0TmdL4iqyltNNgYKzskrwwytFYWb839FaS8shAuSMqQPN0-ptYxTE05g_cJnciro6UaiPNWaphV3TTigtWDFF0cZ-MRyq-tmLG_l-afM9U35bMJuiGjCe8PKpuh02xgKm7jr5bG_Cpcn1R0CC4nCQyYuIRZaLsmvaPeWZrY70V0kdItbAIMbBUDr-T8UEurNFzVhhtqTciYy_GDVTtfc9Tvdqz4DycQWYYoNA_nZTM3xE6k1Vxf5nD3rftNRuyD-75AIdxaTFTqLyaZFnbbNQ-fdip2f1Op0c4JUeKBaJzggmAPSe7-aom9OhTQsztmWO_bvhpbx5sN3qY-9OJSdCjtM33rXVBRPl4aIup6rFw4RsLQ1X1mIR_jsZfBj7oeUKeQqgwL2TqDCFsOFFZXIGuMzsHIXOZNve_7BQy0qKFIyerqubzDGaM7Wd4T3cvu_pyflbNk2qTOrwDTWsjYJpURlxQ_3M1qNPh8n4MjHZkbWj_I0JiD6h2aoBM9Uqg-KUfFD-b3fsxSTEg8E-lhQwiP0pkhZKQkPxBB0hX7QGlNy4Zy0bSn_pOj49xgOf8iJLEHSvfiJiufxroI_QJE6PUqHH_dqHO1ZII-Pz6hOgQzI6K2MqvVEx6uZeyRMB65qFx0IwegfxfQhwRNRwAS1dJxBWP4aCgKqpFr1YJr5TuryU7G9YLQFzIBskJSXDZotWwIYFuKEwFHNkoNwHPdNZ17KE4olaLjm92Q7BaU4d5w1yGftwGIIwlvQyYBNVyvJTHltg43_oDYx51oVkRqr4bSqw24XYY5hlTBtogGqD2M1Wi0pVmRArSIJvRqNw5olK3hf37JAUY287Ga680egm8ll6lODzgLKeiDslRaPmE39_NXZUe5Xs63SpCoQCKNDiDRWF29LYbT7JrimUuG3m4ts0RGnehTFd-rBSNy8pPngmaZnriNXQtOXrWGc_7RFJfVzMJwNDbb-1AT_l8BMPB-Htgj0XsmG11w1eiF0abNgvfINgjA5PRuAmtwDyaeAta6mvDgVAgdQYdI9MaMTIFPXj4X637gVTE_fSMh3t1Rq402gzuF63LhUC4ASlE1d25WG8nvE0szTFVcK75_oWdx8oujBcgPv4oXFWOxNv9TgOOqRd_qp-M0fGdqcTb53lWliWOJzAXZg4xet239pYkP95u1_C1Id_c8qV0Cclhb0jpuR0wXqPT8-m8aZILS_3O3LuWHX8aBVqAB5lEWkc9LC2X_1S-RYG12ScyddR2eblxmLWQXxgF4fZcEDx5qfDx3fJhjliwwixxyCVJGQVdgs7-CbZNABk0wqdrnCnJ1hkiEkuemi8llxVXE_rJc3DpL8ISu2aVcfRpW2T-7pddKOZ983JuG_gbv8pMN_vhueP4gh2R5QHFze1XuqMAPlZ7TsTv9GQaffK5wBE3UoS269oXwyRTPPN_g-hr49k4xV-HC9OSyO6uc3cWJY-eqv8qtrF_fFjQ_r-tTUOasluSbsD2DruQx7UDkxG7pPmJgELM0tGUoNqPZVrLfQxsdZ_vcFrZTN0aiwpz9cUWMaBpO7KZDMjkkahZM76OQOcltoYc6KguDwasA71-rZI1-JPi-mL6OngReHemsZZLSqfaw3ZVVAHuTrEUsnvdod97PRiykDcy0eCA8a1EXR4AEsICowu0e7GYebs7rmrTMQ18bqYGa9BI8s8iLOX147_A-vk_cUxW680Zb1eNRGMlSYfBEHNFqOFN4yY2t_icazyAUkarxpzLdZqtzyg7ZbtMrHR44SAHDe3iHnMjG0-tRpClLpf7y_Fj6_uQgXPzh1u3u52kFqYFMr1mfM32U9WytVFUnORrn8o6gbQnL9yfOfl-aIovhZ7y-hL4QdC1s3Ub7qUt-g69lgdouBpvbqIp1niqgaDzNBQkyY5QC28M9HuQPR6LokeXkohWezfungc-BNUafeUuccg5fgqx0Yvuq88l4bWqaII1V5eLKOoYrzDABUl7Jp00d5nXdRQYxlfuRo-prfJdZP4f4sKghs7zEhLGt1ozlxaaTuB4fJAcvRVMzA2VJ5ryuUNw1qKiounmCObmvB9PmIqvZn2w4SQGyHqHd_pecBO7ssIBZm-QaKXkAxBM-pVZmgEaKaYwdqu62kvLCM-7x002QPPEVFq_9C3JQt_bZHnEmPhNUODpbN87rwLM_sEZIQAIrfrIG5c8t-mArTjiOor5KXr9Jv6_xPGS8twri3sCPYCGW3XYgFSkaA5-YWBgfYGEgMHezcJOK4rboDFmyuA5WYifJpkJ0VqE3y8cvAvpvziDd5ehjH9ylwJy45dCRNwsbHJ7DyHVJdQ8ArqiuK0MQ&cid=CAQSOwBygQiD6nA4oZBFgsQpH4REPKENZmggTSu3yJ-sSnUPCBu-eCU8_eXBHqDa_5Taal-5eLtAwIWwyvneGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=18383705655026946000&adk=3587751834&idt=82&cac=0&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09f66318045cd6f96a4cb58d01176281132792b59ce6d1b98b2d474eabc5bf20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5E82 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstj7lgqU63LozHFMIE0sUOpI0W9HlQMUUMN9kqCnR13wFOrggmIPinc-ZcoMBhROikGJ1WWOoWvbkZ2tDoMwDxSdwZIjSym0fCNm2tn9POa0xesxXRl2jUX0R4GI9IzGWKfFkzEizZWToAgjhogjooOSCMFDl9mQ25UNw4_AFFCNPEEUyWabwNCdY-5G-mgeH5Qq9sOL1EGoXPdqfyxFoyPFpUNp1NhVaXs7oourxWG7tdYgg-olzTUFtfANMeImybuxJlrMxza8Lx7wqEH0M8zc0eEuQMxElYouf96grxJOXB7UYKOjwQ8wEqne0vxRQsmbE4jBKEV8QbBkIcSxOkjaORGzLgZmMWQDRGz8fTpdejQGjU&sai=AMfl-YQuus3NdMqzy8jZ79Erv0uwwkNXBlACL2jKcMQWAFFckSEUlr220o4OWTaoROSTBu-hAtDDmYTG1H0QQaEcQI6e6EVU3XZxi4d-9XL38as&sig=Cg0ArKJSzPFPjKtSeai9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 09 May 2023 18:31:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5E82 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230508&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b88141b284307efb7e9e6c7fbcdeeb15a45743f710f5f60b99dfec327ed5dbaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11316
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3578 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6829921766570&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3578 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6829921766570&version=m202301230201&ct=77&x=1&cor=13872484356092322000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3578 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DEFvhZZdr-qauu69O65SGNg8yTRan62WuvrH11qHw22-CgHx3RduncFOFQPm9VAhO2wV41A6ln_OgpKv-DoUdCsmBsB-UODwp-ChmKrE9KAtb9CV5osqyCpGjS-FlJrr7fbp03BFkPAFfZUJE5_av8KEGAvaiuJThZlO0Gs7BasuRyCz8&cry=1&dbm_d=AKAmf-AaZKi4yitE5PkQABYrt3Eeeq5yE4X4QgIBZZa3Xf45HsT0Z4ZWqMObsqxkdkMvUThIS3G5HuATt-Q63VTSUE2C21KDUNL3451mAJt_fgMXwDPuCqkGLAcKjWmp4l26f6qKipyDjWd_2we7qxd6rQvbzJTmxWKIEwaQr_uCBFd0VkiI-vww_1Bx7H9olej9qimP7QUwVf6DHpaxlBlckD0k5JEr4ZV2HVP79t35RTnCwF7EiLpf_EJI88v-2rnwyTHb3TBu8TVegsZsCWblEELIJWVKLFU9DSRyEfK2Z26I1hYBph34ftXmTbxe98hoLVQFwCBgdL4fXPjyIjGluHH-SAyywsNH913kiFilSWpXH3GPVy68bs2vG03R311mB51uJ5sytuoZ4N1lZiDqKo_dAo3Syjvoj3-2eOvGE_cverK2tEENRetHZfOa1OZBPaVV55fSWAr5TbQld0fVd18ZGLOw9hm8DhVDifCjULSIb94vOaSINrMj_-OKXxPEFKmvYbXHE9Xdf_YAxjVxKWSqBuo-9fbxBkecnxUhlLF82aVL0RP7JmyR5NYWJLeWb05AjhXNRlMVzH7Pztyg3QIkTeT87iLFzEXYFCpMeyqzAPbRCPz6sA60Lomj7nMCSegJW7Rpk8tPgLSEmNFL2WvyAGSMPvJPX-HYRvF0lrUKMjFAhuAmPEAwKjD4kumqVoQUMRsEq9CeFjBzEH8E-sl-yu0U5CgmVl5rblvzbDtm2-ZHJManswS5vHx34My64vPT3b5br0yH8pmDjgh2ICAumBln_AX-2I0BvV4Jz-GthtK3kMJKe8vdYdVeD5Yi5J9x8MypF2B6HtGVzPlQNGqVmIMxs9rYz9T6oLSExWkyKnaWLBdCo8TF3b1gmDW997HVE9BHT86y-Gb3M0rom4F5Vbdpb6AVdhM6sUDGWPUXcnDkrfU1-j6AIvGcktGM-FtD84yB-NGkXfeDuvrnx-Zx2U39DyKNFoKAb96Jc-FWkk3gQSSDMQYG_3K6o0V7Dnism-0efS587r8n4bvmssdW35CUwE5u4w-vh8STlNjSUbE_JdPWKocfStrpnfoI525M6KvtDJKYqzXwGsuVnyXZcWxjVgB6rsd2swVOoimQbrZ67zx1b0195EI1X-EYbxyznymtAHJ2Cl0Rx_NFmrDjFEMX4kErGtJaMPDcq1FDYLJsjnHwJBOfjiASEduDnGeZrQXurgFO7gwpFzp6lvNzB6QiO1Y7D6zgKCzz6xuB62vbwpntUVNfp-w73nNLy35y7wUxwUX2xjxklIgZmdBLU8ZzuIxL8nn6zdounOO-5VagtJSBcxVaUjKej352anIMeumbl_ESvBswLih7lc11G-AfrTQsClcVBalzJg0solq88jlMQfswdtCu9S4VmmlWuEOdx8hl9MVUYJeAUnypc47DGUY9ixhc2_qjYagznIHj2O5gcbIgr2DuwzUOVE87kTpJWuCbs1brT5woHH0xJvcb6PWhbG0HnXZFrVnqPO-8WiZAcTB7ag5hniLNHY-enFvfKn3haPdcMgN5DEayT3Un99l_PdR3n2Gc04bG8ymaxkZHhFD-MNGxx_O3cSakP6Kb5nmSEdaX7aEZd9MraknSbzNr0qxTCUGaqagXQMIZ2JpNz6tk9R2rd4p9LA6g1WA-90tWT4VNRZE6ul___lXpyLhGfTTJGWixGVtWV9WWNW6RnB-LweeKjFTRFQj624bTAYd7HZgdRvKb4yxXcL8bLLMruL_a1UgHLr3lY6fqwKq6k5z52msyjx_yddRb4yLPNyczusXIc4mxAfy5d7Ti2cG1xeLiUlktmMAWw6bo9RwNx_6zQ-J001fk8afqQcKol7BKA_R9ZcvZtwj7DF0neQVQ0bG-8QBjeyY2DbKOTj0ETQS6krxQmMi0Oi1tDqc1lRsd61_ScZ7nDoqVR1nlcN_Ahwfj6qgvrrkPWTWF_CDK2sA4-RAju9csHvKgrt3SqJuJnOEX0hzmx9evdWtaClE1zPslOOEM37C7MI4qUBaZwG2OCYdpzBEbDqd6KBAM0yg_NKtnvM-1P_bt5JbP0XQamjq57y8Cyb9moZGvDnq2J1ykgYF7yhVRvfnvgZrVccro5FNCE2DEek_uoz53p1TQZKyrU-uhuHlTTgNSkADhLfG6bcWUvOVnvs17oRh6_-9noF03CLhVPc3VjyOHGJIHssqm56CQsWFLaELJRp_FwGe-vFJiySQ78VUSQX4VYN3TSIWUBAPdbNS0ox2ew-di25Ky3bhOfSMm6eTZDIBGBQSFO_FR62yxUHw-6OCG5iofr_LeOhUE7CVqlCvWKPc89xTmvucE75OFKMSpFub7aQIjGalt0XcgjR_ssXGyyclsMhJ8LvHSa9L8R1iAcy-WvtEVzjwEbHaVtj3aCUHsjljrUKTQlM13yC7Uy9H-oDkkOqwv-hj8V4WX5KeQdwWYEkPOdvFPgu7sEOjdnN8yXGwr0FzNo4kA8ujSngAWE8Nl1xLHuGiTLR97lOp6Ij599EUZsnafIfrAK3HfQeMXTxCZfrZd3BWMs77YBSxB4Fpldodvb7D-srFiYjzIngEjDY-35azxNX5LVrxz0t1Cf1lSkqZvTmoK9sZ41fydpztQS2IqWo8xKE32gyAyWFUJl0UAXOEiWMttt6ztrulQmRHw_I3hLdBNV9LrEWaaRakVLszeAh3YwNLwp9NRclCJfS5EXLpcbTB2ADZf4dheWunMQXWF_SyOCnyxBspA4TcY1SRer4jVlECSq5u5fYH7vZFUR9PIstI1OBNyTfXjoYhTUttDli8PxyJbo2Sy4VR6Rape_3uoGILopw90saeHRNXU7-0w00wjTywmwQgS_5xnQvnUsOqdcaV3wWryKYfjjV_iC6d3bDMIYW2qM-UpKzkpVw4OCAs2xs9SBssaL9XdFMVwOLcywyQv9YZ8msJ8qJwYfblHZ-whZ8hF_sKZCI0qbwJ3CwufD1rXIygD6-3V1t6qwLLXU6BXCcgjGrZLcVTDm6Z0n7pEPprdI0iIGpPtx2dkQ5JNQGXE-My3Y_IfaD05W1G8_bms3bW6EQR6HVcPiQl8E79ZxFIMTGuLEEnZa3DU05rq9qXMiJY58QeXB7Cml05rBBGPgWTNfNF0yp5B1JYJMnIEqmLKSqLEkgK568uM2yZgvm89MgE2vPTh5UIBO4LCru8SNhorjR8JIH2IHXE0lbY9AqQfASn1HwojGRoRy2mAW_YqHHictY2ogSQztq7egLmx6ZksFnbMDfo1jT62BzcBceP2t_JmqkELbEM17hPOpG5JVC77Iy0FnEN-QTlBDy5-H--qu4W9Qb01QfVLiKskskYfn_LT1SJNWS7ZfQ6oKvSPtrx1ImbKpQZ0rw8J35eEo1zoqh8C4FckhnwkzPKEmb_INC-YA1cUR9yDTzVb17mA3NYYTpP8rvy8TdfsseOYcjzD71nqNshL1ss4PsyXr42e9pBpeYzrIiM_phhPr9-qAAPnKrlwX2rGAb0IUzIi7kyhr7tug_6epLIr8YLcLtrRySPSDYuBh7qSlnNnWsZENuSmbShPEWyPwYhBdS5zmmnH3t5-5psCFTu8ldSMAVTWoclK-_mDABA7UBDfgQ5C3YhUAlLHSkNA91atVqJTPck5Y6pcHTDc0V2QNkl3k_CYfNdZ46xwXUA36LdQTANML6HJL9S0-hJy2gqfD4sLPKaMHRj3Izwfm1J8ntyYvOeVXLOMeFivTsyfoR_lheLcmw2tpoS41GqvqUCeEKW_z3KNA7tTGNf63wC-306pYoTiLQ&cid=CAQSOwBygQiDV5jeuGzhuN3LK-Qz2ck3OBY4Oi90RC0EtoJEKqUlAT8ijbiFZGwYuIC9bg-ghlK0xl4aqH-0GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=13872484356092322000&adk=578009112&idt=113&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89f675360ae8d0180715066e7bcf920f369c9779f5b6b92120900d633de38a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11447
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6595 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 21:03:36 GMT
x-content-type-options
nosniff
age
250102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 21:03:36 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame BD86 		72 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683657118202529058&gdpr=1&tsce=L128&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=875143658&size=300x600&cc=DE&sc=HE&chnm=no_strategy&pid=8PO15FLE3&tpid=T57IE0C&https=1&rrr=tzR-hLcl-L8S0csJTOWsHrB8bbSdlDto&nse=5&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&ebdata=~G-MjJzvuAuH~GwEv9~G8Ov9.uA9~G-M1yjf1Mjv9~G-M1QzvfWhXA~G-MNQv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MLwvHhr4gEdWqR~G-MLENv99999u9~G-MQ8lJvA99-F99~G-M7Y1-vFX9~G-M7YjMQxkk8-vS~N875vRKrrPDDq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.9Au~OYYMYuv9.9Wi~OYYMYu9vu.999~OYYMYuuv9.iFF~OYYMYufvu.AAF~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.AAH~OYYMYuhvu.999~OYYMYfv9.9fA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvi.999~OYYMYAFvi.999~OYYMYAivii9W.999~OYYMYH9vii9W.999~OYYMYHHvu.999~OYYMYHhvHFifF.999~OYYMYHWvuA9Wh9fi.999~OYYMYXvu.999~OYYMYX9vu.999~OYYMYXuvi.999~OYYMYXfv9.XFu~OYYMYFvu.999~OYYMYhvu.AAF~OYYMYivu.999~OYYMLv9.fWh~JMLEYv9.9Wi~JLEYv9.9Wi~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~LMNNvr4~LM8EvAh.XW.XW.9~LMQNvRp~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvffHFA9fh~QyY7vJYE75~Q7OvffHFA9fh~eGLv9~e8Q8G8j875v9~QxEEj5M71yM8OvffHFA9fh~e8JB1G8j875v9.XFuHX~NGOEv9.uA9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQv9~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.uA9~875EJM8OvuF~QJjjJLM71yM8OvffHFA9fh~N1LL8JLVOv9~~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1327519835t202305091831&essld=Ah.XW.XW.9~r4~Rp~G1OnOxLLwJ8Y&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUL2446F&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1c4f701a8fb7e5be5982ab36ee4b41e4bb4a89a0f4556f3b5658f3e24fb35ba7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
25855
content-type
text/html
date
Tue, 09 May 2023 18:31:59 GMT
expires
Tue, 09 May 2023 18:31:59 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-zb8b
checksync.php
contextual.media.net/ Frame D89A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1e841ebd8b9da3cfd42ffcf9520ed2c97e7d85cd866727130f4a3a464579776a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5882
content-type
text/html; charset=UTF-8
date
Tue, 09 May 2023 18:31:58 GMT
expires
Thu, 11 May 2023 18:31:58 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame 2225 		35 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2279&&vgd_cdv=947&vgd_tsce=L128&vgd_cage=0&vgd_chkp=c088321|34014||&vgd_mcf=29069&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=875143658&vi=1683657118202529058&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=170785047&r=1683657118700&requrl=https%3A%2F%2Fye-mek.net&vgde_bdata=~G-MjJzvuAuH~GwEv9~G8Ov9.uA9~G-M1yjf1Mjv9~G-M1QzvfWhXA~G-MNQv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MLwvHhr4gEdWqR~G-MLENv99999u9~G-MQ8lJvA99-F99~G-M7Y1-vFX9~G-M7YjMQxkk8-vS~N875vRKrrPDDq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.9Au~OYYMYuv9.9Wi~OYYMYu9vu.999~OYYMYuuv9.iFF~OYYMYufvu.AAF~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.AAH~OYYMYuhvu.999~OYYMYfv9.9fA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvi.999~OYYMYAFvi.999~OYYMYAivii9W.999~OYYMYH9vii9W.999~OYYMYHHvu.999~OYYMYHhvHFifF.999~OYYMYHWvuA9Wh9fi.999~OYYMYXvu.999~OYYMYX9vu.999~OYYMYXuvi.999~OYYMYXfv9.XFu~OYYMYFvu.999~OYYMYhvu.AAF~OYYMYivu.999~OYYMLv9.fWh~JMLEYv9.9Wi~JLEYv9.9Wi~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~LMNNvr4~LM8EvAh.XW.XW.9~LMQNvRp~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvffHFA9fh~QyY7vJYE75~Q7OvffHFA9fh~eGLv9~e8Q8G8j875v9~QxEEj5M71yM8OvffHFA9fh~e8JB1G8j875v9.XFuHX~NGOEv9.uA9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQv9~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.uA9~875EJM8OvuF~QJjjJLM71yM8OvffHFA9fh~N1LL8JLVOv9~~8GNvu~&ssld=%7B%22QQ8E%22%3A%22Ah.XW.XW.9%22%2C%22QQNN%22%3A%22r4%22%2C%22QQQN%22%3A%22Rp%22%2C%22QQN75%22%3A%22G1OnOxLLwJ8Y%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=28753&vgd_rakh=1683657118108145463&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_pgid=p1327519835t202305091831&vgd_pgids=1&vgd_uspa=0&hvsid=00001683657118698006245729283655&gdpr=1&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 09 May 2023 18:31:58 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 09 May 2023 18:31:58 GMT
checksync.php
contextual.media.net/ Frame B56D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82dab3ec996d28f3e80659e089aad41eb13909f14c7a897ffc62076e1e7bbd8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8005
content-type
text/html; charset=UTF-8
date
Tue, 09 May 2023 18:31:58 GMT
expires
Thu, 11 May 2023 18:31:58 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 2225 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4959&lper=1&itypeid=16&itype=APPNEXUS&cc=DE&cid=8CU6M287B&reqid=7615065297151075726&vid=7615065297151075726&dn=ye-mek.net&rawDn=ye-mek.net&pid=8PR113JGC&ugd=4&fleet=common&requrl=https%3A%2F%2Fye-mek.net&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=1&sc=BW&ct=bad+durrheim&pubid=pub-appnexus-network-eu&tgtval=pub-appnexus-network-eu&csip=rtb-common-864b4cb6cf-xqdst.BE&dtc=eu_be&zone=b&ptype=23&tmax=700&xtmax=692&gdpr=1&csex=0&app=0&sat=2&devbrand=Unknown&devmodel=Unknown&device_id=4&asn=28753&sckfl=0&smbrid=2725&usp_status=0&usp_enf=1&pexid=APPNEXUS-1860580&geoll=false&is_ortb=true&s_ip=185.89.211.77&s_city=amsterdam&commit_id=b30fd6cf&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-05-09+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&second_call=false&supply_cc=DE&ipcc=DE&is_msnnative_src=false&rtttime=29&pvid=462&prvAccId=875143658&prvApiId=8CUL2446F&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=856004011&prspt=headerBid&prvReqId=21512900181598_517595287_85600401134621&reqsize=300x600&size=300x600&chnl=no_strategy&bdp=0.130&cbdp=0.13&og_cbdp=0.130&ogbdp=0.13&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Fgeneralsearch.net&dfpBd=0.13&dt=O&dbf=1&epc=875143658&s=1&snm=SUCCESS&pcrid=8CUL2446F-875143658-19-12&tpbTkn=false&exid=220&bidflr=0.000&pbidflr=0.000&opbidflr=0.000&spbf=0&viewability=56&slotVisibility=0&adpos=0&iframingState=0&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=462&brsrclk=0&bidrestime=1683657117219&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=424784951&strg=no_strategy&stagid=22463027&vls=0&scrid=424784951&mang=1&pvdTmax=659&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&apTags%3C%3E=75&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_epbc=8CUL2446F&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=0&mx_sid=8CUL2446F&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=4&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=22463027&mx_tgs=120x600%7C160x600%7C300x250%7C300x600&mx_bsProfileRa=0&mx_IAB2=0&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_gpid=22463027&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=true&mx_commit_id=bad635f7e9&acid=85734df57f9444368f2b8956a435d849&rtime=11.0&wsip=mowx-86886d9cb6-w9fqj&ltime=20.0&act=headerBid&abs=0%7C0%7Cxtmax%3D692%7Cbrr%3D0&adtypes=0&impId=4939526082882173988&reftime=15000&reftype=0&keywordSellerId=false&dsid=22463027&insl=0&mowxReqId=85734df57f9444368f2b8956a435d849_1&ecp=1.35&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&dfpDiv=22463027&supplyTagId=22463027&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&actltime=26&debug_ts=2023-05-09+18%3A31%3A57&__expireat=1683657717475&mview=1&rme=adm&bdata=~bx_len%3D1314~bhp%3D0~bid%3D0.130~bx_agl2a_l%3D0~bx_asn%3D28753~bx_cs%3D0~bx_exp%3D0~bx_ginsu%3D0~bx_intmd%3D0~bx_l2as%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0000010~bx_size%3D300x600~bx_tmax%3D650~bx_tml_suffix%3D%2F~city%3DBADDURRHEIM~ck_fl%3D0~dc%3Dgcp-eu-west1-b~dmm_d1%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D50~dmm_d19%3D1000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.03~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d3%3D0~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D00~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d5%3D0~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_l%3D0.031~dmm_m1%3D0.089~dmm_m10%3D1.000~dmm_m11%3D0.966~dmm_m12%3D1.336~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.000~dmm_m16%3D0.334~dmm_m17%3D1.000~dmm_m2%3D0.023~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m35%3D9.000~dmm_m36%3D9.000~dmm_m39%3D9908.000~dmm_m40%3D9908.000~dmm_m44%3D1.000~dmm_m47%3D46926.000~dmm_m48%3D13087029.000~dmm_m5%3D1.000~dmm_m50%3D1.000~dmm_m51%3D9.000~dmm_m52%3D0.561~dmm_m6%3D1.000~dmm_m7%3D1.336~dmm_m9%3D1.000~dmm_r%3D0.287~e_rpm%3D0.089~erpm%3D0.089~hc%3D0%20%2B%200~iha%3D0~itype%3DAPPNEXUS~r_cc%3DDE~r_ip%3D37.58.58.0~r_sc%3DBW~rbo%3D5_3~ref_cnt%3D0~seller_tag_id%3D22463027~sgmt%3Dempty~std%3D22463027~vbr%3D0~visibility%3D0~supply_tag_id%3D22463027%7Eviewability%3D0.56145%7Ecbdp%3D0.130%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Epos%3D0%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.130%7Eitype_id%3D16%7Eseller_tag_id%3D22463027%7EcarrierId%3D0%7E~ibc%3D1~&utime=1488&sf=0&cpr=0.2999302335009888
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 09 May 2023 18:31:58 GMT
rd_log
ams3-ib.adnxs.com/ Frame 2225 		0
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fye-mek.net%2F&e=wqT_3QL-A-j-AQAAAwDWAAUBCJ2j6qIGELqh1ci_geakBBgAKjYJ7FG4HoXrwT8REVg5tMh2vj8ZAAAAoJmZ9T8hEQ0SACkRJPQOATEAAAAA16PAPzDBgdsKOKUVQJUJSGBQivDGygFYupyOAWAAaLO3K3iV9AWAAQGKAQNVU0SSAQNFVVKYAcgBoAHIAagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgApOcW-oCE2h0dHBzOi8veWUtbWVrLm5ldC-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APy2TjgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMzcuNTguNTguMjQ4qAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEj6alIsgEANoEAggB4AQB8ASK8MbKAYgFAZgFAKAFjsvg0KmxiddpwAUAyQUhDhwAAPA_0gUJCQkMeAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGr_EB2gYWChAJEhkBfBAAGADgBgHyBgIIAIAHAYgHAJgHAaAHAcgHlfQF0gcNFWgBKQjaBwYBYXAYAOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=2e7080a418df99f44433d47a163e4055040c596d&bdref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fpcloak.blob.core.windows.net%2F,https%3A%2F%2Fye-mek.net%2F,https%3A%2F%2Fye-mek.net%2F&
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:58 GMT
AN-X-Request-Uuid
e627768c-9b81-4f99-82df-6b6f996c3d34
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.248; 37.58.58.248; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ajk4xlebn4mw
hal9000.redintelligence.net/zone/ Frame D4FE 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=4115540874882294508&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DH6BWFeTbIlBhnx7DAxSigg%26exch_seat%3D20035004448%26mt_aid%3D4115540874882294508%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddee5645a-919e-4001-ab2c-f0f1c7dd3bf8%26mt_cid%3Ddee5645a-919e-4001-ab2c-f0f1c7dd3bf8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCh5KQnpFaZOTBCNmg1ga57bKIDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBCeACAKgDAaoEngJP0FJzEn_ZH7s0BsM3wcpL-jh3ojvAOAuWMOAmC9_LHByapJf2FY_JMpSn0RusahOztS3UyW0eeU2SnpSvwqp_psa5WHt_L3r1tjWseD25uyzT0Z4TWFkaW3iLqw5zk3zmRohESitQ0oIU57cMh5a7ac1pOfwv_qcB622bRjJ2c3v_Upd0baqcIBsNgW0yfVo_6IGcpybm37Zt_gwk0pjddw49Hw0rmQkqSJ2YtFXV5D0wUnai5ooboQgyoN-FcmJmokJsOFXGSLhmU51GLVgxvJqRiN3S_d527IlPsXRlwpky-gWzYFic2J3vH1tErwlMHzO4MDeQPFU1xIpAr5bFzIueaCHyFT6X5GamvQLJOVw-3i3JJGZM3D_Uccqw4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0GP8XuscQkZS_CazTU7cmMMBG2nQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
d210bb938b26a609187a3d0640d3ee989e4ddaba673105776f0b7d187f709ea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:31:58 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3472
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame D4FE 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=4115540874882294508&node_id=4013&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT1dJMk9EVTNOV1l0WXpjMFppMDNPVFEyTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMTU1NDA4NzQ4ODIyOTQ1MDgvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1OUZpdVNpd1p5bEt6cVN1SFFVZXZQcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTE1NTQwODc0ODgyMjk0NTA4L2Ftcy8wLzQxOS84NS85OTkvMzIyLzJhMDA6Yzk4OjIwMzA6Oi8wLjAwMC8xNjgzNjU3MTE4LzE2ODM2Njk3MTgvNC9wdWItNzk4MzY1MTI1NzgzODI4Mi8/qBZfN2wyUlZoOoa8PHHOFsdjHLg&nodeid=4013&group=cdg&auctionid=4115540874882294508&pbs_auctionid=4115540874882294508&shardkey=4115540874882294508&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.143&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5KQnpFaZOTBCNmg1ga57bKIDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBCeACAKgDAaoEngJP0FJzEn_ZH7s0BsM3wcpL-jh3ojvAOAuWMOAmC9_LHByapJf2FY_JMpSn0RusahOztS3UyW0eeU2SnpSvwqp_psa5WHt_L3r1tjWseD25uyzT0Z4TWFkaW3iLqw5zk3zmRohESitQ0oIU57cMh5a7ac1pOfwv_qcB622bRjJ2c3v_Upd0baqcIBsNgW0yfVo_6IGcpybm37Zt_gwk0pjddw49Hw0rmQkqSJ2YtFXV5D0wUnai5ooboQgyoN-FcmJmokJsOFXGSLhmU51GLVgxvJqRiN3S_d527IlPsXRlwpky-gWzYFic2J3vH1tErwlMHzO4MDeQPFU1xIpAr5bFzIueaCHyFT6X5GamvQLJOVw-3i3JJGZM3D_Uccqw4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0GP8XuscQkZS_CazTU7cmMMBG2nQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.387.1 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:31:58 GMT
Server
MMBD/3.387.1
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x73, cdg-bidder-x152
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 09 May 2023 18:31:57 GMT
img
pixel.mathtag.com/event/ Frame D4FE 		43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=4115540874882294508&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT1dJMk9EVTNOV1l0WXpjMFppMDNPVFEyTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMTU1NDA4NzQ4ODIyOTQ1MDgvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1OUZpdVNpd1p5bEt6cVN1SFFVZXZQcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTE1NTQwODc0ODgyMjk0NTA4L2Ftcy8wLzQxOS84NS85OTkvMzIyLzJhMDA6Yzk4OjIwMzA6Oi8wLjAwMC8xNjgzNjU3MTE4LzE2ODM2Njk3MTgvNC9wdWItNzk4MzY1MTI1NzgzODI4Mi8/qBZfN2wyUlZoOoa8PHHOFsdjHLg&nodeid=4013&group=cdg&auctionid=4115540874882294508&pbs_auctionid=4115540874882294508&shardkey=4115540874882294508&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.143&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5KQnpFaZOTBCNmg1ga57bKIDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBCeACAKgDAaoEngJP0FJzEn_ZH7s0BsM3wcpL-jh3ojvAOAuWMOAmC9_LHByapJf2FY_JMpSn0RusahOztS3UyW0eeU2SnpSvwqp_psa5WHt_L3r1tjWseD25uyzT0Z4TWFkaW3iLqw5zk3zmRohESitQ0oIU57cMh5a7ac1pOfwv_qcB622bRjJ2c3v_Upd0baqcIBsNgW0yfVo_6IGcpybm37Zt_gwk0pjddw49Hw0rmQkqSJ2YtFXV5D0wUnai5ooboQgyoN-FcmJmokJsOFXGSLhmU51GLVgxvJqRiN3S_d527IlPsXRlwpky-gWzYFic2J3vH1tErwlMHzO4MDeQPFU1xIpAr5bFzIueaCHyFT6X5GamvQLJOVw-3i3JJGZM3D_Uccqw4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0GP8XuscQkZS_CazTU7cmMMBG2nQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master cdg-pixel-x27 config_version:"unknown" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:31:58 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x27 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Tue, 09 May 2023 18:31:57 GMT
img
tags.mathtag.com/event/ Frame D4FE 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=4115540874882294508&st=4562306&time=1683657118&nodeid=4013
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT1dJMk9EVTNOV1l0WXpjMFppMDNPVFEyTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMTU1NDA4NzQ4ODIyOTQ1MDgvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1OUZpdVNpd1p5bEt6cVN1SFFVZXZQcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTE1NTQwODc0ODgyMjk0NTA4L2Ftcy8wLzQxOS84NS85OTkvMzIyLzJhMDA6Yzk4OjIwMzA6Oi8wLjAwMC8xNjgzNjU3MTE4LzE2ODM2Njk3MTgvNC9wdWItNzk4MzY1MTI1NzgzODI4Mi8/qBZfN2wyUlZoOoa8PHHOFsdjHLg&nodeid=4013&group=cdg&auctionid=4115540874882294508&pbs_auctionid=4115540874882294508&shardkey=4115540874882294508&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.143&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh5KQnpFaZOTBCNmg1ga57bKIDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBCeACAKgDAaoEngJP0FJzEn_ZH7s0BsM3wcpL-jh3ojvAOAuWMOAmC9_LHByapJf2FY_JMpSn0RusahOztS3UyW0eeU2SnpSvwqp_psa5WHt_L3r1tjWseD25uyzT0Z4TWFkaW3iLqw5zk3zmRohESitQ0oIU57cMh5a7ac1pOfwv_qcB622bRjJ2c3v_Upd0baqcIBsNgW0yfVo_6IGcpybm37Zt_gwk0pjddw49Hw0rmQkqSJ2YtFXV5D0wUnai5ooboQgyoN-FcmJmokJsOFXGSLhmU51GLVgxvJqRiN3S_d527IlPsXRlwpky-gWzYFic2J3vH1tErwlMHzO4MDeQPFU1xIpAr5bFzIueaCHyFT6X5GamvQLJOVw-3i3JJGZM3D_Uccqw4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0GP8XuscQkZS_CazTU7cmMMBG2nQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.387.1 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:31:58 GMT
Server
MMBD/3.387.1
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x39, cdg-bidder-x152
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 09 May 2023 18:31:57 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5E82 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 May 2023 18:31:58 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 202A 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Origin
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 09:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 May 2023 09:20:28 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230508/r20110914/elements/html/ Frame 202A 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230508/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BsRu2xhZf4VDbJP46zLyBJCdROP5Zgnd3t0XDab9iYohXqUGB3cyq71bws0luYinzfyJVVraXqhN3KhbpHuUH__vGgOA&cry=1&dbm_d=AKAmf-CaUi8iFOrsiH4ExsEXIRTak9cTlp2Mo6XMbVYGOZFU1RbvyOh_gd6Nb9sc9nW6u8TnvDn1Xz8cnKGRSdD5UOya-E6Iym4Nc7RjENXSRpaBWca0fuhaptWAw8t1Qpt5pTfmth4b5bzHvm3nGyBVNNJl3S6oou7iHGQrrh6nlKjD-DQp84RA3NT6eLYRNAvNHG2UjpCSvyzIbLiJkJEgma4Nbuvagqjddn-7VHV9f05-omhVvN-fhQ5L5g7QCMqb9O0fEKC7tefvO78Ydacka8PKqJNz13C5ndxDwcoIeKiUY5gsIzp2ZTY3BxHpbMHwBdwJS3PozVZpOc76DlY7OCwAxlXT_4KBizCdXJbrQrBIB-eHBFsRpqxKUakqwvXDFUbfpaEhaz0fQMKB_rRrnd07xK40Ex0b9oAOQuIT1_P4PnDJyOrDbI8IdsASZ6LPpVa5Pja75y0u_wGv50iG8r4dSzsCWsmH1KoUYxCWofQq_4o4r1SNMbSGTI-qeznlcc2epdYl0oC0kkKYCLhn3TtRK7c24vRFQ1cgGGSeDTRHB6xXy83dkjAzVi74RxXP61lFVy7_x56Jj-iFurmz8TwdN7GzXBsxl9vSoMcFFX2dKFlQbqRsjCQsEA0CIh1ouwtAYa3JFXPhwRIj1E01GLizQMH67JDSQ_xljtn3IkugGbIjKQqbbqkid9ZBsPuZ_GjoQtCExopwOTcKDEb2fI-hbrXWElGdpNM2WD9kvgIVoLCQi1OVSY6iujkqAoZpehcCD4c7iZqTdN8jo_Wcd55AGY8-4E7s5Fa0AMxJQ_IuLXs2weDmfhmBFOxhUp75F9gDmzEkFh6E9GKr8tr2tmx6eVQ6UOXeJIoU9doZHHcS-cnKcARf9-A-WNH3xQZo1cx4GBDfSNB0sctbVr156YHi2UCzVeEHO2e5ErajURxGbj6_F91KKvr_4uWrZNTUKajogEF5h00RyV7kquaYFbD1ddPtSxl3YJ0O7qcAhhQvHj0YWBix0tSio1wut2-lDZOi9sR23mKltZADhyj96G19MUZEz6agvcirQxs4mtf_6-toRNpC3AkE9wo_0pFHxLTWcSEOKAGa02-eU7isP9WfmiTTLdLGvU9K_zfWcEqAaAF90HRvHjsqvxibkbsyvodPg7Ll3SPQtzH8tFJ5CX6H8W8j47PkDjVfTjScLxEuuY0w07VIlFrxlpf0TmdL4iqyltNNgYKzskrwwytFYWb839FaS8shAuSMqQPN0-ptYxTE05g_cJnciro6UaiPNWaphV3TTigtWDFF0cZ-MRyq-tmLG_l-afM9U35bMJuiGjCe8PKpuh02xgKm7jr5bG_Cpcn1R0CC4nCQyYuIRZaLsmvaPeWZrY70V0kdItbAIMbBUDr-T8UEurNFzVhhtqTciYy_GDVTtfc9Tvdqz4DycQWYYoNA_nZTM3xE6k1Vxf5nD3rftNRuyD-75AIdxaTFTqLyaZFnbbNQ-fdip2f1Op0c4JUeKBaJzggmAPSe7-aom9OhTQsztmWO_bvhpbx5sN3qY-9OJSdCjtM33rXVBRPl4aIup6rFw4RsLQ1X1mIR_jsZfBj7oeUKeQqgwL2TqDCFsOFFZXIGuMzsHIXOZNve_7BQy0qKFIyerqubzDGaM7Wd4T3cvu_pyflbNk2qTOrwDTWsjYJpURlxQ_3M1qNPh8n4MjHZkbWj_I0JiD6h2aoBM9Uqg-KUfFD-b3fsxSTEg8E-lhQwiP0pkhZKQkPxBB0hX7QGlNy4Zy0bSn_pOj49xgOf8iJLEHSvfiJiufxroI_QJE6PUqHH_dqHO1ZII-Pz6hOgQzI6K2MqvVEx6uZeyRMB65qFx0IwegfxfQhwRNRwAS1dJxBWP4aCgKqpFr1YJr5TuryU7G9YLQFzIBskJSXDZotWwIYFuKEwFHNkoNwHPdNZ17KE4olaLjm92Q7BaU4d5w1yGftwGIIwlvQyYBNVyvJTHltg43_oDYx51oVkRqr4bSqw24XYY5hlTBtogGqD2M1Wi0pVmRArSIJvRqNw5olK3hf37JAUY287Ga680egm8ll6lODzgLKeiDslRaPmE39_NXZUe5Xs63SpCoQCKNDiDRWF29LYbT7JrimUuG3m4ts0RGnehTFd-rBSNy8pPngmaZnriNXQtOXrWGc_7RFJfVzMJwNDbb-1AT_l8BMPB-Htgj0XsmG11w1eiF0abNgvfINgjA5PRuAmtwDyaeAta6mvDgVAgdQYdI9MaMTIFPXj4X637gVTE_fSMh3t1Rq402gzuF63LhUC4ASlE1d25WG8nvE0szTFVcK75_oWdx8oujBcgPv4oXFWOxNv9TgOOqRd_qp-M0fGdqcTb53lWliWOJzAXZg4xet239pYkP95u1_C1Id_c8qV0Cclhb0jpuR0wXqPT8-m8aZILS_3O3LuWHX8aBVqAB5lEWkc9LC2X_1S-RYG12ScyddR2eblxmLWQXxgF4fZcEDx5qfDx3fJhjliwwixxyCVJGQVdgs7-CbZNABk0wqdrnCnJ1hkiEkuemi8llxVXE_rJc3DpL8ISu2aVcfRpW2T-7pddKOZ983JuG_gbv8pMN_vhueP4gh2R5QHFze1XuqMAPlZ7TsTv9GQaffK5wBE3UoS269oXwyRTPPN_g-hr49k4xV-HC9OSyO6uc3cWJY-eqv8qtrF_fFjQ_r-tTUOasluSbsD2DruQx7UDkxG7pPmJgELM0tGUoNqPZVrLfQxsdZ_vcFrZTN0aiwpz9cUWMaBpO7KZDMjkkahZM76OQOcltoYc6KguDwasA71-rZI1-JPi-mL6OngReHemsZZLSqfaw3ZVVAHuTrEUsnvdod97PRiykDcy0eCA8a1EXR4AEsICowu0e7GYebs7rmrTMQ18bqYGa9BI8s8iLOX147_A-vk_cUxW680Zb1eNRGMlSYfBEHNFqOFN4yY2t_icazyAUkarxpzLdZqtzyg7ZbtMrHR44SAHDe3iHnMjG0-tRpClLpf7y_Fj6_uQgXPzh1u3u52kFqYFMr1mfM32U9WytVFUnORrn8o6gbQnL9yfOfl-aIovhZ7y-hL4QdC1s3Ub7qUt-g69lgdouBpvbqIp1niqgaDzNBQkyY5QC28M9HuQPR6LokeXkohWezfungc-BNUafeUuccg5fgqx0Yvuq88l4bWqaII1V5eLKOoYrzDABUl7Jp00d5nXdRQYxlfuRo-prfJdZP4f4sKghs7zEhLGt1ozlxaaTuB4fJAcvRVMzA2VJ5ryuUNw1qKiounmCObmvB9PmIqvZn2w4SQGyHqHd_pecBO7ssIBZm-QaKXkAxBM-pVZmgEaKaYwdqu62kvLCM-7x002QPPEVFq_9C3JQt_bZHnEmPhNUODpbN87rwLM_sEZIQAIrfrIG5c8t-mArTjiOor5KXr9Jv6_xPGS8twri3sCPYCGW3XYgFSkaA5-YWBgfYGEgMHezcJOK4rboDFmyuA5WYifJpkJ0VqE3y8cvAvpvziDd5ehjH9ylwJy45dCRNwsbHJ7DyHVJdQ8ArqiuK0MQ&cid=CAQSOwBygQiD6nA4oZBFgsQpH4REPKENZmggTSu3yJ-sSnUPCBu-eCU8_eXBHqDa_5Taal-5eLtAwIWwyvneGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=18383705655026946000&adk=3587751834&idt=82&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
85609
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 May 2023 18:45:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230508/r20110914/ Frame 202A 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230508/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BsRu2xhZf4VDbJP46zLyBJCdROP5Zgnd3t0XDab9iYohXqUGB3cyq71bws0luYinzfyJVVraXqhN3KhbpHuUH__vGgOA&cry=1&dbm_d=AKAmf-CaUi8iFOrsiH4ExsEXIRTak9cTlp2Mo6XMbVYGOZFU1RbvyOh_gd6Nb9sc9nW6u8TnvDn1Xz8cnKGRSdD5UOya-E6Iym4Nc7RjENXSRpaBWca0fuhaptWAw8t1Qpt5pTfmth4b5bzHvm3nGyBVNNJl3S6oou7iHGQrrh6nlKjD-DQp84RA3NT6eLYRNAvNHG2UjpCSvyzIbLiJkJEgma4Nbuvagqjddn-7VHV9f05-omhVvN-fhQ5L5g7QCMqb9O0fEKC7tefvO78Ydacka8PKqJNz13C5ndxDwcoIeKiUY5gsIzp2ZTY3BxHpbMHwBdwJS3PozVZpOc76DlY7OCwAxlXT_4KBizCdXJbrQrBIB-eHBFsRpqxKUakqwvXDFUbfpaEhaz0fQMKB_rRrnd07xK40Ex0b9oAOQuIT1_P4PnDJyOrDbI8IdsASZ6LPpVa5Pja75y0u_wGv50iG8r4dSzsCWsmH1KoUYxCWofQq_4o4r1SNMbSGTI-qeznlcc2epdYl0oC0kkKYCLhn3TtRK7c24vRFQ1cgGGSeDTRHB6xXy83dkjAzVi74RxXP61lFVy7_x56Jj-iFurmz8TwdN7GzXBsxl9vSoMcFFX2dKFlQbqRsjCQsEA0CIh1ouwtAYa3JFXPhwRIj1E01GLizQMH67JDSQ_xljtn3IkugGbIjKQqbbqkid9ZBsPuZ_GjoQtCExopwOTcKDEb2fI-hbrXWElGdpNM2WD9kvgIVoLCQi1OVSY6iujkqAoZpehcCD4c7iZqTdN8jo_Wcd55AGY8-4E7s5Fa0AMxJQ_IuLXs2weDmfhmBFOxhUp75F9gDmzEkFh6E9GKr8tr2tmx6eVQ6UOXeJIoU9doZHHcS-cnKcARf9-A-WNH3xQZo1cx4GBDfSNB0sctbVr156YHi2UCzVeEHO2e5ErajURxGbj6_F91KKvr_4uWrZNTUKajogEF5h00RyV7kquaYFbD1ddPtSxl3YJ0O7qcAhhQvHj0YWBix0tSio1wut2-lDZOi9sR23mKltZADhyj96G19MUZEz6agvcirQxs4mtf_6-toRNpC3AkE9wo_0pFHxLTWcSEOKAGa02-eU7isP9WfmiTTLdLGvU9K_zfWcEqAaAF90HRvHjsqvxibkbsyvodPg7Ll3SPQtzH8tFJ5CX6H8W8j47PkDjVfTjScLxEuuY0w07VIlFrxlpf0TmdL4iqyltNNgYKzskrwwytFYWb839FaS8shAuSMqQPN0-ptYxTE05g_cJnciro6UaiPNWaphV3TTigtWDFF0cZ-MRyq-tmLG_l-afM9U35bMJuiGjCe8PKpuh02xgKm7jr5bG_Cpcn1R0CC4nCQyYuIRZaLsmvaPeWZrY70V0kdItbAIMbBUDr-T8UEurNFzVhhtqTciYy_GDVTtfc9Tvdqz4DycQWYYoNA_nZTM3xE6k1Vxf5nD3rftNRuyD-75AIdxaTFTqLyaZFnbbNQ-fdip2f1Op0c4JUeKBaJzggmAPSe7-aom9OhTQsztmWO_bvhpbx5sN3qY-9OJSdCjtM33rXVBRPl4aIup6rFw4RsLQ1X1mIR_jsZfBj7oeUKeQqgwL2TqDCFsOFFZXIGuMzsHIXOZNve_7BQy0qKFIyerqubzDGaM7Wd4T3cvu_pyflbNk2qTOrwDTWsjYJpURlxQ_3M1qNPh8n4MjHZkbWj_I0JiD6h2aoBM9Uqg-KUfFD-b3fsxSTEg8E-lhQwiP0pkhZKQkPxBB0hX7QGlNy4Zy0bSn_pOj49xgOf8iJLEHSvfiJiufxroI_QJE6PUqHH_dqHO1ZII-Pz6hOgQzI6K2MqvVEx6uZeyRMB65qFx0IwegfxfQhwRNRwAS1dJxBWP4aCgKqpFr1YJr5TuryU7G9YLQFzIBskJSXDZotWwIYFuKEwFHNkoNwHPdNZ17KE4olaLjm92Q7BaU4d5w1yGftwGIIwlvQyYBNVyvJTHltg43_oDYx51oVkRqr4bSqw24XYY5hlTBtogGqD2M1Wi0pVmRArSIJvRqNw5olK3hf37JAUY287Ga680egm8ll6lODzgLKeiDslRaPmE39_NXZUe5Xs63SpCoQCKNDiDRWF29LYbT7JrimUuG3m4ts0RGnehTFd-rBSNy8pPngmaZnriNXQtOXrWGc_7RFJfVzMJwNDbb-1AT_l8BMPB-Htgj0XsmG11w1eiF0abNgvfINgjA5PRuAmtwDyaeAta6mvDgVAgdQYdI9MaMTIFPXj4X637gVTE_fSMh3t1Rq402gzuF63LhUC4ASlE1d25WG8nvE0szTFVcK75_oWdx8oujBcgPv4oXFWOxNv9TgOOqRd_qp-M0fGdqcTb53lWliWOJzAXZg4xet239pYkP95u1_C1Id_c8qV0Cclhb0jpuR0wXqPT8-m8aZILS_3O3LuWHX8aBVqAB5lEWkc9LC2X_1S-RYG12ScyddR2eblxmLWQXxgF4fZcEDx5qfDx3fJhjliwwixxyCVJGQVdgs7-CbZNABk0wqdrnCnJ1hkiEkuemi8llxVXE_rJc3DpL8ISu2aVcfRpW2T-7pddKOZ983JuG_gbv8pMN_vhueP4gh2R5QHFze1XuqMAPlZ7TsTv9GQaffK5wBE3UoS269oXwyRTPPN_g-hr49k4xV-HC9OSyO6uc3cWJY-eqv8qtrF_fFjQ_r-tTUOasluSbsD2DruQx7UDkxG7pPmJgELM0tGUoNqPZVrLfQxsdZ_vcFrZTN0aiwpz9cUWMaBpO7KZDMjkkahZM76OQOcltoYc6KguDwasA71-rZI1-JPi-mL6OngReHemsZZLSqfaw3ZVVAHuTrEUsnvdod97PRiykDcy0eCA8a1EXR4AEsICowu0e7GYebs7rmrTMQ18bqYGa9BI8s8iLOX147_A-vk_cUxW680Zb1eNRGMlSYfBEHNFqOFN4yY2t_icazyAUkarxpzLdZqtzyg7ZbtMrHR44SAHDe3iHnMjG0-tRpClLpf7y_Fj6_uQgXPzh1u3u52kFqYFMr1mfM32U9WytVFUnORrn8o6gbQnL9yfOfl-aIovhZ7y-hL4QdC1s3Ub7qUt-g69lgdouBpvbqIp1niqgaDzNBQkyY5QC28M9HuQPR6LokeXkohWezfungc-BNUafeUuccg5fgqx0Yvuq88l4bWqaII1V5eLKOoYrzDABUl7Jp00d5nXdRQYxlfuRo-prfJdZP4f4sKghs7zEhLGt1ozlxaaTuB4fJAcvRVMzA2VJ5ryuUNw1qKiounmCObmvB9PmIqvZn2w4SQGyHqHd_pecBO7ssIBZm-QaKXkAxBM-pVZmgEaKaYwdqu62kvLCM-7x002QPPEVFq_9C3JQt_bZHnEmPhNUODpbN87rwLM_sEZIQAIrfrIG5c8t-mArTjiOor5KXr9Jv6_xPGS8twri3sCPYCGW3XYgFSkaA5-YWBgfYGEgMHezcJOK4rboDFmyuA5WYifJpkJ0VqE3y8cvAvpvziDd5ehjH9ylwJy45dCRNwsbHJ7DyHVJdQ8ArqiuK0MQ&cid=CAQSOwBygQiD6nA4oZBFgsQpH4REPKENZmggTSu3yJ-sSnUPCBu-eCU8_eXBHqDa_5Taal-5eLtAwIWwyvneGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=18383705655026946000&adk=3587751834&idt=82&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c637f20aa2c06194694dfbdce826e0c2dc27be6768a7f796c9196e35e67e6c7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:49:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
85348
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10900
x-xss-protection
0
server
cafe
etag
15736755800806341048
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 May 2023 18:49:30 GMT
HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
pagead2.googlesyndication.com/bg/ Frame 2899 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c5b942bd3e64ff2eaff944993c252bcbb1ba01452c9779121f41670e7a0c45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 13:29:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
18146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14734
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 May 2024 13:29:32 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 2370 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 May 2023 18:31:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3578 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DEFvhZZdr-qauu69O65SGNg8yTRan62WuvrH11qHw22-CgHx3RduncFOFQPm9VAhO2wV41A6ln_OgpKv-DoUdCsmBsB-UODwp-ChmKrE9KAtb9CV5osqyCpGjS-FlJrr7fbp03BFkPAFfZUJE5_av8KEGAvaiuJThZlO0Gs7BasuRyCz8&cry=1&dbm_d=AKAmf-AaZKi4yitE5PkQABYrt3Eeeq5yE4X4QgIBZZa3Xf45HsT0Z4ZWqMObsqxkdkMvUThIS3G5HuATt-Q63VTSUE2C21KDUNL3451mAJt_fgMXwDPuCqkGLAcKjWmp4l26f6qKipyDjWd_2we7qxd6rQvbzJTmxWKIEwaQr_uCBFd0VkiI-vww_1Bx7H9olej9qimP7QUwVf6DHpaxlBlckD0k5JEr4ZV2HVP79t35RTnCwF7EiLpf_EJI88v-2rnwyTHb3TBu8TVegsZsCWblEELIJWVKLFU9DSRyEfK2Z26I1hYBph34ftXmTbxe98hoLVQFwCBgdL4fXPjyIjGluHH-SAyywsNH913kiFilSWpXH3GPVy68bs2vG03R311mB51uJ5sytuoZ4N1lZiDqKo_dAo3Syjvoj3-2eOvGE_cverK2tEENRetHZfOa1OZBPaVV55fSWAr5TbQld0fVd18ZGLOw9hm8DhVDifCjULSIb94vOaSINrMj_-OKXxPEFKmvYbXHE9Xdf_YAxjVxKWSqBuo-9fbxBkecnxUhlLF82aVL0RP7JmyR5NYWJLeWb05AjhXNRlMVzH7Pztyg3QIkTeT87iLFzEXYFCpMeyqzAPbRCPz6sA60Lomj7nMCSegJW7Rpk8tPgLSEmNFL2WvyAGSMPvJPX-HYRvF0lrUKMjFAhuAmPEAwKjD4kumqVoQUMRsEq9CeFjBzEH8E-sl-yu0U5CgmVl5rblvzbDtm2-ZHJManswS5vHx34My64vPT3b5br0yH8pmDjgh2ICAumBln_AX-2I0BvV4Jz-GthtK3kMJKe8vdYdVeD5Yi5J9x8MypF2B6HtGVzPlQNGqVmIMxs9rYz9T6oLSExWkyKnaWLBdCo8TF3b1gmDW997HVE9BHT86y-Gb3M0rom4F5Vbdpb6AVdhM6sUDGWPUXcnDkrfU1-j6AIvGcktGM-FtD84yB-NGkXfeDuvrnx-Zx2U39DyKNFoKAb96Jc-FWkk3gQSSDMQYG_3K6o0V7Dnism-0efS587r8n4bvmssdW35CUwE5u4w-vh8STlNjSUbE_JdPWKocfStrpnfoI525M6KvtDJKYqzXwGsuVnyXZcWxjVgB6rsd2swVOoimQbrZ67zx1b0195EI1X-EYbxyznymtAHJ2Cl0Rx_NFmrDjFEMX4kErGtJaMPDcq1FDYLJsjnHwJBOfjiASEduDnGeZrQXurgFO7gwpFzp6lvNzB6QiO1Y7D6zgKCzz6xuB62vbwpntUVNfp-w73nNLy35y7wUxwUX2xjxklIgZmdBLU8ZzuIxL8nn6zdounOO-5VagtJSBcxVaUjKej352anIMeumbl_ESvBswLih7lc11G-AfrTQsClcVBalzJg0solq88jlMQfswdtCu9S4VmmlWuEOdx8hl9MVUYJeAUnypc47DGUY9ixhc2_qjYagznIHj2O5gcbIgr2DuwzUOVE87kTpJWuCbs1brT5woHH0xJvcb6PWhbG0HnXZFrVnqPO-8WiZAcTB7ag5hniLNHY-enFvfKn3haPdcMgN5DEayT3Un99l_PdR3n2Gc04bG8ymaxkZHhFD-MNGxx_O3cSakP6Kb5nmSEdaX7aEZd9MraknSbzNr0qxTCUGaqagXQMIZ2JpNz6tk9R2rd4p9LA6g1WA-90tWT4VNRZE6ul___lXpyLhGfTTJGWixGVtWV9WWNW6RnB-LweeKjFTRFQj624bTAYd7HZgdRvKb4yxXcL8bLLMruL_a1UgHLr3lY6fqwKq6k5z52msyjx_yddRb4yLPNyczusXIc4mxAfy5d7Ti2cG1xeLiUlktmMAWw6bo9RwNx_6zQ-J001fk8afqQcKol7BKA_R9ZcvZtwj7DF0neQVQ0bG-8QBjeyY2DbKOTj0ETQS6krxQmMi0Oi1tDqc1lRsd61_ScZ7nDoqVR1nlcN_Ahwfj6qgvrrkPWTWF_CDK2sA4-RAju9csHvKgrt3SqJuJnOEX0hzmx9evdWtaClE1zPslOOEM37C7MI4qUBaZwG2OCYdpzBEbDqd6KBAM0yg_NKtnvM-1P_bt5JbP0XQamjq57y8Cyb9moZGvDnq2J1ykgYF7yhVRvfnvgZrVccro5FNCE2DEek_uoz53p1TQZKyrU-uhuHlTTgNSkADhLfG6bcWUvOVnvs17oRh6_-9noF03CLhVPc3VjyOHGJIHssqm56CQsWFLaELJRp_FwGe-vFJiySQ78VUSQX4VYN3TSIWUBAPdbNS0ox2ew-di25Ky3bhOfSMm6eTZDIBGBQSFO_FR62yxUHw-6OCG5iofr_LeOhUE7CVqlCvWKPc89xTmvucE75OFKMSpFub7aQIjGalt0XcgjR_ssXGyyclsMhJ8LvHSa9L8R1iAcy-WvtEVzjwEbHaVtj3aCUHsjljrUKTQlM13yC7Uy9H-oDkkOqwv-hj8V4WX5KeQdwWYEkPOdvFPgu7sEOjdnN8yXGwr0FzNo4kA8ujSngAWE8Nl1xLHuGiTLR97lOp6Ij599EUZsnafIfrAK3HfQeMXTxCZfrZd3BWMs77YBSxB4Fpldodvb7D-srFiYjzIngEjDY-35azxNX5LVrxz0t1Cf1lSkqZvTmoK9sZ41fydpztQS2IqWo8xKE32gyAyWFUJl0UAXOEiWMttt6ztrulQmRHw_I3hLdBNV9LrEWaaRakVLszeAh3YwNLwp9NRclCJfS5EXLpcbTB2ADZf4dheWunMQXWF_SyOCnyxBspA4TcY1SRer4jVlECSq5u5fYH7vZFUR9PIstI1OBNyTfXjoYhTUttDli8PxyJbo2Sy4VR6Rape_3uoGILopw90saeHRNXU7-0w00wjTywmwQgS_5xnQvnUsOqdcaV3wWryKYfjjV_iC6d3bDMIYW2qM-UpKzkpVw4OCAs2xs9SBssaL9XdFMVwOLcywyQv9YZ8msJ8qJwYfblHZ-whZ8hF_sKZCI0qbwJ3CwufD1rXIygD6-3V1t6qwLLXU6BXCcgjGrZLcVTDm6Z0n7pEPprdI0iIGpPtx2dkQ5JNQGXE-My3Y_IfaD05W1G8_bms3bW6EQR6HVcPiQl8E79ZxFIMTGuLEEnZa3DU05rq9qXMiJY58QeXB7Cml05rBBGPgWTNfNF0yp5B1JYJMnIEqmLKSqLEkgK568uM2yZgvm89MgE2vPTh5UIBO4LCru8SNhorjR8JIH2IHXE0lbY9AqQfASn1HwojGRoRy2mAW_YqHHictY2ogSQztq7egLmx6ZksFnbMDfo1jT62BzcBceP2t_JmqkELbEM17hPOpG5JVC77Iy0FnEN-QTlBDy5-H--qu4W9Qb01QfVLiKskskYfn_LT1SJNWS7ZfQ6oKvSPtrx1ImbKpQZ0rw8J35eEo1zoqh8C4FckhnwkzPKEmb_INC-YA1cUR9yDTzVb17mA3NYYTpP8rvy8TdfsseOYcjzD71nqNshL1ss4PsyXr42e9pBpeYzrIiM_phhPr9-qAAPnKrlwX2rGAb0IUzIi7kyhr7tug_6epLIr8YLcLtrRySPSDYuBh7qSlnNnWsZENuSmbShPEWyPwYhBdS5zmmnH3t5-5psCFTu8ldSMAVTWoclK-_mDABA7UBDfgQ5C3YhUAlLHSkNA91atVqJTPck5Y6pcHTDc0V2QNkl3k_CYfNdZ46xwXUA36LdQTANML6HJL9S0-hJy2gqfD4sLPKaMHRj3Izwfm1J8ntyYvOeVXLOMeFivTsyfoR_lheLcmw2tpoS41GqvqUCeEKW_z3KNA7tTGNf63wC-306pYoTiLQ&cid=CAQSOwBygQiDV5jeuGzhuN3LK-Qz2ck3OBY4Oi90RC0EtoJEKqUlAT8ijbiFZGwYuIC9bg-ghlK0xl4aqH-0GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=13872484356092322000&adk=578009112&idt=113&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 09:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 May 2024 09:20:28 GMT
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c4c05c05f439142-FRA
content-length
24
content-type
text/plain
date
Tue, 09 May 2023 18:31:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HsEqYxgPyRUMnysmuaPjd8RnwYs7X2ZHFVUUayQ%2FKha1ldOJsrrNNlYSm57pJJuM8AWqb%2B2HAzfIjwSI0P%2FViFanBQwjAY%2Ft%2F473SA7JBBpoanfSbia4yFtcnKU2p0y8oZfgiYE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-0pxx
rs
ad4m.at/ Frame 52C5 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5e5e3d179c7e1c2f2f01f424153e278c47da6688f31b71c1a2e2c44b846cbb2

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5%2FUtFom6lyFW%2BM4X7DU%2BJ0AhhvhwfooiExpUi%2BTd%2BG8DkGnlZLGLYaCXytyoDtVozHCU%2Bc25p3W8nHCm48eTSjx8JuEaiHwVrpdEI03e3Kc9RUvTj7WgC6MqTGnfHpDOIAlJEw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7c4c05c08f809142-FRA
x-backend-server
aa-reachservice-group-europe-west1-0pxx
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
view
securepubads.g.doubleclick.net/pcs/ Frame 2225 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjKt21trjeDFLmebPf-gW7Tr9JjlHaNVMghVBUVkRepEidTYblYoirDe1RUurgaT4g430x5vVbNQZFHndCH6d1_EY63q49L3FMkx_s0Z80btKNApkhHOf0xppf1AXcfRqF2uOVn4aF9Ex4jmTBtYjCAYyGinF10dqAL4LuZAdX-ulVHbCSKl02C-oZOtvbKkOqWB6THghZ--YAlVxryF2lSIdivbYK__wUXPrhYF5c2C3k35hPP1_uKR15PW8ZO-SJovhnBKVUi23dgbt5tWaYGyUZFt_LNUHoXOB-HGVMup7c5JA60fPhucS3sLBJZsFLPlILhQ0q_4tguoBlzg&sai=AMfl-YQD2SSb6J_nxpXEC3jGVY0y4_4fIRlkWwPwK-yFFiNJHH5uyfNfKEnIwSUAN9AXoZsg0G7UuT0i0Np1uTBm4wM8rQB65Gw4IlacFnqIkusjvR6G26n-WRnSuJ7b4w&sig=Cg0ArKJSzB_En9hfA-7kEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 09 May 2023 18:31:58 GMT
truncated
/ Frame 2225 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3640ad2125f29aa5def830349d744573e0d91e31269ea1e62b7b1d428c055f37

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
g72h7lz2c4az
hal9000.redintelligence.net/zone/ Frame 3578 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwUE-npFaZLarCJmP1waO1pfIBKblvaBphZWcp8kP8C4QASDAsoJrYJUCyAEJqQK4Sb-1M2eyPqgDAaoE_QFP0MtDmZaHIi9AOL8SjblL31zFTaKywN4cFnFlpPE_xJVcTN9s8q_0wncrVF-qZN3y1yYNwRX25suVXH_ORoNBW-HzmXyHR_-46DDLfOHdmFChGzjM4K4BuDoLHnn9H0GFWgd0W6-j_6y_-VT4lsqn6Z-EBTmAZs1ppOS6QiSD81buBA_zSP8c7EZ7Pxsl5i2MMYJkl7Bmur4hB83r1ek3smQEyWgYlsjAB7UYUUosr4ZEP6wn4e_1WX-FRJz-vctEH9c_0BUYV7lWvPBsa_XXa58S9WIoB-1qbmY37XE0_bZaadye1oD-bGe5IPHJRL1JxXqlgf0suMvpBLxzwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDV5jeuGzhuN3LK-Qz2ck3OBY4Oi90RC0EtoJEKqUlAT8ijbiFZGwYuIC9bg-ghlK0xl4aqH-0GAE%26sig%3DAOD64_3Mob73B0Kbl9HIl1bc6ZX48JXssA%26client%3Dca-pub-7983651257838282%26dbm_c%3DAKAmf-BbQOn6FF9ra8S4YfBkhrU1a_PyHeXWu9XhqZsHD1-wOR3-e7OQNDzMxSMDKLF718eU83fLh3qWbcuzzeARYBlx13PPCCOMeQzPPaUT9S0ME8Ad5KlEZS2NAC0BcGmalJCvOtjgXkLNkRB35quMIQ3LyCofqiJxw5u40_2lIpcC_eN0T88%26cry%3D1%26dbm_d%3DAKAmf-ADtz_O_Is0tnmm-LugcQzrfTiuBOu56EX90J7x1nnnZYVRwnnvndSggQyShcytZ5jGrjYxi9rz5kbmBMfRt6mn0O0o6DB1PurVw3UGST0gNO8bE254RWlb-VjJ_veDRZJ7We0b1KC_FKhycHaTw3tSeRlcrAGA3g7kZvhSG2Tl5rRAd7pJNc9n0j7llNKTID3c2XaePRSXITC5JPOlYfWvA3LaPrScCsXxu5GEj1fpTXc-6njxbJoNNxRwPWdjNkUyLxR_Zd6ppcmlIUsFP1IRqWWoIX4OYXj-0fjGj9tqOlr-pcJi-kuQ2AkgxrOd2qR7EiDJNwmt9vCtqwfriRCxNwGvkP67YQ4DFn-DP7I22OXHHn1iUqhqb7aS8CiKXvVLsNiigMlIKBdq7RMb7k2LBYUCILNq3Q_yxGIRloaNGTM-T06akOFTxfHKTdQ6C89SmNvQnH4dECElwQc26hC8BtqFXFE2Enkab9UUS-Gr1H67f7KuduUR-j_8DZuiSUjgl2bOIhRyzMaf5uBotZC0FyYfzg%26adurl%3D
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
df17bd311a36c7a63b85e7fbf2c0e9a7f270181d576dace907576ea9e629a417

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:31:58 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4114
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
vevent
ams3-ib.adnxs.com/ Frame 2225 		0
945 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fye-mek.net%2F&e=wqT_3QK_BOg_AgAAAwDWAAUBCJ2j6qIGEKT438fTma7GRBgAKjYJpHA9CtejwD8RfT81XrpJvD8ZAAAAoJmZ9T8hfQ0SACkRJPQ0ATEAAABA4XrEPzCzhNsKOKUVQJUJSGBQt-jGygFYupyOAWAAaLO3K3iV9AWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgApOcW-oCE2h0dHBzOi8veWUtbWVrLm5ldC-AAwCIAwGQAwCYAxegAwGqA0ESGDc2MTUwNjUyOTcxNTEwNzU3MjZfc2JpZBoTNDkzOTUyNjA4Mjg4MjE3Mzk4OCIJNDI0Nzg0OTUxKgVNMTE3M8ADrALIAwDYA_LZOOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwzNy41OC41OC4yNDioBACyBBAIABABGKABINgEKAAwADgCuAQAwASPpqUiyAQA2gQCCAHgBAHwBCUeWIgFAZgFAKAFjsvg0KmxiddpwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Aav8QHaBhYKEAkSGQF8EAAYAOAGAfIGAggAgAcBiAcAmAcBoAcByAeV9AXSBw0VaAEpCNoHBgFhcBgA4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=587b50bbecbeb056ad4b064810c5b586a303914d&type=nv&nvt=5&jm=1003&px=1318&py=150&bw=300&bh=600&sid=1931169661545768239&vd=ct~0|rr~0&sv=232&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22463027&sw=1600&sh=1200&pw=1600&ph=4506&ww=1600&wh=1200&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:58 GMT
AN-X-Request-Uuid
fd6b4e92-26e4-4101-a6bd-4f08b99f18da
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ye-mek.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.248; 37.58.58.248; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
request.php
hal900014.redintelligence.net/ Frame D4FE 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=e252a1b88b&subid=&uid=b17ebceab39bc615&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DH6BWFeTbIlBhnx7DAxSigg%26exch_seat%3D20035004448%26mt_aid%3D4115540874882294508%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddee5645a-919e-4001-ab2c-f0f1c7dd3bf8%26mt_cid%3Ddee5645a-919e-4001-ab2c-f0f1c7dd3bf8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCh5KQnpFaZOTBCNmg1ga57bKIDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBCeACAKgDAaoEngJP0FJzEn_ZH7s0BsM3wcpL-jh3ojvAOAuWMOAmC9_LHByapJf2FY_JMpSn0RusahOztS3UyW0eeU2SnpSvwqp_psa5WHt_L3r1tjWseD25uyzT0Z4TWFkaW3iLqw5zk3zmRohESitQ0oIU57cMh5a7ac1pOfwv_qcB622bRjJ2c3v_Upd0baqcIBsNgW0yfVo_6IGcpybm37Zt_gwk0pjddw49Hw0rmQkqSJ2YtFXV5D0wUnai5ooboQgyoN-FcmJmokJsOFXGSLhmU51GLVgxvJqRiN3S_d527IlPsXRlwpky-gWzYFic2J3vH1tErwlMHzO4MDeQPFU1xIpAr5bFzIueaCHyFT6X5GamvQLJOVw-3i3JJGZM3D_Uccqw4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0GP8XuscQkZS_CazTU7cmMMBG2nQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=8536738833093&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=4115540874882294508&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DH6BWFeTbIlBhnx7DAxSigg%26exch_seat%3D20035004448%26mt_aid%3D4115540874882294508%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddee5645a-919e-4001-ab2c-f0f1c7dd3bf8%26mt_cid%3Ddee5645a-919e-4001-ab2c-f0f1c7dd3bf8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCh5KQnpFaZOTBCNmg1ga57bKIDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBCeACAKgDAaoEngJP0FJzEn_ZH7s0BsM3wcpL-jh3ojvAOAuWMOAmC9_LHByapJf2FY_JMpSn0RusahOztS3UyW0eeU2SnpSvwqp_psa5WHt_L3r1tjWseD25uyzT0Z4TWFkaW3iLqw5zk3zmRohESitQ0oIU57cMh5a7ac1pOfwv_qcB622bRjJ2c3v_Upd0baqcIBsNgW0yfVo_6IGcpybm37Zt_gwk0pjddw49Hw0rmQkqSJ2YtFXV5D0wUnai5ooboQgyoN-FcmJmokJsOFXGSLhmU51GLVgxvJqRiN3S_d527IlPsXRlwpky-gWzYFic2J3vH1tErwlMHzO4MDeQPFU1xIpAr5bFzIueaCHyFT6X5GamvQLJOVw-3i3JJGZM3D_Uccqw4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0GP8XuscQkZS_CazTU7cmMMBG2nQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
74dc40869a1ae566cb030238b5527c78aab5dcd4437f2fe150b827fb01bbfd0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:58 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
48065000152271500951389012319014
Connection
close
Content-Length
1340
Expires
Tue, 09 May 2023 19:31:58 +0200
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DED3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6118
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 16:50:00 GMT
expires
Wed, 08 May 2024 16:50:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0F2D 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f3780be5fb043739906b058923bd09207a0f145c365d762dae0c945704d292fc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dFb8ectoJvqK4TSZPkL8ZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-dFb8ectoJvqK4TSZPkL8ZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:58 GMT
expires
Tue, 09 May 2023 18:31:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame C0FD 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=af1688c8d66e027fdbd118f8aa0947c7%2F11453764225808850446&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683657118828&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxfmv3kh4g4maab2vz3effx6azg0xmve5crehywj26dqd6m1rnwvdt6pqh5109a0ssv4s93dahr2pgqhwyeym4j3716z7xr44xksyr44m90rtv4k5dx0adxpxfarjn7ec8j0987sypsqmeeg9hehzayb9gs9j72mta2091f90rncykn4sxtwv1qrfr2yj371rbgabt9bb8txh0y51bacr15nsyw6sf1xczy61pphnn5ta3gd2mkk0p3wpjqpmqgqzf2wadsyzsh6fy414stb0jqvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9017303750060ae92411ca960cb48f8bed30c0b28507f92dff504a83d7af9d51
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1ggd0g5rasbeh38r682z7j0wmc05667wvyfab4zpeddz9b7easef42smwpw5meb3mjtpmaw5zxkr6s89hv1hx9sj0w157werfv3w1yx6j1rdfn1c0bpk3p13cq9xp6fvnrecazjvft4gmxm31ny07z4cz6efmfp3d6k3fp14fbze0bbv7zqsyx90d6xwq3f9w7vzz1cr4er3w5k9s201ee1tebqk4dp6vceagb97tenj055aft6ng07dye186qqkcff1wz6a7w00c6gkvb7y2rsd0stgapmeyrfjjvt93fhqb8k6mdjyzydv7qatm40k6rbke31qfnmbnnzpwv2sz1vrzy4cv9d5evczyawcjdk3z0bvay47pkzf9yxh9e4sa0rhs2wjdkeqfrbhg3ea61rp03ajgp29kc2h97y2csrg8crzp3pqq5x55hxpmyhfx55bzf4jnm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%26client%3Dca-pub-6593523210010154%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c4c05c0dfae19b1-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:58 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame 2370 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1683657116746&userId=vnet5556f0e9-5e3a-4f4c-8d6a-ebc834cb3dcd
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 09 May 2023 18:31:58 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3245 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
306663
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 May 2023 05:20:55 GMT
expires
Sun, 05 May 2024 05:20:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 202A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 09:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 May 2024 09:20:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 413B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84693
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 May 2023 19:00:25 GMT
etag
48472445140208031
expires
Tue, 09 May 2023 19:00:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 202A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ff13911640a6c5ed92d1d28eef357161e480655dde411920b47da6f6b3d0060

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
request.php
hal900016.redintelligence.net/ Frame 3578
Redirect Chain
  • https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c98237d1e9&subid=&uid=93ae5285b05edf52&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c98237d1e9&subid=&uid=93ae5285b05edf52&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c98237d1e9&subid=&uid=93ae5285b05edf52&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwUE-npFaZLarCJmP1waO1pfIBKblvaBphZWcp8kP8C4QASDAsoJrYJUCyAEJqQK4Sb-1M2eyPqgDAaoE_QFP0MtDmZaHIi9AOL8SjblL31zFTaKywN4cFnFlpPE_xJVcTN9s8q_0wncrVF-qZN3y1yYNwRX25suVXH_ORoNBW-HzmXyHR_-46DDLfOHdmFChGzjM4K4BuDoLHnn9H0GFWgd0W6-j_6y_-VT4lsqn6Z-EBTmAZs1ppOS6QiSD81buBA_zSP8c7EZ7Pxsl5i2MMYJkl7Bmur4hB83r1ek3smQEyWgYlsjAB7UYUUosr4ZEP6wn4e_1WX-FRJz-vctEH9c_0BUYV7lWvPBsa_XXa58S9WIoB-1qbmY37XE0_bZaadye1oD-bGe5IPHJRL1JxXqlgf0suMvpBLxzwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDV5jeuGzhuN3LK-Qz2ck3OBY4Oi90RC0EtoJEKqUlAT8ijbiFZGwYuIC9bg-ghlK0xl4aqH-0GAE%26sig%3DAOD64_3Mob73B0Kbl9HIl1bc6ZX48JXssA%26client%3Dca-pub-7983651257838282%26dbm_c%3DAKAmf-BbQOn6FF9ra8S4YfBkhrU1a_PyHeXWu9XhqZsHD1-wOR3-e7OQNDzMxSMDKLF718eU83fLh3qWbcuzzeARYBlx13PPCCOMeQzPPaUT9S0ME8Ad5KlEZS2NAC0BcGmalJCvOtjgXkLNkRB35quMIQ3LyCofqiJxw5u40_2lIpcC_eN0T88%26cry%3D1%26dbm_d%3DAKAmf-ADtz_O_Is0tnmm-LugcQzrfTiuBOu56EX90J7x1nnnZYVRwnnvndSggQyShcytZ5jGrjYxi9rz5kbmBMfRt6mn0O0o6DB1PurVw3UGST0gNO8bE254RWlb-VjJ_veDRZJ7We0b1KC_FKhycHaTw3tSeRlcrAGA3g7kZvhSG2Tl5rRAd7pJNc9n0j7llNKTID3c2XaePRSXITC5JPOlYfWvA3LaPrScCsXxu5GEj1fpTXc-6njxbJoNNxRwPWdjNkUyLxR_Zd6ppcmlIUsFP1IRqWWoIX4OYXj-0fjGj9tqOlr-pcJi-kuQ2AkgxrOd2qR7EiDJNwmt9vCtqwfriRCxNwGvkP67YQ4DFn-DP7I22OXHHn1iUqhqb7aS8CiKXvVLsNiigMlIKBdq7RMb7k2LBYUCILNq3Q_yxGIRloaNGTM-T06akOFTxfHKTdQ6C89SmNvQnH4dECElwQc26hC8BtqFXFE2Enkab9UUS-Gr1H67f7KuduUR-j_8DZuiSUjgl2bOIhRyzMaf5uBotZC0FyYfzg%26adurl%3D&documentReferer=https%3A%2F%2Fye-mek.net%2F&ancestorOrigins=https%3A%2F%2Fye-mek.net%2Chttps%3A%2F%2Fpcloak.blob.core.windows.net&random=368930642987&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ea66d5eade25fe68a0b59696d6296b59febd2b55547b506b1f2d9a1993102e68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:59 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
88087000163259104444550012319016
Connection
close
Content-Length
1328
Expires
Tue, 09 May 2023 19:31:59 +0200

Redirect headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:58 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c98237d1e9&subid=&uid=93ae5285b05edf52&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwUE-npFaZLarCJmP1waO1pfIBKblvaBphZWcp8kP8C4QASDAsoJrYJUCyAEJqQK4Sb-1M2eyPqgDAaoE_QFP0MtDmZaHIi9AOL8SjblL31zFTaKywN4cFnFlpPE_xJVcTN9s8q_0wncrVF-qZN3y1yYNwRX25suVXH_ORoNBW-HzmXyHR_-46DDLfOHdmFChGzjM4K4BuDoLHnn9H0GFWgd0W6-j_6y_-VT4lsqn6Z-EBTmAZs1ppOS6QiSD81buBA_zSP8c7EZ7Pxsl5i2MMYJkl7Bmur4hB83r1ek3smQEyWgYlsjAB7UYUUosr4ZEP6wn4e_1WX-FRJz-vctEH9c_0BUYV7lWvPBsa_XXa58S9WIoB-1qbmY37XE0_bZaadye1oD-bGe5IPHJRL1JxXqlgf0suMvpBLxzwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDV5jeuGzhuN3LK-Qz2ck3OBY4Oi90RC0EtoJEKqUlAT8ijbiFZGwYuIC9bg-ghlK0xl4aqH-0GAE%26sig%3DAOD64_3Mob73B0Kbl9HIl1bc6ZX48JXssA%26client%3Dca-pub-7983651257838282%26dbm_c%3DAKAmf-BbQOn6FF9ra8S4YfBkhrU1a_PyHeXWu9XhqZsHD1-wOR3-e7OQNDzMxSMDKLF718eU83fLh3qWbcuzzeARYBlx13PPCCOMeQzPPaUT9S0ME8Ad5KlEZS2NAC0BcGmalJCvOtjgXkLNkRB35quMIQ3LyCofqiJxw5u40_2lIpcC_eN0T88%26cry%3D1%26dbm_d%3DAKAmf-ADtz_O_Is0tnmm-LugcQzrfTiuBOu56EX90J7x1nnnZYVRwnnvndSggQyShcytZ5jGrjYxi9rz5kbmBMfRt6mn0O0o6DB1PurVw3UGST0gNO8bE254RWlb-VjJ_veDRZJ7We0b1KC_FKhycHaTw3tSeRlcrAGA3g7kZvhSG2Tl5rRAd7pJNc9n0j7llNKTID3c2XaePRSXITC5JPOlYfWvA3LaPrScCsXxu5GEj1fpTXc-6njxbJoNNxRwPWdjNkUyLxR_Zd6ppcmlIUsFP1IRqWWoIX4OYXj-0fjGj9tqOlr-pcJi-kuQ2AkgxrOd2qR7EiDJNwmt9vCtqwfriRCxNwGvkP67YQ4DFn-DP7I22OXHHn1iUqhqb7aS8CiKXvVLsNiigMlIKBdq7RMb7k2LBYUCILNq3Q_yxGIRloaNGTM-T06akOFTxfHKTdQ6C89SmNvQnH4dECElwQc26hC8BtqFXFE2Enkab9UUS-Gr1H67f7KuduUR-j_8DZuiSUjgl2bOIhRyzMaf5uBotZC0FyYfzg%26adurl%3D&documentReferer=https%3A%2F%2Fye-mek.net%2F&ancestorOrigins=https%3A%2F%2Fye-mek.net%2Chttps%3A%2F%2Fpcloak.blob.core.windows.net&random=368930642987&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 09 May 2023 19:31:58 +0200
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame C0FD 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=af1688c8d66e027fdbd118f8aa0947c7%2F11453764225808850446&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683657118828&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxfmv3kh4g4maab2vz3effx6azg0xmve5crehywj26dqd6m1rnwvdt6pqh5109a0ssv4s93dahr2pgqhwyeym4j3716z7xr44xksyr44m90rtv4k5dx0adxpxfarjn7ec8j0987sypsqmeeg9hehzayb9gs9j72mta2091f90rncykn4sxtwv1qrfr2yj371rbgabt9bb8txh0y51bacr15nsyw6sf1xczy61pphnn5ta3gd2mkk0p3wpjqpmqgqzf2wadsyzsh6fy414stb0jqvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=af1688c8d66e027fdbd118f8aa0947c7%2F11453764225808850446&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683657118828&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxfmv3kh4g4maab2vz3effx6azg0xmve5crehywj26dqd6m1rnwvdt6pqh5109a0ssv4s93dahr2pgqhwyeym4j3716z7xr44xksyr44m90rtv4k5dx0adxpxfarjn7ec8j0987sypsqmeeg9hehzayb9gs9j72mta2091f90rncykn4sxtwv1qrfr2yj371rbgabt9bb8txh0y51bacr15nsyw6sf1xczy61pphnn5ta3gd2mkk0p3wpjqpmqgqzf2wadsyzsh6fy414stb0jqvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
96761
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2POhc4DORr6EYSHsJiKKIxbH8tylyn907UXrwsqB4VER3Ny5Y1gZON1b6Za6B3EP%2FcT%2F4CrFyoUT%2FrCiwn7Bs0ecnwZzUNq3N52L2SeJLLxVucQ955Knk%2B%2FeHy1XWa6Eje5q65s2RNw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7c4c05c1483419b1-FRA
expires
Tue, 09 May 2023 19:31:58 GMT
C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame C0FD 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=af1688c8d66e027fdbd118f8aa0947c7%2F11453764225808850446&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683657118828&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxfmv3kh4g4maab2vz3effx6azg0xmve5crehywj26dqd6m1rnwvdt6pqh5109a0ssv4s93dahr2pgqhwyeym4j3716z7xr44xksyr44m90rtv4k5dx0adxpxfarjn7ec8j0987sypsqmeeg9hehzayb9gs9j72mta2091f90rncykn4sxtwv1qrfr2yj371rbgabt9bb8txh0y51bacr15nsyw6sf1xczy61pphnn5ta3gd2mkk0p3wpjqpmqgqzf2wadsyzsh6fy414stb0jqvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1164808
cf-polished
origFmt=png, origSize=10283
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4736
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Apr 2023 12:21:02 GMT
server
cloudflare
etag
"b90d04a587c2a1ab6749e51d8bb195d1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FoVRhnEY9IWcaExYdIGIHzG2%2F9q4BXkrlJ9y4uOKlbf%2FxyOXbQ1unR7p%2BUY0OIpOGeeyKUthKAYqhQSjUfW5hMEKQVIih2XAatgi6AEYRCDaztboPmzu68sB4IL1vMo5B878%2F3yOdqjf3ppw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c4c05c15b6f3662-FRA
expires
Wed, 10 May 2023 18:31:58 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame C0FD 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=af1688c8d66e027fdbd118f8aa0947c7%2F11453764225808850446&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683657118828&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxfmv3kh4g4maab2vz3effx6azg0xmve5crehywj26dqd6m1rnwvdt6pqh5109a0ssv4s93dahr2pgqhwyeym4j3716z7xr44xksyr44m90rtv4k5dx0adxpxfarjn7ec8j0987sypsqmeeg9hehzayb9gs9j72mta2091f90rncykn4sxtwv1qrfr2yj371rbgabt9bb8txh0y51bacr15nsyw6sf1xczy61pphnn5ta3gd2mkk0p3wpjqpmqgqzf2wadsyzsh6fy414stb0jqvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
399932
cf-polished
origFmt=png, origSize=105738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55786
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbfP9pVHhKksna5QN1MtpkkSAne0%2Fcx9raFEMuyILkNdCh5%2BkSaNbv89uRV1mpPI5lr%2B%2BF0%2BEX0NoLzcbo1Wxkgqgkhl1hMgvPDOqNAfWXZxyEPxQlCrCU%2Fuzv4c5skXrjI6xT7OPFH4X6PO"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c4c05c198a619b1-FRA
expires
Wed, 10 May 2023 18:31:58 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame C0FD 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=af1688c8d66e027fdbd118f8aa0947c7%2F11453764225808850446&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683657118828&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxfmv3kh4g4maab2vz3effx6azg0xmve5crehywj26dqd6m1rnwvdt6pqh5109a0ssv4s93dahr2pgqhwyeym4j3716z7xr44xksyr44m90rtv4k5dx0adxpxfarjn7ec8j0987sypsqmeeg9hehzayb9gs9j72mta2091f90rncykn4sxtwv1qrfr2yj371rbgabt9bb8txh0y51bacr15nsyw6sf1xczy61pphnn5ta3gd2mkk0p3wpjqpmqgqzf2wadsyzsh6fy414stb0jqvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55fc10baa9c6fa8d98acac31beba1be0e8f688344f243dea838b5b03e8566a3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1019616
cf-polished
origSize=9357, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4429
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=areIFtdgm69EjJSF%2BYrezkRXgKCSxVLptqzyGmDolWq6P8OV4rjy%2BhObgFTO1GkoYmhb9nbmiO2XMlVc5Jp6p8T51OoXnYeS4ocNns3er5FqU8Uvwns3L0iVs0Bgg62Sr8RkjoOXXafBTYzE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c4c05c198a719b1-FRA
expires
Wed, 10 May 2023 18:31:58 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame C0FD 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=af1688c8d66e027fdbd118f8aa0947c7%2F11453764225808850446&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683657118828&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxfmv3kh4g4maab2vz3effx6azg0xmve5crehywj26dqd6m1rnwvdt6pqh5109a0ssv4s93dahr2pgqhwyeym4j3716z7xr44xksyr44m90rtv4k5dx0adxpxfarjn7ec8j0987sypsqmeeg9hehzayb9gs9j72mta2091f90rncykn4sxtwv1qrfr2yj371rbgabt9bb8txh0y51bacr15nsyw6sf1xczy61pphnn5ta3gd2mkk0p3wpjqpmqgqzf2wadsyzsh6fy414stb0jqvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1020154
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piQybtu5Fwxow%2BUrTYmf7w%2FyyJSHBFLfI9Q30NBD%2F0N6sEpSCCbCBAOEVYIrshCDlM0iwkWmCG5VYbWq1E50jRlqcurraGE8A%2BP8wyHL%2BPpVT11yvX8bWm%2FmFVQO94AzVfW1R0nmHLwTg6Pw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c4c05c198a919b1-FRA
expires
Wed, 10 May 2023 18:31:58 GMT
cshow.php
www.awin1.com/ Frame C0FD 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=af1688c8d66e027fdbd118f8aa0947c7%2F11453764225808850446&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683657118828&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxfmv3kh4g4maab2vz3effx6azg0xmve5crehywj26dqd6m1rnwvdt6pqh5109a0ssv4s93dahr2pgqhwyeym4j3716z7xr44xksyr44m90rtv4k5dx0adxpxfarjn7ec8j0987sypsqmeeg9hehzayb9gs9j72mta2091f90rncykn4sxtwv1qrfr2yj371rbgabt9bb8txh0y51bacr15nsyw6sf1xczy61pphnn5ta3gd2mkk0p3wpjqpmqgqzf2wadsyzsh6fy414stb0jqvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:59 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame C0FD 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=af1688c8d66e027fdbd118f8aa0947c7%2F11453764225808850446&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683657118828&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxfmv3kh4g4maab2vz3effx6azg0xmve5crehywj26dqd6m1rnwvdt6pqh5109a0ssv4s93dahr2pgqhwyeym4j3716z7xr44xksyr44m90rtv4k5dx0adxpxfarjn7ec8j0987sypsqmeeg9hehzayb9gs9j72mta2091f90rncykn4sxtwv1qrfr2yj371rbgabt9bb8txh0y51bacr15nsyw6sf1xczy61pphnn5ta3gd2mkk0p3wpjqpmqgqzf2wadsyzsh6fy414stb0jqvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
185273
cf-polished
origFmt=png, origSize=62828
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36446
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4%2BSBqQAh8bDbkfh0qwEJDwEEzCZB2XXkPnfg23iubFBsTyanD8a4QNMmZS7gFHemrO%2FaylOaE%2Bh8UGW7Mk%2FlCtYz6C%2B08RpOlF10LAqikf1vfh2z%2BLO0mwbYB2fSbROn0FUdJCIjTPZPL%2Bn"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c4c05c198aa19b1-FRA
expires
Wed, 10 May 2023 18:31:58 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame C0FD 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=af1688c8d66e027fdbd118f8aa0947c7%2F11453764225808850446&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683657118828&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxfmv3kh4g4maab2vz3effx6azg0xmve5crehywj26dqd6m1rnwvdt6pqh5109a0ssv4s93dahr2pgqhwyeym4j3716z7xr44xksyr44m90rtv4k5dx0adxpxfarjn7ec8j0987sypsqmeeg9hehzayb9gs9j72mta2091f90rncykn4sxtwv1qrfr2yj371rbgabt9bb8txh0y51bacr15nsyw6sf1xczy61pphnn5ta3gd2mkk0p3wpjqpmqgqzf2wadsyzsh6fy414stb0jqvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1458529
cf-polished
qual=85, origFmt=jpeg, origSize=133780
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28740
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6EGugems9tNKv%2FUggDGmhgXIoZQ3Buxc%2FlKQYW6ozcir0IHi8AIMrlSMB%2Bi%2BTofgiUkjy49f2%2B00kdvhuXYal6YxR2CuIBLLgoo%2BW%2Brml0%2FsVM1FIWJLAvK3iBrwxXXCRNEQs%2FvM1ixBFNp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c4c05c198ab19b1-FRA
expires
Wed, 10 May 2023 18:31:58 GMT
cshow.php
www.awin1.com/ Frame C0FD 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=af1688c8d66e027fdbd118f8aa0947c7%2F11453764225808850446&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683657118828&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxfmv3kh4g4maab2vz3effx6azg0xmve5crehywj26dqd6m1rnwvdt6pqh5109a0ssv4s93dahr2pgqhwyeym4j3716z7xr44xksyr44m90rtv4k5dx0adxpxfarjn7ec8j0987sypsqmeeg9hehzayb9gs9j72mta2091f90rncykn4sxtwv1qrfr2yj371rbgabt9bb8txh0y51bacr15nsyw6sf1xczy61pphnn5ta3gd2mkk0p3wpjqpmqgqzf2wadsyzsh6fy414stb0jqvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:59 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame FEC2 		66 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683657118522709374&gdpr=1&tsce=L128&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=844206516&size=200x200&cc=DE&sc=HE&chnm=no_strategy&pid=8PO15FLE3&tpid=TJT3376&https=1&rrr=tzR-hLcl-L8S0csJTOWsHrB8bbSdlDto&nse=5&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&ebdata=~G-MjJzvuAAW~GwEv9~G8Ov9.uH9~G-M1yjf1Mjv9~G-M1QzvfWhXA~G-MNQv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvf99-f99~G-M7Y1-vFX9~G-M7YjMQxkk8-vS~N875vRKrrPDDq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.9Au~OYYMYuv9.9ii~OYYMYu9vu.999~OYYMYuuv9.ihH~OYYMYufvu.AAh~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.AFX~OYYMYuhvu.999~OYYMYfv9.9fA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvu~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvi.999~OYYMYAFvi.999~OYYMYAivii9W.999~OYYMYH9vii9W.999~OYYMYHAv9.fu9~OYYMYHHvu.999~OYYMYHhvHFifF.999~OYYMYHWvuA9Wh9XW.999~OYYMYXvu.999~OYYMYX9vu.999~OYYMYXuvi.999~OYYMYXfv9.AWi~OYYMYFvu.999~OYYMYhvu.AAh~OYYMYivu.999~OYYMLv9.Auh~JMLEYv9.9ii~JLEYv9.9ii~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~LMNNvr4~LM8EvAh.XW.XW.9~LMQNvRp~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvffHFfFXh~QyY7vJYE75~Q7OvffHFfFXh~eGLv9~e8Q8G8j875v9~QxEEj5M71yM8OvffHFfFXh~e8JB1G8j875v9.AWWhHA~NGOEv9.uH9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQv9~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.uH9~875EJM8OvuF~QJjjJLM71yM8OvffHFfFXh~N1LL8JLVOv9~~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1327519835t202305091831&essld=Ah.XW.XW.9~r4~Rp~G1OnOxLLwJ8Y&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUL2446F&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8eef423fcfc743d22643c12157f247406ecac5bc220e9c95143e47a82f0ef0dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
24967
content-type
text/html
date
Tue, 09 May 2023 18:31:59 GMT
expires
Tue, 09 May 2023 18:31:59 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
21-gl6j
checksync.php
contextual.media.net/ Frame DEC7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1e841ebd8b9da3cfd42ffcf9520ed2c97e7d85cd866727130f4a3a464579776a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5882
content-type
text/html; charset=UTF-8
date
Tue, 09 May 2023 18:31:59 GMT
expires
Thu, 11 May 2023 18:31:59 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame DDCE 		35 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2304&&vgd_cdv=947&vgd_tsce=L128&vgd_cage=0&vgd_chkp=c088321|34014||&vgd_mcf=29069&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=844206516&vi=1683657118522709374&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=170785047&r=1683657118931&requrl=https%3A%2F%2Fye-mek.net&vgde_bdata=~G-MjJzvuAAW~GwEv9~G8Ov9.uH9~G-M1yjf1Mjv9~G-M1QzvfWhXA~G-MNQv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvf99-f99~G-M7Y1-vFX9~G-M7YjMQxkk8-vS~N875vRKrrPDDq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.9Au~OYYMYuv9.9ii~OYYMYu9vu.999~OYYMYuuv9.ihH~OYYMYufvu.AAh~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.AFX~OYYMYuhvu.999~OYYMYfv9.9fA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvu~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvi.999~OYYMYAFvi.999~OYYMYAivii9W.999~OYYMYH9vii9W.999~OYYMYHAv9.fu9~OYYMYHHvu.999~OYYMYHhvHFifF.999~OYYMYHWvuA9Wh9XW.999~OYYMYXvu.999~OYYMYX9vu.999~OYYMYXuvi.999~OYYMYXfv9.AWi~OYYMYFvu.999~OYYMYhvu.AAh~OYYMYivu.999~OYYMLv9.Auh~JMLEYv9.9ii~JLEYv9.9ii~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~LMNNvr4~LM8EvAh.XW.XW.9~LMQNvRp~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvffHFfFXh~QyY7vJYE75~Q7OvffHFfFXh~eGLv9~e8Q8G8j875v9~QxEEj5M71yM8OvffHFfFXh~e8JB1G8j875v9.AWWhHA~NGOEv9.uH9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQv9~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.uH9~875EJM8OvuF~QJjjJLM71yM8OvffHFfFXh~N1LL8JLVOv9~~8GNvu~&ssld=%7B%22QQ8E%22%3A%22Ah.XW.XW.9%22%2C%22QQNN%22%3A%22r4%22%2C%22QQQN%22%3A%22Rp%22%2C%22QQN75%22%3A%22G1OnOxLLwJ8Y%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=28753&vgd_rakh=1683657118171057777&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_pgid=p1327519835t202305091831&vgd_pgids=3&vgd_uspa=0&hvsid=00001683657118929006245729287567&gdpr=1&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 09 May 2023 18:31:58 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 09 May 2023 18:31:58 GMT
checksync.php
contextual.media.net/ Frame 3F65 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82dab3ec996d28f3e80659e089aad41eb13909f14c7a897ffc62076e1e7bbd8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8005
content-type
text/html; charset=UTF-8
date
Tue, 09 May 2023 18:31:59 GMT
expires
Thu, 11 May 2023 18:31:59 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame DDCE 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5007&lper=1&itypeid=16&itype=APPNEXUS&cc=DE&cid=8CU6M287B&reqid=7615065297151075726&vid=7615065297151075726&dn=ye-mek.net&rawDn=ye-mek.net&pid=8PR113JGC&ugd=4&fleet=common&requrl=https%3A%2F%2Fye-mek.net&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=1&sc=BW&ct=bad+durrheim&pubid=pub-appnexus-network-eu&tgtval=pub-appnexus-network-eu&csip=rtb-common-864b4cb6cf-xqdst.BE&dtc=eu_be&zone=b&ptype=23&tmax=700&xtmax=692&gdpr=1&csex=0&app=0&sat=2&devbrand=Unknown&devmodel=Unknown&device_id=4&asn=28753&sckfl=0&smbrid=2725&usp_status=0&usp_enf=1&pexid=APPNEXUS-1860580&geoll=false&is_ortb=true&s_ip=185.89.211.77&s_city=amsterdam&commit_id=b30fd6cf&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-05-09+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&second_call=false&supply_cc=DE&ipcc=DE&is_msnnative_src=false&rtttime=29&pvid=462&prvAccId=844206516&prvApiId=8CUL2446F&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=856004011&prspt=headerBid&prvReqId=22993516541482_1356121341_85600401114621&reqsize=200x200&size=200x200&chnl=no_strategy&bdp=0.140&cbdp=0.14&og_cbdp=0.140&ogbdp=0.14&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Fgeneralsearch.net&dfpBd=0.14&dt=O&dbf=1&epc=844206516&s=1&snm=SUCCESS&pcrid=8CUL2446F-844206516-19-16&tpbTkn=false&exid=220&bidflr=0.000&pbidflr=0.000&opbidflr=0.000&spbf=0&viewability=39&slotVisibility=0&adpos=0&iframingState=0&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=462&brsrclk=0&bidrestime=1683657117223&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=424785930&strg=no_strategy&stagid=22462657&vls=0&scrid=424785930&mang=1&pvdTmax=659&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&apTags%3C%3E=75&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_epbc=8CUL2446F&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=0&mx_sid=8CUL2446F&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=6&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=22462657&mx_tgs=200x200%7C250x250%7C300x250%7C728x90%7C970x90%7C970x250&mx_bsProfileRa=0&mx_IAB2=0&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_gpid=22462657&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=true&mx_commit_id=bad635f7e9&acid=8df990f1816c4b1093c884f828bf4796&rtime=11.0&wsip=mowx-86886d9cb6-8pl68&ltime=24.0&act=headerBid&abs=0%7C0%7Cxtmax%3D692%7Cbrr%3D0&adtypes=0&impId=308945226642575546&reftime=15000&reftype=0&keywordSellerId=false&dsid=22462657&insl=0&mowxReqId=8df990f1816c4b1093c884f828bf4796_1&ecp=1.35&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&dfpDiv=22462657&supplyTagId=22462657&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&actltime=26&debug_ts=2023-05-09+18%3A31%3A57&__expireat=1683657717475&mview=1&rme=adm&bdata=~bx_len%3D1338~bhp%3D0~bid%3D0.140~bx_agl2a_l%3D0~bx_asn%3D28753~bx_cs%3D0~bx_exp%3D0~bx_ginsu%3D0~bx_intmd%3D0~bx_l2as%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0000000~bx_size%3D200x200~bx_tmax%3D650~bx_tml_suffix%3D%2F~city%3DBADDURRHEIM~ck_fl%3D0~dc%3Dgcp-eu-west1-b~dmm_d1%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D30~dmm_d19%3D1000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.03~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d3%3D0~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D00~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d5%3D0~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_l%3D0.031~dmm_m1%3D0.099~dmm_m10%3D1.000~dmm_m11%3D0.974~dmm_m12%3D1.337~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.000~dmm_m16%3D0.365~dmm_m17%3D1.000~dmm_m2%3D0.023~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m27%3D1~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m35%3D9.000~dmm_m36%3D9.000~dmm_m39%3D9908.000~dmm_m40%3D9908.000~dmm_m43%3D0.210~dmm_m44%3D1.000~dmm_m47%3D46926.000~dmm_m48%3D13087058.000~dmm_m5%3D1.000~dmm_m50%3D1.000~dmm_m51%3D9.000~dmm_m52%3D0.389~dmm_m6%3D1.000~dmm_m7%3D1.337~dmm_m9%3D1.000~dmm_r%3D0.317~e_rpm%3D0.099~erpm%3D0.099~hc%3D0%20%2B%200~iha%3D0~itype%3DAPPNEXUS~r_cc%3DDE~r_ip%3D37.58.58.0~r_sc%3DBW~rbo%3D5_3~ref_cnt%3D0~seller_tag_id%3D22462657~sgmt%3Dempty~std%3D22462657~vbr%3D0~visibility%3D0~supply_tag_id%3D22462657%7Eviewability%3D0.388743%7Ecbdp%3D0.140%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Epos%3D0%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.140%7Eitype_id%3D16%7Eseller_tag_id%3D22462657%7EcarrierId%3D0%7E~ibc%3D1~&utime=1719&sf=0&cpr=0.05519888131897743
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 09 May 2023 18:31:58 GMT
rd_log
ams3-ib.adnxs.com/ Frame DDCE 		0
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fye-mek.net%2F&e=wqT_3QL-A-j-AQAAAwDWAAUBCJ2j6qIGELqh1ci_geakBBgAKjYJ7FG4HoXrwT8REVg5tMh2vj8ZAAAAoJmZ9T8hEQ0SACkRJPQOATEAAAAA16PAPzDBgdsKOKUVQJUJSGBQivDGygFYupyOAWAAaLO3K3iV9AWAAQGKAQNVU0SSAQNFVVKYAcgBoAHIAagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgApOcW-oCE2h0dHBzOi8veWUtbWVrLm5ldC-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APy2TjgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMzcuNTguNTguMjQ4qAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEj6alIsgEANoEAggB4AQB8ASK8MbKAYgFAZgFAKAFjsvg0KmxiddpwAUAyQUhDhwAAPA_0gUJCQkMeAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGr_EB2gYWChAJEhkBfBAAGADgBgHyBgIIAIAHAYgHAJgHAaAHAcgHlfQF0gcNFWgBKQjaBwYBYXAYAOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=2e7080a418df99f44433d47a163e4055040c596d&bdref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fpcloak.blob.core.windows.net%2F,https%3A%2F%2Fye-mek.net%2F,https%3A%2F%2Fye-mek.net%2F&
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:58 GMT
AN-X-Request-Uuid
aa64782f-1b9c-4adb-89de-345f3d6c20c9
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.248; 37.58.58.248; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 73CD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
306663
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 May 2023 05:20:55 GMT
expires
Sun, 05 May 2024 05:20:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/8193307247526017021/ Frame 7F45 		23 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8193307247526017021/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df953cb4bab1ce085b56b85a00037984fdcbd1a99bc72d74fb8b5a6246e38ff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
28480
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5006
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 10:37:19 GMT
expires
Wed, 08 May 2024 10:37:19 GMT
last-modified
Fri, 21 Apr 2023 11:36:13 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 202A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvu8lUxeyNYxU_EhARgv0-FPm1VlHO3DIMFaAVEPPDwLhhAExQqNElOVs-FuWyqipSxsGLcM59ULGwJy2ebe71tJkYimkZZqeFzIkJkxAPAbrjt3NNNmrrp3NKDPl-shl4z8uFK_bkKCDABgXQd7JfE5iC8vFkQ5qBRxVAQk5Kq8qNmc1HNUooPzZnajpEG1xrhd5-a6D8OLZHtnJV4qmTPEfa3Lpy0r1TsC1jUSmde8p3qjOUndcb7sO7euN9SFUZNNay9MB3SZXoiCQV-XzYir0eCq-kEpBdi2onmZo6TxtQmSyTZ6Lsi-Pi6oAslHmoIBFeaFNyRQvrmsP12jPS2EPiwQXhbbeY2y8Fhg3ryL8FwOYakE3U5KjCzne0VWvn4m0lwe6i67W5cOgICaJXLJqhTUGj1mhkJzy3xkn6spUrINZX70tlgf1WUs6GaIIv8lsu415htVfeuHmScm1N6LSLiEEsWpPXQiKSl8YRYCKaLriqY9t6teTDdfuV66kXhUjVCsTeg0qNKOcXuj4uJOiL5DH-vfggU9WI1RDs5JUP3UcPxWz0kcJXgLYBObKCxPjLJ7JFT5bfaNKUc6ni8s0jKPZD6cVNredDRh0um_aE5u5aT6WdG0swakP0_XTLGWr-0Y00gnR2BxOJkeOSvXcWb9tLaJuAqi4acLjT8l84Ft-GI4y_kV-29uwhMZxpDCpo9buFqptfeYDDA0gOCr-dt8-U7YR2-JLCSVvtzMufsqxRKQzE1prNJu8-Giw1KcqAir6Wam7T2r4h3-lPAmNE5Ck_TEmLN8yhUSLccnb2xxd1tJHnyRvIdfoQjEhJM8XenEOc25bwasOUvEW8Wv5UYq26zHq_rlpqjbNLsvSO2Jpa7Cm-3alc-qFdT927CGAhJH-Zr77kPKOngaPu261SN3j1iqIqSl9ZKVVr2Pp1hfo-rSCXotrA5sYXhT9ysXUMEnqRtl09i1W8uklNXfDHNdxPE39zBdqAhlfw6PszfPZ8pXaRZHDV8bxKPZMglZQcm8jv5pBiSpqne__OgiMwIIvT9kkU3TXR5zbjHPYm4_AYJR1gXYj4L7D5nnTW-lQI1FTwOdYhwsVKlf2HhOoWrDZB92FuuLpnkVwd8I0UZfUkCBPvvWkAroJnx0V1pJIcLpFNtLSnw6gABNGJsz5OXiOHIqMRaeq3XblGaN9fERxXlwxfO3aU52hqpBZLlwfwPK_Z17RQwCjfr2XwUCcYgrIHFsMHSc6ZLKdUPNNzxJ0LwcvAEYXoWwK8S7xqMJ4hagi4aRykc4FloGV9fdnSiKAl_frZ97Up1GBc4wfDlOfUkTuNJVDhqiBKs&sai=AMfl-YSx2ba2xYA0EFTWDzQo7i1EzHVHpGJButNShlK-NMHZp8MwwGQvT5ma2gVX7nCH27FrM7jCXnjRhg1CAh9Y1BmIiaaVpbD1xBrgzdANVj5He-7DM_O29F2grOSKZBeVgyzTfGBfg55-UtqcCV4dj8jgtPgqTC-21c2qUl3ckffNCcT_jNSHtteVXCiSEEH0F_IgrSYUyWRcLiPw-y8HqsG4E__q5pzHiptrBnbvZCmp625XFNLXWocNqegCBsSieKrNqchcqSk-yA8UTIV7vNnPVhs&sig=Cg0ArKJSzIkv49zlvY11EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=223&cbvp=1&cstd=220&cisv=r20230508.52355&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 09 May 2023 18:31:59 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 09 May 2023 18:31:59 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 413B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1&google_push=ATf1kGPehVWoovkDw97Ro11TmspmTQ_uxkktGMIORexzgDm1yWqNCUpjsJAt62ls1sXCkLTu2-uV25vT76kCvJHQfCI2AP8OyBzSXA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM2NTQ0MjA4MzI1OTM0MjM2NQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 413B
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEKO4tGz6A9liq9fIHtLCs4c&google_cver=1&google_push=ATf1kGNBUYdHe90K-Z-0--BwANlXc3bok0yMLQ7PuFJ8VLFNdP2Z3Jfs1OCjmD_MFAPh0rQSnsq2j-lHWLRxAXSJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sQ47M-p2TOKR4YkssgyhfA2&google_push=ATf1kGNBUYdHe90K-Z-0--BwANlXc3bok0yMLQ7PuFJ8VLFNdP2Z3Jfs1OCjmD_MFAPh0rQSnsq2j-lHWLRxAXSJKgm93wddQqa4DQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sQ47M-p2TOKR4YkssgyhfA2&google_push=ATf1kGNBUYdHe90K-Z-0--BwANlXc3bok0yMLQ7PuFJ8VLFNdP2Z3Jfs1OCjmD_MFAPh0rQSnsq2j-lHWLRxAXSJKgm93wddQqa4DQ
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 09 May 2023 18:31:59 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sQ47M-p2TOKR4YkssgyhfA2&google_push=ATf1kGNBUYdHe90K-Z-0--BwANlXc3bok0yMLQ7PuFJ8VLFNdP2Z3Jfs1OCjmD_MFAPh0rQSnsq2j-lHWLRxAXSJKgm93wddQqa4DQ
x-host
tde-deliveryengine-production-797dcffc79-jjnlt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 413B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBPMhP9nD3r_KkyO-JhlGU4&google_cver=1&google_push=ATf1kGM1swLWetrbUP-Y-kj_nKU4WzZfTt0UzshbUWl59wMZZF3mkwvLjluXKzmQP4FPZcCE-xJmSuzF...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBPMhP9nD3r_KkyO-JhlGU4&google_cver=1&google_push=ATf1kGM1swLWetrbUP-Y-kj_nKU4WzZfTt0UzshbUWl59wMZZF3mkwvLjluXKzmQP4FPZcCE-xJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjE4MDU0NDAyNzM2ODEzMDcyNQ&google_push=ATf1kGM1swLWetrbUP-Y-kj_nKU4WzZfTt0UzshbUWl59wMZZF3mkwvLjluXKzmQP4FPZcCE-xJmSu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjE4MDU0NDAyNzM2ODEzMDcyNQ&google_push=ATf1kGM1swLWetrbUP-Y-kj_nKU4WzZfTt0UzshbUWl59wMZZF3mkwvLjluXKzmQP4FPZcCE-xJmSuzF0IA-N2ol9QpY6GQFryF7lQ
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjE4MDU0NDAyNzM2ODEzMDcyNQ&google_push=ATf1kGM1swLWetrbUP-Y-kj_nKU4WzZfTt0UzshbUWl59wMZZF3mkwvLjluXKzmQP4FPZcCE-xJmSuzF0IA-N2ol9QpY6GQFryF7lQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 413B 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEGPvcoAiCG9ju26BVdFA8D0&google_cver=1&google_push=ATf1kGP4diMNEZEj2BVSsgZ03UuLPQBN6zV0AX9n_4d2tQgA6nKAtIItFl4johnKHNGUu1zx8faLBW0_cPRZ1ePNBQ-zQJEUpYtEXA
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
h0f6e561n9u65thlqclbiu0gp7g77s0p
pixel
cm.g.doubleclick.net/ Frame 413B
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESECJ4puR2pfF00aXX-rmpr2c&google_cver=1&google_push=ATf1kGOPbsrSNFAfysw_ND0i5AKC7hzV_pmOur-V6YMn6-hPp_XATA8tEm_5m0IaH63BGjKMkmSoOGM9oc1w_forr2dCqa...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESECJ4puR2pfF00aXX-rmpr2c&google_cver=1&google_push=ATf1kGOPbsrSNFAfysw_ND0i5AKC7hzV_pmOur-V6YMn6-hPp_XATA8tEm_5m0IaH63BGjKMkmSoOGM9oc1w_for...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f6SdvXMhSJq2linTdnkrmw&google_push=ATf1kGOPbsrSNFAfysw_ND0i5AKC7hzV_pmOur-V6YMn6-hPp_XATA8tEm_5m0IaH63BGjKMkmSoOGM9oc1w_fo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f6SdvXMhSJq2linTdnkrmw&google_push=ATf1kGOPbsrSNFAfysw_ND0i5AKC7hzV_pmOur-V6YMn6-hPp_XATA8tEm_5m0IaH63BGjKMkmSoOGM9oc1w_forr2dCqamPeJTR
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f6SdvXMhSJq2linTdnkrmw&google_push=ATf1kGOPbsrSNFAfysw_ND0i5AKC7hzV_pmOur-V6YMn6-hPp_XATA8tEm_5m0IaH63BGjKMkmSoOGM9oc1w_forr2dCqamPeJTR
access-control-allow-origin
*
date
Tue, 09 May 2023 18:31:59 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 413B
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAabW7euHIqXxLZTgbeILic&google_cver=1&google_push=ATf1kGMqcAyeaPmL1sHan-0_rW1Yle4dF7kCbbwAzM4JzP16utVTpQ58CbDagl_McKErEm44I5TDphGKDLJyhfg0loFXBnnLn6...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGMqcAyeaPmL1sHan-0_rW1Yle4dF7kCbbwAzM4JzP16utVTpQ58CbDagl_McKErEm44I5TDphGKDLJyhfg0loFXBnnLn65...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU0NDA2MTc5MTExMjc2NDU0MjE1Nw%3D%3D&google_push=ATf1kGMqcAyeaPmL1sHan-0_rW1Yle4dF7kCbbwAzM4JzP16utVTpQ58...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU0NDA2MTc5MTExMjc2NDU0MjE1Nw%3D%3D&google_push=ATf1kGMqcAyeaPmL1sHan-0_rW1Yle4dF7kCbbwAzM4JzP16utVTpQ58CbDagl_McKErEm44I5TDphGKDLJyhfg0loFXBnnLn65crQ
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU0NDA2MTc5MTExMjc2NDU0MjE1Nw%3D%3D&google_push=ATf1kGMqcAyeaPmL1sHan-0_rW1Yle4dF7kCbbwAzM4JzP16utVTpQ58CbDagl_McKErEm44I5TDphGKDLJyhfg0loFXBnnLn65crQ
date
Tue, 09 May 2023 18:31:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
report
sync.teads.tv/um/ Frame 413B
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHjQYe79V7U0iaK-5_G1fg4&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGO9xAgySYHGbXYWN-tt02BBOMirr5-iE3T0Dyo7puYu7hssBEQNT0vSneP1uwLYLaizRUrfjv2TnyJGPwxNwf4Y3GsLps-WLfg
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires
Tue, 09 May 2023 18:31:59 GMT
pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 413B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LDhirQ-8xureAVgiqvJSwxnvxIGaGXwc5emTCf07B0Zl90RbBqZ8wAViJKJCsa5Z3mM20w-Q
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
pagead2.googlesyndication.com/bg/ Frame 3245 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c5b942bd3e64ff2eaff944993c252bcbb1ba01452c9779121f41670e7a0c45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 13:29:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
18146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14734
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 May 2024 13:29:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0F2D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230508&jk=1566515330355644&rc=
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame 9260 		0
365 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=48065000152271500951389012319014&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=li
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=e252a1b88b&subid=&uid=b17ebceab39bc615&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DH6BWFeTbIlBhnx7DAxSigg%26exch_seat%3D20035004448%26mt_aid%3D4115540874882294508%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddee5645a-919e-4001-ab2c-f0f1c7dd3bf8%26mt_cid%3Ddee5645a-919e-4001-ab2c-f0f1c7dd3bf8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCh5KQnpFaZOTBCNmg1ga57bKIDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBCeACAKgDAaoEngJP0FJzEn_ZH7s0BsM3wcpL-jh3ojvAOAuWMOAmC9_LHByapJf2FY_JMpSn0RusahOztS3UyW0eeU2SnpSvwqp_psa5WHt_L3r1tjWseD25uyzT0Z4TWFkaW3iLqw5zk3zmRohESitQ0oIU57cMh5a7ac1pOfwv_qcB622bRjJ2c3v_Upd0baqcIBsNgW0yfVo_6IGcpybm37Zt_gwk0pjddw49Hw0rmQkqSJ2YtFXV5D0wUnai5ooboQgyoN-FcmJmokJsOFXGSLhmU51GLVgxvJqRiN3S_d527IlPsXRlwpky-gWzYFic2J3vH1tErwlMHzO4MDeQPFU1xIpAr5bFzIueaCHyFT6X5GamvQLJOVw-3i3JJGZM3D_Uccqw4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0GP8XuscQkZS_CazTU7cmMMBG2nQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=8536738833093&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Content-Type
application/javascript; charset=utf-8
Date
Tue, 09 May 2023 18:31:59 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
X-IPLB-Request-ID
253A3AF8:9422_91EFC182:01BB_645A919F_95B59DB:E330
/
adv.office-partner.de/ Frame 8E64 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=e252a1b88b&subid=&uid=b17ebceab39bc615&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DH6BWFeTbIlBhnx7DAxSigg%26exch_seat%3D20035004448%26mt_aid%3D4115540874882294508%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddee5645a-919e-4001-ab2c-f0f1c7dd3bf8%26mt_cid%3Ddee5645a-919e-4001-ab2c-f0f1c7dd3bf8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCh5KQnpFaZOTBCNmg1ga57bKIDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBCeACAKgDAaoEngJP0FJzEn_ZH7s0BsM3wcpL-jh3ojvAOAuWMOAmC9_LHByapJf2FY_JMpSn0RusahOztS3UyW0eeU2SnpSvwqp_psa5WHt_L3r1tjWseD25uyzT0Z4TWFkaW3iLqw5zk3zmRohESitQ0oIU57cMh5a7ac1pOfwv_qcB622bRjJ2c3v_Upd0baqcIBsNgW0yfVo_6IGcpybm37Zt_gwk0pjddw49Hw0rmQkqSJ2YtFXV5D0wUnai5ooboQgyoN-FcmJmokJsOFXGSLhmU51GLVgxvJqRiN3S_d527IlPsXRlwpky-gWzYFic2J3vH1tErwlMHzO4MDeQPFU1xIpAr5bFzIueaCHyFT6X5GamvQLJOVw-3i3JJGZM3D_Uccqw4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0GP8XuscQkZS_CazTU7cmMMBG2nQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=8536738833093&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Tue, 09 May 2023 18:31:59 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Tue, 16 May 2023 18:31:59 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
htlp
futalis.de/ Frame 9ECB
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=48065000152271500951389012319014&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2701254914
350 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2701254914
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=e252a1b88b&subid=&uid=b17ebceab39bc615&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DH6BWFeTbIlBhnx7DAxSigg%26exch_seat%3D20035004448%26mt_aid%3D4115540874882294508%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddee5645a-919e-4001-ab2c-f0f1c7dd3bf8%26mt_cid%3Ddee5645a-919e-4001-ab2c-f0f1c7dd3bf8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCh5KQnpFaZOTBCNmg1ga57bKIDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBCeACAKgDAaoEngJP0FJzEn_ZH7s0BsM3wcpL-jh3ojvAOAuWMOAmC9_LHByapJf2FY_JMpSn0RusahOztS3UyW0eeU2SnpSvwqp_psa5WHt_L3r1tjWseD25uyzT0Z4TWFkaW3iLqw5zk3zmRohESitQ0oIU57cMh5a7ac1pOfwv_qcB622bRjJ2c3v_Upd0baqcIBsNgW0yfVo_6IGcpybm37Zt_gwk0pjddw49Hw0rmQkqSJ2YtFXV5D0wUnai5ooboQgyoN-FcmJmokJsOFXGSLhmU51GLVgxvJqRiN3S_d527IlPsXRlwpky-gWzYFic2J3vH1tErwlMHzO4MDeQPFU1xIpAr5bFzIueaCHyFT6X5GamvQLJOVw-3i3JJGZM3D_Uccqw4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0GP8XuscQkZS_CazTU7cmMMBG2nQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=8536738833093&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-1.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Tue, 09 May 2023 18:31:59 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2701254914
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
link.html
track.webgains.com/ Frame D4FE 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=48065000152271500951389012319014&nw=1
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.36.104 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-36-104.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
49ba5ca517d094d942ea4ef8fc652ba5547973fa0f486878a1c7d1ded8d77669

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:59 GMT
last-modified
Tue, 09 May 2023 18:31:59 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 09 May 2023 18:32:59 GMT
activityi;dc_pre=CJTYhcTv6P4CFTdZwgodpkIIAA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2971405573823.553
5994599.fls.doubleclick.net/ Frame 2D8B
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2971405573823.553?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CJTYhcTv6P4CFTdZwgodpkIIAA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2971405573823.553?
391 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJTYhcTv6P4CFTdZwgodpkIIAA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2971405573823.553?
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
2463fb8dd5405db9e4b77e739d2180577f830e8e5df0ccc3ee7023161e7e3116
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
218
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:59 GMT
expires
Tue, 09 May 2023 18:31:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJTYhcTv6P4CFTdZwgodpkIIAA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2971405573823.553?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900014.redintelligence.net/ Frame 30B1 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request_content.php?s=48065000152271500951389012319014&a=be0cfc20
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=e252a1b88b&subid=&uid=b17ebceab39bc615&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DH6BWFeTbIlBhnx7DAxSigg%26exch_seat%3D20035004448%26mt_aid%3D4115540874882294508%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddee5645a-919e-4001-ab2c-f0f1c7dd3bf8%26mt_cid%3Ddee5645a-919e-4001-ab2c-f0f1c7dd3bf8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCh5KQnpFaZOTBCNmg1ga57bKIDc-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBCeACAKgDAaoEngJP0FJzEn_ZH7s0BsM3wcpL-jh3ojvAOAuWMOAmC9_LHByapJf2FY_JMpSn0RusahOztS3UyW0eeU2SnpSvwqp_psa5WHt_L3r1tjWseD25uyzT0Z4TWFkaW3iLqw5zk3zmRohESitQ0oIU57cMh5a7ac1pOfwv_qcB622bRjJ2c3v_Upd0baqcIBsNgW0yfVo_6IGcpybm37Zt_gwk0pjddw49Hw0rmQkqSJ2YtFXV5D0wUnai5ooboQgyoN-FcmJmokJsOFXGSLhmU51GLVgxvJqRiN3S_d527IlPsXRlwpky-gWzYFic2J3vH1tErwlMHzO4MDeQPFU1xIpAr5bFzIueaCHyFT6X5GamvQLJOVw-3i3JJGZM3D_Uccqw4AQBgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0GP8XuscQkZS_CazTU7cmMMBG2nQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=8536738833093&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
0fc331d83d54055b86da63efa0252a153147a108e814e6f1f7914c669f52fa56

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2058
Content-Type
text/html; charset=utf-8
Date
Tue, 09 May 2023 18:31:59 GMT
Expires
Tue, 09 May 2023 19:31:59 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame D4FE
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=48065000152271500951389012319014&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=li
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=48065000152271500951389012319014&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=li
43 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=48065000152271500951389012319014&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=li
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:31:59 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
253A3AF8:9422_91EFC182:01BB_645A919F_95B59F0:E330
X-IPLB-Instance
40028
Content-Type
image/gif
Keep-Alive
timeout=20
Content-Length
43
Proxy-Host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=48065000152271500951389012319014&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=li
date
Tue, 09 May 2023 18:31:59 GMT
server
nginx
content-length
154
content-type
text/html
link.html
track.webgains.com/ Frame C0FD 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gegqkfmefqtvaf25n0fh76rda3zwtmjp1jfc2rbbw510jhtewv3e948ascx6p5c9nef54090vfptmmwt68er80wyrk77jxf4633xvzapz1g0q4ef0p6zwrbkyka8r4m5c9jgyxbm75gz6q5qg8txqxrgvk0g7q1b8wtfvmm5h79qbqpvgkgrraf5a2zzscy6fnb267w6191771te23kvcemz3ddecxx0ts1b09h6ny5j3qrz8hqh9mgsmbqy072hdd0a%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gxfmv3kh4g4maab2vz3effx6azg0xmve5crehywj26dqd6m1rnwvdt6pqh5109a0ssv4s93dahr2pgqhwyeym4j3716z7xr44xksyr44m90rtv4k5dx0adxpxfarjn7ec8j0987sypsqmeeg9hehzayb9gs9j72mta2091f90rncykn4sxtwv1qrfr2yj371rbgabt9bb8txh0y51bacr15nsyw6sf1xczy61pphnn5ta3gd2mkk0p3wpjqpmqgqzf2wadsyzsh6fy414stb0jqvc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=af1688c8d66e027fdbd118f8aa0947c7%2F11453764225808850446&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683657118828&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxfmv3kh4g4maab2vz3effx6azg0xmve5crehywj26dqd6m1rnwvdt6pqh5109a0ssv4s93dahr2pgqhwyeym4j3716z7xr44xksyr44m90rtv4k5dx0adxpxfarjn7ec8j0987sypsqmeeg9hehzayb9gs9j72mta2091f90rncykn4sxtwv1qrfr2yj371rbgabt9bb8txh0y51bacr15nsyw6sf1xczy61pphnn5ta3gd2mkk0p3wpjqpmqgqzf2wadsyzsh6fy414stb0jqvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.36.104 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-36-104.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
7b4f30226ef26484d7e1ac91dfb26b5bdcc785a7042035c5139070807d42f833

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:59 GMT
last-modified
Tue, 09 May 2023 18:31:59 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 09 May 2023 18:32:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DDCE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrBBT0WzooM-5jA151FCFIV97t5hK0qaLhwbCxpyZennwa-csQWhk3bR0BQsspC0i78YfQYI3-SIIbByAIpfZ1MKq1dRo5E8G-GE3CUBgo0rgcE01-oi3Zfj2w6VrBGXDUjLuQ6BVlRZnV6LmQ__t2XYMgx4v98iiJ_KJQc7GhrKKjpv_SVdxb5byXitbYCwwQGVBKzW94cl1l4aTvGiIRVzb21rY8cNleQ9zr4TBqGjdG604k04SBDWS08JMlHgvSRNzxeRXYv70E-fzXz7lC1Q2kl7NAcq_zz180xVzbkD7QlmwsEnplOux3MzFaxqqSl3MwDJ08Nk8s7Q&sai=AMfl-YSwG1vumETyaaAxAlaQeKd3ntis3EbuClqvQCQENYIvYMsHSdIq8tA4TOFbwYHXN0UehhBv827F4yQkNy2dAJZ7oMXVFS3_DyEF_OckQC7ucXQTOuE9TLy0uF0ttw&sig=Cg0ArKJSzFjcwwFrIcHOEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 09 May 2023 18:31:59 GMT
truncated
/ Frame DDCE 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdda806f72862d9980165519a490b0418022a79adb2af7dc76eed3f47acfc3f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C5BD 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84694
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 May 2023 19:00:25 GMT
etag
48472445140208031
expires
Tue, 09 May 2023 19:00:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D4FE 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e9bc5c6bc6d65e3488989314be2dc9b660f7dce47ce0ad3393136a4acc74f45

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
pagead2.googlesyndication.com/bg/ Frame DED3 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c5b942bd3e64ff2eaff944993c252bcbb1ba01452c9779121f41670e7a0c45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 13:29:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
18147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14734
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 May 2024 13:29:32 GMT
vevent
ams3-ib.adnxs.com/ Frame DDCE 		0
945 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fye-mek.net%2F&e=wqT_3QK-BOg-AgAAAwDWAAUBCJ2j6qIGELqh1ci_geakBBgAKjYJ7FG4HoXrwT8REVg5tMh2vj8ZAAAAoJmZ9T8hEQ0SACkRJPQ0ATEAAAAA16PAPzDBgdsKOKUVQJUJSGBQivDGygFYupyOAWAAaLO3K3iV9AWAAQGKAQNVU0SSAQNFVVKYAcgBoAHIAagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgApOcW-oCE2h0dHBzOi8veWUtbWVrLm5ldC-AAwCIAwGQAwCYAxegAwGqA0ASGDc2MTUwNjUyOTcxNTEwNzU3MjZfc2JpZBoSMzA4OTQ1MjI2NjQyNTc1NTQ2Igk0MjQ3ODU5MzAqBU0xMTczwAOsAsgDANgD8tk44AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDM3LjU4LjU4LjI0OKgEALIEEAgAEAEYygcg-gEoADAAOAK4BADABI-mpSLIBADaBAIIAeAEAfAEiiEdVIgFAZgFAKAFjsvg0KmxiddpwAUAyQUhThwAAPA_0gUJCQkMeAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGr_EB2gYWChAJEhkBfBAAGADgBgHyBgIIAIAHAYgHAJgHAaAHAcgHlfQF0gcNFWgBKQjaBwYBYXAYAOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=2b0b899f67e5419919893a5efee27127d904d4e7&type=nv&nvt=5&jm=1003&px=700&py=158&bw=200&bh=200&sid=1931169661545768239&vd=ct~0|rr~0&sv=232&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22462657&sw=1600&sh=1200&pw=1600&ph=4506&ww=1600&wh=1200&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:59 GMT
AN-X-Request-Uuid
01f45d01-3539-441f-8463-ed8268b2098c
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ye-mek.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.248; 37.58.58.248; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
9b8c989600acf292bda83508a04b3a8e.js
s0.2mdn.net/sadbundle/8193307247526017021/ Frame 7F45 		105 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8193307247526017021/9b8c989600acf292bda83508a04b3a8e.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8193307247526017021/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea5475af393e845f5a2230274fbc508bcb4c8d7d99c1d8daf8e5fe6f94f76a29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8193307247526017021/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:37:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30394
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 11:36:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 May 2024 10:37:19 GMT
css
fonts.googleapis.com/ Frame 30B1 		2 KB
530 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=48065000152271500951389012319014&a=be0cfc20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 May 2023 18:31:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 May 2023 17:56:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 May 2023 18:31:59 GMT
/
hal9000.redintelligence.net/scale/ Frame 30B1 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=48065000152271500951389012319014&a=be0cfc20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
c816e8c4e3b2b3c50c64638732c8bf6f8e4b0f205c6c46939a9300c32114e269

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:31:59 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16231
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 30B1 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=48065000152271500951389012319014&a=be0cfc20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
7aa9c79a3be5c919789471cc7a8ea1ffa66e936f0b9b6fbcc27ecb2dfbdca9e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:31:59 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16511
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 30B1 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=48065000152271500951389012319014&a=be0cfc20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
a27e3b0eef07673adfd0fa40a6f2bd583ce8a32863c318fbbd2bd8b7a3877548

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:31:59 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12998
Vary
Accept-Encoding
Content-Type
image/png
ts.js
cdn.retailads.net/ Frame 9ECB 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2701254914
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:59 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
pagead2.googlesyndication.com/bg/ Frame 73CD 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c5b942bd3e64ff2eaff944993c252bcbb1ba01452c9779121f41670e7a0c45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 13:29:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
18147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14734
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 May 2024 13:29:32 GMT
gtm.js
www.googletagmanager.com/ Frame 8E64 		109 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
75e4b90febae356bf27a50442bb00e2ee7a3b82a981f9ef5e59e4dfeafa6334f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42740
x-xss-protection
0
last-modified
Tue, 09 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 May 2023 18:31:59 GMT
dc_pre=CJTYhcTv6P4CFTdZwgodpkIIAA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2971405573823.553
adservice.google.com/ddm/fls/z/ Frame 2D8B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJTYhcTv6P4CFTdZwgodpkIIAA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2971405573823.553
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJTYhcTv6P4CFTdZwgodpkIIAA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2971405573823.553?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame BD86 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BD86 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
OpenSans_Semibold.woff
contextual.media.net/__media__/fonts/OpenSans_Semibold/ Frame BD86 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/OpenSans_Semibold/OpenSans_Semibold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683657118202529058&gdpr=1&tsce=L128&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=875143658&size=300x600&cc=DE&sc=HE&chnm=no_strategy&pid=8PO15FLE3&tpid=T57IE0C&https=1&rrr=tzR-hLcl-L8S0csJTOWsHrB8bbSdlDto&nse=5&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&ebdata=~G-MjJzvuAuH~GwEv9~G8Ov9.uA9~G-M1yjf1Mjv9~G-M1QzvfWhXA~G-MNQv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MLwvHhr4gEdWqR~G-MLENv99999u9~G-MQ8lJvA99-F99~G-M7Y1-vFX9~G-M7YjMQxkk8-vS~N875vRKrrPDDq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.9Au~OYYMYuv9.9Wi~OYYMYu9vu.999~OYYMYuuv9.iFF~OYYMYufvu.AAF~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.AAH~OYYMYuhvu.999~OYYMYfv9.9fA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvi.999~OYYMYAFvi.999~OYYMYAivii9W.999~OYYMYH9vii9W.999~OYYMYHHvu.999~OYYMYHhvHFifF.999~OYYMYHWvuA9Wh9fi.999~OYYMYXvu.999~OYYMYX9vu.999~OYYMYXuvi.999~OYYMYXfv9.XFu~OYYMYFvu.999~OYYMYhvu.AAF~OYYMYivu.999~OYYMLv9.fWh~JMLEYv9.9Wi~JLEYv9.9Wi~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~LMNNvr4~LM8EvAh.XW.XW.9~LMQNvRp~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvffHFA9fh~QyY7vJYE75~Q7OvffHFA9fh~eGLv9~e8Q8G8j875v9~QxEEj5M71yM8OvffHFA9fh~e8JB1G8j875v9.XFuHX~NGOEv9.uA9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQv9~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.uA9~875EJM8OvuF~QJjjJLM71yM8OvffHFA9fh~N1LL8JLVOv9~~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1327519835t202305091831&essld=Ah.XW.XW.9~r4~Rp~G1OnOxLLwJ8Y&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683657118202529058&gdpr=1&tsce=L128&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=875143658&size=300x600&cc=DE&sc=HE&chnm=no_strategy&pid=8PO15FLE3&tpid=T57IE0C&https=1&rrr=tzR-hLcl-L8S0csJTOWsHrB8bbSdlDto&nse=5&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&ebdata=~G-MjJzvuAuH~GwEv9~G8Ov9.uA9~G-M1yjf1Mjv9~G-M1QzvfWhXA~G-MNQv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MLwvHhr4gEdWqR~G-MLENv99999u9~G-MQ8lJvA99-F99~G-M7Y1-vFX9~G-M7YjMQxkk8-vS~N875vRKrrPDDq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.9Au~OYYMYuv9.9Wi~OYYMYu9vu.999~OYYMYuuv9.iFF~OYYMYufvu.AAF~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.AAH~OYYMYuhvu.999~OYYMYfv9.9fA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvi.999~OYYMYAFvi.999~OYYMYAivii9W.999~OYYMYH9vii9W.999~OYYMYHHvu.999~OYYMYHhvHFifF.999~OYYMYHWvuA9Wh9fi.999~OYYMYXvu.999~OYYMYX9vu.999~OYYMYXuvi.999~OYYMYXfv9.XFu~OYYMYFvu.999~OYYMYhvu.AAF~OYYMYivu.999~OYYMLv9.fWh~JMLEYv9.9Wi~JLEYv9.9Wi~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~LMNNvr4~LM8EvAh.XW.XW.9~LMQNvRp~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvffHFA9fh~QyY7vJYE75~Q7OvffHFA9fh~eGLv9~e8Q8G8j875v9~QxEEj5M71yM8OvffHFA9fh~e8JB1G8j875v9.XFuHX~NGOEv9.uA9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQv9~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.uA9~875EJM8OvuF~QJjjJLM71yM8OvffHFA9fh~N1LL8JLVOv9~~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1327519835t202305091831&essld=Ah.XW.XW.9~r4~Rp~G1OnOxLLwJ8Y&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Origin
https://contextual.media.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:59 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
21704
expires
Wed, 10 May 2023 18:31:59 GMT
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame FFFF 		0
365 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=88087000163259104444550012319016&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c98237d1e9&subid=&uid=93ae5285b05edf52&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwUE-npFaZLarCJmP1waO1pfIBKblvaBphZWcp8kP8C4QASDAsoJrYJUCyAEJqQK4Sb-1M2eyPqgDAaoE_QFP0MtDmZaHIi9AOL8SjblL31zFTaKywN4cFnFlpPE_xJVcTN9s8q_0wncrVF-qZN3y1yYNwRX25suVXH_ORoNBW-HzmXyHR_-46DDLfOHdmFChGzjM4K4BuDoLHnn9H0GFWgd0W6-j_6y_-VT4lsqn6Z-EBTmAZs1ppOS6QiSD81buBA_zSP8c7EZ7Pxsl5i2MMYJkl7Bmur4hB83r1ek3smQEyWgYlsjAB7UYUUosr4ZEP6wn4e_1WX-FRJz-vctEH9c_0BUYV7lWvPBsa_XXa58S9WIoB-1qbmY37XE0_bZaadye1oD-bGe5IPHJRL1JxXqlgf0suMvpBLxzwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDV5jeuGzhuN3LK-Qz2ck3OBY4Oi90RC0EtoJEKqUlAT8ijbiFZGwYuIC9bg-ghlK0xl4aqH-0GAE%26sig%3DAOD64_3Mob73B0Kbl9HIl1bc6ZX48JXssA%26client%3Dca-pub-7983651257838282%26dbm_c%3DAKAmf-BbQOn6FF9ra8S4YfBkhrU1a_PyHeXWu9XhqZsHD1-wOR3-e7OQNDzMxSMDKLF718eU83fLh3qWbcuzzeARYBlx13PPCCOMeQzPPaUT9S0ME8Ad5KlEZS2NAC0BcGmalJCvOtjgXkLNkRB35quMIQ3LyCofqiJxw5u40_2lIpcC_eN0T88%26cry%3D1%26dbm_d%3DAKAmf-ADtz_O_Is0tnmm-LugcQzrfTiuBOu56EX90J7x1nnnZYVRwnnvndSggQyShcytZ5jGrjYxi9rz5kbmBMfRt6mn0O0o6DB1PurVw3UGST0gNO8bE254RWlb-VjJ_veDRZJ7We0b1KC_FKhycHaTw3tSeRlcrAGA3g7kZvhSG2Tl5rRAd7pJNc9n0j7llNKTID3c2XaePRSXITC5JPOlYfWvA3LaPrScCsXxu5GEj1fpTXc-6njxbJoNNxRwPWdjNkUyLxR_Zd6ppcmlIUsFP1IRqWWoIX4OYXj-0fjGj9tqOlr-pcJi-kuQ2AkgxrOd2qR7EiDJNwmt9vCtqwfriRCxNwGvkP67YQ4DFn-DP7I22OXHHn1iUqhqb7aS8CiKXvVLsNiigMlIKBdq7RMb7k2LBYUCILNq3Q_yxGIRloaNGTM-T06akOFTxfHKTdQ6C89SmNvQnH4dECElwQc26hC8BtqFXFE2Enkab9UUS-Gr1H67f7KuduUR-j_8DZuiSUjgl2bOIhRyzMaf5uBotZC0FyYfzg%26adurl%3D&documentReferer=https%3A%2F%2Fye-mek.net%2F&ancestorOrigins=https%3A%2F%2Fye-mek.net%2Chttps%3A%2F%2Fpcloak.blob.core.windows.net&random=368930642987&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Content-Type
application/javascript; charset=utf-8
Date
Tue, 09 May 2023 18:31:59 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40027
X-IPLB-Request-ID
253A3AF8:943A_91EFC182:01BB_645A919F_959AA18:6DD7
/
adv.office-partner.de/ Frame 6D61 		930 B
930 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c98237d1e9&subid=&uid=93ae5285b05edf52&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwUE-npFaZLarCJmP1waO1pfIBKblvaBphZWcp8kP8C4QASDAsoJrYJUCyAEJqQK4Sb-1M2eyPqgDAaoE_QFP0MtDmZaHIi9AOL8SjblL31zFTaKywN4cFnFlpPE_xJVcTN9s8q_0wncrVF-qZN3y1yYNwRX25suVXH_ORoNBW-HzmXyHR_-46DDLfOHdmFChGzjM4K4BuDoLHnn9H0GFWgd0W6-j_6y_-VT4lsqn6Z-EBTmAZs1ppOS6QiSD81buBA_zSP8c7EZ7Pxsl5i2MMYJkl7Bmur4hB83r1ek3smQEyWgYlsjAB7UYUUosr4ZEP6wn4e_1WX-FRJz-vctEH9c_0BUYV7lWvPBsa_XXa58S9WIoB-1qbmY37XE0_bZaadye1oD-bGe5IPHJRL1JxXqlgf0suMvpBLxzwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDV5jeuGzhuN3LK-Qz2ck3OBY4Oi90RC0EtoJEKqUlAT8ijbiFZGwYuIC9bg-ghlK0xl4aqH-0GAE%26sig%3DAOD64_3Mob73B0Kbl9HIl1bc6ZX48JXssA%26client%3Dca-pub-7983651257838282%26dbm_c%3DAKAmf-BbQOn6FF9ra8S4YfBkhrU1a_PyHeXWu9XhqZsHD1-wOR3-e7OQNDzMxSMDKLF718eU83fLh3qWbcuzzeARYBlx13PPCCOMeQzPPaUT9S0ME8Ad5KlEZS2NAC0BcGmalJCvOtjgXkLNkRB35quMIQ3LyCofqiJxw5u40_2lIpcC_eN0T88%26cry%3D1%26dbm_d%3DAKAmf-ADtz_O_Is0tnmm-LugcQzrfTiuBOu56EX90J7x1nnnZYVRwnnvndSggQyShcytZ5jGrjYxi9rz5kbmBMfRt6mn0O0o6DB1PurVw3UGST0gNO8bE254RWlb-VjJ_veDRZJ7We0b1KC_FKhycHaTw3tSeRlcrAGA3g7kZvhSG2Tl5rRAd7pJNc9n0j7llNKTID3c2XaePRSXITC5JPOlYfWvA3LaPrScCsXxu5GEj1fpTXc-6njxbJoNNxRwPWdjNkUyLxR_Zd6ppcmlIUsFP1IRqWWoIX4OYXj-0fjGj9tqOlr-pcJi-kuQ2AkgxrOd2qR7EiDJNwmt9vCtqwfriRCxNwGvkP67YQ4DFn-DP7I22OXHHn1iUqhqb7aS8CiKXvVLsNiigMlIKBdq7RMb7k2LBYUCILNq3Q_yxGIRloaNGTM-T06akOFTxfHKTdQ6C89SmNvQnH4dECElwQc26hC8BtqFXFE2Enkab9UUS-Gr1H67f7KuduUR-j_8DZuiSUjgl2bOIhRyzMaf5uBotZC0FyYfzg%26adurl%3D&documentReferer=https%3A%2F%2Fye-mek.net%2F&ancestorOrigins=https%3A%2F%2Fye-mek.net%2Chttps%3A%2F%2Fpcloak.blob.core.windows.net&random=368930642987&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Tue, 09 May 2023 18:31:59 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Tue, 16 May 2023 18:31:59 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
link.html
track.webgains.com/ Frame 3578 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=88087000163259104444550012319016&nw=1
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.36.104 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-36-104.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e734a5f985f63cf0f1e24509f083ab0eb2737f029c76bb0155fee52777a6c5bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:59 GMT
last-modified
Tue, 09 May 2023 18:31:59 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 09 May 2023 18:32:59 GMT
activityi;dc_pre=CI2HkcTv6P4CFQ5NHgIdV40F5g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1361081033438.3118
5994599.fls.doubleclick.net/ Frame 0802
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1361081033438.3118?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CI2HkcTv6P4CFQ5NHgIdV40F5g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1361081033438.3118?
392 B
240 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CI2HkcTv6P4CFQ5NHgIdV40F5g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1361081033438.3118?
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
f1e6928d5da67a3221a28b15e25076dba5bdb22a731bc3329e373747383c93d4
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
217
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:59 GMT
expires
Tue, 09 May 2023 18:31:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CI2HkcTv6P4CFQ5NHgIdV40F5g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1361081033438.3118?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900016.redintelligence.net/ Frame 839D 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/request_content.php?s=88087000163259104444550012319016&a=d018bf0e
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c98237d1e9&subid=&uid=93ae5285b05edf52&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwUE-npFaZLarCJmP1waO1pfIBKblvaBphZWcp8kP8C4QASDAsoJrYJUCyAEJqQK4Sb-1M2eyPqgDAaoE_QFP0MtDmZaHIi9AOL8SjblL31zFTaKywN4cFnFlpPE_xJVcTN9s8q_0wncrVF-qZN3y1yYNwRX25suVXH_ORoNBW-HzmXyHR_-46DDLfOHdmFChGzjM4K4BuDoLHnn9H0GFWgd0W6-j_6y_-VT4lsqn6Z-EBTmAZs1ppOS6QiSD81buBA_zSP8c7EZ7Pxsl5i2MMYJkl7Bmur4hB83r1ek3smQEyWgYlsjAB7UYUUosr4ZEP6wn4e_1WX-FRJz-vctEH9c_0BUYV7lWvPBsa_XXa58S9WIoB-1qbmY37XE0_bZaadye1oD-bGe5IPHJRL1JxXqlgf0suMvpBLxzwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDV5jeuGzhuN3LK-Qz2ck3OBY4Oi90RC0EtoJEKqUlAT8ijbiFZGwYuIC9bg-ghlK0xl4aqH-0GAE%26sig%3DAOD64_3Mob73B0Kbl9HIl1bc6ZX48JXssA%26client%3Dca-pub-7983651257838282%26dbm_c%3DAKAmf-BbQOn6FF9ra8S4YfBkhrU1a_PyHeXWu9XhqZsHD1-wOR3-e7OQNDzMxSMDKLF718eU83fLh3qWbcuzzeARYBlx13PPCCOMeQzPPaUT9S0ME8Ad5KlEZS2NAC0BcGmalJCvOtjgXkLNkRB35quMIQ3LyCofqiJxw5u40_2lIpcC_eN0T88%26cry%3D1%26dbm_d%3DAKAmf-ADtz_O_Is0tnmm-LugcQzrfTiuBOu56EX90J7x1nnnZYVRwnnvndSggQyShcytZ5jGrjYxi9rz5kbmBMfRt6mn0O0o6DB1PurVw3UGST0gNO8bE254RWlb-VjJ_veDRZJ7We0b1KC_FKhycHaTw3tSeRlcrAGA3g7kZvhSG2Tl5rRAd7pJNc9n0j7llNKTID3c2XaePRSXITC5JPOlYfWvA3LaPrScCsXxu5GEj1fpTXc-6njxbJoNNxRwPWdjNkUyLxR_Zd6ppcmlIUsFP1IRqWWoIX4OYXj-0fjGj9tqOlr-pcJi-kuQ2AkgxrOd2qR7EiDJNwmt9vCtqwfriRCxNwGvkP67YQ4DFn-DP7I22OXHHn1iUqhqb7aS8CiKXvVLsNiigMlIKBdq7RMb7k2LBYUCILNq3Q_yxGIRloaNGTM-T06akOFTxfHKTdQ6C89SmNvQnH4dECElwQc26hC8BtqFXFE2Enkab9UUS-Gr1H67f7KuduUR-j_8DZuiSUjgl2bOIhRyzMaf5uBotZC0FyYfzg%26adurl%3D&documentReferer=https%3A%2F%2Fye-mek.net%2F&ancestorOrigins=https%3A%2F%2Fye-mek.net%2Chttps%3A%2F%2Fpcloak.blob.core.windows.net&random=368930642987&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
9b1e10c984e87ffa3941c2853032f00a8079449556abc053795932851a6d88a5

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2065
Content-Type
text/html; charset=utf-8
Date
Tue, 09 May 2023 18:31:59 GMT
Expires
Tue, 09 May 2023 19:31:59 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 3578
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=88087000163259104444550012319016&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=88087000163259104444550012319016&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=
43 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=88087000163259104444550012319016&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:31:59 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
253A3AF8:9422_91EFC182:01BB_645A919F_95B5A0A:E330
X-IPLB-Instance
40028
Content-Type
image/gif
Keep-Alive
timeout=20
Content-Length
43
Proxy-Host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=88087000163259104444550012319016&t=htlp&gdpr_pd=1&gdpr=1&gdpr_consent=
date
Tue, 09 May 2023 18:31:59 GMT
server
nginx
content-length
154
content-type
text/html
cshow.php
www.awin1.com/ Frame 3578 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=88087000163259104444550012319016&pv=1
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:59 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
viewability
hal900014.redintelligence.net/ Frame 30B1 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/viewability?s=48065000152271500951389012319014&a=a967c551&vb=m
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=48065000152271500951389012319014&a=be0cfc20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/request_content.php?s=48065000152271500951389012319014&a=be0cfc20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:31:59 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame C5BD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1&google_push=ATf1kGOg1_Z0meiUDcFVhygXe-TWxAQKXtx8fcorp7uytC0kIM1C1cAn2aQqdoK-j8CrH-gEzEezp9oh-RODrdFZg0LlqcijkSNsN...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM2NTQ0MjA4MzI1OTM0MjM2NQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 09 May 2023 18:31:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame C5BD 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJVMfw-gmuZiijVi6m9ltD8&google_cver=1&google_push=ATf1kGNpecbeb1iaMik9Nc7nsFeYE4vInGT74Ym4ldqskbLhNPXyYx_dOnTY6ZoQlPFc2MQl7QSHcRDPhL9lbPxxc2vZKRnhJ4uD7ndq4_Swdn0C3YA55FlgBJdMh1u5hQgzxapmVXeVI7E
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame C5BD
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPFmtdJmi4jRLgshE4t8eXw&google_cver=1&google_push=ATf1kGOmLBSZAHw5_3Xc-cD2aczp6-mXBiJ2InW-1rweXxLMcHip-z28hoxCYKvwn6sNbTtHDWaFom6FbJJChu...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMTI1MjI2Mzc5MzEyOTYyMA%3D%3D&google_push=ATf1kGOmLBSZAHw5_3Xc-cD2aczp6-mXBiJ2InW-1rweXxLMcHip-z28hoxCYKvwn6sNbTtHDWaFom6FbJJChujx0A...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMTI1MjI2Mzc5MzEyOTYyMA%3D%3D&google_push=ATf1kGOmLBSZAHw5_3Xc-cD2aczp6-mXBiJ2InW-1rweXxLMcHip-z28hoxCYKvwn6sNbTtHDWaFom6FbJJChujx0AigArD_XrKTNkYJC8LZCKiILP9DrcIp8CE3QtPs2A4WE81r7cWeR13S
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMTI1MjI2Mzc5MzEyOTYyMA%3D%3D&google_push=ATf1kGOmLBSZAHw5_3Xc-cD2aczp6-mXBiJ2InW-1rweXxLMcHip-z28hoxCYKvwn6sNbTtHDWaFom6FbJJChujx0AigArD_XrKTNkYJC8LZCKiILP9DrcIp8CE3QtPs2A4WE81r7cWeR13S
Date
Tue, 09 May 2023 18:31:59 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame C5BD
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kqb9xCUUQ0Kx_ghyimY7yQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kqb9xCUUQ0Kx_ghyimY7yQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNq6xiC4ydJV8g0l8U7doJ9zpV9xk7b9c4sIX7DpOIU8mwYcG5Z_SUJdmLQ5lKQ37LWt9rJEGshu-w-Hk9lb2L0JV54ZUU0P0DN4vDXfjJJ3smUYkMTatZHRj5YCiQtMGbevd1rak3U
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kqb9xCUUQ0Kx_ghyimY7yQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNq6xiC4ydJV8g0l8U7doJ9zpV9xk7b9c4sIX7DpOIU8mwYcG5Z_SUJdmLQ5lKQ37LWt9rJEGshu-w-Hk9lb2L0JV54ZUU0P0DN4vDXfjJJ3smUYkMTatZHRj5YCiQtMGbevd1rak3U
date
Tue, 09 May 2023 18:31:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C5BD
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKi78XV_6T1urxviq0EwLWc&google_cver=1&google_push=ATf1kGMUd05dRiEXtF-psPpj5pIl3LrTID5KJFnR-WesB4zZnG6GfKRd8DDo7CjCvE8y-gCOVi0-VNmIg3OY...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMUd05dRiEXtF-psPpj5pIl3LrTID5KJFnR-WesB4zZnG6GfKRd8DDo7CjCvE8y-gCOVi0-VNmIg3OYh3UW3L19cHbx2gYpqV_M2X7UvIsdwkJVnddU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMUd05dRiEXtF-psPpj5pIl3LrTID5KJFnR-WesB4zZnG6GfKRd8DDo7CjCvE8y-gCOVi0-VNmIg3OYh3UW3L19cHbx2gYpqV_M2X7UvIsdwkJVnddUdiJt0m3EY1WzAmyi5HM7CZIR
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMUd05dRiEXtF-psPpj5pIl3LrTID5KJFnR-WesB4zZnG6GfKRd8DDo7CjCvE8y-gCOVi0-VNmIg3OYh3UW3L19cHbx2gYpqV_M2X7UvIsdwkJVnddUdiJt0m3EY1WzAmyi5HM7CZIR
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
0.gif
id5-sync.com/i/495/ Frame C5BD
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESELSreWCyT6lJLlLSOStP0Kw&google_cver=1&google_push=ATf1kGMfP0ZIz6r6mWGaUoBsH2CmxYjSaMWZ_jvvarRzX-1doDxKyoRQx20EV5WR2xv-iNRbsvAIDgvynT18vWLTKWCOZ15b-t8J8VxK...
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMfP0ZIz6r6mWGaUoBsH2CmxYjSaMWZ_jvvarRzX-1d...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMfP0ZIz6r6mWGaUoBsH2CmxYjSaMWZ_jvvarRzX-1doDxKyoRQx20EV5WR2xv-iNRbsvAIDgvynT18vWLTKWCOZ15b-t8J8VxKfw1gRku9a9yOAgcoJIXX1dYV67ie0rQo-WzxHZP6cg
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Server
141.95.33.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 09 May 2023 18:31:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Tue, 09 May 2023 18:31:59 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMfP0ZIz6r6mWGaUoBsH2CmxYjSaMWZ_jvvarRzX-1doDxKyoRQx20EV5WR2xv-iNRbsvAIDgvynT18vWLTKWCOZ15b-t8J8VxKfw1gRku9a9yOAgcoJIXX1dYV67ie0rQo-WzxHZP6cg
x-download-options
noopen
vary
Accept
content-length
317
x-xss-protection
0
report
sync.teads.tv/um/ Frame C5BD
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHjQYe79V7U0iaK-5_G1fg4&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGNbim7y7yc4YvDT65-YC8E2yu_YIP7mcOV88ev4djI2RrP3JwLxQgs62RoxYvT6Q6a1y52DWfVMRdftf7GQqZFLec-JR7RiIgboETmOk6BMgTLgd...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires
Tue, 09 May 2023 18:31:59 GMT
pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C5BD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IveljfmL9PewgYFszq42ctwNfa1IDYZ7JmF3ErVINR0Gqsiv-K2MG7iw1kGOkhAzxzyQTSojQ
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 46FC 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84694
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 May 2023 19:00:25 GMT
etag
48472445140208031
expires
Tue, 09 May 2023 19:00:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3578 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd130f78e0aa23e0a8445c1b9d016f9e8d024428cea9a37ee2942deed451f0e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
pvClk.min.js
analytics.webgains.io/ Frame D4FE 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=48065000152271500951389012319014&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 03:50:29 GMT
content-encoding
gzip
via
1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
52890
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
My6igSorCxwCmT6J-BcRr2XnhGjcDwZioKZqnICcWZAeT6ypSZMYBw==
1x1.png
cdn.track.production.webgains.team/7121/ Frame D4FE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1683657419&Signature=RvIo7Y0Gpy-fLOkKwRv-1Je5f6GMP7UpC0k9fjn88EprnsM75EevAfDmlJYmUOO7ICR0KZHzDTKT9ZKSpEW-r5wywZ58OepWZhDSRwxIVykU-OIgf~QhONSyKzJOJG~AL02bGSfF03vZV-UUcxgUT5v2D4r328PsMvl5P92Xdj52IsPEVm-AA3tOoktie-T~t69OtK2Ys712xlRxydvSy0XfLIa2jHCXCYBZnFxqJL2QtM7aZYtyxC9LjpwMsTMDAa2iY5Gm7JLQ2eYiW92hSOr---myt5nobkb~~qAm3Uysx6p9EzvW11h8vUhZn~YTfoSsFhT7fLyKLUDseO8RHQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.94 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 08 May 2023 20:58:39 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
77600
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
3ZAwdWCvzYbySF7QIQ6eC3ab7mhrRkWcEucdR450NUo5Hp9WA5IEew==
pvClk.min.js
analytics.webgains.io/ Frame C0FD 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gegqkfmefqtvaf25n0fh76rda3zwtmjp1jfc2rbbw510jhtewv3e948ascx6p5c9nef54090vfptmmwt68er80wyrk77jxf4633xvzapz1g0q4ef0p6zwrbkyka8r4m5c9jgyxbm75gz6q5qg8txqxrgvk0g7q1b8wtfvmm5h79qbqpvgkgrraf5a2zzscy6fnb267w6191771te23kvcemz3ddecxx0ts1b09h6ny5j3qrz8hqh9mgsmbqy072hdd0a%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gxfmv3kh4g4maab2vz3effx6azg0xmve5crehywj26dqd6m1rnwvdt6pqh5109a0ssv4s93dahr2pgqhwyeym4j3716z7xr44xksyr44m90rtv4k5dx0adxpxfarjn7ec8j0987sypsqmeeg9hehzayb9gs9j72mta2091f90rncykn4sxtwv1qrfr2yj371rbgabt9bb8txh0y51bacr15nsyw6sf1xczy61pphnn5ta3gd2mkk0p3wpjqpmqgqzf2wadsyzsh6fy414stb0jqvc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 03:50:29 GMT
content-encoding
gzip
via
1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
52890
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
4ZxZeUaGwOgKVBaDSnkoTZUxoEcVxXb9z4UFNg0NCH6ZgV5gAF1YgA==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame C0FD 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1683657419&Signature=kcQG2~ywvCKr0EAHsp1yarPpHNr9xe5E-3bTZYuD9INCjqnkUrYxFkbkfwr3U0xYoQZ6npdJTAhnG~wzpt-0zK88uII9p45MW~ySyU1pR3LiyztzKAIprYFihOReULIp2geSn8DIxeVDgHgSpxVy5N6I6UCkjLv-sytrvgEB-ylvix8RWFwpGqPrV2c6y914XIuZMV98RKhZmEO7ndzYQdUHwXUyZaMOpEzfvqvoTKupGjDtqdxC74mmfuEjHgR8hzaFW2movuurWFjqCUVM~6kEXrfMyulEjmEG-MmGdP98KpdIk5~cJQHTBzLDNf~c4xdFmh~bG1gUbzm2mCeIrg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=af1688c8d66e027fdbd118f8aa0947c7%2F11453764225808850446&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683657118828&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxfmv3kh4g4maab2vz3effx6azg0xmve5crehywj26dqd6m1rnwvdt6pqh5109a0ssv4s93dahr2pgqhwyeym4j3716z7xr44xksyr44m90rtv4k5dx0adxpxfarjn7ec8j0987sypsqmeeg9hehzayb9gs9j72mta2091f90rncykn4sxtwv1qrfr2yj371rbgabt9bb8txh0y51bacr15nsyw6sf1xczy61pphnn5ta3gd2mkk0p3wpjqpmqgqzf2wadsyzsh6fy414stb0jqvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.94 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 09 May 2023 16:20:33 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
7887
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
-rMc0EQs0pxuL3FAQzhcaO1D-DnI3qCuy1JboAAFGjQ-426ja9lVUg==
css
fonts.googleapis.com/ Frame 839D 		2 KB
434 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=88087000163259104444550012319016&a=d018bf0e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 May 2023 18:31:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 May 2023 18:18:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 May 2023 18:31:59 GMT
/
hal9000.redintelligence.net/scale/ Frame 839D 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_627x627.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=88087000163259104444550012319016&a=d018bf0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
d1716063d2de35a3fd63aa43bb5f861f2dfd708dcf44d65ed1cf458dbe328f85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:31:59 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
9325
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 839D 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=88087000163259104444550012319016&a=d018bf0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
4f3888b532e6efb7edf636b85ee08a7421dfbb4928a9339e6d3ef4869887d3b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:31:59 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
9247
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 839D 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_627x627.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=88087000163259104444550012319016&a=d018bf0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
960eddf4b622343d8b85421685bb2ecaf0c3fcf04d611ad51b408fefb8e9fa87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:31:59 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10390
Vary
Accept-Encoding
Content-Type
image/png
css
fonts.googleapis.com/ Frame 7F45 		4 KB
627 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:500|Roboto:700
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8193307247526017021/9b8c989600acf292bda83508a04b3a8e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
26a13e4aa3a06c407c8b084c54461703ac4dffacaa57cc69f137f1bfbbd2b58e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 May 2023 18:31:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 May 2023 16:35:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 May 2023 18:31:59 GMT
d8173e62a312f94db103b5faa37224bc.jpg
s0.2mdn.net/sadbundle/8193307247526017021/media/ Frame 7F45 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8193307247526017021/media/d8173e62a312f94db103b5faa37224bc.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8193307247526017021/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03d6b7e75070586ab8f85932870604f5edbfd751e93f719f2ab73d0182775622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8193307247526017021/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:37:19 GMT
x-content-type-options
nosniff
age
28480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26312
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 11:36:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 May 2024 10:37:19 GMT
06f91b438b5c0d7fe6dff4bf6c24cf00.svg
s0.2mdn.net/sadbundle/8193307247526017021/media/ Frame 7F45 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8193307247526017021/media/06f91b438b5c0d7fe6dff4bf6c24cf00.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8193307247526017021/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8193307247526017021/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:37:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1998
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 11:36:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 May 2024 10:37:19 GMT
abdfe5463c53bba5d35cb06735a33973.jpg
s0.2mdn.net/sadbundle/8193307247526017021/media/ Frame 7F45 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8193307247526017021/media/abdfe5463c53bba5d35cb06735a33973.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8193307247526017021/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bfbb317bfe9fbe775fa673936d387d21f17d1aeb5b50dd3a87ecc736c65bb32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8193307247526017021/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:37:19 GMT
x-content-type-options
nosniff
age
28480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4520
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 11:36:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 May 2024 10:37:19 GMT
gtm.js
www.googletagmanager.com/ Frame 6D61 		109 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1fc6701c643d532980e0ebce376877a408a108fb74204d9d2b5a5e2a69613a34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42725
x-xss-protection
0
last-modified
Tue, 09 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 May 2023 18:31:59 GMT
bql.php
lg3.media.net/ Frame BD86 		15 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=7219&&vgd_canary=0&vgd_l2type=scs_newfl&fp=9_LbYnKjdjS71jf3QmMiUuXOCRdZlcqciq4w0jfn13VAiamp7inByt3PSors0Nrk2nd8Idwavqr8bc-1VCdS63gzSiAVOhjEFDCmY0j24PzsxyyVl0LmdKfafB95l9YVUO7ZLXOoAe0%3D&cme=lrZpUQelRqcGh4DMhVHkKHnSrFr-g1RcXpX3P3EaWVHctnPShvM4CKlmi8KsZfe3qAVp015iP2CS0UQb3p-zmqwMjgKrcOFpTt_J1KDnnvN-dTpLRruOA-fiteByHnpExFjGjrs2unfA5wvfy0ZHK4O-qG7u4ygvHMg3-nGTkkdi2kL2qj9Cd5YPWe4WTzdP2kIijuvFL2iAKuhI9FHr2fkxmWwHuN6WadpWCPrhqJzYd-exZkQmtA%3D%3D%7C%7CkErUWHFrDFIE5BbpOIyra27t_shDofFEPDLeVe5Zhh5CxBjcekku7C1WZCkUzb1XavV5hc0-kofgkTx2WG4vVkewSnIeLRqOE8Vm5nVe4erNnhqTe1jdcqNsCpZr8CiJPNvwrqxgeDaWGYFLDlZNzgLmg9Y90WJVC7_qzaKut4NTfV49_oCUaJ67PEifK36P8mo-4PwVAaXMsm1byj4jtuWSHQ5NFUKKX9hl531nOtXoXKR6VcSzwJ_cgvLs0YyRRSh8FZzak8Pr16IInmzupw%3D%3D%7Cu8A6SM53vAeDX2gxB2l7q9coRgBZkbzd%7CqW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb%7C3P4rPkLm_SkeFz7ixNHVwh3zF5hNeC1x%7Ca0AmFUYXmD6LF34OySuOc-iETYSFuFb2gDZcAR9kEBw%3D%7C&subBdr=99&bdrid=462&ksu=266&fdkt=232&vgde_kbbh=ffoyxQJuO&kwd[]=Tagesgeldkonten+mit+hohen+Zinsen&kwt[]=232&kbc[]=1f956db90f23f3ef12606cbdf3a0a9b8.d2s&kwp[]=1&kid[]=329625578&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0110%7C24%3D1313%7C25%3D0%7C22%3D0.0003%7C7%3D0.0002%7C8%3D050908%7C9%3D0%7C11%3D0%7C26%3D653%7C27%3D3%7C13%3D0.0664%7C14%3D050911%7C15%3D0%7C1%3D2.85%7Cr%3D1%7C12%3D0.43%7C62%3D3.08%7C2%3D7.03%7Cps%3D0.958%7C3%3D0.49%7C4%3D4.00&ktd[]=274895077632&ktrkt[]=Tagesgeldkonten+mit+hohen+Zinsen&kwd[]=Top+50-Logistikdienstleister&kwt[]=350&kbc[]=187689&kwp[]=2&kid[]=326673288&kbc2[]=187689%7C%7C%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0157%7C24%3D0%7C25%3D0%7C22%3D0.0083%7C7%3D0.0004%7C8%3D050908%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0403%7C14%3D050911%7C15%3D0%7C1%3D0.27%7Cr%3D2%7C12%3D0.24%7C62%3D0.36%7C2%3D1.14%7Cps%3D0.450%7C3%3D0.17%7C4%3D1.00&ktd[]=282299627405568&ktrkt[]=Top+50-Logistikdienstleister&kwd[]=Brief+und+Paketdienste&kwt[]=350&kbc[]=187689&kwp[]=3&kid[]=329492138&kbc2[]=187689%7C%7C%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.3376%7C24%3D0%7C25%3D0%7C22%3D0.0083%7C7%3D0.0004%7C8%3D050908%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0405%7C14%3D050911%7C15%3D0%7C1%3D0.09%7Cr%3D3%7C12%3D0.02%7C62%3D0.34%7C2%3D0.70%7Cps%3D0.450%7C3%3D0.05%7C4%3D1.75&ktd[]=282299627405568&ktrkt[]=Brief+und+Paketdienste&kwd[]=Umzugskartons+Kaufen&kwt[]=350&kbc[]=187689&kwp[]=4&kid[]=175454226&kbc2[]=187689%7C%7C%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0515%7C24%3D0%7C25%3D0%7C22%3D0.0083%7C7%3D0.0004%7C8%3D050908%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0350%7C14%3D050911%7C15%3D0%7C1%3D0.27%7Cr%3D4%7C12%3D0.24%7C62%3D0.36%7C2%3D1.14%7Cps%3D0.450%7C3%3D0.57%7C4%3D1.00&ktd[]=282299627405568&ktrkt[]=Umzugskartons+Kaufen&kwd[]=Kurierdienste+in+deiner+N%C3%A4he&kwt[]=350&kbc[]=187689&kwp[]=5&kid[]=326673252&kbc2[]=187689%7C%7C%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0910%7C24%3D0%7C25%3D0%7C22%3D0.0083%7C7%3D0.0004%7C8%3D050908%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0350%7C14%3D050911%7C15%3D0%7C1%3D0.27%7Cr%3D5%7C12%3D0.24%7C62%3D0.36%7C2%3D1.14%7Cps%3D0.450%7C3%3D0.27%7C4%3D1.00&ktd[]=282299627405568&ktrkt[]=Kurierdienste+in+deiner+N%C3%A4he&kwd[]=Lieferwagen+im+Vergleich&kwt[]=350&kbc[]=187689&kwp[]=6&kid[]=326677354&kbc2[]=187689%7C%7C%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0529%7C24%3D0%7C25%3D0%7C22%3D0.0083%7C7%3D0.0003%7C8%3D050908%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0350%7C14%3D050911%7C15%3D0%7C1%3D0.21%7Cr%3D6%7C12%3D0.27%7C62%3D0.18%7C2%3D1.05%7Cps%3D0.450%7C3%3D0.22%7C4%3D1.00&ktd[]=281749871591680&ktrkt[]=Lieferwagen+im+Vergleich&kwd[]=Die+7+besten+Dividendenaktien&kwt[]=232&kbc[]=1f956db90f23f3ef12606cbdf3a0a9b8.d2s&kwp[]=7&kid[]=329545178&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0068%7C24%3D1577%7C25%3D0%7C22%3D0.0003%7C7%3D0.0001%7C8%3D050908%7C9%3D0%7C11%3D0%7C26%3D622%7C27%3D0%7C13%3D0.1264%7C14%3D050911%7C15%3D0%7C1%3D3.34%7Cr%3D7%7C12%3D3.38%7C62%3D1.04%7C2%3D7.03%7Cps%3D0.958%7C3%3D0.77%7C4%3D4.55&ktd[]=274895077632&ktrkt[]=Die+7+besten+Dividendenaktien&v=1&gdpr=1&geo=50.1%7C8.69&dlper=20&lper=100&lpid=&tsid=18&hint=&cc=DE&wsip=170774626&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22r4%22%2C%22QQN75%22%3A%22G1OnOxLLwJ8Y%22%2C%22QQ8E%22%3A%22Ah.XW.XW.9%22%2C%22QQQN%22%3A%22Rp%22%7D&cid=8CUL2446F&vi=1683657118202529058&vsid=DefVid&tdAdd[]=asnum%3D28753&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_fm_lang=DE&vgd_implt=3&vgd_cage=0&vgd_tsce=L128-S128&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=1367&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&vgd_ifrmode=14&vgd_l1rakh=1683657118108145463&purld=1&tsrc=entity&sttm=1683657118698&upk=1683657119.185&hvsid=00001683657118698006245729283655&verid=3111299&sbdrId=99&vgd_ecrid=424784951&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D28753&vgd_mcf=29069&vgd_vstrid=DefVid&vgde_bdata=~G-MjJzvuAuH~GwEv9~G8Ov9.uA9~G-M1yjf1Mjv9~G-M1QzvfWhXA~G-MNQv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MLwvHhr4gEdWqR~G-MLENv99999u9~G-MQ8lJvA99-F99~G-M7Y1-vFX9~G-M7YjMQxkk8-vS~N875vRKrrPDDq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.9Au~OYYMYuv9.9Wi~OYYMYu9vu.999~OYYMYuuv9.iFF~OYYMYufvu.AAF~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.AAH~OYYMYuhvu.999~OYYMYfv9.9fA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvi.999~OYYMYAFvi.999~OYYMYAivii9W.999~OYYMYH9vii9W.999~OYYMYHHvu.999~OYYMYHhvHFifF.999~OYYMYHWvuA9Wh9fi.999~OYYMYXvu.999~OYYMYX9vu.999~OYYMYXuvi.999~OYYMYXfv9.XFu~OYYMYFvu.999~OYYMYhvu.AAF~OYYMYivu.999~OYYMLv9.fWh~JMLEYv9.9Wi~JLEYv9.9Wi~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~LMNNvr4~LM8EvAh.XW.XW.9~LMQNvRp~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvffHFA9fh~QyY7vJYE75~Q7OvffHFA9fh~eGLv9~e8Q8G8j875v9~QxEEj5M71yM8OvffHFA9fh~e8JB1G8j875v9.XFuHX~NGOEv9.uA9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQv9~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.uA9~875EJM8OvuF~QJjjJLM71yM8OvffHFA9fh~N1LL8JLVOv9~~8GNvu~&vgd_cfud=230302&vgd_scsver=453&vgd_optout=0&vgd_ydspr=1&vgd_rensize=300_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A600&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001683657118698006245729283655&rc=0&rand=1683657119205&acid=85734df57f9444368f2b8956a435d849&matm=1683657119205&vgd_ltimesrc=1&vgd_ltime=922&vgd_rtime=760&vgd_etm=10&vgd_l1hcsd=O76z2%7C2940&vgd_l1ch=1&vgd_lhl=1095&vgd_pgid=p1327519835t202305091831&vgd_csip=rtb-common-864b4cb6cf-xqdst.BE&vgd_sbSup=1&vgd_nrrs=1367&vgd_cdv=947&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F21728129623%2C33502485%2Fweb_yemeknet_right_tower_0__container__%7CDIV-div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&vgd_eadm=1&vgd_end=2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683657118202529058&gdpr=1&tsce=L128&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=875143658&size=300x600&cc=DE&sc=HE&chnm=no_strategy&pid=8PO15FLE3&tpid=T57IE0C&https=1&rrr=tzR-hLcl-L8S0csJTOWsHrB8bbSdlDto&nse=5&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&ebdata=~G-MjJzvuAuH~GwEv9~G8Ov9.uA9~G-M1yjf1Mjv9~G-M1QzvfWhXA~G-MNQv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MLwvHhr4gEdWqR~G-MLENv99999u9~G-MQ8lJvA99-F99~G-M7Y1-vFX9~G-M7YjMQxkk8-vS~N875vRKrrPDDq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.9Au~OYYMYuv9.9Wi~OYYMYu9vu.999~OYYMYuuv9.iFF~OYYMYufvu.AAF~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.AAH~OYYMYuhvu.999~OYYMYfv9.9fA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvi.999~OYYMYAFvi.999~OYYMYAivii9W.999~OYYMYH9vii9W.999~OYYMYHHvu.999~OYYMYHhvHFifF.999~OYYMYHWvuA9Wh9fi.999~OYYMYXvu.999~OYYMYX9vu.999~OYYMYXuvi.999~OYYMYXfv9.XFu~OYYMYFvu.999~OYYMYhvu.AAF~OYYMYivu.999~OYYMLv9.fWh~JMLEYv9.9Wi~JLEYv9.9Wi~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~LMNNvr4~LM8EvAh.XW.XW.9~LMQNvRp~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvffHFA9fh~QyY7vJYE75~Q7OvffHFA9fh~eGLv9~e8Q8G8j875v9~QxEEj5M71yM8OvffHFA9fh~e8JB1G8j875v9.XFuHX~NGOEv9.uA9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQv9~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.uA9~875EJM8OvuF~QJjjJLM71yM8OvffHFA9fh~N1LL8JLVOv9~~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1327519835t202305091831&essld=Ah.XW.XW.9~r4~Rp~G1OnOxLLwJ8Y&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 09 May 2023 18:31:59 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Tue, 09 May 2023 18:31:59 GMT
dc_pre=CI2HkcTv6P4CFQ5NHgIdV40F5g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1361081033438.3118
adservice.google.com/ddm/fls/z/ Frame 0802 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CI2HkcTv6P4CFQ5NHgIdV40F5g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1361081033438.3118
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CI2HkcTv6P4CFQ5NHgIdV40F5g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1361081033438.3118?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame FEC2 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame FEC2 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
contextual.media.net/__media__/fonts/Roboto-Bold/ Frame FEC2 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683657118522709374&gdpr=1&tsce=L128&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=844206516&size=200x200&cc=DE&sc=HE&chnm=no_strategy&pid=8PO15FLE3&tpid=TJT3376&https=1&rrr=tzR-hLcl-L8S0csJTOWsHrB8bbSdlDto&nse=5&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&ebdata=~G-MjJzvuAAW~GwEv9~G8Ov9.uH9~G-M1yjf1Mjv9~G-M1QzvfWhXA~G-MNQv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvf99-f99~G-M7Y1-vFX9~G-M7YjMQxkk8-vS~N875vRKrrPDDq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.9Au~OYYMYuv9.9ii~OYYMYu9vu.999~OYYMYuuv9.ihH~OYYMYufvu.AAh~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.AFX~OYYMYuhvu.999~OYYMYfv9.9fA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvu~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvi.999~OYYMYAFvi.999~OYYMYAivii9W.999~OYYMYH9vii9W.999~OYYMYHAv9.fu9~OYYMYHHvu.999~OYYMYHhvHFifF.999~OYYMYHWvuA9Wh9XW.999~OYYMYXvu.999~OYYMYX9vu.999~OYYMYXuvi.999~OYYMYXfv9.AWi~OYYMYFvu.999~OYYMYhvu.AAh~OYYMYivu.999~OYYMLv9.Auh~JMLEYv9.9ii~JLEYv9.9ii~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~LMNNvr4~LM8EvAh.XW.XW.9~LMQNvRp~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvffHFfFXh~QyY7vJYE75~Q7OvffHFfFXh~eGLv9~e8Q8G8j875v9~QxEEj5M71yM8OvffHFfFXh~e8JB1G8j875v9.AWWhHA~NGOEv9.uH9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQv9~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.uH9~875EJM8OvuF~QJjjJLM71yM8OvffHFfFXh~N1LL8JLVOv9~~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1327519835t202305091831&essld=Ah.XW.XW.9~r4~Rp~G1OnOxLLwJ8Y&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683657118522709374&gdpr=1&tsce=L128&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=844206516&size=200x200&cc=DE&sc=HE&chnm=no_strategy&pid=8PO15FLE3&tpid=TJT3376&https=1&rrr=tzR-hLcl-L8S0csJTOWsHrB8bbSdlDto&nse=5&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&ebdata=~G-MjJzvuAAW~GwEv9~G8Ov9.uH9~G-M1yjf1Mjv9~G-M1QzvfWhXA~G-MNQv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvf99-f99~G-M7Y1-vFX9~G-M7YjMQxkk8-vS~N875vRKrrPDDq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.9Au~OYYMYuv9.9ii~OYYMYu9vu.999~OYYMYuuv9.ihH~OYYMYufvu.AAh~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.AFX~OYYMYuhvu.999~OYYMYfv9.9fA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvu~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvi.999~OYYMYAFvi.999~OYYMYAivii9W.999~OYYMYH9vii9W.999~OYYMYHAv9.fu9~OYYMYHHvu.999~OYYMYHhvHFifF.999~OYYMYHWvuA9Wh9XW.999~OYYMYXvu.999~OYYMYX9vu.999~OYYMYXuvi.999~OYYMYXfv9.AWi~OYYMYFvu.999~OYYMYhvu.AAh~OYYMYivu.999~OYYMLv9.Auh~JMLEYv9.9ii~JLEYv9.9ii~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~LMNNvr4~LM8EvAh.XW.XW.9~LMQNvRp~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvffHFfFXh~QyY7vJYE75~Q7OvffHFfFXh~eGLv9~e8Q8G8j875v9~QxEEj5M71yM8OvffHFfFXh~e8JB1G8j875v9.AWWhHA~NGOEv9.uH9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQv9~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.uH9~875EJM8OvuF~QJjjJLM71yM8OvffHFfFXh~N1LL8JLVOv9~~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1327519835t202305091831&essld=Ah.XW.XW.9~r4~Rp~G1OnOxLLwJ8Y&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Origin
https://contextual.media.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:59 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
24816
expires
Wed, 10 May 2023 18:31:59 GMT
pvClk.min.js
analytics.webgains.io/ Frame 3578 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=88087000163259104444550012319016&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 03:50:29 GMT
content-encoding
gzip
via
1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
52890
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
pcvYOa0SyRGQ54xK50ce1RV2uTZEMJrH4pk2t7mllIWEwaiY1EP3PA==
1x1.png
cdn.track.production.webgains.team/7121/ Frame 3578 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1683657419&Signature=RvIo7Y0Gpy-fLOkKwRv-1Je5f6GMP7UpC0k9fjn88EprnsM75EevAfDmlJYmUOO7ICR0KZHzDTKT9ZKSpEW-r5wywZ58OepWZhDSRwxIVykU-OIgf~QhONSyKzJOJG~AL02bGSfF03vZV-UUcxgUT5v2D4r328PsMvl5P92Xdj52IsPEVm-AA3tOoktie-T~t69OtK2Ys712xlRxydvSy0XfLIa2jHCXCYBZnFxqJL2QtM7aZYtyxC9LjpwMsTMDAa2iY5Gm7JLQ2eYiW92hSOr---myt5nobkb~~qAm3Uysx6p9EzvW11h8vUhZn~YTfoSsFhT7fLyKLUDseO8RHQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=88087000163259104444550012319016&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.94 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 08 May 2023 20:58:39 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
77600
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
hbCUILwfneCUKbQUu_rzJtG2_1p6xgJgoB948ySjrlQDPuRAbsoKog==
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 46FC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1&google_push=ATf1kGNG6QDd9cG3eFCTeaU-rffJDLmRiffPIMaWt4kYUc93dLC2rXTl7Ggo3X5qy51KWUAcuZ6J5jM99j5qIrZTUAyQ2a-lObG2r...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM2NTQ0MjA4MzI1OTM0MjM2NQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE38esgrcsfDAYi1KCV2re0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 46FC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOoRotqVfVEQA79qgxHTHdk&google_cver=1&google_push=ATf1kGP49RRlbZ0WLNrS5iBfmxFoT7k0mToe5cXOqz8lC5Rbdlox1-Yfi4knp3zsGFqad3Yfc2uf4WRKe54pAuzMORYs...
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=9476bdd1-23fc-405f-9798-295964833a66&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP49RRlbZ0WLNrS5iBfmxFoT7k0mToe5cXOqz8lC5Rbdlox1-Yfi4knp3zsGFqad3Yfc2uf4WRKe54pAuzMORYs2h3-yTjhWbqU_dh5H8UhiH3ttvAXwqCwscQY6AiExe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP49RRlbZ0WLNrS5iBfmxFoT7k0mToe5cXOqz8lC5Rbdlox1-Yfi4knp3zsGFqad3Yfc2uf4WRKe54pAuzMORYs2h3-yTjhWbqU_dh5H8UhiH3ttvAXwqCwscQY6AiExe90gaXbDVxn&google_hm=70e5aixxSq6Xuz8jMpjQjQ==
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP49RRlbZ0WLNrS5iBfmxFoT7k0mToe5cXOqz8lC5Rbdlox1-Yfi4knp3zsGFqad3Yfc2uf4WRKe54pAuzMORYs2h3-yTjhWbqU_dh5H8UhiH3ttvAXwqCwscQY6AiExe90gaXbDVxn&google_hm=70e5aixxSq6Xuz8jMpjQjQ==
date
Tue, 09 May 2023 18:31:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 46FC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJyDpDO7RUMUhSTenVbJaSU&google_cver=1&google_push=ATf1kGNaYoucKJ-c23IJdv5CGpHaYsMmnujSn-FbpxjdGLiZo2WJhKLn4jgwiEmlMGx8D-jc9Zl...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhHTFo1WUktRy1JOUZD&google_push=ATf1kGNaYoucKJ-c23IJdv5CGpHaYsMmnujSn-FbpxjdGLiZo2WJhKLn4jgwiEmlMGx8D-jc9ZlMtlD1m0_2BPBLgaHdO0ngu32Ofeq2D...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhHTFo1WUktRy1JOUZD&google_push=ATf1kGNaYoucKJ-c23IJdv5CGpHaYsMmnujSn-FbpxjdGLiZo2WJhKLn4jgwiEmlMGx8D-jc9ZlMtlD1m0_2BPBLgaHdO0ngu32Ofeq2D7rr01EbMo_qeijHhhZPFWfpEczi_q7Jexuva29Q
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhHTFo1WUktRy1JOUZD&google_push=ATf1kGNaYoucKJ-c23IJdv5CGpHaYsMmnujSn-FbpxjdGLiZo2WJhKLn4jgwiEmlMGx8D-jc9ZlMtlD1m0_2BPBLgaHdO0ngu32Ofeq2D7rr01EbMo_qeijHhhZPFWfpEczi_q7Jexuva29Q
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
pixel
cm.g.doubleclick.net/ Frame 46FC
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEH7NoLwG1uYeVObEVqit8pk&google_cver=1&google_push=ATf1kGPb3CenVm5wY01sB5tBiCK8EEQF1KhHCc62R_XJmh-L4M8_5zw-s8PW_HHI1d8U7K_f-cKkfWb333KH_arZj...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPb3CenVm5wY01sB5tBiCK8EEQF1KhHCc62R_XJmh-L4M8_5zw-s8PW_HHI1d8U7K_f-cKkfWb333KH_arZj73zRP5zq9--cpr7-yihA-7NZLCVk_q8fX7TFBPwnZVTG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPb3CenVm5wY01sB5tBiCK8EEQF1KhHCc62R_XJmh-L4M8_5zw-s8PW_HHI1d8U7K_f-cKkfWb333KH_arZj73zRP5zq9--cpr7-yihA-7NZLCVk_q8fX7TFBPwnZVTGx_Nayz1ZBTR&google_hm=GnjXpGZHNs6m3ECwSA-60rKZ
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 09 May 2023 18:31:59 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPb3CenVm5wY01sB5tBiCK8EEQF1KhHCc62R_XJmh-L4M8_5zw-s8PW_HHI1d8U7K_f-cKkfWb333KH_arZj73zRP5zq9--cpr7-yihA-7NZLCVk_q8fX7TFBPwnZVTGx_Nayz1ZBTR&google_hm=GnjXpGZHNs6m3ECwSA-60rKZ
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 46FC
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAabW7euHIqXxLZTgbeILic&google_cver=1&google_push=ATf1kGPB-JKrGD7hUt6j3H0eyQyxzsOk3lbdcQDey6tT9BGVQnE-ii49CcTJ56cHXdTVSeBu1iJBYuGrW1zhJHU-lMYB3VlOqX...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU0NDA2MTc5MTExMjc2NDU0MjE1Nw%3D%3D&google_push=ATf1kGPB-JKrGD7hUt6j3H0eyQyxzsOk3lbdcQDey6tT9BGVQnE-ii49...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU0NDA2MTc5MTExMjc2NDU0MjE1Nw%3D%3D&google_push=ATf1kGPB-JKrGD7hUt6j3H0eyQyxzsOk3lbdcQDey6tT9BGVQnE-ii49CcTJ56cHXdTVSeBu1iJBYuGrW1zhJHU-lMYB3VlOqXD6blmEuspULEViCZx3ilb0ghi5r3PbHNSdkYQ8XAUplB4_
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU0NDA2MTc5MTExMjc2NDU0MjE1Nw%3D%3D&google_push=ATf1kGPB-JKrGD7hUt6j3H0eyQyxzsOk3lbdcQDey6tT9BGVQnE-ii49CcTJ56cHXdTVSeBu1iJBYuGrW1zhJHU-lMYB3VlOqXD6blmEuspULEViCZx3ilb0ghi5r3PbHNSdkYQ8XAUplB4_
date
Tue, 09 May 2023 18:31:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 46FC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDOBaiP3uNIE2439aOm0MdQ&google_cver=1&google_push=ATf1kGPSIOKRq83MBcOO_Z3lAKeRuBnDzBrnuZXIEooNEcGHjNqrhr2GSZ3HO4kabYQ65yFTRL...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uX1QwS0psRTJ1RnBlelZFenhEWVdiaXFleE0xbEpNYn5B&google_push=ATf1kGPSIOKRq83MBcOO_Z3lAKeRuBnDzBrnuZXIEooNEcGHjNqrhr2GS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uX1QwS0psRTJ1RnBlelZFenhEWVdiaXFleE0xbEpNYn5B&google_push=ATf1kGPSIOKRq83MBcOO_Z3lAKeRuBnDzBrnuZXIEooNEcGHjNqrhr2GSZ3HO4kabYQ65yFTRLXDCZHPGaBi2iwvbCAVU92ypG7mU8YjB2Pf8qzs4VMc0VAqVlZepKMMsMjYQJmklqxlI2U84w
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uX1QwS0psRTJ1RnBlelZFenhEWVdiaXFleE0xbEpNYn5B&google_push=ATf1kGPSIOKRq83MBcOO_Z3lAKeRuBnDzBrnuZXIEooNEcGHjNqrhr2GSZ3HO4kabYQ65yFTRLXDCZHPGaBi2iwvbCAVU92ypG7mU8YjB2Pf8qzs4VMc0VAqVlZepKMMsMjYQJmklqxlI2U84w
date
Tue, 09 May 2023 18:31:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
0.gif
id5-sync.com/i/495/ Frame 46FC
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESELSreWCyT6lJLlLSOStP0Kw&google_cver=1&google_push=ATf1kGNsSli0495BH9JI98G9G2UGJouQkNtdtlcIdAOj-NAHcHPykrzTMjO4eSPdgujc5Y4yp6wd9csRI_6FC6UR8tElRu7qZCbNBpeY...
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGNsSli0495BH9JI98G9G2UGJouQkNtdtlcIdAOj-NAH...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGNsSli0495BH9JI98G9G2UGJouQkNtdtlcIdAOj-NAHcHPykrzTMjO4eSPdgujc5Y4yp6wd9csRI_6FC6UR8tElRu7qZCbNBpeYod3fEGS1DrsWM2Xs0eTtlHTnHmU2GV6aROKA7LN2kg
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Server
141.95.33.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 09 May 2023 18:31:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Tue, 09 May 2023 18:31:59 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGNsSli0495BH9JI98G9G2UGJouQkNtdtlcIdAOj-NAHcHPykrzTMjO4eSPdgujc5Y4yp6wd9csRI_6FC6UR8tElRu7qZCbNBpeYod3fEGS1DrsWM2Xs0eTtlHTnHmU2GV6aROKA7LN2kg
x-download-options
noopen
vary
Accept
content-length
317
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 46FC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JuHehWWbChJaZCpYZDfw0bwILHi2WsOtdsKmbhhXTT_ZHWQdJ8LcWn4jbsuvkcF7StpH3wH8Q
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
viewability
hal900016.redintelligence.net/ Frame 839D 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/viewability?s=88087000163259104444550012319016&a=c1cc4d09&vb=m
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=88087000163259104444550012319016&a=d018bf0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/request_content.php?s=88087000163259104444550012319016&a=d018bf0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:31:59 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7F45 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Roboto:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 21:03:36 GMT
x-content-type-options
nosniff
age
250103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 21:03:36 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7F45 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Roboto:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:04:15 GMT
x-content-type-options
nosniff
age
264464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 17:04:15 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 202A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvu8lUxeyNYxU_EhARgv0-FPm1VlHO3DIMFaAVEPPDwLhhAExQqNElOVs-FuWyqipSxsGLcM59ULGwJy2ebe71tJkYimkZZqeFzIkJkxAPAbrjt3NNNmrrp3NKDPl-shl4z8uFK_bkKCDABgXQd7JfE5iC8vFkQ5qBRxVAQk5Kq8qNmc1HNUooPzZnajpEG1xrhd5-a6D8OLZHtnJV4qmTPEfa3Lpy0r1TsC1jUSmde8p3qjOUndcb7sO7euN9SFUZNNay9MB3SZXoiCQV-XzYir0eCq-kEpBdi2onmZo6TxtQmSyTZ6Lsi-Pi6oAslHmoIBFeaFNyRQvrmsP12jPS2EPiwQXhbbeY2y8Fhg3ryL8FwOYakE3U5KjCzne0VWvn4m0lwe6i67W5cOgICaJXLJqhTUGj1mhkJzy3xkn6spUrINZX70tlgf1WUs6GaIIv8lsu415htVfeuHmScm1N6LSLiEEsWpPXQiKSl8YRYCKaLriqY9t6teTDdfuV66kXhUjVCsTeg0qNKOcXuj4uJOiL5DH-vfggU9WI1RDs5JUP3UcPxWz0kcJXgLYBObKCxPjLJ7JFT5bfaNKUc6ni8s0jKPZD6cVNredDRh0um_aE5u5aT6WdG0swakP0_XTLGWr-0Y00gnR2BxOJkeOSvXcWb9tLaJuAqi4acLjT8l84Ft-GI4y_kV-29uwhMZxpDCpo9buFqptfeYDDA0gOCr-dt8-U7YR2-JLCSVvtzMufsqxRKQzE1prNJu8-Giw1KcqAir6Wam7T2r4h3-lPAmNE5Ck_TEmLN8yhUSLccnb2xxd1tJHnyRvIdfoQjEhJM8XenEOc25bwasOUvEW8Wv5UYq26zHq_rlpqjbNLsvSO2Jpa7Cm-3alc-qFdT927CGAhJH-Zr77kPKOngaPu261SN3j1iqIqSl9ZKVVr2Pp1hfo-rSCXotrA5sYXhT9ysXUMEnqRtl09i1W8uklNXfDHNdxPE39zBdqAhlfw6PszfPZ8pXaRZHDV8bxKPZMglZQcm8jv5pBiSpqne__OgiMwIIvT9kkU3TXR5zbjHPYm4_AYJR1gXYj4L7D5nnTW-lQI1FTwOdYhwsVKlf2HhOoWrDZB92FuuLpnkVwd8I0UZfUkCBPvvWkAroJnx0V1pJIcLpFNtLSnw6gABNGJsz5OXiOHIqMRaeq3XblGaN9fERxXlwxfO3aU52hqpBZLlwfwPK_Z17RQwCjfr2XwUCcYgrIHFsMHSc6ZLKdUPNNzxJ0LwcvAEYXoWwK8S7xqMJ4hagi4aRykc4FloGV9fdnSiKAl_frZ97Up1GBc4wfDlOfUkTuNJVDhqiBKs&sai=AMfl-YSx2ba2xYA0EFTWDzQo7i1EzHVHpGJButNShlK-NMHZp8MwwGQvT5ma2gVX7nCH27FrM7jCXnjRhg1CAh9Y1BmIiaaVpbD1xBrgzdANVj5He-7DM_O29F2grOSKZBeVgyzTfGBfg55-UtqcCV4dj8jgtPgqTC-21c2qUl3ckffNCcT_jNSHtteVXCiSEEH0F_IgrSYUyWRcLiPw-y8HqsG4E__q5pzHiptrBnbvZCmp625XFNLXWocNqegCBsSieKrNqchcqSk-yA8UTIV7vNnPVhs&sig=Cg0ArKJSzIkv49zlvY11EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=749&vt=11&dtpt=526&dett=3&cstd=220&cisv=r20230508.52355&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 09 May 2023 18:31:59 GMT
generate_204
tpc.googlesyndication.com/ Frame DED3 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?dOsjNQ
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
bql.php
lg3.media.net/ Frame FEC2 		15 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=6148&&vgd_canary=0&vgd_l2type=scs_newfl&fp=9_LbYnKjdjS71jf3QmMiUuXOCRdZlcqciq4w0jfn13VAiamp7inByoPzKTwMVccwxfQj9WcbgD8JYTqBvjWbiRgfSMm3K4V2rI07DCWnYmeCKzEDAEW1YbO8hBfloSUDW-RtKqFn-6c%3D&cme=9MMN2emf5Zti5zZf3DuUt4ET7GCx9_c-TIwbVKpLHGH6YheSqQXHmbzGOIDnBpsMHjpx13bSPYTqk3hBrN-qbpB6I5OpBYsYUoqxCA6cnl1lqgSRZSwQuj_Wa-Chuy3MRFFvbrFVFBzXlmaDJiU1XlOiHXYqvG5LFJH04rwUz01CI1P43LEx_3UyDcOms80625L2J47oiQmZmDkAHrLfjj9YpN_R1IwhIJiHP32YnVhGYOMEArc14A%3D%3D%7C%7Cu8A6SM53vAeDX2gxB2l7q9coRgBZkbzd%7CqW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb%7C3P4rPkLm_SkeFz7ixNHVwh3zF5hNeC1x%7Ca0AmFUYXmD6LF34OySuOc-iETYSFuFb2gDZcAR9kEBw%3D%7Cd7Eo144uM-uG9MIswYnIX-MBy9PepqjSFIBqZlf_lM3h6VAui6-jJitCFBh1LBn7aszPJ4oz0bXcqv1zwJq8yhif12RrLeF-ukppMWogpoLmHnrJncgdgSdsnPmeAp_DJrTui9AELhpoSXz5-N37dqA1VsImpBV3S3Ei4Mhpxd1m04l437CDRUSt4B1F_FPFOAocxSKLJCNo969V-Gp4Jupb-_NcIXx3CeoCQCLsZlWLRm0yKL1IdmC29o0twNySLq4U6XxJ-Nc%3D%7C&subBdr=99&bdrid=462&ksu=266&fdkt=232&vgde_kbbh=fuoyxQBuG&kwd[]=Tagesgeldkonten+mit+hohen+Zinsen&kwt[]=232&kbc[]=1f956db90f23f3ef12606cbdf3a0a9b8.d2s&kwp[]=1&kid[]=329625578&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0110%7C24%3D1313%7C25%3D0%7C22%3D0.0003%7C7%3D0.0002%7C8%3D050908%7C9%3D0%7C11%3D0%7C26%3D653%7C27%3D3%7C13%3D0.0698%7C14%3D050911%7C15%3D0%7C1%3D2.38%7Cr%3D1%7C12%3D0.43%7C62%3D3.08%7C60%3D1.47%7C63%3D0.03%7C10%3D2.66%7C2%3D6.52%7Cps%3D0.958%7C3%3D0.49%7C4%3D4.00&ktd[]=274895077632&ktrkt[]=Tagesgeldkonten+mit+hohen+Zinsen&kwd[]=Die+7+besten+Dividendenaktien&kwt[]=232&kbc[]=1f956db90f23f3ef12606cbdf3a0a9b8.d2s&kwp[]=2&kid[]=329545178&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0068%7C24%3D1577%7C25%3D0%7C22%3D0.0003%7C7%3D0.0001%7C8%3D050908%7C9%3D0%7C11%3D0%7C26%3D726%7C27%3D0%7C13%3D0.1279%7C14%3D050911%7C15%3D0%7C1%3D3.47%7Cr%3D2%7C12%3D3.53%7C62%3D1.04%7C60%3D1.16%7C63%3D0.03%7C10%3D2.66%7C2%3D7.14%7Cps%3D0.958%7C3%3D0.77%7C4%3D4.55&ktd[]=274895077632&ktrkt[]=Die+7+besten+Dividendenaktien&kwd[]=Abnehmen+mit+Backpulver&kwt[]=232&kbc[]=1f956db90f23f3ef12606cbdf3a0a9b8.d2s&kwp[]=3&kid[]=329642408&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0081%7C24%3D197%7C25%3D0%7C22%3D0.0017%7C7%3D0.0001%7C8%3D050908%7C9%3D0%7C11%3D0%7C26%3D243%7C27%3D0%7C13%3D0.0377%7C14%3D050911%7C15%3D0%7C1%3D0.34%7Cr%3D3%7C12%3D0.47%7C62%3D0.27%7C60%3D0.26%7C63%3D0.03%7C10%3D2.66%7C2%3D1.58%7Cps%3D0.958%7C3%3D0.18%7C4%3D2.94&ktd[]=274895077632&ktrkt[]=Abnehmen+mit+Backpulver&kwd[]=Psychologie+Fernstudium&kwt[]=232&kbc[]=1f956db90f23f3ef12606cbdf3a0a9b8.d2s&kwp[]=4&kid[]=23439086&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0075%7C24%3D105%7C25%3D0%7C22%3D0.0027%7C7%3D0.0001%7C8%3D050908%7C9%3D0%7C11%3D0%7C26%3D159%7C27%3D0%7C13%3D0.0387%7C14%3D050911%7C15%3D0%7C1%3D0.07%7Cr%3D4%7C12%3D0.01%7C62%3D0.20%7C60%3D0.09%7C63%3D0.03%7C10%3D2.66%7C2%3D0.61%7Cps%3D0.958%7C3%3D0.45%7C4%3D1.17&ktd[]=274895077632&ktrkt[]=Psychologie+Fernstudium&v=1&gdpr=1&geo=50.1%7C8.69&dlper=20&lper=100&lpid=&tsid=49&hint=&cc=DE&wsip=170762531&bca=0&ugd=4&vgde_setid=Nfu&ssld=%7B%22QQNN%22%3A%22r4%22%2C%22QQN75%22%3A%22G1OnOxLLwJ8Y%22%2C%22QQ8E%22%3A%22Ah.XW.XW.9%22%2C%22QQQN%22%3A%22Rp%22%7D&cid=8CUL2446F&vi=1683657118522709374&vsid=DefVid&tdAdd[]=asnum%3D28753&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_fm_lang=DE&vgd_implt=3&vgd_cage=0&vgd_tsce=L128-S128&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=1367&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&vgd_ifrmode=14&vgd_l1rakh=1683657118171057777&purld=1&tsrc=entity&sttm=1683657118928&upk=1683657119.4438&hvsid=00001683657118929006245729287567&verid=3111299&sbdrId=99&vgd_ecrid=424785930&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D28753&vgd_mcf=29069&vgd_vstrid=DefVid&vgde_bdata=~G-MjJzvuAAW~GwEv9~G8Ov9.uH9~G-M1yjf1Mjv9~G-M1QzvfWhXA~G-MNQv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvf99-f99~G-M7Y1-vFX9~G-M7YjMQxkk8-vS~N875vRKrrPDDq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.9Au~OYYMYuv9.9ii~OYYMYu9vu.999~OYYMYuuv9.ihH~OYYMYufvu.AAh~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.AFX~OYYMYuhvu.999~OYYMYfv9.9fA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvu~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvi.999~OYYMYAFvi.999~OYYMYAivii9W.999~OYYMYH9vii9W.999~OYYMYHAv9.fu9~OYYMYHHvu.999~OYYMYHhvHFifF.999~OYYMYHWvuA9Wh9XW.999~OYYMYXvu.999~OYYMYX9vu.999~OYYMYXuvi.999~OYYMYXfv9.AWi~OYYMYFvu.999~OYYMYhvu.AAh~OYYMYivu.999~OYYMLv9.Auh~JMLEYv9.9ii~JLEYv9.9ii~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~LMNNvr4~LM8EvAh.XW.XW.9~LMQNvRp~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvffHFfFXh~QyY7vJYE75~Q7OvffHFfFXh~eGLv9~e8Q8G8j875v9~QxEEj5M71yM8OvffHFfFXh~e8JB1G8j875v9.AWWhHA~NGOEv9.uH9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQv9~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.uH9~875EJM8OvuF~QJjjJLM71yM8OvffHFfFXh~N1LL8JLVOv9~~8GNvu~&vgd_cfud=230306&vgd_scsver=453&vgd_optout=0&vgd_ydspr=1&vgd_rensize=200_200&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_mbr=1&vgd_pgids=3&tdAdd[]=uiparams%3D%3Brend_w%3A200%3Brend_h%3A200&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001683657118929006245729287567&rc=0&rand=1683657119408&acid=8df990f1816c4b1093c884f828bf4796&matm=1683657119408&vgd_ltimesrc=1&vgd_ltime=1189&vgd_rtime=914&vgd_etm=6&vgd_l1hcsd=O76z2%7C2940&vgd_l1ch=1&vgd_lhl=1090&vgd_pgid=p1327519835t202305091831&vgd_csip=rtb-common-864b4cb6cf-xqdst.BE&vgd_sbSup=1&vgd_nrrs=1367&vgd_cdv=947&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F21728129623%2C33502485%2Fweb_yemeknet_masthead_0__container__%7CDIV-div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead&vgd_eadm=1&vgd_end=2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1683657118522709374&gdpr=1&tsce=L128&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=844206516&size=200x200&cc=DE&sc=HE&chnm=no_strategy&pid=8PO15FLE3&tpid=TJT3376&https=1&rrr=tzR-hLcl-L8S0csJTOWsHrB8bbSdlDto&nse=5&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&ebdata=~G-MjJzvuAAW~GwEv9~G8Ov9.uH9~G-M1yjf1Mjv9~G-M1QzvfWhXA~G-MNQv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvf99-f99~G-M7Y1-vFX9~G-M7YjMQxkk8-vS~N875vRKrrPDDq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.9Au~OYYMYuv9.9ii~OYYMYu9vu.999~OYYMYuuv9.ihH~OYYMYufvu.AAh~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.AFX~OYYMYuhvu.999~OYYMYfv9.9fA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvu~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvi.999~OYYMYAFvi.999~OYYMYAivii9W.999~OYYMYH9vii9W.999~OYYMYHAv9.fu9~OYYMYHHvu.999~OYYMYHhvHFifF.999~OYYMYHWvuA9Wh9XW.999~OYYMYXvu.999~OYYMYX9vu.999~OYYMYXuvi.999~OYYMYXfv9.AWi~OYYMYFvu.999~OYYMYhvu.AAh~OYYMYivu.999~OYYMLv9.Auh~JMLEYv9.9ii~JLEYv9.9ii~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~LMNNvr4~LM8EvAh.XW.XW.9~LMQNvRp~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvffHFfFXh~QyY7vJYE75~Q7OvffHFfFXh~eGLv9~e8Q8G8j875v9~QxEEj5M71yM8OvffHFfFXh~e8JB1G8j875v9.AWWhHA~NGOEv9.uH9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQv9~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.uH9~875EJM8OvuF~QJjjJLM71yM8OvffHFfFXh~N1LL8JLVOv9~~8GNvu~&bdrId=462&ntv=0&sff=0&mcf=29069&katpre=1&katbid=-103&ydspr=1&pgid=p1327519835t202305091831&essld=Ah.XW.XW.9~r4~Rp~G1OnOxLLwJ8Y&htmlsrc=1&cadomain=tzR-hLcl-L8KtOL4JZoiCKh8tc3Apzu3pV8ip0e4PzE%3D&adv=General%20Search&isid=3&allsc=HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 09 May 2023 18:31:59 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Tue, 09 May 2023 18:31:59 GMT
06f91b438b5c0d7fe6dff4bf6c24cf00.svg
s0.2mdn.net/sadbundle/8193307247526017021/media/ Frame 7F45 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8193307247526017021/media/06f91b438b5c0d7fe6dff4bf6c24cf00.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8193307247526017021/9b8c989600acf292bda83508a04b3a8e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8193307247526017021/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:37:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1998
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 11:36:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 May 2024 10:37:19 GMT
7005e0b9d5921c2361a021c70a26b8f7.png
s0.2mdn.net/sadbundle/8193307247526017021/media/ Frame 7F45 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8193307247526017021/media/7005e0b9d5921c2361a021c70a26b8f7.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f8cb3e3d92f43bde7b09ec3d906a757e7818c4377470c89c46cc4e290c473
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8193307247526017021/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:37:20 GMT
x-content-type-options
nosniff
age
28479
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4417
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 11:36:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 May 2024 10:37:20 GMT
d8173e62a312f94db103b5faa37224bc.jpg
s0.2mdn.net/sadbundle/8193307247526017021/media/ Frame 7F45 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8193307247526017021/media/d8173e62a312f94db103b5faa37224bc.jpg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03d6b7e75070586ab8f85932870604f5edbfd751e93f719f2ab73d0182775622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8193307247526017021/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:37:19 GMT
x-content-type-options
nosniff
age
28480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26312
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 11:36:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 May 2024 10:37:19 GMT
abdfe5463c53bba5d35cb06735a33973.jpg
s0.2mdn.net/sadbundle/8193307247526017021/media/ Frame 7F45 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8193307247526017021/media/abdfe5463c53bba5d35cb06735a33973.jpg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bfbb317bfe9fbe775fa673936d387d21f17d1aeb5b50dd3a87ecc736c65bb32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8193307247526017021/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:37:19 GMT
x-content-type-options
nosniff
age
28480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4520
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 11:36:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 May 2024 10:37:19 GMT
5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame 2370 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1683657116746&userId=vnet5556f0e9-5e3a-4f4c-8d6a-ebc834cb3dcd
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 09 May 2023 18:31:59 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
log
hblg.media.net/ Frame 2225 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=Ae4FMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwARAODU3MzRkZjU3Zjk0NDQzNjhmMmI4OTU2YTQzNWQ4NDnW1qywBpwHBERFFHllLW1lay5uZXQSOENVNk0yODdCEDIyNDYzMDI3DjMwMHg2MDAKZXVfYmUEMjMQQVBQTkVYVVMSOFBSMTEzSkdDBjQ2MgAQMjI0NjMwMjcCMDxydGItY29tbW9uLTg2NGI0Y2I2Y2YteHFkc3QuQkUSNDI0Nzg0OTUxAjAAIAEQRVhDSEFOR0UCAmI&evttyp=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 09 May 2023 18:31:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3245 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdqeYnpFaZO7FKtjm3wPii6GADAAAAAA4AeAEAg&bg=!l5SllMDNAAYV_mUANf47ADkAdvg8Wpy0ltI1GMJe_vHPFwY5yxon4mesHoC3QnZRZKlT07_GNUPZfq1fS0yosjBfwsGnyvqusDsCAAACFFIAAAADaAEHmQMDvV1Vf4nMznqv3Ry3bMdeSyzmnyER-pgXv5Le3gOq1HZhdnvXPi5LahVVIjLo_kkVKz9zFbTYnXRhqjAqfcjAMYgJ4nqFNvvvd5LxAwNVlBthGlQhCt2Qaip0PeyuHK6HOCBLUkf17IqkZrTHMg38EMMMaWz8B0QZC-wcpsZ-tb0SiRTaHbi4sGRLfjQ4t18SewhGa_Lilc9sbbpyIlYUzNxPCS4pMdss-1XcYKnzczmP-aUkDtqBJ5FuN5VqfvQ2ycWCxuvLNpeyWKb-ARcGHnrMFIsHdQhKGONBFvBfjdzO4Ucbf3lAWcPlmCZNgNiXvHj0FlukdwU5hO_UAtoxK46uVKoiDO2d4ytYqGcnqOgySqKMYa6EEsssmvzoOfAma8zIGsm6oCnA5buLoe8PENQhq_xR_IQIMvDbxsovcqzJso4NcGW0GhovRBWypUVjUbiA8yjGom-i-bi7bdciZomazlqrhujUJjai5QN9GM-IxR1jyhZUofCgBotdLbXULJfGdf-DPgMlDKU6aWR1IZE9meP6NAiPPbFeMwanBvuRDdOEvSEYbDcMwU38X7ogzQTUHgANLpl3u0SPesFVtoGdAhxnHxI3eLH7qZqKeMR1UxmPA_lJxGtQfdPesJBUbDINbD7qGpdGNYac7k46zypVuivRoaN0Djgt_U96f3wX_9CuotlVixJjdsBm9HzYc7xL1m3XRM-EAENd-wgnMxuNzYPBwJ44JvL4CeBAnGoW7Pc7JEx_uZsZjqKAPmahXiscfx1gHgdIeaQni9gRAb65zBnVW6cnsENlzs1UPAKONOa5urFOj40P3hyibYk7ut2vOa80sRFWZmthKhQRTuJdKp06zPJ_REDp10xGCu0xh7BdS21_98k8i7vH31MBAE8nRZKoyBRr-SceaCeCd8t7hnOgBOmakOccUqWdDXHWtLVQ1vQOtFFOlze3G_uuuCJFAIA1WXSMsXfDLgvQkOOLtQG7XpuJnGaiwC5ngjPnUpBTsKJcSzit88CsdHOR7G5_
Requested by
Host: 04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
URL: https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 73CD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLvwcnpFaZLWPKdvhgAe92KTYCwAAAAA4AeAEAg&bg=!8POl86fNAAYV_mUANf47ADkAdvg8WmDwwNGKvM_4hqhuJ6hRhBjusF2sf_B2LIUrWvymbJJ17SCFkK0LmvNhakn7x1qZlLFRXqoCAAABw1IAAAACaAEHmQMFuifCxfVxCPS3bESNYG_oQ8rVK_CZh2FTIVhdzwp7iQArC-1_fQlskjCbX5oBNj8acnfHHg3iJCZJmOK0jM2FOLNbaWyut9pGic6vk0-LvdzTMnds4lzuyE1nozv-y58zGcWayjoAUDRMYv3Z_whLgQEiBOeVuJ3e3KhcTQsb5_TolIDXni3Mz33Ex1thaEeMC211I0ewEsQrvGSMHF4D7uNx34lZWXiArMijor3QSwqNhcBn6H871JIDMQrqO2IMLW6-mdF0rF86gVLw6zutvVsO1dfI-pXaw2nmXE7BDq48B0v8EJ76sYCd_opiw7EBD4E8FP8bAW0mkTDGAOrCdUaDvl--Iu6JaVB_aNpJLFRF0x0unVKfI-DwzYcJv2wCNw6RarPOXgXB0zEe3yVpkZD3Kg3Z4ytFWJXE3KhZ6Inn-ZI24u6G4_72AW_Lnzd6DmdQAlXdD2NS0fNGbFYUxepQ9ZmH8PvbqQTqbhbv5UM-c-LSBNSmKZXz3qnEQSTFqRFKrD6sMYEH5HaqSly30ZnpJSVzMvzZWIVp26HvINnRVPwBygJoCIDsuhSC608cbNvaDB3qwuNZgOaVXLO9doe1LzqCafT1AML5Mb30AtCy-ehj2XvW0r07zSjeMbnYJjSWH-O1ukuy_KcbatVl-FuYl18wRSdlxXqc3iesIg7Kgf9bDGgPbIS5YjeDNnUCMKDGlNsZYRLKwafmAc-4nX6Dm9brWfJsReicEYzNWjvU17n1fKcrZPdQG5KAUO66zvywAgEbMb90S9n4hmpuYAwXVqpPgh8Q6KIPrsjvMBCkEw9jFRPgy9hHjNcUzjx6TNvby3jF3BOAmfEy8a5FGtVHA7eB_bXukkTZlMH8D2h5www8FfcQWzz5VX1F4kY9w20VbZnMHFDnFT4MM3yqyfUXT_IwElZd5FyF0zhDbJ2K3h68NjZ9hV275PJuzdTITb9bSXMeR1OQLHogehxVFgeV_uYkvrFUTp-lqRl6wXtNfWWRSQ-8fvNkwuO-3z4j0lNauHw
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-51c60ec002340f16/ Frame 2370 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-51c60ec002340f16/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
80a6bc8e05e84df98ca33712aaf3b520db8e4eb53cb97429d0a3f72fdb8bb35b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:59 GMT
content-encoding
gzip
etag
2086319854--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=11, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
1267
300lo.json
m.addthis.com/live/red_lojson/ Frame 2370 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=645a919c3d3ec719&bkl=0&bl=1&pdt=564&sid=645a919c3d3ec719&pub=ra-51c60ec002340f16&rev=v8.28.8-wp&ln=tr&pc=men&cb=0&ab=-&dp=ye-mek.net&dr=pcloak.blob.core.windows.net&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=4&gen=100&chr=UTF-8&colc=1683657119799&jsl=129&skipb=1&callback=addthis.cbs.jsonp__32063114425819440
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9a2c73fcd325b1a6b1cfeeb1447ccc2cd10acb2f1500ccfbcd41ff335a7fef8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:32:00 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 35A8 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame CCD5 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Tue, 09 May 2023 18:31:59 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
client.tr.min.json
s7.addthis.com/l10n/ Frame 2370 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/l10n/client.tr.min.json
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
1f5a2a979149a9192bb49e10899322a37fbfda94dd47567b029823950adc0e2f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Tue, 09 May 2023 18:31:59 GMT
last-modified
Tue, 10 Sep 2019 15:15:17 GMT
server
nginx/1.15.8
etag
W/"5d77be05-d99"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, s-maxage=604800
x-host
s7.addthis.com
timing-allow-origin
*
content-length
1685
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2370 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305080101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69696a43946cd64f72fd454b2830efcaeebe2d86b03d353227252067850baa08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11376
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 9332 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:58 GMT
server
Kestrel
server-processing-duration-in-ticks
495350
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 2225 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfy0_T2kJkruTfoXOuWxE7skVOP5G-di-ZjnOxeyNCSBB94x06wWbihPnvclh1qU5MQbCoiskFUvzmACwiRDwcWRCzP6KZSo96cc3929Qfof9YzKTf&sig=Cg0ArKJSzPGtOQP0UiIFEAE&id=lidar2&mcvt=1024&p=0,0,604,300&mtos=0,0,1024,1024,1024&tos=0,0,1024,0,0&v=20230508&bin=7&avms=nio&bs=0,0&mc=0.53&if=1&vu=1&app=0&itpl=19&adk=3203893797&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683657118373&rpt=409&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame 2225 		0
945 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fye-mek.net%2F&e=wqT_3QK_BOg_AgAAAwDWAAUBCJ2j6qIGEKT438fTma7GRBgAKjYJpHA9CtejwD8RfT81XrpJvD8ZAAAAoJmZ9T8hfQ0SACkRJPQ0ATEAAABA4XrEPzCzhNsKOKUVQJUJSGBQt-jGygFYupyOAWAAaLO3K3iV9AWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgApOcW-oCE2h0dHBzOi8veWUtbWVrLm5ldC-AAwCIAwGQAwCYAxegAwGqA0ESGDc2MTUwNjUyOTcxNTEwNzU3MjZfc2JpZBoTNDkzOTUyNjA4Mjg4MjE3Mzk4OCIJNDI0Nzg0OTUxKgVNMTE3M8ADrALIAwDYA_LZOOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwzNy41OC41OC4yNDioBACyBBAIABABGKABINgEKAAwADgCuAQAwASPpqUiyAQA2gQCCAHgBAHwBCUeWIgFAZgFAKAFjsvg0KmxiddpwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Aav8QHaBhYKEAkSGQF8EAAYAOAGAfIGAggAgAcBiAcAmAcBoAcByAeV9AXSBw0VaAEpCNoHBgFhcBgA4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=587b50bbecbeb056ad4b064810c5b586a303914d&type=pv&jm=1003&px=1318&py=150&bw=300&bh=600&sf=0.53&sid=1931169661545768239&vd=ct~0|rr~5&sv=232&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22463027&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:31:59 GMT
AN-X-Request-Uuid
a39bd25c-006a-4816-b432-2cc2e58b5281
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ye-mek.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.248; 37.58.58.248; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2370 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:31:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 May 2023 18:31:59 GMT
sid
mug.criteo.com/ Frame 9332
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=j0FRlHw5dmNRK2hkbittSnppUFFNM1VZTEExZW1mZTZmMDd6WlBzOGdoSHVmRHEyeTV1RTR1MjRFbmtjS3pQQmJIcWJCREhoSTZ2STV4ZnpsOUowOHlOZ2JXZFZkSll4WjZKRWUzU3F2SnBQMHNWdmRMaGlGV1NvU1hlSl...
441 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=j0FRlHw5dmNRK2hkbittSnppUFFNM1VZTEExZW1mZTZmMDd6WlBzOGdoSHVmRHEyeTV1RTR1MjRFbmtjS3pQQmJIcWJCREhoSTZ2STV4ZnpsOUowOHlOZ2JXZFZkSll4WjZKRWUzU3F2SnBQMHNWdmRMaGlGV1NvU1hlSlZBakNBUnNvR25DV1loR29UN1VzTFhTQnM2UFFIZnVrSXhVSFI5M0E0QlJrVi9QMDVDZkRCOWFSVEs3NmttUHVrMnVPUit5Y2tCS3dEQW5ReU96WHJmRFR6OEovbnB5dWdOOFFTTlBDYzVBZ1JVK213dDd3UXNXdHlnR2FsZmI4aktoUTBzbVpaeXFMZ1F4UU5PeG5YVHJkdFdQRmJtVm9Id3Y1WGdVNHk2b0tJQ3hyRkk2az18&cppv=2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Server
178.250.1.11 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
1edb0af8591ffd32dd9f27e7da037eab699060e6dbbae2d5f09a2b446d25de46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1724719
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=j0FRlHw5dmNRK2hkbittSnppUFFNM1VZTEExZW1mZTZmMDd6WlBzOGdoSHVmRHEyeTV1RTR1MjRFbmtjS3pQQmJIcWJCREhoSTZ2STV4ZnpsOUowOHlOZ2JXZFZkSll4WjZKRWUzU3F2SnBQMHNWdmRMaGlGV1NvU1hlSlZBakNBUnNvR25DV1loR29UN1VzTFhTQnM2UFFIZnVrSXhVSFI5M0E0QlJrVi9QMDVDZkRCOWFSVEs3NmttUHVrMnVPUit5Y2tCS3dEQW5ReU96WHJmRFR6OEovbnB5dWdOOFFTTlBDYzVBZ1JVK213dDd3UXNXdHlnR2FsZmI4aktoUTBzbVpaeXFMZ1F4UU5PeG5YVHJkdFdQRmJtVm9Id3Y1WGdVNHk2b0tJQ3hyRkk2az18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
438378
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 59DC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6119
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 16:50:00 GMT
expires
Wed, 08 May 2024 16:50:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E65B 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
739c9d80f1f29446fb2ca23edafc2835edb94161a8008eb9c8e5e3966eb035a3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Vull0SwCLyyrLJPCDAniiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-Vull0SwCLyyrLJPCDAniiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 18:31:59 GMT
expires
Tue, 09 May 2023 18:31:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
pagead2.googlesyndication.com/bg/ Frame 59DC 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c5b942bd3e64ff2eaff944993c252bcbb1ba01452c9779121f41670e7a0c45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 13:29:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
18147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14734
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 May 2024 13:29:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E65B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305080101&jk=2459006068698418&rc=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ Frame 2370 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Tue, 09 May 2023 18:31:59 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
log
hblg.media.net/ Frame DDCE 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=Ae4FMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwARAOGRmOTkwZjE4MTZjNGIxMDkzYzg4NGY4MjhiZjQ3OTbW1qywBpwHBERFFHllLW1lay5uZXQSOENVNk0yODdCEDIyNDYyNjU3DjIwMHgyMDAKZXVfYmUEMjMQQVBQTkVYVVMSOFBSMTEzSkdDBjQ2MgAQMjI0NjI2NTcCMDxydGItY29tbW9uLTg2NGI0Y2I2Y2YteHFkc3QuQkUSNDI0Nzg1OTMwAjAAIAEQRVhDSEFOR0UCAmI&evttyp=1
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:31:59 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 09 May 2023 18:31:59 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 202A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubqEWElY8Gcz8rM1sVbhGHe0fwUvW2F1Pqzv3e5kvYOz-Lw7IdWkE9LelGvDJT5Wr8umwWYnf9_vgxZFFNoWKOG07LFlSLsRRfkIJZGicNQHwpiUv9zLesj11EhhN5QzOiJ02CUg&sai=AMfl-YTW05CVElOaedgl906A-KeAjX1pu2ZpDqA2Fxuz-Ufd0LpCGPuzfNgMyYAwsK_EGjNcBss-tt_-ekkVKAeBb9HCeh8vU9K-4LccBAh-kankElBXbGL2eDdTxR0&sig=Cg0ArKJSzLozAe-tbLTGEAE&cid=CAQSOwBygQiD6nA4oZBFgsQpH4REPKENZmggTSu3yJ-sSnUPCBu-eCU8_eXBHqDa_5Taal-5eLtAwIWwyvneGAE&id=lidar2&mcvt=1200&p=0,119,40,160&mtos=1200,1200,1200,1200,1200&tos=1200,0,0,0,0&v=20230508&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3299242717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683657118465&rpt=415&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:32:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5ed7638be4b07a92411bbffe
ng.virgul.com/tck/i_vb2/ Frame 2370 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed7638be4b07a92411bbffe?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1683657120193&userId=vnet5556f0e9-5e3a-4f4c-8d6a-ebc834cb3dcd
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 09 May 2023 18:32:00 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame 2370 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1683657120193&userId=vnet5556f0e9-5e3a-4f4c-8d6a-ebc834cb3dcd
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 09 May 2023 18:32:00 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed771bae4b07a92411bc04c
ng.virgul.com/tck/i_vb2/ Frame 2370 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1683657120193&userId=vnet5556f0e9-5e3a-4f4c-8d6a-ebc834cb3dcd
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 09 May 2023 18:32:00 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed771e3e4b07a92411bc04e
ng.virgul.com/tck/i_vb2/ Frame 2370 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1683657120193&userId=vnet5556f0e9-5e3a-4f4c-8d6a-ebc834cb3dcd
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 09 May 2023 18:32:00 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
activeview
pagead2.googlesyndication.com/pcs/ Frame DDCE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvG_cLevRqdrtcDf3Q7tvtsGCgf6zdLRBifRMTjcciDxidwgJcnPGF-m3dZUM0GsICDm0UXuhTs9oPTeIbBDgME5nS6zTALoZWA2ipN3LSb-OcDgq45&sig=Cg0ArKJSzDyHF11OtG0xEAE&id=lidar2&mcvt=1152&p=0,0,204,200&mtos=0,1152,1152,1152,1152&tos=0,1152,0,0,0&v=20230508&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=19&adk=3050045420&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683657118441&rpt=587&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:32:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D4FE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-Isr5Wdm_xVMYEHe_3oreviSjXOJu1-sWCzDRhwEjWHMmxFSC1t9eI8t64fqMiSue8wBYdddCyqw0-LTGuNd3rsXT&sig=Cg0ArKJSzIa1TkXcXS87EAE&id=lidar2&mcvt=1154&p=0,0,90,728&mtos=1154,1154,1154,1154,1154&tos=1154,0,0,0,0&v=20230508&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=456810305&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683657118412&rpt=655&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:32:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame DDCE 		0
945 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fye-mek.net%2F&e=wqT_3QK-BOg-AgAAAwDWAAUBCJ2j6qIGELqh1ci_geakBBgAKjYJ7FG4HoXrwT8REVg5tMh2vj8ZAAAAoJmZ9T8hEQ0SACkRJPQ0ATEAAAAA16PAPzDBgdsKOKUVQJUJSGBQivDGygFYupyOAWAAaLO3K3iV9AWAAQGKAQNVU0SSAQNFVVKYAcgBoAHIAagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgApOcW-oCE2h0dHBzOi8veWUtbWVrLm5ldC-AAwCIAwGQAwCYAxegAwGqA0ASGDc2MTUwNjUyOTcxNTEwNzU3MjZfc2JpZBoSMzA4OTQ1MjI2NjQyNTc1NTQ2Igk0MjQ3ODU5MzAqBU0xMTczwAOsAsgDANgD8tk44AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDM3LjU4LjU4LjI0OKgEALIEEAgAEAEYygcg-gEoADAAOAK4BADABI-mpSLIBADaBAIIAeAEAfAEiiEdVIgFAZgFAKAFjsvg0KmxiddpwAUAyQUhThwAAPA_0gUJCQkMeAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGr_EB2gYWChAJEhkBfBAAGADgBgHyBgIIAIAHAYgHAJgHAaAHAcgHlfQF0gcNFWgBKQjaBwYBYXAYAOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=2b0b899f67e5419919893a5efee27127d904d4e7&type=pv&jm=1003&px=700&py=158&bw=200&bh=200&sf=1&sid=1931169661545768239&vd=ct~0|rr~5&sv=232&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22462657&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 May 2023 18:32:00 GMT
AN-X-Request-Uuid
95bc1c00-2d2f-46c0-a042-9dbf3db96e7c
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ye-mek.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.248; 37.58.58.248; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
viewability
hal900014.redintelligence.net/ Frame 30B1 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/viewability?s=48065000152271500951389012319014&a=a967c551&vb=v
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=48065000152271500951389012319014&a=be0cfc20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/request_content.php?s=48065000152271500951389012319014&a=be0cfc20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 18:32:00 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.81.67 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 09 May 2023 18:32:00 GMT
server
nginx
tracking-event
api.webgains.io/ Frame D4FE 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.81.67 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 May 2023 18:32:00 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame 59DC 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2NVYNQ
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:32:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ Frame 2370 		443 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
140.61020b6c086bdb8bc696.js
s7.addthis.com/static/ Frame 2370 		2 KB
1010 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/140.61020b6c086bdb8bc696.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Tue, 09 May 2023 18:32:00 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-688"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
770
143.3d8bb49f121080f7c65c.js
s7.addthis.com/static/ Frame 2370 		625 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/143.3d8bb49f121080f7c65c.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Tue, 09 May 2023 18:32:00 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-271"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
404
bqi.php
lg3.media.net/ Frame 2225 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2292&lf=3&&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_tsce=L128&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_cdv=947&vgd_cage=0&vgd_rensize=300_600&vgde_bdata=~G-MjJzvuAuH~GwEv9~G8Ov9.uA9~G-M1yjf1Mjv9~G-M1QzvfWhXA~G-MNQv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MLwvHhr4gEdWqR~G-MLENv99999u9~G-MQ8lJvA99-F99~G-M7Y1-vFX9~G-M7YjMQxkk8-vS~N875vRKrrPDDq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvX9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.9Au~OYYMYuv9.9Wi~OYYMYu9vu.999~OYYMYuuv9.iFF~OYYMYufvu.AAF~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.AAH~OYYMYuhvu.999~OYYMYfv9.9fA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvi.999~OYYMYAFvi.999~OYYMYAivii9W.999~OYYMYH9vii9W.999~OYYMYHHvu.999~OYYMYHhvHFifF.999~OYYMYHWvuA9Wh9fi.999~OYYMYXvu.999~OYYMYX9vu.999~OYYMYXuvi.999~OYYMYXfv9.XFu~OYYMYFvu.999~OYYMYhvu.AAF~OYYMYivu.999~OYYMLv9.fWh~JMLEYv9.9Wi~JLEYv9.9Wi~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~LMNNvr4~LM8EvAh.XW.XW.9~LMQNvRp~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvffHFA9fh~QyY7vJYE75~Q7OvffHFA9fh~eGLv9~e8Q8G8j875v9~QxEEj5M71yM8OvffHFA9fh~e8JB1G8j875v9.XFuHX~NGOEv9.uA9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQv9~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.uA9~875EJM8OvuF~QJjjJLM71yM8OvffHFA9fh~N1LL8JLVOv9~~8GNvu~&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=875143658&requrl=https%3A%2F%2Fye-mek.net&vi=1683657118202529058&ugd=4&cc=DE&sc=HE&bdrid=462&subBdr=99&startTime=1683657118691&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1683657118108145463&l1ch=1&l1hcsd=l1!O76z2|2940&purld=1&tsrc=entity&sttm=1683657118698&upk=1683657119.185&hvsid=00001683657118698006245729283655&acid=85734df57f9444368f2b8956a435d849&verid=3111299&vgd_sc=HE&infr=1&twna=1&stime=1683657118456&vgd_ecrid=424784951&vgd_uspa=0&vgd_isiolc=1&vgd_fcm_enc_mis=1&vgd_pgid=p1327519835t202305091831&vgd_pgids=1
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 09 May 2023 18:32:00 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Tue, 09 May 2023 18:32:00 GMT
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.81.67 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 09 May 2023 18:32:00 GMT
server
nginx
tracking-event
api.webgains.io/ Frame C0FD 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.81.67 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 May 2023 18:32:00 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 202A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4133749957766&version=m202301230201&ct=76&x=1&cor=18383705655026946000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 18:32:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 3578 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.81.67 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 May 2023 18:32:00 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.81.67 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 09 May 2023 18:32:00 GMT
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame 5E82 		0
0
5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame 2370 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1683657116746&userId=vnet5556f0e9-5e3a-4f4c-8d6a-ebc834cb3dcd
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Tue, 09 May 2023 18:32:00 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
bqi.php
lg3.media.net/ Frame DDCE 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2318&lf=3&&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_tsce=L128&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_cdv=947&vgd_cage=0&vgd_rensize=200_200&vgde_bdata=~G-MjJzvuAAW~GwEv9~G8Ov9.uH9~G-M1yjf1Mjv9~G-M1QzvfWhXA~G-MNQv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvf99-f99~G-M7Y1-vFX9~G-M7YjMQxkk8-vS~N875vRKrrPDDq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvA9~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9A~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.9Au~OYYMYuv9.9ii~OYYMYu9vu.999~OYYMYuuv9.ihH~OYYMYufvu.AAh~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.AFX~OYYMYuhvu.999~OYYMYfv9.9fA~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvu~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvi.999~OYYMYAFvi.999~OYYMYAivii9W.999~OYYMYH9vii9W.999~OYYMYHAv9.fu9~OYYMYHHvu.999~OYYMYHhvHFifF.999~OYYMYHWvuA9Wh9XW.999~OYYMYXvu.999~OYYMYX9vu.999~OYYMYXuvi.999~OYYMYXfv9.AWi~OYYMYFvu.999~OYYMYhvu.AAh~OYYMYivu.999~OYYMLv9.Auh~JMLEYv9.9ii~JLEYv9.9ii~wNv9n%2Bn9~8w1v9~875EJvK00I4tPb~LMNNvr4~LM8EvAh.XW.XW.9~LMQNvRp~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvffHFfFXh~QyY7vJYE75~Q7OvffHFfFXh~eGLv9~e8Q8G8j875v9~QxEEj5M71yM8OvffHFfFXh~e8JB1G8j875v9.AWWhHA~NGOEv9.uH9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~EmQv9~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.uH9~875EJM8OvuF~QJjjJLM71yM8OvffHFfFXh~N1LL8JLVOv9~~8GNvu~&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=844206516&requrl=https%3A%2F%2Fye-mek.net&vi=1683657118522709374&ugd=4&cc=DE&sc=HE&bdrid=462&subBdr=99&startTime=1683657118923&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1683657118171057777&l1ch=1&l1hcsd=l1!O76z2|2940&purld=1&tsrc=entity&sttm=1683657118928&upk=1683657119.4438&hvsid=00001683657118929006245729287567&acid=8df990f1816c4b1093c884f828bf4796&verid=3111299&vgd_sc=HE&infr=1&twna=1&stime=1683657118501&vgd_ecrid=424785930&vgd_uspa=0&vgd_isiolc=1&vgd_fcm_enc_mis=1&vgd_pgid=p1327519835t202305091831&vgd_pgids=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 09 May 2023 18:32:00 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Tue, 09 May 2023 18:32:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb.emxdgt.com
URL
https://hb.emxdgt.com/?t=1500&ts=1683657117087&src=pbjs
Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230508&jk=1566515330355644&bg=!dHeldyPNAAYV_mUANf47ADkAdvg8WlOBf8bSKosO--7SbpDokW3XMFwuYroyR4oXLKoNy32bih60Mky6xXIuLmn1LVBBLsPCpnoCAAAB6lIAAAAGaAEHmQML7Pt9UwseG7UjhH-v10Sn9I-H5Q3hY36pIn9F-3StE3dmwiZvfz21eqGnGtUVnZmyKMJ1EVFmFVe_OVgMzU_XO9ISyxJu8r_tWYOrAuIku2_UM63ogr6bIvY5AKHLJreVitXV6W2sM2V758IMoHL7nq2cy2_R8H94_o3E031z_CiH35waH-DxsCJR-5ckkRYjx80ZgmeifHH2tC0DJXw3Sq4KtAQb3rlfYQ2FoRgp05OsKahEbyHVRkkJjmoTs9smh-PHWLNf8kA4ovrZEpFH-mckyc0Oi2Bs8_JR59zkZjc32LtqX3dPCR_HL-jqTp4rBtpI8kvyPShAqMsFeHyv1Wnd3_gdNeziYWkdYg5BoZ2PmwzygHwCSeHvpSe5OOL6BHnXScLnoNSC-GrGJRJY3qvYiJRj6uJtsIHsDYtYTj0mYD5O5MokydZtsYT54rE1HRWxY5YLZWjgJML1Of3pu9MZtXHTOPFSDgCdV7k-sJE-GNUtcyhlBWs1UtSY1aUX33KH9my6ryFvIdm3mPfWt4mvpIF7wcngn1neWb_dNGNtL7htnJYICVjAIfnhRYhOG4oZHVXvMFJwVW0btNXgcacPksfjDX7Ij8AApn4BZKZKr0uSaT59HcyHpAh9a67_GIfsAuybL2IosCKg-Pu3fjt9qyMqI6q30a6uKsyB6EfseNlz9w-Jj6nJiiS55H7L8tE5oxBXXsg7Xi28l93B7mow8i3bi41p9OclQAayf5o9NRFK3pjUzeKGDdnFFZQYu8EtcGH38DxcFD8QCagr_XjI0miF2GWFH1ZYRfNJ4j_oqETWh2LyjBJkfzg74HOqKJPRB-K7t9FTtiRkQNnTnt-OQntacv-wQQZU91jBnDnkey8s20wCu3oTh5XQJGE6icpR-iNPzVv6LY1aBIT1cvW6qZDVaIOOGcRl0OiFcJDpSSSZS_YGUTc7by6LABeU8lybwOnkgtBI7-UYqevYS6zWrS6M0LNtT_e0_b7AGfbbI1NJbOBrya4AcN_eSpT9DpvSRVwSfygztMs

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| cloakan string| data object| xmlHttp number| data2 string| hash object| ifrm

36 Cookies

Domain/Path Name / Value
.rubiconproject.com/ Name: khaos
Value: LHGLZ5YI-G-I9FC
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpVsajncdcLmLJGe4Ni1ThWK2euPP2lVg2+SmvwaNDOnuFhhpyMrs1YDqDbQAwtYdFN+011ZXQEx2pNjxJ85LHdsqlSNZOaaDQ=
.doubleclick.net/ Name: IDE
Value: AHWqTUlGgvRchX2RIKHK9N63zVPlr20sUPswiPNpgG78OqcMYs1w660dfDa49ZjouYc
.adnxs.com/ Name: icu
Value: ChgI5MdxEAoYASABKAEwnaPqogY4AUABSAEQnaPqogYYAA..
.adnxs.com/ Name: uuid2
Value: 799170804332062561
.turn.com/ Name: uid
Value: 2365442083259342365
.ctnsnet.com/ Name: gid_CAESEOalGSVytNxthZcAKxECwi0
Value: 1
.ctnsnet.com/ Name: cid_2372523a97b247918e11963b2f195ac8
Value: 1
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.casalemedia.com/ Name: CMID
Value: ZFqRnjYXR228CivwdFvtxQAA
.casalemedia.com/ Name: CMPS
Value: 5147
.casalemedia.com/ Name: CMPRO
Value: 5147
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZFqRngAIy3oUTAA9
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 92A6FDC4-2514-4342-B1FE-08728A663BC9
.lijit.com/ Name: ljt_reader
Value: GnjXpGZHNs6m3ECwSA-60rKZ
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVNkXn6t!]tbPl1M>e)ZlrFUfJ+tGXxoiXs3fjQ:<xqYjE>C9w=ojE@P^Tb#pyy^<7F:3If)y3KL9D3I?+EtgOGg
.w55c.net/ Name: wfivefivec
Value: N6pxSY3j1PWs7Y5
.mathtag.com/ Name: uuid
Value: dee5645a-919e-4001-ab2c-f0f1c7dd3bf8
.w55c.net/ Name: matchgoogle
Value: 5
.bidswitch.net/ Name: tuuid
Value: ef47b96a-2c71-4aae-97bb-3f233298d08d
.bidswitch.net/ Name: c
Value: 1683657118
.bidswitch.net/ Name: tuuid_lu
Value: 1683657118
.yahoo.com/ Name: A3
Value: d=AQABBJ6RWmQCED7vn9HZZNer-UH6x89DmKEFEgEBAQHjW2RkZAAAAAAA_eMAAA&S=AQAAAqy6NLyyJq9V_VtPXSIYR9g
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 4d4de6e787dd5362
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22B10E3B33-EA76-4CE2-91E1-892CB20CA17C%22%7D
.3lift.com/ Name: tluid
Value: 4544061791112764542157
.tribalfusion.com/ Name: ANON_ID
Value: apnseFRkP6i6eCno77Ea7YbArfgureVlxUia4jDo9rCufZa4vsJ3TPfLJJ6CYmNlwxGL2F11NQu4X7gO89Tsn
.retailads.net/ Name: ppb2172
Value: 2701254914
.awin1.com/ Name: awpv20044
Value: 412871|1683657119|c88bf040-ee97-11ed-89a2-223974343f8d
.adform.net/ Name: C
Value: 1
.awin1.com/ Name: awpv14702
Value: 412871|1683657119|c88f4ba0-ee97-11ed-bcf6-22336c0ce064
.awin1.com/ Name: AWSESS
Value: 365825:2531885
.360yield.com/ Name: tuuid
Value: 7fa49dbd-7321-489a-b696-29d376792b9b
.360yield.com/ Name: tuuid_lu
Value: 1683657119
.adform.net/ Name: uid
Value: 6180544027368130725
.futalis.de/ Name: raSIDb
Value: 2701254914

12 Console Messages

Source Level URL
Text
network error URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript error URL: https://ye-mek.net/(Line 39)
Message:
Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network error URL: https://hb.emxdgt.com/?t=1500&ts=1683657117087&src=pbjs
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683657116883&bpp=3&bdt=685&idt=229&shv=r20230508&mjsv=m202305080101&ptt=9&saldr=aa&nras=1&correlator=2477421507668&frm=24&ife=1&pv=2&ga_vid=1458859635.1683657116&ga_sid=1683657117&ga_hid=707820496&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44773810%2C44759875%2C31074432%2C31074459%2C44788442%2C44790154&oid=2&pvsid=2459006068698418&tmod=1341516609&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.1njzhooodvth&fsb=1&dtd=240
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://as.ad4m.at/ad/dr?ed=1ggd0g5rasbeh38r682z7j0wmc05667wvyfab4zpeddz9b7easef42smwpw5meb3mjtpmaw5zxkr6s89hv1hx9sj0w157werfv3w1yx6j1rdfn1c0bpk3p13cq9xp6fvnrecazjvft4gmxm31ny07z4cz6efmfp3d6k3fp14fbze0bbv7zqsyx90d6xwq3f9w7vzz1cr4er3w5k9s201ee1tebqk4dp6vceagb97tenj055aft6ng07dye186qqkcff1wz6a7w00c6gkvb7y2rsd0stgapmeyrfjjvt93fhqb8k6mdjyzydv7qatm40k6rbke31qfnmbnnzpwv2sz1vrzy4cv9d5evczyawcjdk3z0bvay47pkzf9yxh9e4sa0rhs2wjdkeqfrbhg3ea61rp03ajgp29kc2h97y2csrg8crzp3pqq5x55hxpmyhfx55bzf4jnm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%26client%3Dca-pub-6593523210010154%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=af1688c8d66e027fdbd118f8aa0947c7%2F11453764225808850446&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1683657118828&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxfmv3kh4g4maab2vz3effx6azg0xmve5crehywj26dqd6m1rnwvdt6pqh5109a0ssv4s93dahr2pgqhwyeym4j3716z7xr44xksyr44m90rtv4k5dx0adxpxfarjn7ec8j0987sypsqmeeg9hehzayb9gs9j72mta2091f90rncykn4sxtwv1qrfr2yj371rbgabt9bb8txh0y51bacr15nsyw6sf1xczy61pphnn5ta3gd2mkk0p3wpjqpmqgqzf2wadsyzsh6fy414stb0jqvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF973nZFaZJqhOpKlsgeHyamAA5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjU5MzUyMzIxMDAxMDE1NMgBCakCuEm_tTNnsj6oAwGqBNUBT9CmI03ofVjy1Z5t-zzpLmWdnjuCtw-e0i3CEcbBKsflwyN-8SB7kua57naC7jMaAZqGZ8K_Zfu79v8bWRLPwclkKRXxD-cCVPrHQZCGhjzf7sgMRrl5g0v8JFxfrvGC-l2pZijwL4dd4VxOaxS7c22tAw7XPkeLlb-lG-uC9VEVIomLDUVnbw2fHRcqGziMTGGDaaFucKmNDHvi9Xew6tIPY5N4484y_-KtXZsKbX1_t3mUskUpQvm9A3hB7GW6pEHcyCk-sJuAlyy7Tuq4NFnYGSgOgAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0WtpKhnTGseqmP-lcv4KHEo7AJdA%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

04b337bf588ff1d9b38202b2ac6e9347.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
a.teads.tv
a.tribalfusion.com
aax.amazon-adsystem.com
ad.turn.com
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.de
adv.office-partner.de
adx.adform.net
ajax.googleapis.com
ams3-ib.adnxs.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
cdn.adnxs.com
cdn.jsdelivr.net
cdn.retailads.net
cdn.track.production.webgains.team
cdn.ye-mek.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
cpm.programattik.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900014.redintelligence.net
hal900016.redintelligence.net
hb.emxdgt.com
hblg.media.net
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
images.dmca.com
imasdk.googleapis.com
ius.ctnsnet.com
lg3.media.net
m.addthis.com
match.360yield.com
medialead.de
mp.4dex.io
mug.criteo.com
ng.virgul.com
ng2.virgul.com
onetag-sys.com
pagead2.googlesyndication.com
pandg.tapad.com
pcloak.blob.core.windows.net
pghub.io
pixel.mathtag.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.adnxs.com
prod-rtb.ad4mat.net
pv.medialead.de
qsearch-a.akamaihd.net
r.scoota.co
r.turn.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
s7.addthis.com
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
static.virgul.com
sync-tm.everesttech.net
sync.inmobi.com
sync.teads.tv
tags.mathtag.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
ups.analytics.yahoo.com
us-u.openx.net
v1.addthisedge.com
warp.media.net
www.awin1.com
www.cloakan.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ye-mek.net
z.moatads.com
hb.emxdgt.com
pagead2.googlesyndication.com
s7.addthis.com
104.102.35.84
104.102.45.165
104.75.88.126
13.224.192.181
13.248.245.213
138.201.220.30
141.95.33.111
142.250.181.230
142.250.185.226
143.204.100.231
145.239.193.130
151.101.1.108
151.101.194.49
151.139.128.10
172.217.18.2
176.9.26.250
178.250.1.11
18.133.36.104
18.133.81.67
18.195.195.61
18.203.106.14
18.66.147.98
185.29.132.246
185.64.189.112
185.64.190.78
185.7.176.222
185.7.176.223
185.80.39.216
185.83.142.19
185.89.208.11
185.89.210.212
185.89.210.46
2.18.233.201
2.18.235.93
20.127.253.7
20.60.220.36
2001:678:cb4:bbbb::11
216.52.2.91
23.35.228.23
2600:1901:0:76b9::
2602:803:c003:200::21
2606:4700:20::681a:71b
2606:4700:20::681a:8a9
2606:4700:20::ac43:4a81
2606:4700::6812:18ad
2606:4700::6812:272
2a00:1450:4001:806::2006
2a00:1450:4001:808::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2001
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a01:4f8:d0a:2321::2
2a02:2638:d::2
2a02:2638:d::a
2a02:2638:d::d
2a02:6ea0:c700::19
2a02:fa8:8806:16::1370
2a03:2880:f083:100:face:b00c:0:3
2a04:4e42:600::485
2a05:d018:d29:3602:f7ac:e0cd:cc15:97d3
2a0b:4d07:102::1
3.75.62.37
34.102.243.38
34.96.105.8
35.186.193.173
35.186.253.211
35.190.0.66
35.241.45.217
35.244.159.8
37.157.4.40
37.157.5.132
49.12.16.151
51.89.9.251
52.58.153.178
52.58.219.83
54.76.7.236
69.173.144.138
69.192.161.152
77.245.159.14
78.46.23.46
85.111.6.48
85.114.159.93
88.221.169.49
94.138.206.83
94.23.99.218
95.101.54.194
99.86.4.94
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03d6b7e75070586ab8f85932870604f5edbfd751e93f719f2ab73d0182775622
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
055cb98724324898a393d226390d40b189091e1f94710a116bc0bc6c5252612d
0647cb44260740713301fce8344994673dc3c78e95d1d19ca9435cfbf4d79a4f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08312dffbe6174bc11fb0bcef11263bfbb5837002aba7f264c1d6e22afa6a18e
09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570
09f66318045cd6f96a4cb58d01176281132792b59ce6d1b98b2d474eabc5bf20
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1
0c84b9e3d6a58529cf5986fd7022e2b631bcb4c4e66a8288926a78ef0c7870d9
0d9048e6f948ec2623cb57dc67a5dce46a7191987d4570e4b6bdc421381646fc
0e8a505ea2bd394d094c046e56b2d4096255f2a05469ea7b1b1643cc1c66c659
0f15cc4cd8b473731e005ce00c1dcbda3d2bc464bb05f8838eb9c0a5991323fb
0fc331d83d54055b86da63efa0252a153147a108e814e6f1f7914c669f52fa56
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
17161789662498342bcddeec410c1700c09eddcbace6cef97762e1b657553c75
1bcc8d5cdbed6a33503d2ae64747a7836b86b5772d02199b93ca2b6b86c65563
1c4f701a8fb7e5be5982ab36ee4b41e4bb4a89a0f4556f3b5658f3e24fb35ba7
1c5b942bd3e64ff2eaff944993c252bcbb1ba01452c9779121f41670e7a0c45c
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d4dfaf91d90aef391661d53f943538e50101d0730b285ba673b616cd15c695e
1e841ebd8b9da3cfd42ffcf9520ed2c97e7d85cd866727130f4a3a464579776a
1edb0af8591ffd32dd9f27e7da037eab699060e6dbbae2d5f09a2b446d25de46
1f5a2a979149a9192bb49e10899322a37fbfda94dd47567b029823950adc0e2f
1fc6701c643d532980e0ebce376877a408a108fb74204d9d2b5a5e2a69613a34
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2463fb8dd5405db9e4b77e739d2180577f830e8e5df0ccc3ee7023161e7e3116
252b9f0c25fe0a0fa1fbc01ad75bea88b71de9879beba50db46cd05948573b63
25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6
25b0fc18fa46dfcb28fdab9b486f78a11dc35790fdfc410b1af2c062410e14d9
26a13e4aa3a06c407c8b084c54461703ac4dffacaa57cc69f137f1bfbbd2b58e
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
2a82fb8b7b9217af38c4b984de5bbffaadf100667dc4adca701c2da34174c9a2
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2c6a040cba33e7847c821f0b6c227f5f89e0e4d719eb823a692999cafbe46a92
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e5abf2e9f21e9e0431e2d8f6b3b27bd5922f522c534ea519bcec87b40e64d04
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2ff13911640a6c5ed92d1d28eef357161e480655dde411920b47da6f6b3d0060
3002b527e1cb5e6d8601854825ff1a291b37dfe3e190c02eb7ac1ad76cb12898
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3640ad2125f29aa5def830349d744573e0d91e31269ea1e62b7b1d428c055f37
372e646203759b4bf2ddab1f01469d03dd8bc920f187a3a09bb316f4edf6d604
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
394784db8f1548580be30b4f13128de9ffe9324758ba926b9fddf4eb9fd5d34d
3bf48016240e2a08d327f70eed169e186b2fca957544ed5c02e9b7c6c9af7d94
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
3f064267c64c1eeca604b20f9d60538c32c14e90528441d0524c2f30161f8b47
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
409e0aab336d8c46e59dd95de86d035fa8f05975848f2e24f2c5f7cd6a5b6981
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
43f98b305d6c2d9e6e4935db09b76182181fc0b651fa0e1c7792f8c3777f0b93
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49ba5ca517d094d942ea4ef8fc652ba5547973fa0f486878a1c7d1ded8d77669
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6847d6c187314e234ace1a963c78c659d2429c0790444c674b5d72180822bb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2563b50f3eb4c72bc0f8c663730bf37a327a1ba64960d75819fc576d50807e
4f3888b532e6efb7edf636b85ee08a7421dfbb4928a9339e6d3ef4869887d3b8
4f3fad6484e3a7f42bf7a7129fc6ec09ae85ec59dad2f7b6765975ee1f7d7d8f
50282fee83281adfa1bd8aa7771950d435a2799ca90959ae8f3a483ff4fb0be0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
516f8cb3e3d92f43bde7b09ec3d906a757e7818c4377470c89c46cc4e290c473
5182022130b0a566e7428e13a6504ea855e11c82e27b7ccd3b0c0ae05184506f
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55fc10baa9c6fa8d98acac31beba1be0e8f688344f243dea838b5b03e8566a3c
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
58712a4f1909f78e6b3cb7b01dfbb8e2952037880985e4fc91ccf08d37a7bd84
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5e9bc5c6bc6d65e3488989314be2dc9b660f7dce47ce0ad3393136a4acc74f45
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
612be35d487ad9a8bd85ae3053c5a4d7ad9075d42a9af4b428698ce52969ca15
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306
6600e1694c2b233a40d34171684358f1e526b3c4bb984d3ce2de4d625867f8e1
69696a43946cd64f72fd454b2830efcaeebe2d86b03d353227252067850baa08
6991bf232088ecad392ba5aa81bffacd607873a40936f4ee8c5295c67c146bbf
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6ce801c9b5a18d6e9a2b6914f7fcbb927cacf7199e21c2318ac42e594102e2a1
70d7a7544e82898773336d5aca91edf781d08db7f27359b575a261cdacf16ffc
739c9d80f1f29446fb2ca23edafc2835edb94161a8008eb9c8e5e3966eb035a3
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74dc40869a1ae566cb030238b5527c78aab5dcd4437f2fe150b827fb01bbfd0f
75e4b90febae356bf27a50442bb00e2ee7a3b82a981f9ef5e59e4dfeafa6334f
77e3f0731187a20fecf2f6ca80484f2b8c99cdff857ff37b6c089105b610c325
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7aa9c79a3be5c919789471cc7a8ea1ffa66e936f0b9b6fbcc27ecb2dfbdca9e1
7b4f30226ef26484d7e1ac91dfb26b5bdcc785a7042035c5139070807d42f833
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7bfbb317bfe9fbe775fa673936d387d21f17d1aeb5b50dd3a87ecc736c65bb32
7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0
80a6bc8e05e84df98ca33712aaf3b520db8e4eb53cb97429d0a3f72fdb8bb35b
81e566e70ca8804ec2feea476a39833bf39fb650efffdf3530cb0e94072990dd
82dab3ec996d28f3e80659e089aad41eb13909f14c7a897ffc62076e1e7bbd8d
837d63620657b055c980948022e01ba5c63c986d3d08ca7db80558411eab45d6
83bb386a4d21a15eac4300cf0721ba357926d5033ad7958011bf8166845599b9
8504d2d3013d96044405b0d3539f49c20fa39a64863679978d9169c883eb5813
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
89aaa0ce1877279f39fc4f3451e07fbbbafadc7a46827a4d56e88fcc98a7c3c1
89f675360ae8d0180715066e7bcf920f369c9779f5b6b92120900d633de38a4d
8bd59dbd2de433805f99595ba87016b5127da170c0ca22506f610ed251b43d1d
8cf97490bbe44aa43c01097db31f7bea02acaf111fbc3b6dde31745faf9d8d18
8e2b2033aae5f2ebbc9b92291c3cdfa7a084429d21d85b382e39dfbd875b5f55
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
8eef423fcfc743d22643c12157f247406ecac5bc220e9c95143e47a82f0ef0dd
9017303750060ae92411ca960cb48f8bed30c0b28507f92dff504a83d7af9d51
9224f567069bad20e5318a70d946b00524d0c5f93152294da9750eb7e1dd8f8c
960eddf4b622343d8b85421685bb2ecaf0c3fcf04d611ad51b408fefb8e9fa87
97c2fc64b3e83e9ac47982492b088765849276f8b5f494ff3d53bb6c6a32ea33
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
990bbe1e3b4f91ae63065bede517e70cb1b6db8d2cf5f134fee2cf1caa88ef09
9a2c73fcd325b1a6b1cfeeb1447ccc2cd10acb2f1500ccfbcd41ff335a7fef8e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1e10c984e87ffa3941c2853032f00a8079449556abc053795932851a6d88a5
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9ceb7464fd907c8a73e70b85c142e987072812977b9a17e742a734b50be481ad
9d249b0531be7b4b05de54292bf54f570f3e4b522b2b6c9fface89a9e8e8da5a
9fd673e3ba670884963694c9429d853658a07d134bca1b6528eba769d98e8be1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a27e3b0eef07673adfd0fa40a6f2bd583ce8a32863c318fbbd2bd8b7a3877548
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a3f85d0932cdef1a67dd25b58aa323a482829c5a05553f11af79f22205227b78
a498ff757038abe0601ed0855c1b760ee237e42f5c40b97e936dc057e1970762
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5364714410c6f8279a8656b3840c8e219f8181a8cce8d15ea1d95508d429ca0
a58159698e48085e6df7437e71cf0138a890c419929fb3e844564fd3c875f1ed
a5e5e3d179c7e1c2f2f01f424153e278c47da6688f31b71c1a2e2c44b846cbb2
a6a40a037a323ea0193d12da9fbe0e2ffa846926b02e5f4113c737b54b9df2b7
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
a9f55a9e4658a9960455f9485c446ea9874f2590ae283801311d84e908536cc2
acac9ddaca9bc322ef1bd381f8d7a6ce1e86642d386187aa318324da93db7132
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0a9edd9406b9e846d2613b16def49dca3d2307816622cb274acc4d0d2314245
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b40526ea9fda390b4b5fd206b0ea779c956609f6050493b38656d859b98c9d5b
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b7f9dd809e14987cdbb5ee6fbd75e26d393b2ebe2334d207c22f3c667f572527
b88141b284307efb7e9e6c7fbcdeeb15a45743f710f5f60b99dfec327ed5dbaa
bac7273dd110b1f0c1d1adca8c47771dc3e71533675f68639224527bdae9fd6a
bd130f78e0aa23e0a8445c1b9d016f9e8d024428cea9a37ee2942deed451f0e9
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c43a592c09224db2985a3e074e7b50afe274ddce2b680b73e8f3a9c5cda4d35b
c637f20aa2c06194694dfbdce826e0c2dc27be6768a7f796c9196e35e67e6c7f
c64429b61bcd79d65619faf32939a7380da154cf75e26a0336050277e87c0b36
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c816e8c4e3b2b3c50c64638732c8bf6f8e4b0f205c6c46939a9300c32114e269
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cdda806f72862d9980165519a490b0418022a79adb2af7dc76eed3f47acfc3f2
ce669aa1d3fdd13f88acee69e5caba142115b701825921e5e29d7b81b1f9ec55
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1716063d2de35a3fd63aa43bb5f861f2dfd708dcf44d65ed1cf458dbe328f85
d210bb938b26a609187a3d0640d3ee989e4ddaba673105776f0b7d187f709ea8
d6350ccbc96e6f4089866ba29b8e2fcdf961c3c5b428e8611226d39922e1fce0
d66aa9b9300aba037749e91968c3e5a3ea3d371e41af51ec49ed77779f08515d
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
d8070dc118244a41d42c2b02f2dd3b91b733dd0149c9a0c18bbd38441642fad2
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
dcec8e322946988e0dc8c0a1da7a7df028ed2b63b35975780ffa05c62ba9a89c
dd1a556fbb800176f7d5a44697d519b5866497298a80d86ce71258878a1699dd
df17bd311a36c7a63b85e7fbf2c0e9a7f270181d576dace907576ea9e629a417
df953cb4bab1ce085b56b85a00037984fdcbd1a99bc72d74fb8b5a6246e38ff8
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
e183dfed35d6921278c39359a5d34fbb9dfaaf4f990ec6d210a7217a95e897db
e1c00f1706c4ffb70ada4d484c98cb4b3bae74bef1e74f185d3ea6f6c1369dc6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e734a5f985f63cf0f1e24509f083ab0eb2737f029c76bb0155fee52777a6c5bd
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e81437bacb2eadf8e9892f7c4423437a86ed8249bf77dcf71770909857779174
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
e948b6c6043fb4ac7a06bbae39f5df251717af2bba670ecf379de74a85646dde
ea24d1e7d9bf9c750ced3805bb31ec02d3dc7e4a8b8fbe5ed68475849fe89dd8
ea5475af393e845f5a2230274fbc508bcb4c8d7d99c1d8daf8e5fe6f94f76a29
ea66d5eade25fe68a0b59696d6296b59febd2b55547b506b1f2d9a1993102e68
eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ec25a2a97a622751d1ec7a9f41e37b52e978d5482fa38c16391f5ce1eb732c22
ec5725d4053198fbf31e6d9122e875de3dc5434a7f80748fb848704caf82b322
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa0aa8f99033bd687f63ef2f19f84814fdd5edb4d9fafceeb0e0f940a2bac17
efb6dfb64e21ed016f93813c7b6995a3e3692b1cc0eb1baeaa282c63a2982931
f1e6928d5da67a3221a28b15e25076dba5bdb22a731bc3329e373747383c93d4
f3780be5fb043739906b058923bd09207a0f145c365d762dae0c945704d292fc
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5bc40f0b27ed579e44b85aa0f4f6213464143adc31ae92ad6894f8b5f37698c
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2
f876337424774dee1b2ec0c7a5c38f946ef67b78598ccfbb70f97f8e3d3212e9
f973d75ead19729433907ba993cee75784ac0ba25a5f229c3091e7f45966b1a3
f9e64eb7aef36051354450d933b2e43aebe7697a972678b0d8ab9773e3ae0043
fd79c048494ceddf0d76c4404607554bfe9c3f85a400875a769f260be2228506