pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Submission: On June 05 via api (June 5th 2023, 3:58:30 pm UTC) from TR — Scanned from DE

Summary HTTP 450 Redirects Behaviour Indicators

Summary

This website contacted 74 IPs in 10 countries across 67 domains to perform 450 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.

This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.60.220.36 20.60.220.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	77.245.159.14 77.245.159.14	42868 (NIOBEBILI...) (NIOBEBILISIMHIZMETLERI)
2	94.138.206.83 94.138.206.83	49126 (AS49126) (AS49126)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
40	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	23.206.208.114 23.206.208.114	16625 (AKAMAI-AS) (AKAMAI-AS)
19	185.7.176.222 185.7.176.222	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
60	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	185.7.176.221 185.7.176.221	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.190.43 18.66.190.43	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1	3.64.112.248 3.64.112.248	16509 (AMAZON-02) (AMAZON-02)
6	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	216.52.2.48 216.52.2.48	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 8	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
4	85.111.6.48 85.111.6.48	9121 (TTNET) (TTNET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:249... 2600:9000:2491:8400:1b:f040:3600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	154.58.197.185 154.58.197.185	174 (COGENT-174) (COGENT-174)
1	192.229.233.53 192.229.233.53	15133 (EDGECAST) (EDGECAST)
9	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	3.126.192.167 3.126.192.167	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
24	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	52.19.145.179 52.19.145.179	16509 (AMAZON-02) (AMAZON-02)
12 51	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
7 13	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
5 5	18.184.185.174 18.184.185.174	16509 (AMAZON-02) (AMAZON-02)
2 2	35.156.251.164 35.156.251.164	() ()
3 3	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3 3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	185.86.139.101 185.86.139.101	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	20.127.253.7 20.127.253.7	() ()
2	162.19.138.82 162.19.138.82	() ()
2	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	2a05:d018:d29... 2a05:d018:d29:3602:4721:f1a6:82e5:32b7	16509 (AMAZON-02) (AMAZON-02)
3 3	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
3 3	54.171.9.188 54.171.9.188	16509 (AMAZON-02) (AMAZON-02)
2 2	35.157.134.200 35.157.134.200	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1 4	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.98.64.218 34.98.64.218	() ()
44	2a00:1450:400... 2a00:1450:4001:813::2006	() ()
3	35.71.131.137 35.71.131.137	() ()
2 2	35.186.193.173 35.186.193.173	() ()
4	2606:4700:20:... 2606:4700:20::681a:bd1	() ()
8	142.250.186.98 142.250.186.98	() ()
3 6	2606:4700::68... 2606:4700::6812:19ad	() ()
1	178.250.1.9 178.250.1.9	() ()
3	35.186.253.211 35.186.253.211	() ()
2 2	185.64.190.78 185.64.190.78	() ()
2 4	52.29.216.32 52.29.216.32	() ()
1	34.96.105.8 34.96.105.8	() ()
1 1	3.75.62.37 3.75.62.37	() ()
1 3	104.102.45.165 104.102.45.165	() ()
1	2606:4700::68... 2606:4700::6812:7f05	() ()
4 4	172.217.18.6 172.217.18.6	() ()
4 4	84.200.5.215 84.200.5.215	() ()
2	167.233.13.224 167.233.13.224	() ()
1	13.42.219.105 13.42.219.105	() ()
1	18.66.147.52 18.66.147.52	() ()
1	108.138.36.55 108.138.36.55	() ()
1	2a02:2638:3::c 2a02:2638:3::c	() ()
1	151.101.65.108 151.101.65.108	() ()
1	23.201.255.110 23.201.255.110	() ()
1	23.35.236.201 23.35.236.201	() ()
450	74

4 20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pcloak.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com

www.cloakan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)

ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.208.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-114.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 185.7.176.222 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng2.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.190.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-190-43.muc50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.112.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-112-248.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.48 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.171.22 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns1.ttidc.com.tr

cpm.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:8400:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)

ads.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.58.197.185 (United States)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com

t.hspvst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.233.53 (Granada Hills, United States)

ASN15133 (EDGECAST, US)

cti.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.192.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-192-167.eu-central-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.19.145.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-145-179.eu-west-1.compute.amazonaws.com

s.h.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 142.250.186.66 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.80.39.216 (Canada) 7 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.184.185.174 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-185-174.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.251.164 (None, ) 2 redirects

ASN- ()

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.181 (Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.127.253.7 (None, ) 2 redirects

ASN- ()

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.82 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3602:4721:f1a6:82e5:32b7 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.24 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.171.9.188 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-9-188.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.134.200 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-134-200.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.161.51 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (None, )

ASN- ()

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:813::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (None, ) 2 redirects

ASN- ()

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:bd1 (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.98 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:19ad (None, ) 3 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (None, )

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (None, ) 2 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.29.216.32 (None, ) 2 redirects

ASN- ()

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (None, )

ASN- ()

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (None, ) 1 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.102.45.165 (None, ) 1 redirects

ASN- ()

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f05 (None, )

ASN- ()

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.6 (None, ) 4 redirects

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (None, ) 4 redirects

ASN- ()

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.233.13.224 (None, )

ASN- ()

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.42.219.105 (None, )

ASN- ()

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.52 (None, )

ASN- ()

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.55 (None, )

ASN- ()

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (None, )

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.255.110 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
100	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	864 KB
89	doubleclick.net 16 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 221 googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 cm.g.doubleclick.net — Cisco Umbrella Rank: 231 googleads4.g.doubleclick.net ad.doubleclick.net	403 KB
44	2mdn.net s0.2mdn.net	761 KB
42	ye-mek.net ye-mek.net — Cisco Umbrella Rank: 437805 cdn.ye-mek.net	618 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 27106 ad4m.at — Cisco Umbrella Rank: 9491 assets.ad4m.at	961 KB
19	virgul.com static.virgul.com — Cisco Umbrella Rank: 56516 ng.virgul.com — Cisco Umbrella Rank: 49823 ng2.virgul.com — Cisco Umbrella Rank: 54223	233 KB
16	w55c.net 2 redirects ads.w55c.net — Cisco Umbrella Rank: 11648 cti.w55c.net — Cisco Umbrella Rank: 3710 i.w55c.net — Cisco Umbrella Rank: 2168 s.h.w55c.net — Cisco Umbrella Rank: 10481 pm.w55c.net — Cisco Umbrella Rank: 896	108 KB
13	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568 ssum-sec.casalemedia.com	10 KB
12	google.com adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 3	1 KB
9	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 239 acdn.adnxs.com	9 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	425 KB
8	rubiconproject.com prebid-server.rubiconproject.com — Cisco Umbrella Rank: 975 fastlane.rubiconproject.com — Cisco Umbrella Rank: 523 eus.rubiconproject.com	10 KB
6	tribalfusion.com 3 redirects a.tribalfusion.com s.tribalfusion.com	3 KB
5	openx.net us-u.openx.net rtb.openx.net	869 B
5	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 340	2 KB
5	teads.tv 1 redirects a.teads.tv — Cisco Umbrella Rank: 1450 sync.teads.tv — Cisco Umbrella Rank: 1314	1 KB
5	adform.net 3 redirects adx.adform.net — Cisco Umbrella Rank: 4102 c1.adform.net — Cisco Umbrella Rank: 598	3 KB
4	adtriba.com 2 redirects d.adtriba.com	1 KB
4	yahoo.com 4 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 452 ups.analytics.yahoo.com	3 KB
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 149238 static-de.ad4mat.net — Cisco Umbrella Rank: 199940	8 KB
4	programattik.com cpm.programattik.com — Cisco Umbrella Rank: 52678	565 B
4	pubmatic.com 2 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 541 image6.pubmatic.com ads.pubmatic.com	1 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 348 aax.amazon-adsystem.com — Cisco Umbrella Rank: 440	60 KB
4	windows.net pcloak.blob.core.windows.net	3 KB
3	awin1.com 1 redirects www.awin1.com	2 KB
3	adsrvr.org match.adsrvr.org	914 B
3	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 2279	1 KB
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 402	1 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 5220	915 B
3	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 748 dis.criteo.com gum.criteo.com mug.criteo.com Failed	7 KB
3	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 718	2 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8155	861 B
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1494 mp.4dex.io — Cisco Umbrella Rank: 2461	25 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net	686 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de	441 B
2	ctnsnet.com 2 redirects gcm.ctnsnet.com	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 569	59 KB
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 826	673 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 870	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 702	900 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 773	929 B
2	id5-sync.com id5-sync.com	2 KB
2	inmobi.com 2 redirects sync.inmobi.com	1 KB
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 802	89 B
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 93434	131 KB
2	pghub.io pghub.io — Cisco Umbrella Rank: 1962 feed.pghub.io — Cisco Umbrella Rank: 8248	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	90 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 12805	6 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 398 imasdk.googleapis.com — Cisco Umbrella Rank: 486	153 KB
2	cloakan.co www.cloakan.co	1 KB
1	webgains.team cdn.track.production.webgains.team	15 KB
1	webgains.io analytics.webgains.io	31 KB
1	webgains.com track.webgains.com	2 KB
1	blau.de partner.blau.de	1 KB
1	o2online.de partner.o2online.de	1 KB
1	conrad.de www.conrad.de	473 B
1	blismedia.com tr.blismedia.com	173 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6373	557 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 681	187 B
1	hspvst.com t.hspvst.com — Cisco Umbrella Rank: 133454	920 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	21 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 2020
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	47 KB
0	brealtime.com Failed biddr.brealtime.com Failed
0	demdex.net Failed unilever.demdex.net Failed
0	emxdgt.com Failed hb.emxdgt.com Failed cs.emxdgt.com Failed
450	67

	Domain	Requested by
60	pagead2.googlesyndication.com	static.virgul.com pagead2.googlesyndication.com ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com ye-mek.net s0.2mdn.net securepubads.g.doubleclick.net pcloak.blob.core.windows.net
51	cm.g.doubleclick.net	12 redirects googleads.g.doubleclick.net ye-mek.net ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
44	s0.2mdn.net	pcloak.blob.core.windows.net s0.2mdn.net ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com ye-mek.net
40	cdn.ye-mek.net	ye-mek.net cdn.ye-mek.net
32	tpc.googlesyndication.com	ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com googleads.g.doubleclick.net pcloak.blob.core.windows.net tpc.googlesyndication.com pagead2.googlesyndication.com s0.2mdn.net ye-mek.net securepubads.g.doubleclick.net
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
13	securepubads.g.doubleclick.net	static.virgul.com securepubads.g.doubleclick.net ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com pcloak.blob.core.windows.net www.googletagservices.com
12	assets.ad4m.at	as.ad4m.at
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
11	s.h.w55c.net	cti.w55c.net s.h.w55c.net
9	www.google.com	googleads.g.doubleclick.net ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com tpc.googlesyndication.com
8	googleads4.g.doubleclick.net	pcloak.blob.core.windows.net
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com as.ad4m.at ad4m.at
8	www.googletagservices.com	ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	ib.adnxs.com	3 redirects static.virgul.com googleads.g.doubleclick.net
8	ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
8	ng.virgul.com	static.virgul.com ye-mek.net
7	static.virgul.com	ye-mek.net static.virgul.com pcloak.blob.core.windows.net
6	fastlane.rubiconproject.com	static.virgul.com
5	x.bidswitch.net	5 redirects
4	ad.doubleclick.net	4 redirects
4	d.adtriba.com	2 redirects ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
4	sync.teads.tv	1 redirects googleads.g.doubleclick.net
4	ng2.virgul.com	ye-mek.net
4	cpm.programattik.com	static.virgul.com
4	pcloak.blob.core.windows.net	pcloak.blob.core.windows.net
3	www.awin1.com	1 redirects as.ad4m.at
3	rtb.openx.net	ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
3	s.tribalfusion.com	ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
3	a.tribalfusion.com	3 redirects
3	match.adsrvr.org	ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com static.virgul.com
3	match.360yield.com	3 redirects
3	c1.adform.net	3 redirects
3	pr-bh.ybp.yahoo.com	3 redirects
3	eb2.3lift.com	3 redirects
3	d5p.de17a.com	3 redirects
3	ap.lijit.com	2 redirects static.virgul.com
3	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	c.amazon-adsystem.com	static.virgul.com c.amazon-adsystem.com
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	image6.pubmatic.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	us-u.openx.net	googleads.g.doubleclick.net
2	static-de.ad4mat.net	as.ad4m.at
2	static.criteo.net	static.virgul.com static.criteo.net
2	onetag-sys.com	2 redirects
2	pm.w55c.net	2 redirects
2	um.simpli.fi	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	cms.quantserve.com	ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	id5-sync.com	ye-mek.net
2	sync.inmobi.com	2 redirects
2	ssbsync.smartadserver.com	ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
2	a.sportradarserving.com	2 redirects
2	prod-rtb.ad4mat.net	pcloak.blob.core.windows.net
2	adx.adform.net	static.virgul.com
2	script.4dex.io	static.virgul.com script.4dex.io
2	c1.imgiz.com	static.virgul.com c1.imgiz.com
2	connect.facebook.net	ye-mek.net connect.facebook.net
2	images.dmca.com	ye-mek.net
2	ye-mek.net	www.cloakan.co ye-mek.net
2	www.cloakan.co	pcloak.blob.core.windows.net
1	ads.pubmatic.com	static.virgul.com
1	eus.rubiconproject.com	static.virgul.com
1	acdn.adnxs.com	static.virgul.com
1	gum.criteo.com	static.criteo.net
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	ssum-sec.casalemedia.com	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	tr.blismedia.com	ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
1	dis.criteo.com	ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	pixel-sync.sitescout.com	ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
1	i.w55c.net	googleads.g.doubleclick.net
1	cti.w55c.net	googleads.g.doubleclick.net
1	t.hspvst.com	googleads.g.doubleclick.net
1	ads.w55c.net	googleads.g.doubleclick.net
1	imasdk.googleapis.com	c1.imgiz.com
1	hbopenbid.pubmatic.com	static.virgul.com
1	bidder.criteo.com	static.virgul.com
1	a.teads.tv	static.virgul.com
1	prebid-server.rubiconproject.com	static.virgul.com
1	mp.4dex.io	static.virgul.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	feed.pghub.io	pghub.io
1	pghub.io	static.virgul.com
1	www.google-analytics.com	www.googletagmanager.com
1	s7.addthis.com	ye-mek.net
1	www.googletagmanager.com	ye-mek.net
1	ajax.googleapis.com	ye-mek.net
0	biddr.brealtime.com Failed	static.virgul.com
0	mug.criteo.com Failed	pcloak.blob.core.windows.net
0	unilever.demdex.net Failed	pcloak.blob.core.windows.net
0	cs.emxdgt.com Failed	ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
0	hb.emxdgt.com Failed	static.virgul.com
450	103

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-22` - `2024-03-22`	a year	crt.sh
cpanel.cloakan.co R3	`2023-05-03` - `2023-08-01`	3 months	crt.sh
www.ye-mek.net RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-29` - `2023-07-07`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
1099124734.rsc.cdn77.org R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
images.dmca.com R3	`2023-05-13` - `2023-08-11`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-24` - `2023-09-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-15` - `2023-06-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-27` - `2023-09-09`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-31` - `2023-08-31`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.programattik.com GeoTrust RSA CA 2018	`2022-10-25` - `2023-10-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.w55c.net Amazon RSA 2048 M02	`2023-05-29` - `2024-06-25`	a year	crt.sh
*.hspvst.com Gandi Standard SSL CA 2	`2022-12-12` - `2023-12-09`	a year	crt.sh
ads.w55c.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-30` - `2024-06-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-06-04` - `2023-09-02`	3 months	crt.sh
h.w55c.net R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh

This page contains 53 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Frame ID: CD51EE5C9292C5BFA8F4C3A218A3DE0F
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: 43F497D440CD76587747C9F64A86A9D4
Requests: 120 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: A904B0B4E5A21A489D2BD1745C92A9C1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html
Frame ID: 828AB0F187BC1D0C9410E28177DDA0CC
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 844A6B8B89E1B0EF61EBD8B8F19DF7C1
Requests: 1 HTTP requests in this frame

Frame: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 39FE0593846D0792078178E43C4059D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685980706548&bpp=4&bdt=887&idt=279&shv=r20230531&mjsv=m202305310101&ptt=9&saldr=aa&nras=1&correlator=4800735757698&frm=24&ife=1&pv=2&ga_vid=854444417.1685980706&ga_sid=1685980707&ga_hid=59647142&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759837%2C44759876%2C31075004%2C44788441%2C31071260&oid=2&pvsid=1497102148338384&tmod=355982566&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.b71lvrwtbxb7&fsb=1&dtd=294
Frame ID: FE2EA72556D57A2EF1554EEB65B64025
Requests: 1 HTTP requests in this frame

Frame: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 2222A5D80B8AC242C70F8598F2E374F1
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685980707370&bpp=9&bdt=166&idt=208&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&nras=1&correlator=5765937014493&frm=8&ife=1&pv=2&ga_vid=775208630.1685980708&ga_sid=1685980708&ga_hid=852425619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1314163020&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44788442%2C44793498&oid=2&pvsid=168256876745976&tmod=164915221&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ab9e17odn3it&fsb=1&dtd=228
Frame ID: 02173778252A869E3B4F1424725B47E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685980707379&bpp=2&bdt=176&idt=225&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5765937014493&frm=8&ife=1&pv=1&ga_vid=775208630.1685980708&ga_sid=1685980708&ga_hid=852425619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1314163020&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44788442%2C44793498&oid=2&pvsid=168256876745976&tmod=164915221&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.p25332vywrjn&fsb=1&dtd=231
Frame ID: 1CF12A320C31A7D30C46D126BA80DBF5
Requests: 23 HTTP requests in this frame

Frame: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 143DA731FDD018177D55708CB20B78F2
Requests: 19 HTTP requests in this frame

Frame: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 2600CF04B46A351CAE8638D02ABB05B5
Requests: 10 HTTP requests in this frame

Frame: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 871A4866C81FDF5B503259FC54C4D092
Requests: 20 HTTP requests in this frame

Frame: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 850C8FEADD8487F70609EE869BE2CF35
Requests: 10 HTTP requests in this frame

Frame: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6FB0B8AAC591D843F498B83D1C2B75A3
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARiD27LlATAB&v=APEucNWwCuVvmpC1h3zWjM0zKQekR1ZgcLCTnjeyI27AIOy5K_klSCLsgBzo_tIpGa9OhQtqWWUittk_lNoQ0K0boXjqBvARbEiv7mSdKwTowdIXh0HG0Z-MIQUQa9e740Bsgy_hv43TZgdYV8ny4H6y0pR1T_eV2ppCE_1hRvzgGfbQq48PuYE
Frame ID: 9CDA1A259667965A4D7FBDF29D50256D
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ht9mz6sx5w6wv6dt4bvk5pvm02ee63gcdeg4b0qq92jfjwys4g4s0ga1h3ckf6wbksyg7mdn21keq5ee2ktewvpktyyv8dbn5qsn2d3ejf2cdr93b773eebb7p01aszy48t2avp0hc5d77ktaetbndj2a8hj7n59bh1ty54z7zxj2ev643ey5ake4r2d9sw5vv0avrj5hgtwwykqf5t4n649d3t49m9b0k49bjk039p2803rrx66a3h5t5ybhgrv7a8gjtzynasgj589vehevtb6e9htz73s8smgc6tpg836w5z2s76rmyrhm6a154qxay8897th113s0mgtd3etgpn155yg9fx54zf74qjz86tw98ma1vdf1rt9rpec24r592xvsfrasghe4c3fcge4cvwamx9qr5k87vjp7f9be5frc16795mq57ynnwqfweapk567ch7gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%26client%3Dca-pub-7983651257838282%26adurl%3D
Frame ID: 497802B56D136364561F01F6DCF15223
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B9061D66DE8BC14D61CFBDB3305198C0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNXum3VVoQRkBd8Gy3W039Qr8Rp3AkoLBx4nWh-9qjFlTIfhMyAe61kZgerFFAWx6pkOD8cmf8LLCLazW3CO3wM4ePbvlfg3oM4IUBk20EbCyvJ9SCsXazFIztrigfy1qTWINVTmoTVzwZi5u4XvbUT3iiLivwm_bz_pfm8qONW-qPOcvYM
Frame ID: D1F4026516DB7A930291E3E0114334BF
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k2ka8qp7s1nhbda1r4xmg7z2mmsb3aph62j8rpg28nv5gg06pyg0dbnne6dwq8fd1bj8t1ecyc791meye9s524rwsrqsgp823mjzqyr94qfew1b0gm1ttvsmke2q2gwhqnhfmvp208ycvyt304wztxm8spfp2q8p74s870137rw4cwyxpksjrvqqsqynkwdqwaj2k5324y2v604ddve713dggybjekmx093r4c40bfttt04spyp0rfqrbderzv9m86y9777wksrnwwx72pmevjncm51rdqdx1rsmdtrd4zteq53bba6ng2qrefrm20c38erzzm4f00brv3837w1w6qrstspjbm880fa889jvzj6vfk4sesr262pw4nnnhtjtnk4cbgtc5jep5s6q3rrq3rs46h0rphcjcq0garh3e24szzg4mw0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Frame ID: 73FBFDC3847A03BB6033AFD9E9EE7AB5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 75D83C48C21FF19CEF80402E6C1F39DA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6EA5C155600A01E9EC320DB4848BE6E7
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNXsd7R04ecLX-EhqAZd7rPI7wp761wNgtU4p1y-8-4P-EifIS8GIQ5VdmTKkXwZduzHtHIGmxzhX-9pDsfDt3438JVCOum3YGCSr1hRdd1TBNUm8UM_nf60_bWHw308iI6PArE-eMg7bEFulGrW37TroeYAXF8Z1wXNll7Rqb8zmknC6hY
Frame ID: E6D1F7E9A6DC167A87B63A5A6E847E67
Requests: 5 HTTP requests in this frame

Frame: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 2D79FF5D7336624369335859363A31C8
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARiD27LlATAB&v=APEucNU3e8JUFyyFP79_ZYrxbUA5ggnp24_IqDTjM1IF_2R0gYF8r5Zbr2NU_jLuO4i30KwVQ4d6pkvuxoum41cWBtQDgYxPs9PfUVQngPAqRuCWxXnzCO61ylhzrNT0wWpDWSwYZ6Ghr1DKRh3W5yteJdyakiUgSvjya9yj6W8nxF2dzYFWTfY
Frame ID: 43CE4CFFC179BFAC139CABBBA9AA6658
Requests: 5 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 15A4841944026E309516AB3388C32B86
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 72ADC3CD51B3A9121071A4DC4A7580FA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 03D6B0CAAFA1F1CE2C76122BCE07B71A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 394C300065990B318477F3EBC1582FA4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5F1101B57AFC39683141101268AF6CD5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 04C6B5512468AAE3D8A5712EB73B4B1C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 570B643EF4601742202BBC804342E633
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MHELeOnLyC&t=1&renderingType=2&ev=01_250
Frame ID: 46F4068A6CC54B59E989E1403D3959FE
Requests: 12 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/5419f3f9-1149-4e8c-b4ad-8a22815721e6
Frame ID: 066CB22D8532B1B94015C92AC9137D3D
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
Frame ID: BADC5F60326DC3A6020BD4734473D2AC
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
Frame ID: 28D773033944DC906E32B25BB9A43788
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=jmKKvXTGGo&t=1&renderingType=2&ev=01_250
Frame ID: D424FCE3800E12D81D426F5E74DA0B53
Requests: 12 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=56bca1593c2d9df88d1d19ce5e0db5ee%2F17299989425428735876&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685980708999&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmg2mnvpza9km91bxj7pr2rtdyccfx8z130gh1bnn4w6q66gq01xrakcn8n6bsdt3k46axdpdz0xgnrmzek14k6fj6b1ddgcndjxns0z9g39c1s03scxr2b98zeccb5bc22mp1nehehprxsgx2m0j4n0v9xmadxg1vw09afnt3fjnwgfnd1crqehz3vqg5agw6f49vvwm38j6pnmd1rgwfs6g07vknrkgss4e0f0tk45q6e7stneawzpnwgcszbhdnff3e3rtsy0r6aeqsnwkkt2m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Frame ID: B6ABB68A87C9F22E44669CE849C748E0
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 41E2EEF70AD8497358F21893A604ADAE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DBDA7DD393C96424F0E654439FC8B61D
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=7e2c6af8eab4b1fb15a9a42a0a21ab25%2F1300045842771027411&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685980709041&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz5nf0478tdx1mfs1s99vyjg8wwwnd0f8csrecd38ks1xtp898h9z5agatsxp683rcfdt5aq96pgbm249sc4smmswm7gnx5rysb794wdm2kb1vh64xbhq2j956hsk81c32c29kn95vf5xh3xz3gfax2p6brere55snef7nt1hdwq140h7kwpef338am292qdgrg2qs8tjy3wgq3sags5sbkzptrj0vqm49e1f3cvhwb5j6nnb4rnst9vesnhzv5h7wtdjp16yx883gnc0pg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Frame ID: 8D32B83525EA2729B14904D9124EB378
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9A447F567A750E89427ACC9EB405B157
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3D8285AEE2CB9D695C854CFE69B4C6B2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3DDB4649D3C7C8D5B380F759AA2BE5F4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Frame ID: 57EE2C47925AC2B1776E1CBB2F073788
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Frame ID: D0EB6303F223FBAEA803783D461846C6
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Frame ID: DF4D5AD2E83C679CD253544D2A51BAF5
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: F55D5CF35858369468F7B18826358923
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2F58191253200E8397EE7B19097506BF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0511C92A9B1C343E83BDD2BB5593220D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Frame ID: B0FED1D9BFAA5280DDF6D45834C9797F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5B47129BE2BD00297D1551D6465677E2
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AC80804426857F13855CF623D06523E1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

450
Requests

86 %
HTTPS

34 %
IPv6

67
Domains

103
Subdomains

74
IPs

10
Countries

5069 kB
Transfer

11237 kB
Size

39
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1

Request Chain 189

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH4GJKnBzOMdWUG9ulo.VwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1&google_hm=2

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECFMuKgcyDGAElPjktmk0gA&google_cver=1

Request Chain 191

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUxNjY2MTM5Njg0NTg5NTY2OQ%3D%3D

Request Chain 196

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1

Request Chain 197

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH4GJKnBzOMdWUG9ulo.VwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1&google_hm=2

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECFMuKgcyDGAElPjktmk0gA&google_cver=1

Request Chain 199

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUxNjY2MTM5Njg0NTg5NTY2OQ%3D%3D

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1

Request Chain 201

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH4GJKnBzOMdWUG9ulo.VwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1&google_hm=2

Request Chain 202

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECFMuKgcyDGAElPjktmk0gA&google_cver=1

Request Chain 203

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUxNjY2MTM5Njg0NTg5NTY2OQ%3D%3D

Request Chain 206

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHlFpuygiyOYD0t6JDxA-0I&google_cver=1&google_push=ATf1kGP5-CT2MhwPo04ooULWbEP5KXJ2JzCxu75t0qV4LuKuNtXBIMP8Fsl0p9vE0ERpudCsFxnN-aUP3lR5jrtTVOyp3-8qDeQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHlFpuygiyOYD0t6JDxA-0I&google_cver=1&google_push=ATf1kGP5-CT2MhwPo04ooULWbEP5KXJ2JzCxu75t0qV4LuKuNtXBIMP8Fsl0p9vE0ERpudCsFxnN-aUP3lR5jrtTVOyp3-8qDeQ HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=8ce3eb19-775b-4cc5-a803-51577f010f33&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP5-CT2MhwPo04ooULWbEP5KXJ2JzCxu75t0qV4LuKuNtXBIMP8Fsl0p9vE0ERpudCsFxnN-aUP3lR5jrtTVOyp3-8qDeQ&google_hm=IvGIeLM7TwCXQrsQCyQwMQ==

Request Chain 207

https://d5p.de17a.com/cookies/google?google_gid=CAESEEYc-zyDnk3_r-O1LXfW3X0&google_cver=1&google_push=ATf1kGMt3VZsmqU0oTIa3KtMP8bJbxweZrT_NiFZwZUEoqMSw4BTtarwnkBJUU22NIwzOR0VdI5WG5JYhT-NOGLpSz-01bG3DGg HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEYc-zyDnk3_r-O1LXfW3X0&google_cver=1&google_push=ATf1kGMt3VZsmqU0oTIa3KtMP8bJbxweZrT_NiFZwZUEoqMSw4BTtarwnkBJUU22NIwzOR0VdI5WG5JYhT-NOGLpSz-01bG3DGg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMt3VZsmqU0oTIa3KtMP8bJbxweZrT_NiFZwZUEoqMSw4BTtarwnkBJUU22NIwzOR0VdI5WG5JYhT-NOGLpSz-01bG3DGg

Request Chain 208

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAdhsFSShP0UzwZc2_3RhT8&google_cver=1&google_push=ATf1kGOjIh3uGXFnOUAVDjM-QPRYOyuiDxl9I3ayfuqPXp7Xfxlc9bjuYQE-QinPkvTi9yX1LAnb6NOqv5m4_uy0ew9cPlHSXDWr HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGOjIh3uGXFnOUAVDjM-QPRYOyuiDxl9I3ayfuqPXp7Xfxlc9bjuYQE-QinPkvTi9yX1LAnb6NOqv5m4_uy0ew9cPlHSXDWr&google_gid=CAESEAdhsFSShP0UzwZc2_3RhT8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MzQzODI2NTU5OTQ4NzQ0MDkyOQ%3D%3D&google_push=ATf1kGOjIh3uGXFnOUAVDjM-QPRYOyuiDxl9I3ayfuqPXp7Xfxlc9bjuYQE-QinPkvTi9yX1LAnb6NOqv5m4_uy0ew9cPlHSXDWr

Request Chain 210

https://sync.inmobi.com/gob?google_gid=CAESECOn_XIB8HcwLRZfV1cNTuE&google_cver=1&google_push=ATf1kGMbb3j1HzFDHT8TqTw8TSYouQsbU-4ZYh0k5u6iy938eH2u3bqS6xzCqJdS_K5vXEsYRLN58h6EFpc2mF6VnaeLiAJ6gk4x HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMbb3j1HzFDHT8TqTw8TSYouQsbU-4ZYh0k5u6iy938eH2u3bqS6xzCqJdS_K5vXEsYRLN58h6EFpc2mF6VnaeLiAJ6gk4x

Request Chain 215

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKzDdYDUe2WxirjQfgReDMw&google_cver=1&google_push=ATf1kGOicGHzVTfbQcS84Oe6cMTifB0G8oaViUYYABGe2ruy6FMsfIs-NOfsQoBCzHS9EceGlGQZL9KQFeJDbojz8VPcKNpLA5bz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKzDdYDUe2WxirjQfgReDMw&google_push=ATf1kGOicGHzVTfbQcS84Oe6cMTifB0G8oaViUYYABGe2ruy6FMsfIs-NOfsQoBCzHS9EceGlGQZL9KQFeJDbojz8VPcKNpLA5bz

Request Chain 216

https://um.simpli.fi/gp_match?google_gid=CAESEN5q8-m6QaBcF9zOjvrxwXo&google_cver=1&google_push=ATf1kGP1qmuWnRBjQnYXj5GmkxlV0JNx6lyeMppBTj7LIts5IMYN4jYa99Ls7z2ErMKCCWClk3753VyothEqESHBD4Incp3ew5QqgQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EAE174DE4ACD4DE78D47EF072B28C0F3&google_push=ATf1kGP1qmuWnRBjQnYXj5GmkxlV0JNx6lyeMppBTj7LIts5IMYN4jYa99Ls7z2ErMKCCWClk3753VyothEqESHBD4Incp3ew5QqgQ

Request Chain 217

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFoV750bgS68t4P_hWv1Lnw&google_cver=1&google_push=ATf1kGMYAUZFfmYOFiRhzLQnibN5IjdLNiYY47noLVLf1EUcoUEA0WaproqDkh1deRvW0fxyM44E-qYc0p7H1rEC-hP7ToaQpXVB9Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMYAUZFfmYOFiRhzLQnibN5IjdLNiYY47noLVLf1EUcoUEA0WaproqDkh1deRvW0fxyM44E-qYc0p7H1rEC-hP7ToaQpXVB9Q&google_hm=eS1OV3BaVXpaRTJwRk9ZeXNEczVqdjh6SmV5QTdHY05PMH5B

Request Chain 218

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN_ITPlR24bEuPMaPii-UIc&google_cver=1&google_push=ATf1kGMonY74MebeWQeVxOkfb_ATUSOwFY5pafpY2HpOhRs-Z9zHgNTfE2Lyy-RrXbGbJNr30She6ba8fzRo7hDWRA1RdLf_lgl9MA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN_ITPlR24bEuPMaPii-UIc&google_cver=1&google_push=ATf1kGMonY74MebeWQeVxOkfb_ATUSOwFY5pafpY2HpOhRs-Z9zHgNTfE2Lyy-RrXbGbJNr30She6ba8fzRo7hDWRA1RdLf_lgl9MA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMzNzQzNDM3OTc2ODc0NjUxNQ&google_push=ATf1kGMonY74MebeWQeVxOkfb_ATUSOwFY5pafpY2HpOhRs-Z9zHgNTfE2Lyy-RrXbGbJNr30She6ba8fzRo7hDWRA1RdLf_lgl9MA

Request Chain 219

https://match.360yield.com/match/ebda?google_gid=CAESEEXI_blq5cCbrbg8RfgvdXw&google_cver=1&google_push=ATf1kGOVfJzGFVJzSNz63JimR8Tru26P6GE0qs2gppFjv9tE5WbWs3J0kEZC1LwQNKym11aKC1DGt2VxuNGutkcYJqjCeKJunIB6wg HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEXI_blq5cCbrbg8RfgvdXw&google_cver=1&google_push=ATf1kGOVfJzGFVJzSNz63JimR8Tru26P6GE0qs2gppFjv9tE5WbWs3J0kEZC1LwQNKym11aKC1DGt2VxuNGutkcYJqjCeKJunIB6wg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rsdvldWjR-KQ-78UOyNy3g&google_push=ATf1kGOVfJzGFVJzSNz63JimR8Tru26P6GE0qs2gppFjv9tE5WbWs3J0kEZC1LwQNKym11aKC1DGt2VxuNGutkcYJqjCeKJunIB6wg

Request Chain 220

https://sync.inmobi.com/gob?google_gid=CAESECOn_XIB8HcwLRZfV1cNTuE&google_cver=1&google_push=ATf1kGMmWP7IZIu7_VqCE4IUwUkUMdO0-ccDRKW_oY8V0A5qgNaUe3P06YSVHeVukmDH7RbnrOWdqwEBpY3dlqbG9RpYsNOwq9RD1kQ HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMmWP7IZIu7_VqCE4IUwUkUMdO0-ccDRKW_oY8V0A5qgNaUe3P06YSVHeVukmDH7RbnrOWdqwEBpY3dlqbG9RpYsNOwq9RD1kQ

Request Chain 223

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrf91KEK4I6qtxveVhVmiQ&google_cver=1&google_push=ATf1kGOrlBzLz8FyTrcW5z5Mc2GOOoio6K0AGiyRq1EYzgHV62awESmoZUjEriyUyh3abRdbOVLwuu_lSyXqJvmv_rvKndPbIK1hPsY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZUdMRjVNMVkxUTZjQmU1&google_gid=CAESEMrf91KEK4I6qtxveVhVmiQ&google_cver=1&google_push=ATf1kGOrlBzLz8FyTrcW5z5Mc2GOOoio6K0AGiyRq1EYzgHV62awESmoZUjEriyUyh3abRdbOVLwuu_lSyXqJvmv_rvKndPbIK1hPsY

Request Chain 224

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKzDdYDUe2WxirjQfgReDMw&google_cver=1&google_push=ATf1kGNPdRP4_uK_3Gs8UshFXTAfGESU3IlZC96YIr_6tbX2_2P3yBq8OKVnmNBM3_VoSZ7j61XXQFs2Y3IDAQ6KHybCUzijF0neJ18 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKzDdYDUe2WxirjQfgReDMw&google_push=ATf1kGNPdRP4_uK_3Gs8UshFXTAfGESU3IlZC96YIr_6tbX2_2P3yBq8OKVnmNBM3_VoSZ7j61XXQFs2Y3IDAQ6KHybCUzijF0neJ18

Request Chain 225

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDosiR3QUQnl-Cesnylp6Hc&google_cver=1&google_push=ATf1kGPNWJ8aJfBEOyHD10PTXecFPYCnIn7Jr3vXAJ0TCQdr9eA-_LXmWCDpnq8JirdCgN4v7UPhtI3VFk9FkqFriokJApznGXlyvdA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hoIr0yf-T-OMOhoV8Sy-sA2&google_push=ATf1kGPNWJ8aJfBEOyHD10PTXecFPYCnIn7Jr3vXAJ0TCQdr9eA-_LXmWCDpnq8JirdCgN4v7UPhtI3VFk9FkqFriokJApznGXlyvdA

Request Chain 226

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFoV750bgS68t4P_hWv1Lnw&google_cver=1&google_push=ATf1kGMoHUqGdedpyMr3zMa6Ws5Iq2EtdeugY60XYuipBwfHHMjvxPPk8J3ih_0eEIAwkkVX5szfAsHveTvx05oVNkVN2I1AsWUZPPM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMoHUqGdedpyMr3zMa6Ws5Iq2EtdeugY60XYuipBwfHHMjvxPPk8J3ih_0eEIAwkkVX5szfAsHveTvx05oVNkVN2I1AsWUZPPM&google_hm=eS1QR1ltR1A1RTJwRWlSRzZITlNmVVdFSVdIN2NVNHJ6Nn5B

Request Chain 227

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECI1iEbG-UqaB41GywmzXVc&google_cver=1&google_push=ATf1kGNAW41gZl7tIkxipAiMCjLXW_Xydm1HTy4UWhKyvGnl0eFR-whlyzgguREGT9tqsZZZ0Wd6_VDgYlvbGCUsufdeffDgXMPBGg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNAW41gZl7tIkxipAiMCjLXW_Xydm1HTy4UWhKyvGnl0eFR-whlyzgguREGT9tqsZZZ0Wd6_VDgYlvbGCUsufdeffDgXMPBGg

Request Chain 228

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEB1Xvf2NtYYnF6AX4O0G-k8&google_cver=1&google_push=ATf1kGO-BWakruxEMg5TMjFqmiQI3cIUQn8ymWxmTvtrqbBwcSbeUIfPIIqF0MqGWa-DL5Zw9RHbSSaJla03p5r1uMWjiQGWV4b5D7I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGO-BWakruxEMg5TMjFqmiQI3cIUQn8ymWxmTvtrqbBwcSbeUIfPIIqF0MqGWa-DL5Zw9RHbSSaJla03p5r1uMWjiQGWV4b5D7I HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 247

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG9suGJc63pckI4eo13uf4s&google_cver=1

Request Chain 249

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEKtMY5h6eQIi6N0sz-Wi5lU&google_cver=1

Request Chain 289

https://um.simpli.fi/gp_match?google_gid=CAESEN5q8-m6QaBcF9zOjvrxwXo&google_cver=1&google_push=ATf1kGM8lVirTBnzT522dt5HuV4LtLKcR6TXyKgR3NfRhAJecSHOm94djU62GBFTWPqrArtrISl897zN6Q1U7VvrUkt4m1H4QcA1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EAE174DE4ACD4DE78D47EF072B28C0F3&google_push=ATf1kGM8lVirTBnzT522dt5HuV4LtLKcR6TXyKgR3NfRhAJecSHOm94djU62GBFTWPqrArtrISl897zN6Q1U7VvrUkt4m1H4QcA1

Request Chain 291

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENP_cT2W0bwu9cBXooi9tgA&google_cver=1&google_push=ATf1kGP-kPiW5jzjhmGbMrUD3jqZsuwsdEH3VFxX-lNA6l3XFz3Os8s0y33TLFxb4dUmKmtEx2nde1sbxIsazD7IoXjJBYDPfs0W HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGP-kPiW5jzjhmGbMrUD3jqZsuwsdEH3VFxX-lNA6l3XFz3Os8s0y33TLFxb4dUmKmtEx2nde1sbxIsazD7IoXjJBYDPfs0W&google_hm=FqTglvw7TiWlpwmkzTNVap0

Request Chain 292

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFoV750bgS68t4P_hWv1Lnw&google_cver=1&google_push=ATf1kGOZaQuzQvYNPoTsI08RfQdtlNRg7QZ463zhCCv6Y1VDqTFc2mg-tPJOhPn4kngDX_Ya_8kOZf_G_lFgsrPxQbmYb6Z6ioY- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOZaQuzQvYNPoTsI08RfQdtlNRg7QZ463zhCCv6Y1VDqTFc2mg-tPJOhPn4kngDX_Ya_8kOZf_G_lFgsrPxQbmYb6Z6ioY-&google_hm=eS1QR1ltR1A1RTJwRWlSRzZITlNmVVdFSVdIN2NVNHJ6Nn5B

Request Chain 293

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECI1iEbG-UqaB41GywmzXVc&google_cver=1&google_push=ATf1kGN8eIFHIH_lZCXtGpuvpu_XWIyy2BIfDH5SPVXwQfOr-UZUZzsOqKABBNkB0QOIQBnbWElq4SzDsXj197k_O_8y415U2Lyu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN8eIFHIH_lZCXtGpuvpu_XWIyy2BIfDH5SPVXwQfOr-UZUZzsOqKABBNkB0QOIQBnbWElq4SzDsXj197k_O_8y415U2Lyu

Request Chain 294

https://match.360yield.com/match/ebda?google_gid=CAESEEXI_blq5cCbrbg8RfgvdXw&google_cver=1&google_push=ATf1kGPSRn8WtnzbmcWV0QloZt_6c6HSdQBT6TSRPxpSxvmbN1UGcfT21BbS_g7k9EBr6dI3KzB8Ko3Fvdua6nnGN5mvg0McQOGF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rsdvldWjR-KQ-78UOyNy3g&google_push=ATf1kGPSRn8WtnzbmcWV0QloZt_6c6HSdQBT6TSRPxpSxvmbN1UGcfT21BbS_g7k9EBr6dI3KzB8Ko3Fvdua6nnGN5mvg0McQOGF

Request Chain 295

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAdhsFSShP0UzwZc2_3RhT8&google_cver=1&google_push=ATf1kGM9FVxIYs2vg8bI5mbNK2-_JLekZsV1JB6yF5gy_JKqtmWzSAwwXX6UBVE4Pn-PBqSOg0oN3eVsoe3CNHcbhpNXP3hUQDle HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MzQzODI2NTU5OTQ4NzQ0MDkyOQ%3D%3D&google_push=ATf1kGM9FVxIYs2vg8bI5mbNK2-_JLekZsV1JB6yF5gy_JKqtmWzSAwwXX6UBVE4Pn-PBqSOg0oN3eVsoe3CNHcbhpNXP3hUQDle

Request Chain 308

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMt8bG15net19Lhc5ca36Iw&google_cver=1&google_push=ATf1kGNDvnI-D9NN_1RDc_WKOc3qtn9vdkqF1P0caCWV8hN95vyBEqmCZDFwywpN3MkrElKjRA4IQtK-1HJ5sV_EYP-0RwySqfVZ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNDvnI-D9NN_1RDc_WKOc3qtn9vdkqF1P0caCWV8hN95vyBEqmCZDFwywpN3MkrElKjRA4IQtK-1HJ5sV_EYP-0RwySqfVZ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMt8bG15net19Lhc5ca36Iw&google_cver=1&google_push=ATf1kGNDvnI-D9NN_1RDc_WKOc3qtn9vdkqF1P0caCWV8hN95vyBEqmCZDFwywpN3MkrElKjRA4IQtK-1HJ5sV_EYP-0RwySqfVZ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNDvnI-D9NN_1RDc_WKOc3qtn9vdkqF1P0caCWV8hN95vyBEqmCZDFwywpN3MkrElKjRA4IQtK-1HJ5sV_EYP-0RwySqfVZ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 311

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELW4AIA6QaWHbDWAFNbsA9g&google_cver=1&google_push=ATf1kGME6v-dS6kPlWAbkGm2OSSyB5Yz1cBDiPOCRNnJZjc5Fw9bQogXWLYjgVx3DI4k9KCiP1bfb_4qqdLar74fSQzQOQ4ihjVd HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELW4AIA6QaWHbDWAFNbsA9g&google_cver=1&google_push=ATf1kGME6v-dS6kPlWAbkGm2OSSyB5Yz1cBDiPOCRNnJZjc5Fw9bQogXWLYjgVx3DI4k9KCiP1bfb_4qqdLar74fSQzQOQ4ihjVd&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=97KFMZMxT-OdPI8lfCQGvg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGME6v-dS6kPlWAbkGm2OSSyB5Yz1cBDiPOCRNnJZjc5Fw9bQogXWLYjgVx3DI4k9KCiP1bfb_4qqdLar74fSQzQOQ4ihjVd

Request Chain 312

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBFZzAwrHw1uHmvpGYL25ms&google_cver=1&google_push=ATf1kGPnZwgY8hLYb-gpvEPXPsyIMAN7dp5e1O6Nb30n5eC1zT2dfGTvOSN8UVqzYeWa39u0QGNLTqMZLNT_GdAvcVlXfo5UvHh3 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBFZzAwrHw1uHmvpGYL25ms&google_cver=1&google_push=ATf1kGPnZwgY8hLYb-gpvEPXPsyIMAN7dp5e1O6Nb30n5eC1zT2dfGTvOSN8UVqzYeWa39u0QGNLTqMZLNT_GdAvcVlXfo5UvHh3&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPnZwgY8hLYb-gpvEPXPsyIMAN7dp5e1O6Nb30n5eC1zT2dfGTvOSN8UVqzYeWa39u0QGNLTqMZLNT_GdAvcVlXfo5UvHh3&google_hm=GxAetGZHtWb6Ec3hTu-_TlQc

Request Chain 314

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMCDmxNvAyhOh6DYP6jIwrs&google_cver=1&google_push=ATf1kGPp0NSQtBzE5hpthb7kj_Lx0775jz1kt86XwuYbmdKA0Xi38fi3y-t8c3RpMMSW8STeIlkM6Fd0qLa2RTCbXRppAVbG8FNs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=22f18878-b33b-4f00-9742-bb100b243031&%%GOOGLE_PUSH_PAIR%%

Request Chain 318

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202210_es_hunger_dv_pros_347628237&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
https://d.adtriba.com/px.gif

Request Chain 321

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202210_es_hunger_dv_pros_347628237&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
https://d.adtriba.com/px.gif

Request Chain 324

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrf91KEK4I6qtxveVhVmiQ&google_cver=1&google_push=ATf1kGOFEvKVB-lSbYZOo5htt9piGYi1Al5aS-ZxVwNevfaxU13hAvNuOEFaBZmQ42YSiHyDqpbcOsvE82JT1l84JhgLIvU5HQWk-g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZUdMRjVNMVkxUTZjQmU1&google_gid=CAESEMrf91KEK4I6qtxveVhVmiQ&google_cver=1&google_push=ATf1kGOFEvKVB-lSbYZOo5htt9piGYi1Al5aS-ZxVwNevfaxU13hAvNuOEFaBZmQ42YSiHyDqpbcOsvE82JT1l84JhgLIvU5HQWk-g

Request Chain 325

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMt8bG15net19Lhc5ca36Iw&google_cver=1&google_push=ATf1kGNMEO6ZYxqjHIfEQsq1XSGM7YeN-rguSY2oiYldcPxmz39ZcOreiXTDWrv7wL_ZuF25EFaW7V-mmOInXNersghSvPGSISN2Qw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNMEO6ZYxqjHIfEQsq1XSGM7YeN-rguSY2oiYldcPxmz39ZcOreiXTDWrv7wL_ZuF25EFaW7V-mmOInXNersghSvPGSISN2Qw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMt8bG15net19Lhc5ca36Iw&google_cver=1&google_push=ATf1kGNMEO6ZYxqjHIfEQsq1XSGM7YeN-rguSY2oiYldcPxmz39ZcOreiXTDWrv7wL_ZuF25EFaW7V-mmOInXNersghSvPGSISN2Qw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNMEO6ZYxqjHIfEQsq1XSGM7YeN-rguSY2oiYldcPxmz39ZcOreiXTDWrv7wL_ZuF25EFaW7V-mmOInXNersghSvPGSISN2Qw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 329

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIy-VVOuDrrZByc5zbIkQxU&google_cver=1&google_push=ATf1kGOtq0ZyJc_RW6HXyEFH8ZvN2PHfnryTBBnUakwa5eIASzC0koFYlnwhUwVzeZXhvKAHgAId7-OfGbZ4CNrLLHMiaXKCEcHNrI4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Yc0lmQ3J0RTJ1RzkwWS5yQjd1U0NGTnZfQkplSnlZNn5B&google_push=ATf1kGOtq0ZyJc_RW6HXyEFH8ZvN2PHfnryTBBnUakwa5eIASzC0koFYlnwhUwVzeZXhvKAHgAId7-OfGbZ4CNrLLHMiaXKCEcHNrI4

Request Chain 337

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMt8bG15net19Lhc5ca36Iw&google_cver=1&google_push=ATf1kGPRuHlC-szmebuhPNGyZADKwAlKRWyCq0SJAsflJoL41QDGqOZgr-tii6fct46kiucLBCiwVXahgl3sx-c8XkJ97OIo6Lxf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPRuHlC-szmebuhPNGyZADKwAlKRWyCq0SJAsflJoL41QDGqOZgr-tii6fct46kiucLBCiwVXahgl3sx-c8XkJ97OIo6Lxf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMt8bG15net19Lhc5ca36Iw&google_cver=1&google_push=ATf1kGPRuHlC-szmebuhPNGyZADKwAlKRWyCq0SJAsflJoL41QDGqOZgr-tii6fct46kiucLBCiwVXahgl3sx-c8XkJ97OIo6Lxf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPRuHlC-szmebuhPNGyZADKwAlKRWyCq0SJAsflJoL41QDGqOZgr-tii6fct46kiucLBCiwVXahgl3sx-c8XkJ97OIo6Lxf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 338

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENP_cT2W0bwu9cBXooi9tgA&google_cver=1&google_push=ATf1kGNqbVjIn4hRV5iztyXl1Sw4c11E-CuPhIpMt_mRwvD90m9swLTj2mLC_CjgG8ZfT0mQ53OAWY-UcFVwmBBVKRTG-c13eEry HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGNqbVjIn4hRV5iztyXl1Sw4c11E-CuPhIpMt_mRwvD90m9swLTj2mLC_CjgG8ZfT0mQ53OAWY-UcFVwmBBVKRTG-c13eEry&google_hm=FqTglvw7TiWlpwmkzTNVap0

Request Chain 339

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN_ITPlR24bEuPMaPii-UIc&google_cver=1&google_push=ATf1kGPDLTEacT8yZefMgvzp1UjTtEHdkFmVLj316UUCc3mluiqCyZSAX0MzI0_7l-wY5VXv-UVSEqIyF8o73FN_7vv3LQUXZgE3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMzNzQzNDM3OTc2ODc0NjUxNQ&google_push=ATf1kGPDLTEacT8yZefMgvzp1UjTtEHdkFmVLj316UUCc3mluiqCyZSAX0MzI0_7l-wY5VXv-UVSEqIyF8o73FN_7vv3LQUXZgE3

Request Chain 340

https://d5p.de17a.com/cookies/google?google_gid=CAESEEYc-zyDnk3_r-O1LXfW3X0&google_cver=1&google_push=ATf1kGMnUv2Tl_5XkDO2uInHot0tM2dHajw_b_njQRhmuJ_p3w-0OqMuUoEVvPfdxT_1MYxiYyJOSMMTCPKtWxdLiy-yb1TKo4c3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMnUv2Tl_5XkDO2uInHot0tM2dHajw_b_njQRhmuJ_p3w-0OqMuUoEVvPfdxT_1MYxiYyJOSMMTCPKtWxdLiy-yb1TKo4c3

Request Chain 342

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPHF_L0_zQjgrkUK5IcDC1g&google_cver=1&google_push=ATf1kGNIIU7QCdJ29Q1B3xCqBen2XHuQQK9Nlsj48Qv2U_IvyuETI4Ratpfji2jPMdsIvXugyvlxQuMOkwwxbqVSJvMns8IOHXMp HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPHF_L0_zQjgrkUK5IcDC1g&google_hm=ZH4GJKnBzOMdWUG9ulo-VwAADIEAAAIB&google_nid=index&google_push=ATf1kGNIIU7QCdJ29Q1B3xCqBen2XHuQQK9Nlsj48Qv2U_IvyuETI4Ratpfji2jPMdsIvXugyvlxQuMOkwwxbqVSJvMns8IOHXMp

Request Chain 343

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMCDmxNvAyhOh6DYP6jIwrs&google_cver=1&google_push=ATf1kGNiXysqREhi2gAb3iDMEYg6Vs9Hvt_IzccIAb0pCHSEt_ahnjFxP6jFnxn161JHZ-iKp08OrHoVHKGElEcTOoDvOcbQudf2Qw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=22f18878-b33b-4f00-9742-bb100b243031&%%GOOGLE_PUSH_PAIR%%

Request Chain 365

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1685980709_d061af81-03b9-11ee-9d45-2261c3620022&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 368

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CM70p8q_rP8CFSvxEQgdjvUEtg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023060517582985630890753X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023060517582985630890753X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

Request Chain 371

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dmm_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=COD5p8q_rP8CFTGE_QcdK6YHwA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dmm_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=mm_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=mm_SUBIDTEST_view HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023060517582985630890755X117663V1225131106MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

Request Chain 447

https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=_m1eLHxhazJaTldUTHlJVmRRWWw3TEVTUDVkNjlNUzBHNlJiWlNSU3REWExZdHRqSVV6dnpxTWs3WnlnRkNQNlcxRTIyMUFyNG5RZHhJZ3B0RDZtcnViZGliTzY2RUI0Y1lGTHR2VElHV0hoWUtrMFN5bmZuZVQ1ajZYVmRKeDFtb0xHeFg1THhkelUwSjNYYXhqVFJDQXU5ODN3ZDFqamNnSCttRlh1dWNKU1MvV1plNEpFM1QzUnhqbHlhMUtWK1RHNlo5dG5mRjNPVW9lK2wyNEt3eGNJbVlodGYwKy93WGVWM3h0ME1WSkNIVlQvTVQvandVOTdsbWEwZDdQK251K2N5UXk0dmUvR2hEWXpjVHVNRVNIKzVzV29HNHhjeHJEM0hFTXNwd2dUNEQvcz18&cppv=2

450 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 6x69807j0b5.html Show response
pcloak.blob.core.windows.net/web/ 1 KB
2 KB 434ms
98ms Document
text/html 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d469330093a2cebd898628a339df6abaf5edcb89e85769ff79840371195a7d1f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 1318
Content-MD5: +Dz/d7Mp2GQfilgWrAkqiw==
Content-Type: text/html
Date: Mon, 05 Jun 2023 15:58:24 GMT
ETag: 0x8DB5ED0599CC10C
Last-Modified: Sat, 27 May 2023 16:35:15 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: a67e18b5-901e-003c-27c6-976bca000000
x-ms-version: 2009-09-19

GET
H/1.1 404
The specified blob does not exist. jquery.min.js
pcloak.blob.core.windows.net/web/ 0
0 94ms
93ms Script
application/xml 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-request-id: a67e1927-901e-003c-0ec6-976bca000000
Date: Mon, 05 Jun 2023 15:58:24 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK cloakan.js Show response
pcloak.blob.core.windows.net/web/ 308 B
717 B 283ms
94ms Script
text/javascript 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 05 Jun 2023 15:58:24 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zPiKctHo6j8i1UGOFPpInw==
ETag: 0x8DA4D4A263C11C2
Content-Type: text/javascript
x-ms-request-id: a67e1a08-901e-003c-5bc6-976bca000000
x-ms-version: 2009-09-19
Content-Length: 308

GET
H/1.1 200
OK style.css
pcloak.blob.core.windows.net/web/ 166 B
568 B 188ms
93ms Stylesheet
text/css 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/style.css
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 05 Jun 2023 15:58:24 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9ruAIrm4XHnQO3/sM8J0AQ==
ETag: 0x8DA4D4A26527CA0
Content-Type: text/css
x-ms-request-id: a67e19a4-901e-003c-7fc6-976bca000000
x-ms-version: 2009-09-19
Content-Length: 166

GET
H2 200 px.php Show response
www.cloakan.co/ 743 B
681 B 276ms
138ms XHR
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/px.php?id=6x69807j0b5
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:23 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 404

GET
H2 200 nv.php Show response
www.cloakan.co/ 232 B
385 B 249ms
127ms Script
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/nv.php?id=6x69807j0b5-m
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:23 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 112

GET
H2 200 / Show response
ye-mek.net/ Frame 43F4 76 KB
76 KB 198ms
53ms Document
text/html 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/
Requested by: Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x69807j0b5-m
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 00ce306cf481fb8e0a4fda19526dde1a8a9d670a07f143d832a445fbcf2db6eb

Request headers

Referer: https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 77471
content-type: text/html; charset=utf-8
date: Mon, 05 Jun 2023 15:58:25 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 43F4 90 KB
33 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 18:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 May 2024 18:01:58 GMT

GET
H2 200 yemeknet.js Show response
ye-mek.net/js/ Frame 43F4 10 KB
2 KB 84ms
84ms Script
application/javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/js/yemeknet.js?v=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Mon, 05 Jun 2023 15:58:25 GMT
content-encoding: br
last-modified: Tue, 20 Aug 2019 13:15:54 GMT
server: Microsoft-IIS/10.0
etag: "0a144655957d51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2179

GET
H2 200 maincss.css
cdn.ye-mek.net/ Frame 43F4 40 KB
12 KB 174ms
10ms Stylesheet
text/css 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ye-mek.net/maincss.css?v=434
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 4171253
x-accel-date: 1681809452
x-77-nzt: AZySIYubMLj/9aU/AA
x-accel-expires: @1713345452
last-modified: Tue, 24 Nov 2020 00:00:32 GMT
server: CDN77-Turbo
etag: W/"5fbc4d20-9e5b"
x-77-nzt-ray: cf878727cbebb90a21067e64372d4c31
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 43F4 119 KB
47 KB 143ms
44ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83125d18c38dbcb80355cbca6eefda232f3e0cb6cf7f31d81b6bed70824d135d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47388
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Jun 2023 15:58:25 GMT

GET
H2 200 searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame 43F4 542 B
896 B 8ms
8ms Image
image/png 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4171320
x-accel-date: 1681809385
content-length: 542
x-77-nzt: AZySIYtUFAb/OKY/AA
x-accel-expires: @1713345385
last-modified: Sat, 22 Oct 2022 20:00:57 GMT
server: CDN77-Turbo
etag: "63544bf9-21e"
x-77-nzt-ray: cf878727cbebb90a21067e640be16333
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ara.png
cdn.ye-mek.net/App_UI/Img/ Frame 43F4 2 KB
2 KB 19ms
8ms Image
image/png 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4171248
x-accel-date: 1681809457
content-length: 1651
x-77-nzt: AZySIYvDEor/8KU/AA
x-accel-expires: @1713345457
last-modified: Mon, 14 May 2018 22:41:08 GMT
server: CDN77-Turbo
etag: "5afa1084-673"
x-77-nzt-ray: cf878727cbebb90a21067e6479d76a34
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kuru-domates-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 43F4 13 KB
13 KB 21ms
8ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/kuru-domates-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 40e79ea3833e391579a893edcb1311f9d82372fcf6ad18ebd245b7535bc2eef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 65642
x-accel-date: 1685915063
content-length: 13287
x-77-nzt: AZySIYvB0yb/agABAA
x-accel-expires: @1717451063
last-modified: Sun, 04 Jun 2023 20:08:17 GMT
server: CDN77-Turbo
etag: "647cef31-33e7"
x-77-nzt-ray: cf878727cbebb90a21067e6457d37034
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 semizotu-yogurtlamasi-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 43F4 16 KB
17 KB 24ms
11ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/semizotu-yogurtlamasi-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 39ddfa0e149ffe66b2480afecb8501822ac2d7aba2f841103eb7caab5ab7fe2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 147507
x-accel-date: 1685833198
content-length: 16694
x-77-nzt: AZySIYs0s0b/M0ACAA
x-accel-expires: @1717369198
last-modified: Sat, 03 Jun 2023 22:46:59 GMT
server: CDN77-Turbo
etag: "647bc2e3-4136"
x-77-nzt-ray: cf878727cbebb90a21067e64316b7634
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mantarli-ispanakli-yumurta-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 43F4 16 KB
16 KB 27ms
13ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/mantarli-ispanakli-yumurta-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b626cb98565e377b5fbb449fcb91acaaa421a333bcea9850b70ac58cf9fc4432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 233033
x-accel-date: 1685747672
content-length: 15966
x-77-nzt: AZySIYuIAdH/SY4DAA
x-accel-expires: @1717283672
last-modified: Fri, 02 Jun 2023 23:01:10 GMT
server: CDN77-Turbo
etag: "647a74b6-3e5e"
x-77-nzt-ray: cf878727cbebb90a21067e6492e77a34
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 citir-tavuk-kanatlari-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 43F4 15 KB
16 KB 36ms
22ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/citir-tavuk-kanatlari-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3c2fc0614d14f19c7b68d795bbd361ec0baa28f2f72f7fd645cb7967f380af07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 325007
x-accel-date: 1685655698
content-length: 15552
x-77-nzt: AZySIYueYBn/j/UEAA
x-accel-expires: @1717191698
last-modified: Thu, 01 Jun 2023 21:24:53 GMT
server: CDN77-Turbo
etag: "64790ca5-3cc0"
x-77-nzt-ray: cf878727cbebb90a21067e64ca067f34
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 nohutlu-misket-kofte-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2014/02/ Frame 43F4 13 KB
13 KB 36ms
23ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2014/02/nohutlu-misket-kofte-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 50282fee83281adfa1bd8aa7771950d435a2799ca90959ae8f3a483ff4fb0be0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4170834
x-accel-date: 1681809871
content-length: 13272
x-77-nzt: AZySIYv1SP3/UqQ/AA
x-accel-expires: @1713345871
last-modified: Wed, 01 May 2019 22:22:18 GMT
server: CDN77-Turbo
etag: "5cca1c1a-33d8"
x-77-nzt-ray: cf878727cbebb90a21067e6492c38334
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-kofteli-patates-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/06/ Frame 43F4 12 KB
13 KB 36ms
23ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/06/firinda-kofteli-patates-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fcc8d02d1890db4b4310e06955eb7c309069e9672717fe97e043d6114cd105ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4167795
x-accel-date: 1681812910
content-length: 12649
x-77-nzt: AZySIYuAaUT/c5g/AA
x-accel-expires: @1713348910
last-modified: Wed, 01 May 2019 23:19:29 GMT
server: CDN77-Turbo
etag: "5cca2981-3169"
x-77-nzt-ray: cf878727cbebb90a21067e64c80c8634
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-porsiyon-musakka-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 43F4 18 KB
18 KB 36ms
24ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/firinda-porsiyon-musakka-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9edb23e141fe20aa066d445f9933b24561e461ab1f90a02d40dd2027023a94cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4170502
x-accel-date: 1681810203
content-length: 17964
x-77-nzt: AZySIYvDG2z/BqM/AA
x-accel-expires: @1713346203
last-modified: Thu, 14 May 2020 23:54:34 GMT
server: CDN77-Turbo
etag: "5ebdda3a-462c"
x-77-nzt-ray: cf878727cbebb90a21067e64c1778834
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-bamya-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/08/ Frame 43F4 12 KB
12 KB 36ms
24ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/08/tavuklu-bamya-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 94dc350acb3e491e883e23665acdfe801c1559d67026fbcd533dfce70d5a6270

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 1870990
x-accel-date: 1684109715
content-length: 12328
x-77-nzt: AZySIYu/hxT/jowcAA
x-accel-expires: @1715645715
last-modified: Wed, 21 Aug 2019 22:20:01 GMT
server: CDN77-Turbo
etag: "5d5dc391-3028"
x-77-nzt-ray: cf878727cbebb90a21067e642b068b34
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hasu-pilavi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/04/ Frame 43F4 17 KB
17 KB 36ms
24ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/04/hasu-pilavi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2581753667ea9096139c6e824317f55122ac3bc2c6c0227fe9168cd247061a1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4171140
x-accel-date: 1681809565
content-length: 17045
x-77-nzt: AZySIYv9kjD/hKU/AA
x-accel-expires: @1713345565
last-modified: Fri, 31 Mar 2023 23:41:35 GMT
server: CDN77-Turbo
etag: "64276faf-4295"
x-77-nzt-ray: cf878727cbebb90a21067e649b108d34
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hosmerim-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/10/ Frame 43F4 9 KB
10 KB 36ms
24ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/10/hosmerim-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 42957ef601fd013119bccbb5d1a6a656f89851c80a3e5a1482315b87251f53be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4170900
x-accel-date: 1681809805
content-length: 9683
x-77-nzt: AZySIYu+cIb/lKQ/AA
x-accel-expires: @1713345805
last-modified: Tue, 04 Oct 2022 22:04:12 GMT
server: CDN77-Turbo
etag: "633caddc-25d3"
x-77-nzt-ray: cf878727cbebb90a21067e64e3dade34
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pilic-topkapi-resimli-yemek-tarifi(24).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/04/ Frame 43F4 15 KB
15 KB 37ms
24ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/04/pilic-topkapi-resimli-yemek-tarifi(24).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7c61fa1cf06e1231a6cbcbd22e6fd065c2934749e2e2af038318feaa79f54c93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4171267
x-accel-date: 1681809438
content-length: 15292
x-77-nzt: AZySIYs4Tun/A6Y/AA
x-accel-expires: @1713345438
last-modified: Mon, 26 Apr 2021 22:52:38 GMT
server: CDN77-Turbo
etag: "60874436-3bbc"
x-77-nzt-ray: cf878727cbebb90a21067e6494bde134
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pesmet-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/06/ Frame 43F4 13 KB
14 KB 37ms
25ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/06/pesmet-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 02dae736d2648c67319cc03736039f03dd6e6304f15177c973f1eb9051d83230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4167807
x-accel-date: 1681812898
content-length: 13551
x-77-nzt: AZySIYs12cH/f5g/AA
x-accel-expires: @1713348898
last-modified: Thu, 18 Jun 2020 21:46:42 GMT
server: CDN77-Turbo
etag: "5eebe0c2-34ef"
x-77-nzt-ray: cf878727cbebb90a21067e64b033e434
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hunkar-begendi-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/03/ Frame 43F4 12 KB
13 KB 37ms
25ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/03/hunkar-begendi-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ca52a0eec13c48696bf05cbe5e76a0b67c73967c1f8825cfe4b733e24a775580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4171048
x-accel-date: 1681809657
content-length: 12532
x-77-nzt: AZySIYuvvvb/KKU/AA
x-accel-expires: @1713345657
last-modified: Wed, 01 May 2019 23:32:05 GMT
server: CDN77-Turbo
etag: "5cca2c75-30f4"
x-77-nzt-ray: cf878727cbebb90a21067e64ec92e634
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 macar-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/04/ Frame 43F4 14 KB
15 KB 37ms
25ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/04/macar-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 68bbcab002cfe978fe70454b240f442046de6170bdef247b98f4819f1e7f2417

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4171229
x-accel-date: 1681809476
content-length: 14810
x-77-nzt: AZySIYtQWYH/3aU/AA
x-accel-expires: @1713345476
last-modified: Fri, 24 Apr 2020 23:44:43 GMT
server: CDN77-Turbo
etag: "5ea379eb-39da"
x-77-nzt-ray: cf878727cbebb90a21067e64108ee834
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hamburger-koftesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 43F4 10 KB
11 KB 37ms
25ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/hamburger-koftesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: db725e2f455d418fe503bf105ae1f43045035eb576fa2f667e21a8c290e06d17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4170239
x-accel-date: 1681810466
content-length: 10591
x-77-nzt: AZySIYuGSP///6E/AA
x-accel-expires: @1713346466
last-modified: Tue, 26 May 2020 22:36:22 GMT
server: CDN77-Turbo
etag: "5ecd99e6-295f"
x-77-nzt-ray: cf878727cbebb90a21067e64d0b5ea34
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kabak-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 43F4 15 KB
16 KB 37ms
26ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/kabak-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b2614739e5032eef7a58aa35faf7010861d20c62b93b0e8d42a1e8d0a2a7ffa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4170727
x-accel-date: 1681809978
content-length: 15726
x-77-nzt: AZySIYttHAz/56M/AA
x-accel-expires: @1713345978
last-modified: Mon, 04 May 2020 23:42:37 GMT
server: CDN77-Turbo
etag: "5eb0a86d-3d6e"
x-77-nzt-ray: cf878727cbebb90a21067e64479aed34
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 soganli-tavuk-sote-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/05/ Frame 43F4 14 KB
14 KB 37ms
26ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/05/soganli-tavuk-sote-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6d4b039e13080924553d42c56051ec773abb13dd903a5ea542eb3d23702a821a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4168032
x-accel-date: 1681812673
content-length: 14064
x-77-nzt: AZySIYt5ZQf/YJk/AA
x-accel-expires: @1713348673
last-modified: Fri, 21 May 2021 22:11:36 GMT
server: CDN77-Turbo
etag: "60a83018-36f0"
x-77-nzt-ray: cf878727cbebb90a21067e64c7caef34
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 cerkez-pilavi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/04/ Frame 43F4 16 KB
16 KB 37ms
26ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/04/cerkez-pilavi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 298e30cd4e01948d540e8aff796e294da1ae095578b2403f2b97280e3b969a6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4171267
x-accel-date: 1681809438
content-length: 16373
x-77-nzt: AZySIYsRup//A6Y/AA
x-accel-expires: @1713345438
last-modified: Tue, 11 Apr 2023 16:32:39 GMT
server: CDN77-Turbo
etag: "64358ba7-3ff5"
x-77-nzt-ray: cf878727cbebb90a21067e6452faf134
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-ic-pilavli-b%C3%BCt%C3%BCn-tavuk-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/08/ Frame 43F4 16 KB
16 KB 37ms
26ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/08/firinda-ic-pilavli-b%C3%BCt%C3%BCn-tavuk-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 65676ff9ee174f1af8dd161a2b306631500e0e3ee01ace918e221312048e9bc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4168136
x-accel-date: 1681812569
content-length: 16247
x-77-nzt: AZySIYtsUQ3/yJk/AA
x-accel-expires: @1713348569
last-modified: Wed, 01 May 2019 22:46:25 GMT
server: CDN77-Turbo
etag: "5cca21c1-3f77"
x-77-nzt-ray: cf878727cbebb90a21067e642cd0f334
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pilic-tava-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/12/ Frame 43F4 15 KB
15 KB 37ms
27ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/12/pilic-tava-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2c481ccdb6e10e0136132ac25c732c873df15b1cf23a063a714f63606159551e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4168032
x-accel-date: 1681812673
content-length: 15498
x-77-nzt: AZySIYuqed7/YJk/AA
x-accel-expires: @1713348673
last-modified: Fri, 30 Dec 2022 22:50:02 GMT
server: CDN77-Turbo
etag: "63af6b1a-3c8a"
x-77-nzt-ray: cf878727cbebb90a21067e64513cf634
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-koz-tadinda-patates-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/11/ Frame 43F4 11 KB
12 KB 37ms
27ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/11/firinda-koz-tadinda-patates-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a4e20e17e33fe6f4b0488f8547af1e685ff73b8ece971d6c780db52c6391ab38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4170861
x-accel-date: 1681809844
content-length: 11480
x-77-nzt: AZySIYu00Bz/baQ/AA
x-accel-expires: @1713345844
last-modified: Wed, 11 Nov 2020 23:10:35 GMT
server: CDN77-Turbo
etag: "5fac6f6b-2cd8"
x-77-nzt-ray: cf878727cbebb90a21067e6456fff734
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 karnabahar-mantisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/12/ Frame 43F4 16 KB
16 KB 37ms
27ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/12/karnabahar-mantisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 167b361207c0dbe5cc3e6a4aded1c1523af5ca6241dd25f5087a33d63ed89ed0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 177086
x-accel-date: 1685803619
content-length: 15923
x-77-nzt: AZySIYsFC4D/vrMCAA
x-accel-expires: @1717339619
last-modified: Thu, 30 Dec 2021 20:54:18 GMT
server: CDN77-Turbo
etag: "61ce1c7a-3e33"
x-77-nzt-ray: cf878727cbebb90a21067e64e8eaf934
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-peynirli-ispanak-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/09/ Frame 43F4 12 KB
12 KB 37ms
27ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/09/firinda-peynirli-ispanak-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: dfb24cd229db2187732c7a2744b85312cf3da6be84e6e55ff7fc0e166a78d492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4170976
x-accel-date: 1681809729
content-length: 12268
x-77-nzt: AZySIYtvq6z/4KQ/AA
x-accel-expires: @1713345729
last-modified: Wed, 01 May 2019 23:39:34 GMT
server: CDN77-Turbo
etag: "5cca2e36-2fec"
x-77-nzt-ray: cf878727cbebb90a21067e642d9bfb34
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 patlican-baligi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/11/ Frame 43F4 13 KB
13 KB 37ms
28ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/11/patlican-baligi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1c9af0fc292c8fb8f9dc82487cf57b1854797659160b14b7afd9566c7d068c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4167768
x-accel-date: 1681812937
content-length: 12996
x-77-nzt: AZySIYuvxjD/WJg/AA
x-accel-expires: @1713348937
last-modified: Thu, 31 Oct 2019 23:15:55 GMT
server: CDN77-Turbo
etag: "5dbb6b2b-32c4"
x-77-nzt-ray: cf878727cbebb90a21067e64ea70fd34
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hanimaga-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/06/ Frame 43F4 14 KB
14 KB 37ms
28ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/06/hanimaga-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a401ab3b7ec5aad2e82fd1df7e4b4c9eb24ea37d3689ffd3384ceaafd4571226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4170534
x-accel-date: 1681810171
content-length: 13961
x-77-nzt: AZySIYuyAj//JqM/AA
x-accel-expires: @1713346171
last-modified: Wed, 01 May 2019 23:36:26 GMT
server: CDN77-Turbo
etag: "5cca2d7a-3689"
x-77-nzt-ray: cf878727cbebb90a21067e64f926ff34
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ipek-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/04/ Frame 43F4 9 KB
10 KB 37ms
28ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/04/ipek-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b3fce6c522254e35e5dbbdd484afaacc4007ffc56c7cb235b9a6e7b15d3d6f5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4170629
x-accel-date: 1681810076
content-length: 9371
x-77-nzt: AZySIYseaqT/haM/AA
x-accel-expires: @1713346076
last-modified: Wed, 01 May 2019 23:47:22 GMT
server: CDN77-Turbo
etag: "5cca300a-249b"
x-77-nzt-ray: cf878727cbebb90a21067e6420080135
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 salcali-mantar-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/03/ Frame 43F4 14 KB
14 KB 37ms
28ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/03/salcali-mantar-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c5f8b4170bce8ae3ccf764003a02f508d29710a8d212e596fc4ebcd388620000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4171248
x-accel-date: 1681809457
content-length: 14262
x-77-nzt: AZySIYubdpr/8KU/AA
x-accel-expires: @1713345457
last-modified: Fri, 03 Mar 2023 22:14:03 GMT
server: CDN77-Turbo
etag: "6402712b-37b6"
x-77-nzt-ray: cf878727cbebb90a21067e6402c90235
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mantarli-domates-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/12/ Frame 43F4 11 KB
11 KB 37ms
28ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/12/mantarli-domates-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 57d6270f8a2410ea0ae988122b1d818fcf9a73b139b68c281c344bd48431558a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4171141
x-accel-date: 1681809564
content-length: 11238
x-77-nzt: AZySIYtS2gz/haU/AA
x-accel-expires: @1713345564
last-modified: Wed, 30 Nov 2022 21:15:52 GMT
server: CDN77-Turbo
etag: "6387c808-2be6"
x-77-nzt-ray: cf878727cbebb90a21067e649e4f0535
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 bardakta-tiramisu-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/11/ Frame 43F4 11 KB
12 KB 37ms
29ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/11/bardakta-tiramisu-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d4c1f6add2cb4767abeb3bd68800c055096f7fbfd99006d23fc286fabae7aa5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4170696
x-accel-date: 1681810009
content-length: 11437
x-77-nzt: AZySIYvgolz/yKM/AA
x-accel-expires: @1713346009
last-modified: Wed, 01 May 2019 23:27:20 GMT
server: CDN77-Turbo
etag: "5cca2b58-2cad"
x-77-nzt-ray: cf878727cbebb90a21067e649d8a0735
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 cilekli-kek-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/04/ Frame 43F4 16 KB
16 KB 37ms
29ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/04/cilekli-kek-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 43c1db258054fd904a5ea889573e183fce6b54fbe0217e7d72cf1ef6881c94ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4169658
x-accel-date: 1681811047
content-length: 16262
x-77-nzt: AZySIYtoPVj/up8/AA
x-accel-expires: @1713347047
last-modified: Thu, 08 Apr 2021 13:49:23 GMT
server: CDN77-Turbo
etag: "606f09e3-3f86"
x-77-nzt-ray: cf878727cbebb90a21067e64a3270935
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hira-tatlisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/06/ Frame 43F4 12 KB
13 KB 37ms
29ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/06/hira-tatlisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 79076f5e5894a65c86f101fdc051b1b77e6dcdefa5e657675cf047e0e84c3358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4171262
x-accel-date: 1681809443
content-length: 12477
x-77-nzt: AZySIYuTdDj//qU/AA
x-accel-expires: @1713345443
last-modified: Wed, 01 May 2019 23:01:00 GMT
server: CDN77-Turbo
etag: "5cca252c-30bd"
x-77-nzt-ray: cf878727cbebb90a21067e647c940b35
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 biskuvili-porsiyonluk-pasta-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/02/ Frame 43F4 14 KB
14 KB 37ms
29ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/02/biskuvili-porsiyonluk-pasta-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6d735ee9e8a233928f4788ed6b6c5a25a6d434e80a2af59d107fa242aec2a8ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4170884
x-accel-date: 1681809821
content-length: 14043
x-77-nzt: AZySIYsB1c//hKQ/AA
x-accel-expires: @1713345821
last-modified: Wed, 01 May 2019 23:13:02 GMT
server: CDN77-Turbo
etag: "5cca27fe-36db"
x-77-nzt-ray: cf878727cbebb90a21067e64f0b50d35
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavada-pisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/12/ Frame 43F4 11 KB
11 KB 36ms
30ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/12/tavada-pisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7fb65548f1070a02531030355eb69c1dbdaa000acc7997f5c2af52e01bc29aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4167806
x-accel-date: 1681812899
content-length: 11084
x-77-nzt: AZySIYtZxbT/fpg/AA
x-accel-expires: @1713348899
last-modified: Mon, 16 Dec 2019 21:44:06 GMT
server: CDN77-Turbo
etag: "5df7faa6-2b4c"
x-77-nzt-ray: cf878727cbebb90a21067e646b580f35
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kasnika-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/01/ Frame 43F4 15 KB
16 KB 36ms
30ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/01/kasnika-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 40d704fcf4405f97ac78ba9d102e436a0482e3a47576de24a70f370f970dc0f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4170967
x-accel-date: 1681809738
content-length: 15753
x-77-nzt: AZySIYvZtDr/16Q/AA
x-accel-expires: @1713345738
last-modified: Mon, 09 Jan 2023 22:11:43 GMT
server: CDN77-Turbo
etag: "63bc911f-3d89"
x-77-nzt-ray: cf878727cbebb90a21067e6486351135
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sutlu-mantar-kavurmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/02/ Frame 43F4 15 KB
16 KB 36ms
30ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/02/sutlu-mantar-kavurmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 38a45d2622d89b3d2da8101fa1ecdc03ed87f51af4d93f1358530610ffd7cfcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4170451
x-accel-date: 1681810254
content-length: 15570
x-77-nzt: AZySIYseABT/06I/AA
x-accel-expires: @1713346254
last-modified: Fri, 17 Feb 2023 22:43:31 GMT
server: CDN77-Turbo
etag: "63f00313-3cd2"
x-77-nzt-ray: cf878727cbebb90a21067e64e7891335
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sutlu-mayasiz-pogaca-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/07/ Frame 43F4 15 KB
15 KB 36ms
30ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/07/sutlu-mayasiz-pogaca-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ca138e0e125de786e1444b2a71ee42335397a6d1c97828fa54ed803efeda0388

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 371678
x-accel-date: 1685609027
content-length: 15266
x-77-nzt: AZySIYtliVH/3qsFAA
x-accel-expires: @1717145027
last-modified: Mon, 13 Jul 2020 21:25:48 GMT
server: CDN77-Turbo
etag: "5f0cd15c-3ba2"
x-77-nzt-ray: cf878727cbebb90a21067e64729b1535
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 _dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame 43F4 5 KB
6 KB 83ms
20ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:25 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "8ae3cdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1685980705.cds243.am5.hn,1685980705.cds292.am5.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length: 5605

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame 43F4 0
0 480ms
42ms Script
text/plain 23.206.208.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s7.addthis.com/js/300/addthis_widget.js
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-208-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ Frame 43F4 465 B
585 B 84ms
21ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:25 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1685980705.cds243.am5.hn,1685980705.cds214.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ Frame 43F4 74 KB
26 KB 379ms
52ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e83a6e6d3b514c443964ced040878fe12d03f326240804355adc29084ed7ca8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:26 GMT
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 17:43:14 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H2 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame 43F4 3 KB
3 KB 37ms
13ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

15b5a605bb9183577c6e19c44b73d8952e76ef02009f61164cf0bd6928f484ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Jun 2023 15:58:25 GMT
content-md5: 0BKOQrj9cu0fb7aTTHZhhA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: Adr7K9wxoifVFp7f+jFzDs7bo9PdWitGZ/OWmpnmAVDqpC5OFSnOVAfYIPkjeDXj/1TdSFKFOBvccb/PB5r7yQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 51a75e5d3bf4e865035da10ee4d54bf0
cross-origin-opener-policy: same-origin-allow-popups
etag: "7cdd7cb853f799d4674b525b1861d695"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 05 Jun 2023 16:11:05 GMT

GET
H2 200 sprite_3.png
cdn.ye-mek.net/grafik/ Frame 43F4 21 KB
21 KB 36ms
30ms Image
image/png 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by: Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ye-mek.net/maincss.css?v=434
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 15:58:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4171248
x-accel-date: 1681809457
content-length: 21525
x-77-nzt: AZySIYsLVIn/8KU/AA
x-accel-expires: @1713345457
last-modified: Mon, 14 May 2018 20:55:05 GMT
server: CDN77-Turbo
etag: "5af9f7a9-5415"
x-77-nzt-ray: cf878727cbebb90a21067e64c8991735
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame 43F4 307 KB
88 KB 27ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js?hash=6b0131684e09fbd00fad2ba16cb35272

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

473ec323dd2d8150c0ba0ee8abee7f178403d20c050ab5f396308b373f1c7f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Jun 2023 15:58:25 GMT
content-md5: STGTw4T7yji1m266HBKXZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88757
x-fb-rlafr: 0
x-fb-debug: 8v9VvAuqSuIZTxG/lg8nd3sfZWTeE8slpqXukH54Jb3lsMGT3yALHVS5OCwBfWHH6rZYMpI+Q6mrc5andQii3Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 694b175699c50e5a9dd62e2411a4fdef
cross-origin-opener-policy: same-origin-allow-popups
etag: "af54aafcb39c608901cd644c739d0d4d"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 04 Jun 2024 14:18:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 43F4 51 KB
21 KB 118ms
35ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Jun 2023 14:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4979
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 05 Jun 2023 16:35:27 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 43F4 76 KB
25 KB 214ms
106ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cedde82046765566d0552a548e7d855bc71468381190d845685f5e24d16bc330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25318
x-xss-protection: 0
server: cafe
etag: 969 / 19513 / m202305300101 / config-hash: 17518404369648110946
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:26 GMT

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame 43F4 120 B
306 B 47ms
46ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:26 GMT
last-modified: Wed, 21 Dec 2022 18:47:42 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 120

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame A904 891 B
1 KB 47ms
46ms Document
text/html 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Mon, 05 Jun 2023 15:58:26 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 43F4 137 KB
47 KB 172ms
88ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccfcb6a21cb761524bd52d88d68bc9e91b82984b5d4011d36c6df1c77719cfda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47520
x-xss-protection: 0
server: cafe
etag: 12007513024977698490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:26 GMT

GET
H2 200 prebid7.38.0.js Show response
static.virgul.com/theme/mockups/outside/ Frame 43F4 489 KB
182 KB 54ms
53ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:26 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 14:56:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 43F4 228 KB
56 KB 48ms
8ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:47:33 GMT
content-encoding: gzip
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 19:17:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 653
x-amz-server-side-encryption: AES256
etag: W/"d18b57a80b57082ffb531a2e077b3016"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: OQaFtwWGckdnoX_QQzAPX0maUnbb_aFyEUwAn_XA-Ad6SJ6z41wUrw==

GET
H2 200 pageview Show response
ng.virgul.com/ Frame 43F4 37 KB
7 KB 195ms
70ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1685980706309&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.33602911930499846
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 483acb0168bc17f82b187df42c6775bba45663f508b2f5fe5ccf31efb230b732

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:26 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/fallback/ Frame 43F4 12 KB
2 KB 47ms
47ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19513
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:26 GMT
content-encoding: gzip
last-modified: Wed, 31 May 2023 14:14:23 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 hb Show response
ng.virgul.com/ Frame 43F4 49 KB
5 KB 180ms
60ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=468327
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 8441152de26940c5204f4ce8dba8c6e76e8c50bf9c81f4e9a6d2f5fbaaa2a4a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:26 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 43F4 0
305 B 7ms
7ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:05:04 GMT
via: 1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 3201
x-cache: Hit from cloudfront
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: KGINE6UBFtRXlAin5Bce54etA9_jR4uLcl-GGCT5psdphcAB2ycp-w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 43F4 6 KB
3 KB 22ms
7ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding: gzip
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
date: Mon, 05 Jun 2023 01:39:38 GMT
x-amz-cf-pop: FRA56-P6
age: 51530
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 01:35:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: f2Dj9VuUdRcCQrG2PO1KJ3FxTit4XJMUxG8u8hFGnSq11yzcMswqEg==

GET
H2 200 empowerwebplayer3.js Show response
static.virgul.com/theme/mockups/outside/ Frame 43F4 9 KB
3 KB 48ms
48ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:26 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 09:38:48 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/sites/ Frame 43F4 11 KB
5 KB 47ms
47ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=468327
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:26 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 09:08:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ Frame 43F4 17 KB
5 KB 64ms
14ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:15:30 GMT
content-encoding: gzip
age: 2576
x-guploader-uploadid: ADPycdvCXuks22WdEcOsKXNQRvf2epaB8jrNC04IQIGohnXq7U0ugrj4fsfmSgAqJRrwPXHNnnRYAMsS8TgujieeqkADfXjzlPjN
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
last-modified: Fri, 20 Jan 2023 18:31:19 GMT
server: UploadServer
etag: "b3517e216253857ea8c4209cb84004df"
vary: Accept-Encoding
x-goog-generation: 1674239479122517
x-goog-hash: crc32c=rClt4g==, md5=s1F+IWJThX6oxCCcuEAE3w==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 4955
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 zoneview
ng.virgul.com/ Frame 43F4 0
209 B 49ms
49ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1685980706511&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnet07d2b9d2-e53d-4a8d-b2ba-70547ce20081&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.13253563809489766
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 15:58:26 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/ Frame 43F4 351 KB
118 KB 179ms
102ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31075004

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19bdae6a2dfecc818ce36202d7dbbbece891e4ac5c415c196df82a43ae9ac0e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120639
x-xss-protection: 0
server: cafe
etag: 3284808867573963238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/ Frame 828A 10 KB
5 KB 114ms
35ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10685
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 13:00:21 GMT
etag: 15057649708203361565
expires: Mon, 19 Jun 2023 13:00:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/ Frame 43F4 408 KB
126 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

325be98d467be29fd7b3d1c36f2e137806b171ca7d73ef3b535e198ec0bd1dc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1136
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128806
x-xss-protection: 0
server: cafe
etag: 8074574313080668351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 04 Jun 2024 15:39:30 GMT

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ Frame 43F4 7 KB
3 KB 334ms
45ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19513
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:26 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 11:58:21 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Mon, 12 Jun 2023 15:58:26 GMT

GET
H2 200 zoneview
ng.virgul.com/ Frame 43F4 0
209 B 47ms
47ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1685980706590&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnet07d2b9d2-e53d-4a8d-b2ba-70547ce20081&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.49973561975435565
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 15:58:26 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 tag Show response
feed.pghub.io/ Frame 844A 13 B
257 B 63ms
25ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Mon, 05 Jun 2023 15:58:26 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 43F4 483 B
1020 B 59ms
21ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 15:58:26 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 951842
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQjSFtmlnzzBxVF0HYDsPApR3%2F8Cr0R7dCRZloEYpmrGQuSxq0pR9VLgIOSK%2Fy%2Bl3w83HTchxygp9V728Ri5KBDlot7l4ifgeTMnBMuSpLhZBkGW4y7ANQprXZ7N2998iIJfoDCajey%2FK46p"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7d299df95fad9b46-FRA

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 43F4 23 B
458 B 419ms
349ms XHR
text/javascript 18.66.190.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=S4dPQofOwXZ8h&cb=0&ws=1600x1200&v=23.517.1921&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_masthead%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.190.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-190-43.muc50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:27 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P1
x-amz-rid: B0M27ZYVYSY2K6C5E3N9
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 5S0t451GJX81aNXplEF_eYA9jkHYs1pqfXmikSF-heTqkfI1M6l0HQ==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 43F4 107 B
531 B 167ms
45ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 43F4 107 B
456 B 147ms
47ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 43F4 27 KB
11 KB 361ms
361ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1497102148338384&correlator=1673364467133793&eid=31072020%2C31074947%2C31074988&output=ldjh&gdfp_req=1&vrg=202305300101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685980706309%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet07d2b9d2-e53d-4a8d-b2ba-70547ce20081%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet07d2b9d2e53d4a8db2ba70547ce20081&sc=1&cdm=ye-mek.net&abxe=1&dt=1685980706758&lmt=1685980706&dlt=1685980705661&idt=1046&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ugn1tm4jhb0e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=854444417.1685980706&ga_sid=1685980707&ga_hid=59647142&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be02ae98453460a498abc7211c7048b17c3d77dd290412d5335a1bd47db09b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11317
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425219174
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 39FE 6 KB
3 KB 167ms
44ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:26 GMT
expires: Tue, 04 Jun 2024 15:58:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 prebid Show response
mp.4dex.io/ Frame 43F4 0
281 B 54ms
28ms XHR
text/plain 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:26 GMT
x-err: Parsing the Prebid Request. adrequest and manager domains do not match
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7d299df99a8c9a1e-FRA
expires: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 43F4 0
528 B 137ms
51ms XHR
text/plain 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 43F4 173 B
400 B 90ms
11ms XHR
application/json 3.64.112.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.112.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-112-248.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: da7a299825aafa3b10bce5eda176f57902d7a3e83ce413cad46deaa4dfd85a9a

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:26 GMT
content-encoding: gzip
x-prebid: pbs-java/1.119.0
content-type: application/json
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 43F4 416 B
740 B 326ms
267ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862172&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=c544ed77-b7ac-4d4d-be5a-00833b0e8f78%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&tk_flint=pbjs_lite_v7.38.0&x_source.tid=36debd9a-308f-4cc9-9a8f-6b340f2df316&l_pb_bid_id=17256a8b4bc11d1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8076530378555864
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5e6d7062caa79a05cf74de173ba9902aea28bb7a0b0c142ef6ab8a1209cd23db

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:27 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 416
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 43F4 410 B
756 B 317ms
259ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862174&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=c544ed77-b7ac-4d4d-be5a-00833b0e8f78%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&tk_flint=pbjs_lite_v7.38.0&x_source.tid=95b980ec-5e1f-4dd0-8469-e0c23e5d5d62&l_pb_bid_id=18b75b1e615adf6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3856305605954027
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 97dae340808fd5f481766982b3423d7e9eef1a8086a772ba978d9d0eee1f1baa

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:27 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 410
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 43F4 404 B
729 B 324ms
267ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746578&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C55%2C57&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=c544ed77-b7ac-4d4d-be5a-00833b0e8f78%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead&tk_flint=pbjs_lite_v7.38.0&x_source.tid=47a9d7a4-c769-4436-8e78-c5465a0fd8f3&l_pb_bid_id=1910581904d38a3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.911704095604029
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 55341425c7731deed45d8c3ed1dd69ae8519f67657d0f30257a4c702ebcbc0e5

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:27 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 404
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 43F4 12 KB
6 KB 185ms
128ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746730&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=c544ed77-b7ac-4d4d-be5a-00833b0e8f78%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=34595a8f-5445-4e64-87e8-f52f10da9fb2&l_pb_bid_id=2017f40561eea3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8594594410825689
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b7e6c6aeb9050f23219b8ab26024f00056154a586f5a28ceb52ff0df1ea5e914

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:26 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 43F4 397 B
721 B 181ms
124ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746580&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=c544ed77-b7ac-4d4d-be5a-00833b0e8f78%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=21d12155-cbc4-4471-aa90-48559e77aa9f&l_pb_bid_id=211e7ee633a5f3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6345630395560102
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 06d3065ec1a397538dab9bcd38ad1018815b97d02fce10aa2f6fa254d21773fd

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:26 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 397
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 43F4 408 B
955 B 169ms
112ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862158&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=c544ed77-b7ac-4d4d-be5a-00833b0e8f78%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&tk_flint=pbjs_lite_v7.38.0&x_source.tid=813101b8-2c5c-42ac-a1a5-0ba02cb138f4&l_pb_bid_id=23e737ce9a2d15d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3195831997567977
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e5805a7872653e56e14219ba8b955f962aa17dc6726bafdd37df1f2e45167856

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:26 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 408
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ Frame 43F4 16 B
377 B 86ms
48ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:26 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Mon, 05 Jun 2023 15:58:26 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 43F4 24 B
397 B 56ms
19ms XHR
application/json 216.52.2.48
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.38.0
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 9d0e3af038ce6780e1df0406fc7c1e9d34d0d4fb15e9009ecea1c8e4bb910056

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 05 Jun 2023 15:58:26 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ye-mek.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST /
hb.emxdgt.com/ Frame 43F4 0
0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 43F4 0
189 B 78ms
18ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.38.0&cb=69611706007&lsavail=0

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 15:58:26 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 43F4 0
112 B 249ms
199ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 15:58:26 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 43F4 0
527 B 148ms
77ms XHR
text/plain 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 43F4 19 B
825 B 67ms
24ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:58:26 GMT
AN-X-Request-Uuid: ea51fafb-1493-4766-bff3-0dc069310f0b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.157; 185.213.155.157; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 43F4 0
141 B 282ms
56ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=43&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Mon, 05 Jun 2023 15:58:27 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 43F4 0
141 B 282ms
57ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=45&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Mon, 05 Jun 2023 15:58:27 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 43F4 0
141 B 281ms
56ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=44&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Mon, 05 Jun 2023 15:58:27 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 43F4 0
142 B 280ms
55ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=80&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Mon, 05 Jun 2023 15:58:27 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 43F4 372 B
1 KB 797ms
758ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

515203da31600e4f2429b9526b03543b3fda990d8d32ca48d18572cd017d4b63

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:58:27 GMT
AN-X-Request-Uuid: f68bf25f-483a-420c-8bdf-e9b896e390bc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.157; 185.213.155.157; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 372
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame 43F4 74 KB
23 KB 32ms
16ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 15:58:26 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2624814
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Y8w%2FRjcHUlQK594dlHH37OaPYp%2F0k3IehSKlTrnCU9cI3u23kPoJBlsehFUiKq%2BynbOoB3bdwVVCePpp4F1XuQy%2FeD%2Br7fL5x8wgf3etZs5emRWhOjpVR2Helqn%2Fqj4RrXBisFWTy2%2Bl6sP"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7d299df9bd245c02-FRA

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FE2E 603 B
218 B 170ms
168ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685980706548&bpp=4&bdt=887&idt=279&shv=r20230531&mjsv=m202305310101&ptt=9&saldr=aa&nras=1&correlator=4800735757698&frm=24&ife=1&pv=2&ga_vid=854444417.1685980706&ga_sid=1685980707&ga_hid=59647142&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759837%2C44759876%2C31075004%2C44788441%2C31071260&oid=2&pvsid=1497102148338384&tmod=355982566&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.b71lvrwtbxb7&fsb=1&dtd=294

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31075004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 43F4 358 KB
120 KB 208ms
105ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1f7d57c54a2f168df796106063e89d2c6dc208ceeb2fca5257ed9297ec2bf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122262
x-xss-protection: 0
expires: Mon, 05 Jun 2023 15:58:27 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ Frame 43F4 398 KB
128 KB 49ms
49ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=6/5/2023
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19513
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:26 GMT
content-encoding: gzip
last-modified: Mon, 29 May 2023 18:51:56 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Mon, 12 Jun 2023 15:58:26 GMT

GET
H2 200 container.html Show response
ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2222 6 KB
3 KB 37ms
36ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:26 GMT
expires: Tue, 04 Jun 2024 15:58:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2222 24 KB
7 KB 136ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 09:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Jun 2024 09:06:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2222 136 KB
46 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ba2129b7dd383098316594bc36d4da139fce7dccedaa1398482ace451c8bec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Origin: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47355
x-xss-protection: 0
server: cafe
etag: 12833232315774148974
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2222 171 KB
54 KB 172ms
81ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:27 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2222 0
0 73ms
73ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoBwrA8UffVy9-2BIkww_umweF0BvUfIt2OPxJgQBnjO3T9FEgoAElGZYxcWfju9k9AdwSgw1q1h0whihaP46TU0Q-DP8gYdeYSN0bWmTO10GP-Twsns6U_gYd6BsMcD_XJfuPoBfgNWTRllrZ181W_6x4BC9L3ziT46LQxOVXsYMP8TsoLrP1ZgNjUuHC6hn-cwx2EggLyvTph6UkNxV9ZIPxn-kcRbCYfe3cmMZeXzkUfxi4mOagzJ6ZD13nFtKg-JdjwVF5Huc1Kg8AD7xnBvYsUfFW_xDk0-NZ-lglf37aLyW3J9f6_wXh6imvhJjmePSi_L9w13dajjAcOAAbF_wPpdwujkNMZiu44d42Qpn1WUA&sai=AMfl-YQAx3ygqjs9iOGDTGjmXGpD6dcKTVWaPv5np56C3wENAA0UbjyqI9DhGKfikuDu6ApAfI-ZQGPorsjBifJ7iVNQaYXH9FYlwQ-vNHcKDOA&sig=Cg0ArKJSzOfWros3hiQIEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Jun 2023 15:58:27 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ Frame 2222 351 KB
118 KB 110ms
109ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5352b3b0a0852a22dee798975fdb3c764d664eeea3ffe84799e71aaf539a5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120659
x-xss-protection: 0
server: cafe
etag: 10792662746848641068
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:27 GMT

GET
H2 200 5ed7638be4b07a92411bbffe
ng2.virgul.com/tck/imp/ Frame 43F4 0
209 B 53ms
46ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7638be4b07a92411bbffe?g=1&t=gb&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685980706309&userId=vnet07d2b9d2-e53d-4a8d-b2ba-70547ce20081
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 15:58:27 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
DATA 200
OK truncated
/ Frame 2222 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1dd6622825f3d518fd677e8575cae0654a3afbc78a92bf1b2942ea2fe04afe83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2222 107 B
165 B 45ms
44ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2222 107 B
165 B 47ms
46ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0217 0
16 B 207ms
207ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685980707370&bpp=9&bdt=166&idt=208&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&nras=1&correlator=5765937014493&frm=8&ife=1&pv=2&ga_vid=775208630.1685980708&ga_sid=1685980708&ga_hid=852425619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1314163020&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44788442%2C44793498&oid=2&pvsid=168256876745976&tmod=164915221&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ab9e17odn3it&fsb=1&dtd=228

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1CF1 33 KB
14 KB 380ms
380ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685980707379&bpp=2&bdt=176&idt=225&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5765937014493&frm=8&ife=1&pv=1&ga_vid=775208630.1685980708&ga_sid=1685980708&ga_hid=852425619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1314163020&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44788442%2C44793498&oid=2&pvsid=168256876745976&tmod=164915221&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.p25332vywrjn&fsb=1&dtd=231

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35093c99d945fbf48f632120ce401af37721bb4b690fbe0fb452611d8959793e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14072
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 43F4 107 B
165 B 46ms
45ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 43F4 107 B
165 B 48ms
46ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 43F4 23 KB
10 KB 324ms
324ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1497102148338384&correlator=302707540326914&eid=31072020%2C31074947%2C31074988&output=ldjh&gdfp_req=1&vrg=202305300101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=3&adks=3299242717&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685980706309%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet07d2b9d2-e53d-4a8d-b2ba-70547ce20081%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet07d2b9d2e53d4a8db2ba70547ce20081&sc=1&cdm=ye-mek.net&abxe=1&dt=1685980707642&lmt=1685980707&dlt=1685980705661&idt=1046&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ku9y5cgreqlg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCvhHluCGBZ3Qbbiko652HEI0LyPBuPBX8zZ_wjYMJUYIn4Nc4LeVq-rB8GFdRf-8sn2gFfGraQiju2-72l6Rsg&ga_vid=854444417.1685980706&ga_sid=1685980707&ga_hid=59647142&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d7432628543445b8e9fc4db3d5548094165c6c22107b66d429529116becf8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10705
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 43F4 24 KB
11 KB 396ms
396ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1497102148338384&correlator=3629122232620545&eid=31072020%2C31074947%2C31074988&output=ldjh&gdfp_req=1&vrg=202305300101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=4&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685980706309%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet07d2b9d2-e53d-4a8d-b2ba-70547ce20081%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet07d2b9d2e53d4a8db2ba70547ce20081&sc=1&cdm=ye-mek.net&abxe=1&dt=1685980707646&lmt=1685980707&dlt=1685980705661&idt=1046&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=cklyz738lywm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvhHluCGBZ3Qbbiko652HEI0LyPBuPBX8zZ_wjYMJUYIn4Nc4LeVq-rB8GFdRf-8sn2gFfGraQiju2-72l6Rsg&ga_vid=854444417.1685980706&ga_sid=1685980707&ga_hid=59647142&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5edaa7a6259fe1e4afeeece18097c7661291921e025ffd0bcadb2203479b403a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 43F4 23 KB
11 KB 535ms
534ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1497102148338384&correlator=3774161193201574&eid=31072020%2C31074947%2C31074988&output=ldjh&gdfp_req=1&vrg=202305300101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=5&adks=3203893797&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D2.39%26hb_adid%3D6871fe12556ae9e%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D160x600%26hb_pb_rubicon%3D2.39%26hb_adid_rubicon%3D6871fe12556ae9e%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D2.39&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685980706309%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet07d2b9d2-e53d-4a8d-b2ba-70547ce20081%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet07d2b9d2e53d4a8db2ba70547ce20081&sc=1&cdm=ye-mek.net&abxe=1&dt=1685980707651&lmt=1685980707&dlt=1685980705661&idt=1046&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=befyewtt6nn4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCvhHluCGBZ3Qbbiko652HEI0LyPBuPBX8zZ_wjYMJUYIn4Nc4LeVq-rB8GFdRf-8sn2gFfGraQiju2-72l6Rsg&ga_vid=854444417.1685980706&ga_sid=1685980707&ga_hid=59647142&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44530944f7cb09698bcc30c8b32262310894965b660c221e3247a526cbb01939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11114
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 43F4 23 KB
11 KB 369ms
368ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1497102148338384&correlator=3731013823549504&eid=31072020%2C31074947%2C31074988&output=ldjh&gdfp_req=1&vrg=202305300101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=6&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685980706309%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet07d2b9d2-e53d-4a8d-b2ba-70547ce20081%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet07d2b9d2e53d4a8db2ba70547ce20081&sc=1&cdm=ye-mek.net&abxe=1&dt=1685980707654&lmt=1685980707&dlt=1685980705661&idt=1046&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=xcae8jky5d6y&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvhHluCGBZ3Qbbiko652HEI0LyPBuPBX8zZ_wjYMJUYIn4Nc4LeVq-rB8GFdRf-8sn2gFfGraQiju2-72l6Rsg&ga_vid=854444417.1685980706&ga_sid=1685980707&ga_hid=59647142&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b57e7b72427d4fdaa116fa3987ded1efed330eedd098e65711d9f10efd12648

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11136
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 43F4 32 KB
13 KB 371ms
371ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1497102148338384&correlator=2579784219958778&eid=31072020%2C31074947%2C31074988&output=ldjh&gdfp_req=1&vrg=202305300101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=7&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685980706309%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet07d2b9d2-e53d-4a8d-b2ba-70547ce20081%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet07d2b9d2e53d4a8db2ba70547ce20081&sc=1&cdm=ye-mek.net&abxe=1&dt=1685980707658&lmt=1685980707&dlt=1685980705661&idt=1046&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=6dsyi6lumvtd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvhHluCGBZ3Qbbiko652HEI0LyPBuPBX8zZ_wjYMJUYIn4Nc4LeVq-rB8GFdRf-8sn2gFfGraQiju2-72l6Rsg&ga_vid=854444417.1685980706&ga_sid=1685980707&ga_hid=59647142&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88fa000bc8302f91fb338ee7e13616a8dd55baa9b7df544b84914574e506f682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13610
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 43F4 32 KB
13 KB 335ms
335ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1497102148338384&correlator=3742644985085133&eid=31072020%2C31074947%2C31074988&output=ldjh&gdfp_req=1&vrg=202305300101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160%7C640x205&fluid=height&ifi=8&adks=3050045420&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685980706309%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet07d2b9d2-e53d-4a8d-b2ba-70547ce20081%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet07d2b9d2e53d4a8db2ba70547ce20081&sc=1&cdm=ye-mek.net&abxe=1&dt=1685980707663&lmt=1685980707&dlt=1685980705661&idt=1046&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ljkki7lqwldi&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=996x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvhHluCGBZ3Qbbiko652HEI0LyPBuPBX8zZ_wjYMJUYIn4Nc4LeVq-rB8GFdRf-8sn2gFfGraQiju2-72l6Rsg&ga_vid=854444417.1685980706&ga_sid=1685980707&ga_hid=59647142&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed6dc193732581a952882b0b41fdeedbf4bd20d89d631e9a94140fcb1f2c8a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13430
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 143D 6 KB
3 KB 38ms
36ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:26 GMT
expires: Tue, 04 Jun 2024 15:58:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 XassetrGVaWW53.png
ads.w55c.net/t/d/ Frame 1CF1 43 KB
44 KB 155ms
8ms Image
image/png 2600:9000:2491:8400:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.w55c.net/t/d/XassetrGVaWW53.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=RTQ1QTY5MDBGNTlEQ0U3OTBBRUEwMDc2RUM5MEMzMTF8R0Y4Zm5QdHhYOHwxNjg1OTgwNzA3ODA3fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDU2NzEyMjg2OV9FWHwzODI1MXx8fHwuMFB8VVNE&ei=GOOGLE_CONTENTNETWORK&ac=WFMwUE56aXZTMTpYU2YwU29uZW43fDB8MHxFVVI7&js=0&ob=0&ccw=SUFCOCMwLjcyMjgxMjJ8SUFCOC04IzAuNTQzNjE0MnxJQUI4LTcjMC4wODk0NDE2M3xJQUI4LTkjMC4wNTkyOTk0OXxJQUIxIzAuMDQ5MTU3MzY&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fye-mek.net&ts=1685980707809&c=DE&r=G-HE&epid=R0N5ZS1tZWsubmV0&mi=d2Vi&wp_exchange=NWP

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685980707379&bpp=2&bdt=176&idt=225&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5765937014493&frm=8&ife=1&pv=1&ga_vid=775208630.1685980708&ga_sid=1685980708&ga_hid=852425619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1314163020&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44788442%2C44793498&oid=2&pvsid=168256876745976&tmod=164915221&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.p25332vywrjn&fsb=1&dtd=231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:8400:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

96e22a33f827f042ac4b239c21f468a17c87545df3f6b90e100d3a91b253a1e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: 77muH8mujF9NEC9ipS.55iMMWqUaEtvK
date: Sun, 04 Jun 2023 21:11:34 GMT
via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: FRA56-P7
age: 67615
x-amz-server-side-encryption: AES256
x-amz-meta-width: 728
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 44534
x-amz-meta-height: 90
content-length: 44534
last-modified: Wed, 03 May 2023 17:26:36 GMT
server: AmazonS3
etag: "ccf751b21647e448aa5dadd8c05f5ac6"
vary: Accept-Encoding
content-type: image/png
cache-control: must-revalidate
accept-ranges: bytes
x-amz-cf-id: wrloYOEKlRTIfRVYwX58f0dAV9Bmua_5KYujQuarGl0Gc6Re51hoaQ==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame 1CF1 95 B
920 B 177ms
35ms Image
image/png 154.58.197.185
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=7335584957428352
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685980707379&bpp=2&bdt=176&idt=225&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5765937014493&frm=8&ife=1&pv=1&ga_vid=775208630.1685980708&ga_sid=1685980708&ga_hid=852425619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1314163020&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44788442%2C44793498&oid=2&pvsid=168256876745976&tmod=164915221&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.p25332vywrjn&fsb=1&dtd=231
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 , United States, ASN174 (COGENT-174, US),
Reverse DNS: staticip-hv4m185.hispavista.com
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 15:58:26 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Thu, 02 Jun 2033 15:58:26 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame 1CF1 5 KB
3 KB 60ms
7ms Script
text/javascript 192.229.233.53
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE_CONTENTNETWORK&ob=0&ai=0DaDXCcU00&epid=R0N5ZS1tZWsubmV0&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRzobPsLhV&btid=RTQ1QTY5MDBGNTlEQ0U3OTBBRUEwMDc2RUM5MEMzMTF8R0Y4Zm5QdHhYOHwxNjg1OTgwNzA3ODA3fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDU2NzEyMjg2OV9FWHwzODI1MXx8fHwuMFB8VVNE&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEMrf91KEK4I6qtxveVhVmiQ&spidu=GOOGLE_CONTENTNETWORK&pidu=ye-mek.net&hmpvu=130d298a-4687-46a5-9395-952ccb157566&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.53 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67DF) /

Resource Hash

6a88e0d82ba2998038cc86adc47bfb48d21e6114e18d97f0ecd05f5df519a95f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000; includeSubDomains
last-modified: Wed, 23 Feb 2022 16:57:18 GMT
server: ECS (frb/67DF)
age: 428303
etag: "3321997696"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: no-cache, must-revalidate
accept-ranges: bytes
content-length: 2391
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 1CF1 3 KB
1 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 08:52:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 1CF1 19 KB
8 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1CF1 0
0 132ms
46ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQzsbE_XHDgM4IK5wwr4v8aEoZSAV9HUMU5OAE7k52GQLvh64IR00sHHwjk8z-DSEpcaS4CFS9Y0O__6_0S01o9jPgLXw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685980707379&bpp=2&bdt=176&idt=225&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5765937014493&frm=8&ife=1&pv=1&ga_vid=775208630.1685980708&ga_sid=1685980708&ga_hid=852425619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1314163020&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44788442%2C44793498&oid=2&pvsid=168256876745976&tmod=164915221&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.p25332vywrjn&fsb=1&dtd=231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1CF1 171 KB
53 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:28 GMT

GET
H3 200 container.html Show response
ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2600 6 KB
3 KB 36ms
36ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:26 GMT
expires: Tue, 04 Jun 2024 15:58:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1CF1 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAPPYIwZ-ZLCsKq2Do9kPkZKcsAm6iLSPXJzX7u6pCMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqAMByAMCqgSuAU_QKpJhBs7ttjyIKRLwiZUrxb8yZv1-XLVibI9hAOzXiMTCqmDulWPEVedJq-9A0fRtsDPbI3uh2eAonUmcw2or_IiEo6sWQc-2W5X0nPCMv1Dz5bChuH7bKjWKEphKQGnObUafZHeUul8u-RRG3FsnFTbzkq0jQymhbw8LQ_TKGBYLytxnZwopX3sI5ewSLx03jZHuqBSv6WvNwGILoM8NX4ok-X42JI7lgaHIqIAG0cmll-ullpXrAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjU5MzUyMzIxMDAxMDE1NBgA&sigh=L2RmCSn2fEs&uach_m=[UACH]&cid=CAQSKQBygQiDUOcydxXHVDws-zPlcHTqYpX7HVNBPWO3OLt9H6wbvVcm5OPYGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685980707379&bpp=2&bdt=176&idt=225&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5765937014493&frm=8&ife=1&pv=1&ga_vid=775208630.1685980708&ga_sid=1685980708&ga_hid=852425619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1314163020&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44788442%2C44793498&oid=2&pvsid=168256876745976&tmod=164915221&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.p25332vywrjn&fsb=1&dtd=231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Jun 2023 15:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 871A 6 KB
3 KB 36ms
36ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:26 GMT
expires: Tue, 04 Jun 2024 15:58:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 850C 6 KB
3 KB 36ms
35ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:26 GMT
expires: Tue, 04 Jun 2024 15:58:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6FB0 6 KB
3 KB 36ms
36ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:26 GMT
expires: Tue, 04 Jun 2024 15:58:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 a.gif Show response
i.w55c.net/ Frame 1CF1 42 B
582 B 50ms
8ms Fetch
image/gif 3.126.192.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=RTQ1QTY5MDBGNTlEQ0U3OTBBRUEwMDc2RUM5MEMzMTF8R0Y4Zm5QdHhYOHwxNjg1OTgwNzA3ODA3fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDU2NzEyMjg2OV9FWHwzODI1MXx8fHwuMFB8VVNE&ei=GOOGLE_CONTENTNETWORK&wp_exchange=ZH4GIwAKljAFKMGtAAcJESPKvyR1iOGTQvdxMw&ac=WFMwUE56aXZTMTpYU2YwU29uZW43fDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCOCMwLjcyMjgxMjJ8SUFCOC04IzAuNTQzNjE0MnxJQUI4LTcjMC4wODk0NDE2M3xJQUI4LTkjMC4wNTkyOTk0OXxJQUIxIzAuMDQ5MTU3MzY&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=ye-mek.net&s=https%3A%2F%2Fye-mek.net&ts=1685980707809&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-HE&rnd=7335584957428352&epid=R0N5ZS1tZWsubmV0&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1udVZVV21Ndg&l=dHJ8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=2&euid=Q0FFU0VNcmY5MUtFSzRJNnF0eHZlVmhWbWlR&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=ql1EC-bhknTa-Z88rb2Njw&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEMrf91KEK4I6qtxveVhVmiQ&spidu=GOOGLE_CONTENTNETWORK&pidu=ye-mek.net&hmpvu=130d298a-4687-46a5-9395-952ccb157566&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.192.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-192-167.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-777-g304ac51#rel-ec2-master i-085c90e762a864cb4@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:58:27 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-777-g304ac51#rel-ec2-master i-085c90e762a864cb4@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9CDA 624 B
242 B 76ms
75ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARiD27LlATAB&v=APEucNWwCuVvmpC1h3zWjM0zKQekR1ZgcLCTnjeyI27AIOy5K_klSCLsgBzo_tIpGa9OhQtqWWUittk_lNoQ0K0boXjqBvARbEiv7mSdKwTowdIXh0HG0Z-MIQUQa9e740Bsgy_hv43TZgdYV8ny4H6y0pR1T_eV2ppCE_1hRvzgGfbQq48PuYE

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 143D 78 KB
27 KB 190ms
190ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 143D 42 B
63 B 72ms
71ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C9q14krbZbH3Osba6Vsfo7XqnhxKeBxjsePAeqO5Sj0kIcZTfk38qYCWjL8o4og2QmXv00QG4zpDxHYK-V-Xn7_Vtny3tNeiw_HVS9Lf8SL9xXleg

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 143D 0
20 B 73ms
71ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14681292129931315927&x=1&ct=76

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 143D 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 08:52:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 143D 19 KB
8 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 143D 0
0 48ms
46ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTBn9SaiDF2_6xLp_yfc9bdeWDTufOkZhycF_WDd46T9bxYIwSbS2PNk6h8rdocYapvI3w4LjboE6uQpncCJqCGuq7OxQ
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 143D 171 KB
53 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:28 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2600 0
0 79ms
79ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CbpSUIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE4wFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4aRMq3-yKag63LbWKfHzNE-RafR4vkeV0093A9aDyE4W4aflKXDGOAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzk4MzY1MTI1NzgzODI4MhjqwW0&sigh=RfQuEufMedQ&uach_m=[UACH]&cid=CAQSOwBygQiDlLjPIQcNaVIO4GWxKr3QHhcbv6sfuQBpCvdIuJRWZCv370StwXaBpzKW5r4OqQibGqxkjHWUGAE
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 2600 0
0 75ms
20ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kf7npdwzg1qf0etg58c57m3fb3jchc8hsccvptrchv19fvnp50fzcyq40t5bxphss60nhhtb5yk0zvfn5yxv0tyg7wdvcfexe365cayh5w746es6swd9ebd2j9gn77pyr30khxckavqcn62e6c57f0rdz0kdqs3j9epm4wda84e9xj1qndf2s1p06x1kxc796f9cnb0ghbvs10z7jksm7rrqepjd7snyk1q9jwxz898j8n9wprq4f29s5qest3jxvmv7bf1bap3efc9s98gdb9wfwrwrx8kachr6w9k7gne7q3ws24ne06kzvnw0xjm6612dg7bjgcwnkbg8d6gzrrfvtbxky7grzjtapbdrdaqz50wcz2bg4b114xetzpe658pnfwjf0mwsswv&b=ZH4GIwALSwYIu8PfAAC_YWCHfsOTp2lO8onLkw
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Jun 2023 15:58:28 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 4978 2 KB
1 KB 90ms
37ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1ht9mz6sx5w6wv6dt4bvk5pvm02ee63gcdeg4b0qq92jfjwys4g4s0ga1h3ckf6wbksyg7mdn21keq5ee2ktewvpktyyv8dbn5qsn2d3ejf2cdr93b773eebb7p01aszy48t2avp0hc5d77ktaetbndj2a8hj7n59bh1ty54z7zxj2ev643ey5ake4r2d9sw5vv0avrj5hgtwwykqf5t4n649d3t49m9b0k49bjk039p2803rrx66a3h5t5ybhgrv7a8gjtzynasgj589vehevtb6e9htz73s8smgc6tpg836w5z2s76rmyrhm6a154qxay8897th113s0mgtd3etgpn155yg9fx54zf74qjz86tw98ma1vdf1rt9rpec24r592xvsfrasghe4c3fcge4cvwamx9qr5k87vjp7f9be5frc16795mq57ynnwqfweapk567ch7gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%26client%3Dca-pub-7983651257838282%26adurl%3D

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5ba825c60f8eef36a88df50b232a9783d439faac27b00cf18c2d600469643c4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d299e023b8d046a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:28 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 2600 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 08:52:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B906 1 KB
643 B 45ms
43ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 18:15:11 GMT
etag: 48472445140208031
expires: Mon, 05 Jun 2023 18:15:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 2600 19 KB
8 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2600 0
0 48ms
45ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaToigiF_hKB1nROAzEA3eKF77ZgHLq8Dp5Nd5MhfDuVgp4i87Ak0eaLjUMXG-XdL3xJzOC_t54OZitpeR4gjeSIYlWZlw
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2600 24 KB
6 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 09:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Jun 2024 09:06:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2600 171 KB
53 KB 113ms
111ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:28 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D1F4 624 B
242 B 81ms
78ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNXum3VVoQRkBd8Gy3W039Qr8Rp3AkoLBx4nWh-9qjFlTIfhMyAe61kZgerFFAWx6pkOD8cmf8LLCLazW3CO3wM4ePbvlfg3oM4IUBk20EbCyvJ9SCsXazFIztrigfy1qTWINVTmoTVzwZi5u4XvbUT3iiLivwm_bz_pfm8qONW-qPOcvYM

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 871A 78 KB
27 KB 289ms
289ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 871A 42 B
63 B 78ms
76ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BG8nrkbsfstBjEw2S2g2m5dMNS8ya3k4GTyXK90oX7je5VGQ79ZG2wjQzzbbJJYY3ZSCBc5uLQv6NBW0L4AhLScXA_pxHMbEpmV6ojoMRJMbwQFqM

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 871A 0
20 B 79ms
76ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8401514277473895279&x=1&ct=76

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 871A 3 KB
1 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 08:52:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 871A 19 KB
8 KB 38ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 871A 0
0 48ms
45ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRkB2WtpmKBm8SA11aOHXsLHn-NHlMQ9Hy2xSfScIo2ybKy8ingQx9UGHUrcUzpNTFMnAxNgpS8S7nqMvdqqUO1kqaPDQ
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 871A 171 KB
53 KB 116ms
113ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:28 GMT

GET
H/1.1 200
OK analytics.js Show response
s.h.w55c.net/2/948461/ Frame 1CF1 6 KB
3 KB 181ms
27ms Script
text/javascript 52.19.145.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE_CONTENTNETWORK&pp=ye-mek.net&ti=&pv=130d298a-4687-46a5-9395-952ccb157566&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8

Requested by

Host: cti.w55c.net
URL: https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE_CONTENTNETWORK&ob=0&ai=0DaDXCcU00&epid=R0N5ZS1tZWsubmV0&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRzobPsLhV&btid=RTQ1QTY5MDBGNTlEQ0U3OTBBRUEwMDc2RUM5MEMzMTF8R0Y4Zm5QdHhYOHwxNjg1OTgwNzA3ODA3fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDU2NzEyMjg2OV9FWHwzODI1MXx8fHwuMFB8VVNE&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEMrf91KEK4I6qtxveVhVmiQ&spidu=GOOGLE_CONTENTNETWORK&pidu=ye-mek.net&hmpvu=130d298a-4687-46a5-9395-952ccb157566&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.19.145.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-145-179.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7a6bdf6ab6555a5f03c43b18cb3dadf141244daabc4f7d04387c8547bb0ee474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:58:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2888
Expires: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 850C 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CyQyAIwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE9wFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvijd84iGRwy5VIt62IvV7PGIaBrj0PWGu3F-g28uIQLMBYOqMtFh4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=h1HXTbzNxQA&uach_m=[UACH]&cid=CAQSOwBygQiD6mPCy9M4_TftdkkeFtSXRfVhq0BLruEHnQ4SY-6qZn_IztWL3NWYpv6JsnFDV05JPLH7XYJZGAE
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 850C 0
0 41ms
21ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j6717aq24v8sm32mnb9q74rcw791t3cn8v1dv38134pcmscr4rzhtyn3dqrqtsjd13nqf9f8ny2wvbvcaz8497bc8sgfyedb1jh1kfqt104b8mzz6njd9w98ftmw6fsep4tes1k3ygmdjbvqdjv4s9v7q0krx9n7g05ee0fv0qnr99dfa6fjttbysk1ta43bnmj3k6hax6c471fqkd3wx2cv5pk5w87856m7x1ytcdkg5tw2p2d0gffn41vptvq5de7hfew966tnjvkdhea4s2gwen9d4rssfz60kaxwxqyd0n5ark7n1f43enwb1zrvh5hqfpk0szfqj6psk66fs88vn0a931x1aafjp1gyx5g2v6bzd3ygcr1k0e9t2xn39xtym1wxw&b=ZH4GIwALQP4H_ZFlAAM-a0e-DCPFvHRfScChbg
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Jun 2023 15:58:28 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 73FB 2 KB
3 KB 54ms
35ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k2ka8qp7s1nhbda1r4xmg7z2mmsb3aph62j8rpg28nv5gg06pyg0dbnne6dwq8fd1bj8t1ecyc791meye9s524rwsrqsgp823mjzqyr94qfew1b0gm1ttvsmke2q2gwhqnhfmvp208ycvyt304wztxm8spfp2q8p74s870137rw4cwyxpksjrvqqsqynkwdqwaj2k5324y2v604ddve713dggybjekmx093r4c40bfttt04spyp0rfqrbderzv9m86y9777wksrnwwx72pmevjncm51rdqdx1rsmdtrd4zteq53bba6ng2qrefrm20c38erzzm4f00brv3837w1w6qrstspjbm880fa889jvzj6vfk4sesr262pw4nnnhtjtnk4cbgtc5jep5s6q3rrq3rs46h0rphcjcq0garh3e24szzg4mw0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%26client%3Dca-pub-7983651257838282%26adurl%3D

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48d917e694d5cffc5b77251a040a7ee481eb319fb77ca4d191285ff50498b794

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d299e023b90046a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:28 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 850C 3 KB
1 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 08:52:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 75D8 1 KB
643 B 47ms
38ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 18:15:11 GMT
etag: 48472445140208031
expires: Mon, 05 Jun 2023 18:15:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 850C 19 KB
8 KB 44ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 850C 0
0 55ms
44ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSg5_od9AQ-mKW1VeV4paHlLCuTKIvPQIkj9q8rroDBOsOLM54ZvX2g7r7ICsxawynw4ZisLOWG_HyydUZY8qEE3vnq9Q
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 850C 24 KB
6 KB 48ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 09:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Jun 2024 09:06:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 850C 171 KB
53 KB 107ms
98ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:28 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6EA5 1 KB
643 B 48ms
41ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 18:15:11 GMT
etag: 48472445140208031
expires: Mon, 05 Jun 2023 18:15:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E6D1 624 B
242 B 77ms
75ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNXsd7R04ecLX-EhqAZd7rPI7wp761wNgtU4p1y-8-4P-EifIS8GIQ5VdmTKkXwZduzHtHIGmxzhX-9pDsfDt3438JVCOum3YGCSr1hRdd1TBNUm8UM_nf60_bWHw308iI6PArE-eMg7bEFulGrW37TroeYAXF8Z1wXNll7Rqb8zmknC6hY

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6FB0 78 KB
27 KB 254ms
252ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FB0 42 B
63 B 73ms
70ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CvTW9riL9a0hlwDSC7wxKFp_h8udBXk8bd7TlVNzlTJHlNWSqFKMZTMLmtm7aM0jJI-Uj0bJrqzmkcf5xDWIw_Pwxnz29-O09Nq2FC0ApCq-S0v7k

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FB0 0
20 B 74ms
72ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11894181221594616137&x=1&ct=76

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 6FB0 3 KB
1 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 08:52:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 6FB0 19 KB
8 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6FB0 0
0 48ms
46ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQP7GyfQXSl9sahp-1S9A_CnBQCHz2nEYfygG0IW-Tb_8i8_eXUnkNCnFL7QuOxSEQIWWUH9KIC3zROqbwc-zqBkNCQhg
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6FB0 171 KB
53 KB 135ms
133ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:28 GMT

GET
DATA 200
OK truncated
/ Frame 1CF1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36039db5f9d8089c6d01f67144d50ccfa6f65a27ab0375b2a15f7b2f846aea36

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2D79 6 KB
3 KB 40ms
35ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:26 GMT
expires: Tue, 04 Jun 2024 15:58:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9CDA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARiD27LlATAB&v=APEucNWwCuVvmpC1h3zWjM0zKQekR1ZgcLCTnjeyI27AIOy5K_klSCLsgBzo_tIpGa9OhQtqWWUittk_lNoQ0K0boXjqBvARbEiv7mSdKwTowdIXh0HG0Z-MIQUQa9e740Bsgy_hv43TZgdYV8ny4H6y0pR1T_eV2ppCE_1hRvzgGfbQq48PuYE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:58:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9CDA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH4GJKnBzOMdWUG9ulo.VwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1&google_hm=2

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARiD27LlATAB&v=APEucNWwCuVvmpC1h3zWjM0zKQekR1ZgcLCTnjeyI27AIOy5K_klSCLsgBzo_tIpGa9OhQtqWWUittk_lNoQ0K0boXjqBvARbEiv7mSdKwTowdIXh0HG0Z-MIQUQa9e740Bsgy_hv43TZgdYV8ny4H6y0pR1T_eV2ppCE_1hRvzgGfbQq48PuYE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:58:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9CDA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECFMuKgcyDGAElPjktmk0gA&google_cver=1

43 B
1 KB

9ms
8ms

Image
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECFMuKgcyDGAElPjktmk0gA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARiD27LlATAB&v=APEucNWwCuVvmpC1h3zWjM0zKQekR1ZgcLCTnjeyI27AIOy5K_klSCLsgBzo_tIpGa9OhQtqWWUittk_lNoQ0K0boXjqBvARbEiv7mSdKwTowdIXh0HG0Z-MIQUQa9e740Bsgy_hv43TZgdYV8ny4H6y0pR1T_eV2ppCE_1hRvzgGfbQq48PuYE

Protocol

HTTP/1.1

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:58:28 GMT
AN-X-Request-Uuid: 4bb719d7-e6df-4209-bb6a-6ea8e9c61efb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.157; 185.213.155.157; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECFMuKgcyDGAElPjktmk0gA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9CDA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUxNjY2MTM5Njg0NTg5NTY2OQ%3D%3D

170 B
243 B

52ms
50ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUxNjY2MTM5Njg0NTg5NTY2OQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 05 Jun 2023 15:58:28 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.157; 185.213.155.157; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 311ea02b-e296-49a9-9227-2aaaf0ac59fe
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUxNjY2MTM5Njg0NTg5NTY2OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 73FB 103 KB
13 KB 27ms
26ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k2ka8qp7s1nhbda1r4xmg7z2mmsb3aph62j8rpg28nv5gg06pyg0dbnne6dwq8fd1bj8t1ecyc791meye9s524rwsrqsgp823mjzqyr94qfew1b0gm1ttvsmke2q2gwhqnhfmvp208ycvyt304wztxm8spfp2q8p74s870137rw4cwyxpksjrvqqsqynkwdqwaj2k5324y2v604ddve713dggybjekmx093r4c40bfttt04spyp0rfqrbderzv9m86y9777wksrnwwx72pmevjncm51rdqdx1rsmdtrd4zteq53bba6ng2qrefrm20c38erzzm4f00brv3837w1w6qrstspjbm880fa889jvzj6vfk4sesr262pw4nnnhtjtnk4cbgtc5jep5s6q3rrq3rs46h0rphcjcq0garh3e24szzg4mw0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k2ka8qp7s1nhbda1r4xmg7z2mmsb3aph62j8rpg28nv5gg06pyg0dbnne6dwq8fd1bj8t1ecyc791meye9s524rwsrqsgp823mjzqyr94qfew1b0gm1ttvsmke2q2gwhqnhfmvp208ycvyt304wztxm8spfp2q8p74s870137rw4cwyxpksjrvqqsqynkwdqwaj2k5324y2v604ddve713dggybjekmx093r4c40bfttt04spyp0rfqrbderzv9m86y9777wksrnwwx72pmevjncm51rdqdx1rsmdtrd4zteq53bba6ng2qrefrm20c38erzzm4f00brv3837w1w6qrstspjbm880fa889jvzj6vfk4sesr262pw4nnnhtjtnk4cbgtc5jep5s6q3rrq3rs46h0rphcjcq0garh3e24szzg4mw0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%26client%3Dca-pub-7983651257838282%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 1150
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8FaTvYalqCChlQAzit%2Bjs8Q2HYk6bMnm2DmfDHUyehDHRtyMfqcBRqAxxbZgMEJZT7vye4yWWPaH6XmP43AbG3DFKmkEtzhfP2CJjgxH9Wr%2BSmjfY%2BCL7xs4NVAHvmAM8PX30THbfQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7d299e02bc1b046a-FRA
expires: Mon, 05 Jun 2023 16:58:28 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 73FB 25 KB
10 KB 35ms
26ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k2ka8qp7s1nhbda1r4xmg7z2mmsb3aph62j8rpg28nv5gg06pyg0dbnne6dwq8fd1bj8t1ecyc791meye9s524rwsrqsgp823mjzqyr94qfew1b0gm1ttvsmke2q2gwhqnhfmvp208ycvyt304wztxm8spfp2q8p74s870137rw4cwyxpksjrvqqsqynkwdqwaj2k5324y2v604ddve713dggybjekmx093r4c40bfttt04spyp0rfqrbderzv9m86y9777wksrnwwx72pmevjncm51rdqdx1rsmdtrd4zteq53bba6ng2qrefrm20c38erzzm4f00brv3837w1w6qrstspjbm880fa889jvzj6vfk4sesr262pw4nnnhtjtnk4cbgtc5jep5s6q3rrq3rs46h0rphcjcq0garh3e24szzg4mw0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 599693
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TF3kGaGTwnzG3gvbmmwu5PcEyEcr9QIpgfQRTJQo0BnHkKbjvEWou5MArFv3LvsmWoWbzaYOG%2BHQ%2F%2F%2BUUavYodlfF2ND%2F9nIXYE%2BAtqxnQS4PSPbw%2F3U1eGjj8EO%2BAQU67nYvgY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7d299e02cc31046a-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 23 May 2023 13:46:09 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 4978 103 KB
12 KB 42ms
42ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ht9mz6sx5w6wv6dt4bvk5pvm02ee63gcdeg4b0qq92jfjwys4g4s0ga1h3ckf6wbksyg7mdn21keq5ee2ktewvpktyyv8dbn5qsn2d3ejf2cdr93b773eebb7p01aszy48t2avp0hc5d77ktaetbndj2a8hj7n59bh1ty54z7zxj2ev643ey5ake4r2d9sw5vv0avrj5hgtwwykqf5t4n649d3t49m9b0k49bjk039p2803rrx66a3h5t5ybhgrv7a8gjtzynasgj589vehevtb6e9htz73s8smgc6tpg836w5z2s76rmyrhm6a154qxay8897th113s0mgtd3etgpn155yg9fx54zf74qjz86tw98ma1vdf1rt9rpec24r592xvsfrasghe4c3fcge4cvwamx9qr5k87vjp7f9be5frc16795mq57ynnwqfweapk567ch7gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1ht9mz6sx5w6wv6dt4bvk5pvm02ee63gcdeg4b0qq92jfjwys4g4s0ga1h3ckf6wbksyg7mdn21keq5ee2ktewvpktyyv8dbn5qsn2d3ejf2cdr93b773eebb7p01aszy48t2avp0hc5d77ktaetbndj2a8hj7n59bh1ty54z7zxj2ev643ey5ake4r2d9sw5vv0avrj5hgtwwykqf5t4n649d3t49m9b0k49bjk039p2803rrx66a3h5t5ybhgrv7a8gjtzynasgj589vehevtb6e9htz73s8smgc6tpg836w5z2s76rmyrhm6a154qxay8897th113s0mgtd3etgpn155yg9fx54zf74qjz86tw98ma1vdf1rt9rpec24r592xvsfrasghe4c3fcge4cvwamx9qr5k87vjp7f9be5frc16795mq57ynnwqfweapk567ch7gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%26client%3Dca-pub-7983651257838282%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 1150
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrodxR54nWABC92QbtIA3E2uJ%2FpSF2F7E4GV%2F%2FxHbRD9Wt4VL4cH4iwGXw8itmiaHWL%2FAGP%2B1gveQbe5HM4%2FPq%2FsVEUt7SxjnXySH1IIa8na96YiSLERUlmtsdHzxLy0%2BY8TzK2F%2FjQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7d299e02bc1f046a-FRA
expires: Mon, 05 Jun 2023 16:58:28 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 4978 25 KB
10 KB 30ms
24ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ht9mz6sx5w6wv6dt4bvk5pvm02ee63gcdeg4b0qq92jfjwys4g4s0ga1h3ckf6wbksyg7mdn21keq5ee2ktewvpktyyv8dbn5qsn2d3ejf2cdr93b773eebb7p01aszy48t2avp0hc5d77ktaetbndj2a8hj7n59bh1ty54z7zxj2ev643ey5ake4r2d9sw5vv0avrj5hgtwwykqf5t4n649d3t49m9b0k49bjk039p2803rrx66a3h5t5ybhgrv7a8gjtzynasgj589vehevtb6e9htz73s8smgc6tpg836w5z2s76rmyrhm6a154qxay8897th113s0mgtd3etgpn155yg9fx54zf74qjz86tw98ma1vdf1rt9rpec24r592xvsfrasghe4c3fcge4cvwamx9qr5k87vjp7f9be5frc16795mq57ynnwqfweapk567ch7gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 599693
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6zH4XpeTzoYzI1lYQ0qOnHb%2FPvgJYjLNT07%2BHYl1qwGLx%2FGS9iF8giU7k6UJP%2BoloEQLc8F7zKgGsHQDkziZeUcqOFTdhb7oBSZ2OLUqQnIb1OIqW5ZdTnbMy%2BEXIvadp4n4co%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7d299e02cc32046a-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 23 May 2023 13:46:09 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D1F4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNXum3VVoQRkBd8Gy3W039Qr8Rp3AkoLBx4nWh-9qjFlTIfhMyAe61kZgerFFAWx6pkOD8cmf8LLCLazW3CO3wM4ePbvlfg3oM4IUBk20EbCyvJ9SCsXazFIztrigfy1qTWINVTmoTVzwZi5u4XvbUT3iiLivwm_bz_pfm8qONW-qPOcvYM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:58:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D1F4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH4GJKnBzOMdWUG9ulo.VwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1&google_hm=2

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNXum3VVoQRkBd8Gy3W039Qr8Rp3AkoLBx4nWh-9qjFlTIfhMyAe61kZgerFFAWx6pkOD8cmf8LLCLazW3CO3wM4ePbvlfg3oM4IUBk20EbCyvJ9SCsXazFIztrigfy1qTWINVTmoTVzwZi5u4XvbUT3iiLivwm_bz_pfm8qONW-qPOcvYM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:58:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D1F4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECFMuKgcyDGAElPjktmk0gA&google_cver=1

43 B
1 KB

7ms
7ms

Image
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECFMuKgcyDGAElPjktmk0gA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNXum3VVoQRkBd8Gy3W039Qr8Rp3AkoLBx4nWh-9qjFlTIfhMyAe61kZgerFFAWx6pkOD8cmf8LLCLazW3CO3wM4ePbvlfg3oM4IUBk20EbCyvJ9SCsXazFIztrigfy1qTWINVTmoTVzwZi5u4XvbUT3iiLivwm_bz_pfm8qONW-qPOcvYM

Protocol

HTTP/1.1

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:58:28 GMT
AN-X-Request-Uuid: 0c828325-c5c7-4ce8-99e2-1d02623021f1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.157; 185.213.155.157; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECFMuKgcyDGAElPjktmk0gA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D1F4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUxNjY2MTM5Njg0NTg5NTY2OQ%3D%3D

170 B
232 B

64ms
63ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUxNjY2MTM5Njg0NTg5NTY2OQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 05 Jun 2023 15:58:28 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.157; 185.213.155.157; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: dac31711-d3c5-498e-b08e-af426bc764a5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUxNjY2MTM5Njg0NTg5NTY2OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E6D1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNXsd7R04ecLX-EhqAZd7rPI7wp761wNgtU4p1y-8-4P-EifIS8GIQ5VdmTKkXwZduzHtHIGmxzhX-9pDsfDt3438JVCOum3YGCSr1hRdd1TBNUm8UM_nf60_bWHw308iI6PArE-eMg7bEFulGrW37TroeYAXF8Z1wXNll7Rqb8zmknC6hY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:58:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E6D1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH4GJKnBzOMdWUG9ulo.VwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1&google_hm=2

43 B
632 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNXsd7R04ecLX-EhqAZd7rPI7wp761wNgtU4p1y-8-4P-EifIS8GIQ5VdmTKkXwZduzHtHIGmxzhX-9pDsfDt3438JVCOum3YGCSr1hRdd1TBNUm8UM_nf60_bWHw308iI6PArE-eMg7bEFulGrW37TroeYAXF8Z1wXNll7Rqb8zmknC6hY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:58:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDq5UeyDiciv4H9iMwDJrSk&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E6D1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECFMuKgcyDGAElPjktmk0gA&google_cver=1

43 B
1 KB

14ms
7ms

Image
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECFMuKgcyDGAElPjktmk0gA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNXsd7R04ecLX-EhqAZd7rPI7wp761wNgtU4p1y-8-4P-EifIS8GIQ5VdmTKkXwZduzHtHIGmxzhX-9pDsfDt3438JVCOum3YGCSr1hRdd1TBNUm8UM_nf60_bWHw308iI6PArE-eMg7bEFulGrW37TroeYAXF8Z1wXNll7Rqb8zmknC6hY

Protocol

HTTP/1.1

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:58:28 GMT
AN-X-Request-Uuid: 17a74bb4-e4cf-4612-b6a0-be5469fb0d77
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.157; 185.213.155.157; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECFMuKgcyDGAElPjktmk0gA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E6D1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUxNjY2MTM5Njg0NTg5NTY2OQ%3D%3D

170 B
232 B

49ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUxNjY2MTM5Njg0NTg5NTY2OQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 05 Jun 2023 15:58:28 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.157; 185.213.155.157; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: daaab4de-09d3-4526-8c33-2f6e2a980615
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUxNjY2MTM5Njg0NTg5NTY2OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2600 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 555665b12b601c0a84c27141c368f4a93af445bf000307e99f2df6e4a86515c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame B906 0
187 B 60ms
16ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGqiAW_jhLfa72kjQiMw5l0&google_cver=1&google_push=ATf1kGOSr3SNnZyEbGmHyJMRZlITJKmh6tpjY1yxHQZc4zn6kjkYioY-3FiE34zY6Vy16kh7MxIuAZ8N38Ulw3ZZot5lo7I_J6LY
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B906
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHlFpuygiyOYD0t6JDxA-0I&google_cver=1&google_push=ATf1kGP5-CT2MhwPo04ooULWbEP5KXJ2JzCxu75t0qV4LuKuNtXBIMP8Fsl0p9vE0ERpudCsFxnN-aUP3lR5jrtTVOyp...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHlFpuygiyOYD0t6JDxA-0I&google_cver=1&google_push=ATf1kGP5-CT2MhwPo04ooULWbEP5KXJ2JzCxu75t0qV4LuKuNtXBIMP8Fsl0p9vE0ERpudCsFxnN-aUP3lR5jr...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=8ce3eb19-775b-4cc5-a803-51577f010f33&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP5-CT2MhwPo04ooULWbEP5KXJ2JzCxu75t0qV4LuKuNtXBIMP8Fsl0p9vE0ERpudCsFxnN-aUP3lR5jrtTVOyp3-8qDeQ&google_hm=IvGIeLM7TwCXQrsQCyQwMQ==

170 B
188 B

49ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP5-CT2MhwPo04ooULWbEP5KXJ2JzCxu75t0qV4LuKuNtXBIMP8Fsl0p9vE0ERpudCsFxnN-aUP3lR5jrtTVOyp3-8qDeQ&google_hm=IvGIeLM7TwCXQrsQCyQwMQ==

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP5-CT2MhwPo04ooULWbEP5KXJ2JzCxu75t0qV4LuKuNtXBIMP8Fsl0p9vE0ERpudCsFxnN-aUP3lR5jrtTVOyp3-8qDeQ&google_hm=IvGIeLM7TwCXQrsQCyQwMQ==
date: Mon, 05 Jun 2023 15:58:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B906
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEEYc-zyDnk3_r-O1LXfW3X0&google_cver=1&google_push=ATf1kGMt3VZsmqU0oTIa3KtMP8bJbxweZrT_NiFZwZUEoqMSw4BTtarwnkBJUU22NIwzOR0VdI5WG5JYhT-NOGLpSz-01bG...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEYc-zyDnk3_r-O1LXfW3X0&google_cver=1&google_push=ATf1kGMt3VZsmqU0oTIa3KtMP8bJbxweZrT_NiFZwZUEoqMSw4BTtarwnkBJUU22NIwzOR0VdI5WG5JYhT-NOGLpSz-01...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMt3VZsmqU0oTIa3KtMP8bJbxweZrT_NiFZwZUEoqMSw4BTtarwnkBJUU22NIwzOR0VdI5WG5JYhT-NOGLpSz-01bG3DGg

170 B
188 B

49ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMt3VZsmqU0oTIa3KtMP8bJbxweZrT_NiFZwZUEoqMSw4BTtarwnkBJUU22NIwzOR0VdI5WG5JYhT-NOGLpSz-01bG3DGg

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMt3VZsmqU0oTIa3KtMP8bJbxweZrT_NiFZwZUEoqMSw4BTtarwnkBJUU22NIwzOR0VdI5WG5JYhT-NOGLpSz-01bG3DGg
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B906
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAdhsFSShP0UzwZc2_3RhT8&google_cver=1&google_push=ATf1kGOjIh3uGXFnOUAVDjM-QPRYOyuiDxl9I3ayfuqPXp7Xfxlc9bjuYQE-QinPkvTi9yX1LAnb6NOqv5m4_uy0ew9cPlHSXDWr
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGOjIh3uGXFnOUAVDjM-QPRYOyuiDxl9I3ayfuqPXp7Xfxlc9bjuYQE-QinPkvTi9yX1LAnb6NOqv5m4_uy0ew9cPlHSXDW...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MzQzODI2NTU5OTQ4NzQ0MDkyOQ%3D%3D&google_push=ATf1kGOjIh3uGXFnOUAVDjM-QPRYOyuiDxl9I3ayfuqPXp7Xfxlc9bju...

170 B
232 B

49ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MzQzODI2NTU5OTQ4NzQ0MDkyOQ%3D%3D&google_push=ATf1kGOjIh3uGXFnOUAVDjM-QPRYOyuiDxl9I3ayfuqPXp7Xfxlc9bjuYQE-QinPkvTi9yX1LAnb6NOqv5m4_uy0ew9cPlHSXDWr

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MzQzODI2NTU5OTQ4NzQ0MDkyOQ%3D%3D&google_push=ATf1kGOjIh3uGXFnOUAVDjM-QPRYOyuiDxl9I3ayfuqPXp7Xfxlc9bjuYQE-QinPkvTi9yX1LAnb6NOqv5m4_uy0ew9cPlHSXDWr
date: Mon, 05 Jun 2023 15:58:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame B906 0
45 B 174ms
17ms Image
text/plain 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELiyzYHz_nbsa1_BYb3HAEs&google_cver=1&google_push=ATf1kGN4vqS-9yWt59fGI8gSj66lCWFzLqUiljrjDUSTQYDU3SwWsSInHTAa6eP9iMd1D4neTd6pREShKqt49OnmFSxJ95Geczg6
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:27 GMT
content-length: 0

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame B906
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESECOn_XIB8HcwLRZfV1cNTuE&google_cver=1&google_push=ATf1kGMbb3j1HzFDHT8TqTw8TSYouQsbU-4ZYh0k5u6iy938eH2u3bqS6xzCqJdS_K5vXEsYRLN58h6EFpc2mF6VnaeLiAJ6gk4x
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMbb3j1HzFDHT8TqTw8TSYouQsbU-4ZYh0k5u6iy938...

43 B
1 KB

113ms
35ms

Image
image/gif

162.19.138.82

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMbb3j1HzFDHT8TqTw8TSYouQsbU-4ZYh0k5u6iy938eH2u3bqS6xzCqJdS_K5vXEsYRLN58h6EFpc2mF6VnaeLiAJ6gk4x

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

HTTP/1.1

Server

162.19.138.82 -, , ASN (),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 05 Jun 2023 15:58:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMbb3j1HzFDHT8TqTw8TSYouQsbU-4ZYh0k5u6iy938eH2u3bqS6xzCqJdS_K5vXEsYRLN58h6EFpc2mF6VnaeLiAJ6gk4x
x-download-options: noopen
vary: Accept
content-length: 271
x-xss-protection: 0

GET um
cs.emxdgt.com/ Frame B906 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B906 0
130 B 53ms
46ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LK7FfRluhzGKlPbSuQgU90KJxQ5-hEtyrcDTYVzZstwf7ldwD4KV5ZWFITiDZ_LKyviWUhci8

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 850C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24e5b6406f1198bfb04b6f08100e3ef763e320acd6dd748876d0db542dd8bb20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 75D8 35 B
464 B 40ms
9ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO7j8wqf1yI0tYzzd-fEEsQ&google_cver=1&google_push=ATf1kGN98qvQ2VWVW_2RzxYSVdbWmDdFDpDc8RPggEhkouCnOabS_ejxFkN-eyxNJPOIFFzdCHtHrEexKSu_83K25GE6S1_55KHh

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 75D8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKzDdYDUe2WxirjQfgReDMw&google_push=ATf1kGOicGHzVTfbQcS84Oe6cMTifB0G8oaViUYYABGe2ruy6FMsfIs-NO...

170 B
232 B

52ms
52ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKzDdYDUe2WxirjQfgReDMw&google_push=ATf1kGOicGHzVTfbQcS84Oe6cMTifB0G8oaViUYYABGe2ruy6FMsfIs-NOfsQoBCzHS9EceGlGQZL9KQFeJDbojz8VPcKNpLA5bz

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230065-FRA
pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1685980708.415912,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKzDdYDUe2WxirjQfgReDMw&google_push=ATf1kGOicGHzVTfbQcS84Oe6cMTifB0G8oaViUYYABGe2ruy6FMsfIs-NOfsQoBCzHS9EceGlGQZL9KQFeJDbojz8VPcKNpLA5bz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 75D8
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEN5q8-m6QaBcF9zOjvrxwXo&google_cver=1&google_push=ATf1kGP1qmuWnRBjQnYXj5GmkxlV0JNx6lyeMppBTj7LIts5IMYN4jYa99Ls7z2ErMKCCWClk3753VyothEqESHBD4Incp3ew5QqgQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EAE174DE4ACD4DE78D47EF072B28C0F3&google_push=ATf1kGP1qmuWnRBjQnYXj5GmkxlV0JNx6lyeMppBTj7LIts5IMYN4jYa99Ls7z2ErMKCCWClk3753VyothEqESH...

170 B
232 B

51ms
49ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EAE174DE4ACD4DE78D47EF072B28C0F3&google_push=ATf1kGP1qmuWnRBjQnYXj5GmkxlV0JNx6lyeMppBTj7LIts5IMYN4jYa99Ls7z2ErMKCCWClk3753VyothEqESHBD4Incp3ew5QqgQ

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 05 Jun 2023 15:58:28 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EAE174DE4ACD4DE78D47EF072B28C0F3&google_push=ATf1kGP1qmuWnRBjQnYXj5GmkxlV0JNx6lyeMppBTj7LIts5IMYN4jYa99Ls7z2ErMKCCWClk3753VyothEqESHBD4Incp3ew5QqgQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 04 Jun 2023 15:58:28 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 75D8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFoV750bgS68t4P_hWv1Lnw&google_cver=1&google_push=ATf1kGMYAUZFfmYOFiRhzLQnibN5IjdLNiYY47noLVLf1EUcoUEA0WaproqDkh1deRvW0fxyM44E-qYc0p7H1rEC-hP7Toa...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMYAUZFfmYOFiRhzLQnibN5IjdLNiYY47noLVLf1EUcoUEA0WaproqDkh1deRvW0fxyM44E-qYc0p7H1rEC-hP7ToaQpXVB9Q&google_hm=eS1OV3BaVXpaRTJwRk9Z...

170 B
232 B

51ms
50ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMYAUZFfmYOFiRhzLQnibN5IjdLNiYY47noLVLf1EUcoUEA0WaproqDkh1deRvW0fxyM44E-qYc0p7H1rEC-hP7ToaQpXVB9Q&google_hm=eS1OV3BaVXpaRTJwRk9ZeXNEczVqdjh6SmV5QTdHY05PMH5B

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 05 Jun 2023 15:58:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMYAUZFfmYOFiRhzLQnibN5IjdLNiYY47noLVLf1EUcoUEA0WaproqDkh1deRvW0fxyM44E-qYc0p7H1rEC-hP7ToaQpXVB9Q&google_hm=eS1OV3BaVXpaRTJwRk9ZeXNEczVqdjh6SmV5QTdHY05PMH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 75D8
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN_ITPlR24bEuPMaPii-UIc&google_cver=1&google_push=ATf1kGMonY74MebeWQeVxOkfb_ATUSOwFY5pafpY2HpOhRs-Z9zHgNTfE2Lyy-RrXbGbJNr30She6ba8...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN_ITPlR24bEuPMaPii-UIc&google_cver=1&google_push=ATf1kGMonY74MebeWQeVxOkfb_ATUSOwFY5pafpY2HpOhRs-Z9zHgNTfE2Lyy-RrXbGbJNr30Sh...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMzNzQzNDM3OTc2ODc0NjUxNQ&google_push=ATf1kGMonY74MebeWQeVxOkfb_ATUSOwFY5pafpY2HpOhRs-Z9zHgNTfE2Lyy-RrXbGbJNr30She6b...

170 B
188 B

49ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMzNzQzNDM3OTc2ODc0NjUxNQ&google_push=ATf1kGMonY74MebeWQeVxOkfb_ATUSOwFY5pafpY2HpOhRs-Z9zHgNTfE2Lyy-RrXbGbJNr30She6ba8fzRo7hDWRA1RdLf_lgl9MA

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMzNzQzNDM3OTc2ODc0NjUxNQ&google_push=ATf1kGMonY74MebeWQeVxOkfb_ATUSOwFY5pafpY2HpOhRs-Z9zHgNTfE2Lyy-RrXbGbJNr30She6ba8fzRo7hDWRA1RdLf_lgl9MA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 75D8
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEEXI_blq5cCbrbg8RfgvdXw&google_cver=1&google_push=ATf1kGOVfJzGFVJzSNz63JimR8Tru26P6GE0qs2gppFjv9tE5WbWs3J0kEZC1LwQNKym11aKC1DGt2VxuNGutkcYJqjCeK...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEXI_blq5cCbrbg8RfgvdXw&google_cver=1&google_push=ATf1kGOVfJzGFVJzSNz63JimR8Tru26P6GE0qs2gppFjv9tE5WbWs3J0kEZC1LwQNKym11aKC1DGt2VxuNGutkcY...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rsdvldWjR-KQ-78UOyNy3g&google_push=ATf1kGOVfJzGFVJzSNz63JimR8Tru26P6GE0qs2gppFjv9tE5WbWs3J0kEZC1LwQNKym11aKC1DGt2VxuNGutkc...

170 B
188 B

49ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rsdvldWjR-KQ-78UOyNy3g&google_push=ATf1kGOVfJzGFVJzSNz63JimR8Tru26P6GE0qs2gppFjv9tE5WbWs3J0kEZC1LwQNKym11aKC1DGt2VxuNGutkcYJqjCeKJunIB6wg

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rsdvldWjR-KQ-78UOyNy3g&google_push=ATf1kGOVfJzGFVJzSNz63JimR8Tru26P6GE0qs2gppFjv9tE5WbWs3J0kEZC1LwQNKym11aKC1DGt2VxuNGutkcYJqjCeKJunIB6wg
access-control-allow-origin: *
date: Mon, 05 Jun 2023 15:58:28 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 75D8
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESECOn_XIB8HcwLRZfV1cNTuE&google_cver=1&google_push=ATf1kGMmWP7IZIu7_VqCE4IUwUkUMdO0-ccDRKW_oY8V0A5qgNaUe3P06YSVHeVukmDH7RbnrOWdqwEBpY3dlqbG9RpYsNOwq9RD1kQ
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMmWP7IZIu7_VqCE4IUwUkUMdO0-ccDRKW_oY8V0A5q...

43 B
1 KB

111ms
33ms

Image
image/gif

162.19.138.82

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMmWP7IZIu7_VqCE4IUwUkUMdO0-ccDRKW_oY8V0A5qgNaUe3P06YSVHeVukmDH7RbnrOWdqwEBpY3dlqbG9RpYsNOwq9RD1kQ

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

HTTP/1.1

Server

162.19.138.82 -, , ASN (),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 05 Jun 2023 15:58:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMmWP7IZIu7_VqCE4IUwUkUMdO0-ccDRKW_oY8V0A5qgNaUe3P06YSVHeVukmDH7RbnrOWdqwEBpY3dlqbG9RpYsNOwq9RD1kQ
x-download-options: noopen
vary: Accept
content-length: 274
x-xss-protection: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 75D8 0
49 B 46ms
46ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JtbInZPhk3Mys3pU4u-rbz3rbVIt68q7cudmfKE4Giz24e-Mob3aWlnQXr8JTVgTNJk-4k8Q

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6EA5 35 B
465 B 33ms
8ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO7j8wqf1yI0tYzzd-fEEsQ&google_cver=1&google_push=ATf1kGP9lgymz-rrXqFFVIAL5CTU_3gGRfBgg6E3m_alKgbXN02LaetS8SHZmgQng8Mm0RJeF1OSjbpTDzqC1cOt6s4WReMppKWbrQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6EA5
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrf91KEK4I6qtxveVhVmiQ&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZUdMRjVNMVkxUTZjQmU1&google_gid=CAESEMrf91KEK4I6qtxveVhVmiQ&google_cver=1&google_push=ATf1kGOrlBzLz8FyTrcW5z5Mc2GOOoio6K0AGiyRq1EYzgH...

170 B
232 B

48ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZUdMRjVNMVkxUTZjQmU1&google_gid=CAESEMrf91KEK4I6qtxveVhVmiQ&google_cver=1&google_push=ATf1kGOrlBzLz8FyTrcW5z5Mc2GOOoio6K0AGiyRq1EYzgHV62awESmoZUjEriyUyh3abRdbOVLwuu_lSyXqJvmv_rvKndPbIK1hPsY

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:58:27 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-085c90e762a864cb4@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZUdMRjVNMVkxUTZjQmU1&google_gid=CAESEMrf91KEK4I6qtxveVhVmiQ&google_cver=1&google_push=ATf1kGOrlBzLz8FyTrcW5z5Mc2GOOoio6K0AGiyRq1EYzgHV62awESmoZUjEriyUyh3abRdbOVLwuu_lSyXqJvmv_rvKndPbIK1hPsY
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EA5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKzDdYDUe2WxirjQfgReDMw&google_push=ATf1kGNPdRP4_uK_3Gs8UshFXTAfGESU3IlZC96YIr_6tbX2_2P3yBq8OK...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKzDdYDUe2WxirjQfgReDMw&google_push=ATf1kGNPdRP4_uK_3Gs8UshFXTAfGESU3IlZC96YIr_6tbX2_2P3yBq8OKVnmNBM3_VoSZ7j61XXQFs2Y3IDAQ6KHybCUzijF0neJ18

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230065-FRA
pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1685980708.415970,VS0,VE97
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKzDdYDUe2WxirjQfgReDMw&google_push=ATf1kGNPdRP4_uK_3Gs8UshFXTAfGESU3IlZC96YIr_6tbX2_2P3yBq8OKVnmNBM3_VoSZ7j61XXQFs2Y3IDAQ6KHybCUzijF0neJ18
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6EA5
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDosiR3QUQnl-Cesnylp6Hc&google_cver=1&google_push=ATf1kGPNWJ8aJfBEOyHD10PTXecFPYCnIn7Jr3vXAJ0TCQdr9eA-_LXmWCDpnq8JirdCgN4v7UPhtI3VFk9FkqFr...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hoIr0yf-T-OMOhoV8Sy-sA2&google_push=ATf1kGPNWJ8aJfBEOyHD10PTXecFPYCnIn7Jr3vXAJ0TCQdr9eA-_LXmWCDpnq8JirdCgN4v7UPhtI3VFk9FkqFriokJApznGXlyvdA

170 B
232 B

50ms
45ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hoIr0yf-T-OMOhoV8Sy-sA2&google_push=ATf1kGPNWJ8aJfBEOyHD10PTXecFPYCnIn7Jr3vXAJ0TCQdr9eA-_LXmWCDpnq8JirdCgN4v7UPhtI3VFk9FkqFriokJApznGXlyvdA

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 05 Jun 2023 15:58:28 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hoIr0yf-T-OMOhoV8Sy-sA2&google_push=ATf1kGPNWJ8aJfBEOyHD10PTXecFPYCnIn7Jr3vXAJ0TCQdr9eA-_LXmWCDpnq8JirdCgN4v7UPhtI3VFk9FkqFriokJApznGXlyvdA
x-host: tde-deliveryengine-production-75d6fd846b-dw4mm
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6EA5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFoV750bgS68t4P_hWv1Lnw&google_cver=1&google_push=ATf1kGMoHUqGdedpyMr3zMa6Ws5Iq2EtdeugY60XYuipBwfHHMjvxPPk8J3ih_0eEIAwkkVX5szfAsHveTvx05oVNkVN2I1...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMoHUqGdedpyMr3zMa6Ws5Iq2EtdeugY60XYuipBwfHHMjvxPPk8J3ih_0eEIAwkkVX5szfAsHveTvx05oVNkVN2I1AsWUZPPM&google_hm=eS1QR1ltR1A1RTJwRWl...

170 B
232 B

51ms
51ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMoHUqGdedpyMr3zMa6Ws5Iq2EtdeugY60XYuipBwfHHMjvxPPk8J3ih_0eEIAwkkVX5szfAsHveTvx05oVNkVN2I1AsWUZPPM&google_hm=eS1QR1ltR1A1RTJwRWlSRzZITlNmVVdFSVdIN2NVNHJ6Nn5B

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 05 Jun 2023 15:58:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMoHUqGdedpyMr3zMa6Ws5Iq2EtdeugY60XYuipBwfHHMjvxPPk8J3ih_0eEIAwkkVX5szfAsHveTvx05oVNkVN2I1AsWUZPPM&google_hm=eS1QR1ltR1A1RTJwRWlSRzZITlNmVVdFSVdIN2NVNHJ6Nn5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6EA5
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECI1iEbG-UqaB41GywmzXVc&google_cver=1&google_push=ATf1kGNAW41gZl7tIkxipAiMCjLXW_Xydm1HTy4UWhKyvGnl0eFR-whlyzgguREGT9tqsZZZ0Wd6_VDgYlvb...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNAW41gZl7tIkxipAiMCjLXW_Xydm1HTy4UWhKyvGnl0eFR-whlyzgguREGT9tqsZZZ0Wd6_VDgYlvbGCUsufdeffDgXMPBGg

170 B
232 B

49ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNAW41gZl7tIkxipAiMCjLXW_Xydm1HTy4UWhKyvGnl0eFR-whlyzgguREGT9tqsZZZ0Wd6_VDgYlvbGCUsufdeffDgXMPBGg

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNAW41gZl7tIkxipAiMCjLXW_Xydm1HTy4UWhKyvGnl0eFR-whlyzgguREGT9tqsZZZ0Wd6_VDgYlvbGCUsufdeffDgXMPBGg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 6EA5
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEB1Xvf2NtYYnF6AX4O0G-k8&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGO-BWakruxEMg5TMjFqmiQI3cIUQn8ymWxmTvtrqbBwcSbeUIfPIIqF0MqGWa-DL5Zw9RHbSSaJla03p5r1uMWjiQGWV4b5D7I
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

35ms
35ms

Image
image/gif

2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685980707379&bpp=2&bdt=176&idt=225&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5765937014493&frm=8&ife=1&pv=1&ga_vid=775208630.1685980708&ga_sid=1685980708&ga_hid=852425619&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1314163020&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44788442%2C44793498&oid=2&pvsid=168256876745976&tmod=164915221&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.p25332vywrjn&fsb=1&dtd=231
Protocol: H2
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 05 Jun 2023 15:58:28 GMT
pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6EA5 0
40 B 72ms
70ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KQv-TvIOBIfncL6HpS3IRZNeTlctq4GFdYGX4bmQsXdKL-zDEH4RZIwBacO8XNfVKE0FS91w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ Frame 43F4 89 KB
29 KB 103ms
30ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 06 Jun 2023 15:58:28 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 43CE 640 B
262 B 78ms
75ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARiD27LlATAB&v=APEucNU3e8JUFyyFP79_ZYrxbUA5ggnp24_IqDTjM1IF_2R0gYF8r5Zbr2NU_jLuO4i30KwVQ4d6pkvuxoum41cWBtQDgYxPs9PfUVQngPAqRuCWxXnzCO61ylhzrNT0wWpDWSwYZ6Ghr1DKRh3W5yteJdyakiUgSvjya9yj6W8nxF2dzYFWTfY

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2D79 78 KB
27 KB 120ms
120ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D79 42 B
63 B 72ms
71ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A4JIzQFr1uBEZY-unCHdh5SF_JPvbKcz5xRAr8HErx6ZHkbCy3anbqZEG0Chwx4WuRY8MAyrrHt5pLboYr08uN-xxnndvKzJAPtsjG-9qWmRlVdbo

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D79 0
20 B 73ms
71ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15588531227062664017&x=1&ct=76

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 2D79 3 KB
1 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 08:52:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 2D79 19 KB
8 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2D79 0
0 48ms
47ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSvrBH6juB61Ib5OLv-BnbhNkeXbx_U8VDhcGyD41I6wscjCsSKMsqSTu0RcmpWiuLTQZ-EY_RxbHsrhx6rkvo5Y3fSBw
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D79 171 KB
53 KB 67ms
64ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:28 GMT

GET
H2 200 5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame 43F4 0
209 B 49ms
46ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685980706309&userId=vnet07d2b9d2-e53d-4a8d-b2ba-70547ce20081
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 15:58:28 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 143D 0
20 B 74ms
73ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8209490940768&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 143D 0
20 B 73ms
72ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8209490940768&version=m202301230201&ct=76&x=1&cor=14681292129931315000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 143D 85 KB
36 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AS0Sa1pmDhLyC93BQ3qQYsr4KH6ITDtnyQFJ0_8xFtCPs_VpR8sS4k89vk3_Q7xC3aHk7TlWX7CVuhgI0b04KHsUDZiQ2ACzRHDoZvQxPE5qSpJupmTYmRGhrCN8EBjy6WW15CXWPK5Fr59Z6XWqaYr4VNyr9sUrOl2hcMlQWhZkfK6_I&dbm_d=AKAmf-ASffG0bYQpoqUoQBIUvhpRUbCaW9YG-3718OOCngDrrAuYQnOMQvRHr44w6Xpmdvc-GcmiOY4t7PzeMq7be0_oDQh_-ncqCF2tsdC8gcIBgjvFoA0C7b5rrJBEGuaVpPVwLGsUx9n15jojNTs0zjVh0aU-7ZK8tj9QJvi02jgwOMqt0U4oHugsOv_90IdXj6x8Tek2QJr4xQhhONUUk84_7U0F8KuudJX-HKT5p5JM02tly7_MsajZAiJ0MMh_GAxDJQPsPYyiIsNnX3ppTCpa0VzGd48mW_nXa-_OlUDLMPQEMdFVKHhYt4tHBHEK6KokrjTD4kKpuJg_x14dj0QailF1f490fJAunLtG4YBy2_UY_5TalIvUQcuKYTUNKkmmOFR9yZrYqmichX2SGJKFkaQ3Er-M0LCYU5UrfwUJ7SmSD_Ja39mKSGRoDJluT_bfbOt4ve5aThZy4JHYxu_chI_cnzx90hvs41YmsmXy2-XYy8ehFjfEYnIr70wY3iyuwMyt1tlxgiFWq34cQAHbhkHk7C2h_ALjU-T8t0MdneJyuTWFA4bJAz8vOnb24YVTC14MUIpptQ1Y59ngUNwREh68GMq42JzF_4GWX9oq5wY03sR47WhFweYl-zf85V_Qdum6t0Pl2beAXMvNo_a7gHen0PE_MRT-Pw_4SziVSze-w9rwSn5RqxEsHx1SvjqqG1U4S0Js9Ez8H5KWMc0INmEezw_jJ2eef30k6PnYKnizIal0p8WnpPjCPIaRC9q_LivR0OXDSMaJ0XghgkNbucbvnkoKF92CzDfsuNbK_bcFssSMGblAUW6nJlGaFGZQSpgTeSAPKvkSi7RKOm7_Fp7Lqsi4m1kWZsSbCZCDrrnkr4tbuR6eRNATp9oLaD3LzeKontVTUp1YV9GF5j51MiYJGfPBgJfAeETfUfXdcXPW8BkaUjH8gObJA7i4uiDseSqHYVH3YNXk4Edt6oeCuwPT4-Jcd-7LWvfZQR91Sk8aH5_9YrNKWLCvecQFWDtiObG8mMxJuiO1kQtag3gcfFSSdx1IotdKzPkBwjoHxoIxlB5fpHDoKJDPH-34FN2HTKvtfajk9rNaF8zunJvDucPFU7Trfq5OneerF6_ubqTZLotlSEkwEeCQJs4EC5yXjNoWjiZuQSuxgj-qPzrfddTVCRWmNsFNoOp6BJuLxSE5-HF50-XBl3igRbrvCRBS6H0E3qnjqDGFdeSMdVZBoGpCsGtjE94jA3myH6FDGhk1ANpaY8RNvrFQUVn1Fatj8TtYO4u-D297llEtC3zrRtfamInSCyioNLrmSXAXsjCReQnv-QXUAfqOAcguaH1_aAq_sA829CbCA0JcDgAKCz4LMb5bzhAjYlDLHqXhJl43K5515Mf7NcKRIEam-kh_fwgsXpy8V5cDwku55XdJXN0K88djVUoS6-j_FjlKfeGzfHjHkL8vzASSnyfJiH108vZKSzaV-rkYqwLs9ZWdBWHGBLzL7y2Z0AiBa3WKwVD_-k7WXeibYwQf3mWvmGpKygsXcPFprELrtV5SxyuTo4h0Khn8eRgzcBe2JciGApkYgb8SUlxgxJb1FJfLruEGUqd8FQxZ2R3xFUaq97sMV32wZT7ZQ7vuRrn_kPBDlgnVwuHBOrj2CpjSqEewth-xerQ_KxbyiCLD7s-sqqKW9Oz2GrjAdX_vC-2wTbxt4xsiClRxd5kYYCRtItv-I-dZKE2Ib2IgUdwMVG6WEi-uQPJ2xRGl-T9Yc09uERZw7z6yJVI9nU0OZ8HZz8V9NDVOfE74y5JvUvx-nD3J-hoQrk8-MhlKnwIC43ZCUE6AB0l7HiltUb2nKgIzrxLxyUdKPOs9K2sWzN2yPkc2BPoyXeWBJIjuIQZwIJz5n46tIIZP137yyLVOOONcrvMsxyFibtmNY4iu3_9EKx6eE5xI55PDX3iO71l5YY930DZQkBkAcfwXDEVRqz2LR3DQDfLYNJuUvv-9v4vQRVVacoYGEbp7SD3YbtrqNYr-NE95Hlcum7JSzI4jVq1b0OCnmLqLdeM2qj_oSwZQkGA30AhqCxCck_oGLCt8rAebWozJ_WYDNPnlXreECpX9O47jX9EyDhV7aFGs1HviIhXfPnq_gQJB4zuNVbmbkFj-2S7Jhl8NY7XhQ1xdAv94e9fEwFpOSlKEQ2qq36_TlMO7_D-v1OZJ7sdJfkFHKhuOzKHhl73J6fYLWBSo1oSpjDdMbDS3hMorbG3SSnXP8hydPD8Sdm7YdZfNm-If-JfkGrMsRGkfVlxvdi22eiKsJLrlMxQibf98bDhprivnq3uzqp7sf_ncNuKuNJe7g-CHDimaauhM-itDPApmTJq1ZZlzwWdChbrDGcGRiReg7cS9-bqoyM752oUImcclbCNrMIEh97y2vGkkS7wip_-ipCATjcGSb-0hxUndwAH_t2RTyYLykvI5tDyiR3b3gSjq3k9du-Ef-xVPixuLl9ybY9-cowbLvs6eZMqZdWtANsuelJfoFPpFOngcnJueqdXA9biNIQR0WkqZZar_W8G7EthJqXKq2L5nx514LylVE8PsCzfRqPiVdnaO3bUG7j6SQB-3Y_DQYRvYjVY3wAPOXLuvfrMwGj4VtpDpj94HYHWJm0w3d7Ag-Lk7CQFhUh7y3pCpzuk8uSF3jmT-Jl92LQQkBnDQbEetCxIpZNM40oqzsND0qOsy0rsOE82vRvbld3RdSh9Tb0tnz8MnR3ADaVuzzNqo_7uOEi2XfW-5xZgedTEKJsxp-vnKKQtn2Ld9Eh6hOgtUtVg980gIK5LidRAbaWvMKhKo19q0cAWOMq6aR4LwpeF8LdMN95KpUXi4iNVE-Q4KTNtwzFOJ0ekD8jvgmRfdOJ71paghlBJw9gRkoe4B3eKYW9delG0t42sbwDOc9eRV4GnBYnKavOOoqp8TAF-ZGcuBrXTGfqbO12b3idcL5ous7ZITk4kxCpELUXe6p2s4g78XVpc2s5s8JX9i5xldkkjIpCGkKk6BYzsTfiiIb7yfRicfPBZHX-1BRiZD0KWBDo6FaHsgO4syI5OGvIrccmVFC1JFUUnpCrJY8LAwBDWu-EwmOO0CAQIypu9VVaGgIfUychxcdORriazxujHbVldpqIowjf9Lr1EN8KlmV_yy5syUitvxLUHtFcESrZiJKx6MaFu0NbK55RY3rL1NOCI5_779PzMZi6VUXeeJp1bv-J_a24bzsQT8P85OllfoOKRtjycTWjZGIOKvGozxdrFxlz4Y4FOg2shOmvvhz8eOTqb1Pu5k8ArZKhhHCJpRobwzz7waueud6vmqQmoxcXEFniTNwirPI3JhzURDxiGemHyrdkQLnXyv2i3f-UrbaQRIHT8V-ir-UC7Gtv5JnNpdbGrrM-msp3Bvak4XbX6FiJlbyROG7dkKzOtHB5WeX_NzI_gEarIg-pAtHunPZ5ZeqZBhsQSZ3PygHlN8ii7vWULWpQU8lmmzADDk0nU49iT1HFc6SgsYST6YRTF0EZwAkAFDvUjoLgyWdiMReMCKNqwsKhkdaBeIKDdv9tVJi2w&cid=CAQSOwBygQiDMcnw32dpiX2as3fcSC0QkIPAFOZPtLY5G6EY_c55mfsr2LmLGx_wkbua4hGLITncyLhvUzrhGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=14681292129931315000&adk=3887872403&idt=199&cac=0&dtd=29

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5c7f061f5c975fc10c73d3687a8ea76711216f711d97282b5a6ea5b602a5059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.94.1/948461/AgsNOjEJEPUlQwv1/ Frame 1CF1 0
145 B 105ms
26ms XHR
text/plain 52.19.145.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.94.1/948461/AgsNOjEJEPUlQwv1/postback?oz_pl=1&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE_CONTENTNETWORK&ci=948461&pd=avt&gt=DE&ac=Xmwo1n97Q8&pp=ye-mek.net&pv=130d298a-4687-46a5-9395-952ccb157566&md=1&ti=&to=3&de=2&si=&dm=728x90&dt=9484611597092707615000&ui=&ap=&pi=XRzobPsLhV&psv=2.94.1&_x=1
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE_CONTENTNETWORK&pp=ye-mek.net&ti=&pv=130d298a-4687-46a5-9395-952ccb157566&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.145.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-145-179.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 05 Jun 2023 15:58:28 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.h.w55c.net/2/2.94.1/ Frame 1CF1 180 KB
55 KB 29ms
28ms Script
text/javascript 52.19.145.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.h.w55c.net/2/2.94.1/main.js

Requested by

Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE_CONTENTNETWORK&pp=ye-mek.net&ti=&pv=130d298a-4687-46a5-9395-952ccb157566&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.19.145.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-145-179.eu-west-1.compute.amazonaws.com

Software

Resource Hash

1e3a7651e485bbd08be45c3794ce29db6668bd23f89ef0f62d86ac8f6488378e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 15:58:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 55459
Expires: Thu, 11 Feb 2055 17:28:40 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 4978 3 KB
3 KB 71ms
27ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 719
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmVcHTk6aiKwQoqcw3FN81TXJ16fqLw7owT3EZkuv1Kemd1QqtkQT6oiQtv6ANl4a%2FHgCESqnEwqLrl7Yc1bJbi6MiCvpFpW%2BqaYv0C9ZPrlcD2DNChnwRylOfrr7rAJG5zj4FjbWUecOy55U5UPL9RZ"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7d299e04ad68bbd4-FRA
expires: Mon, 05 Jun 2023 16:33:08 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 73FB 3 KB
4 KB 66ms
23ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 719
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUJvUAmqXqIbyDlFYV7XcjXZjujzJh7KtNuTecC5DZdbL6QwY9Ej3qCh%2FpwbgggaVdF4HAd9c57B1GZQ0dkn7GHA6cP3KsjryKgWoSsAwcD%2BxD1YDYgQz8htQ%2FzQt7zKwsmaJBk1gGzh%2FqT1pDqPrFzR"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7d299e04ad6bbbd4-FRA
expires: Mon, 05 Jun 2023 16:33:08 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 43CE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG9suGJc63pckI4eo13uf4s&google_cver=1

43 B
114 B

29ms
29ms

Image
image/gif

34.98.64.218

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG9suGJc63pckI4eo13uf4s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARiD27LlATAB&v=APEucNU3e8JUFyyFP79_ZYrxbUA5ggnp24_IqDTjM1IF_2R0gYF8r5Zbr2NU_jLuO4i30KwVQ4d6pkvuxoum41cWBtQDgYxPs9PfUVQngPAqRuCWxXnzCO61ylhzrNT0wWpDWSwYZ6Ghr1DKRh3W5yteJdyakiUgSvjya9yj6W8nxF2dzYFWTfY
Protocol: H2
Server: 34.98.64.218 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG9suGJc63pckI4eo13uf4s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 43CE 43 B
304 B 70ms
30ms Image
image/gif 34.98.64.218

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARiD27LlATAB&v=APEucNU3e8JUFyyFP79_ZYrxbUA5ggnp24_IqDTjM1IF_2R0gYF8r5Zbr2NU_jLuO4i30KwVQ4d6pkvuxoum41cWBtQDgYxPs9PfUVQngPAqRuCWxXnzCO61ylhzrNT0wWpDWSwYZ6Ghr1DKRh3W5yteJdyakiUgSvjya9yj6W8nxF2dzYFWTfY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 43CE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEKtMY5h6eQIi6N0sz-Wi5lU&google_cver=1

23 B
163 B

31ms
31ms

Image
image/gif

2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEKtMY5h6eQIi6N0sz-Wi5lU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARiD27LlATAB&v=APEucNU3e8JUFyyFP79_ZYrxbUA5ggnp24_IqDTjM1IF_2R0gYF8r5Zbr2NU_jLuO4i30KwVQ4d6pkvuxoum41cWBtQDgYxPs9PfUVQngPAqRuCWxXnzCO61ylhzrNT0wWpDWSwYZ6Ghr1DKRh3W5yteJdyakiUgSvjya9yj6W8nxF2dzYFWTfY
Protocol: H2
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 05 Jun 2023 15:58:28 GMT
pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEKtMY5h6eQIi6N0sz-Wi5lU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 43CE 23 B
163 B 35ms
32ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARiD27LlATAB&v=APEucNU3e8JUFyyFP79_ZYrxbUA5ggnp24_IqDTjM1IF_2R0gYF8r5Zbr2NU_jLuO4i30KwVQ4d6pkvuxoum41cWBtQDgYxPs9PfUVQngPAqRuCWxXnzCO61ylhzrNT0wWpDWSwYZ6Ghr1DKRh3W5yteJdyakiUgSvjya9yj6W8nxF2dzYFWTfY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 05 Jun 2023 15:58:28 GMT
pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FB0 0
20 B 71ms
70ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7103435417767&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FB0 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7103435417767&version=m202301230201&ct=76&x=1&cor=11894181221594616000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6FB0 85 KB
35 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTYa9FwKlwDOq9vsQXguJQcV_xRnSYBVVwQ6BPPXIPkWRsnp2JrPYumvo3GsG6C6WmY4wJHSREYCPKQlW51is2abLwO0QRE0MiWX9yfjvOTFf7L2-62di79xBv9hco0UeZXXIKC6g7mtrakVJrvmsC2FVXsvf_FOVvGuov9sj2lFhh9VQ&dbm_d=AKAmf-BHkKug-AG6I4C40tBmN3xq3XEPpVJtQfXaHysG0SkwKrYhAFKrAYVdgGwGJzXEEvrqC9D3_feuklB3xynYTf6RieZmrv53pS1HHee6vCzLI2QAZhMYaxqUxyzM3v5AFouCvjJsgG_3lKpVeas_pToU42P1eWwbPUDHiyokXLBjaW5URKuLV3dH-BqUUzXcIi42q5R9qf6GOBfgn4-uJaMU_RfjOH8UW2s0gdl4A3A_DBupGLn6zXar2W5T7iaCwzwSMGOSko3Pr6S2bvq1RBmXXD8QF0tzScuef0eIcaiuW006r8OugIGKyVlZqDeG0AlDZC044bvNuRox38wge39237uNIQwalf8bWJYvfmGr3zjH_OEQUnb1XJ-3ZYkrVBGaEze0j0AHwseZrHTSeeA5C1_VgSdUVCC50a6-HdlBTugwjjq59U8J4zu0_d6xmWcobCwCBy1TPNdZ2qXh4JQt0DwcYu1o5GQvpePhSOsya9fjd4Rb80RnEBXKaAAcM9TSIkzfDf6l364k8b2Vhypr8WjxUghPNDel8cUC6SOMbMXcxVQ6rI7RarBRNREzU_u9fU8juIWXCcqP9xO45y-9Q8BKUNLz-yhdmIydjEt6muCHK7Lykx8CP_rzI53Mxk2ljFho3To18OF3_Ejo2E4GJB5iPJbNx7G8A5xQ1H5KLT0qyUD1WP7MhWPwvYvU0Hr1TyDqsELW4p_YBxMB4z-08Y9Atcmi7qtF4OMhHndGuhkN_8bsLgd3HaCkojd7DtwzKKcg_VDgSJO579Vt-rktKzMNEC21CTsGWRvVb9kHZKrkqSqZEl3Z2y7e66yc6jcEiaM3QH160DPUHfX8m7Y_EOukjOYHdE9iM6ernlRXfgLYy66coTYfIGD_oNv4ESKdksvw-wmQYbG5UXZFhjEGgx6fyzZYjEXyzQIVusdTfSE-kdHNg3Jgz8utQc2g8RA_ZkFyH9f-O5scUIeSkrip7YwL2BbBF7CK9GQngFDgjkczXZd0MLXQyPThk4d1Xr9xbN6dU7AvJ74U0utQCHmGy6OGSZdpKqTxGzy2qF7MEnc2pFsaYV4Fe_j-3jO5co8RDC733jSTqWpHRkfv8emsAHwdvVrCYo-zLRH1KsOldfUhnDOipzp8maJpnj_xbaAiAeww1gAoA-sIJ6JQBGyHLzAwPn41MyBKQGbRLYBGqwHDRGHOi--evonUT0JSd3x3cULVTIToo84c2FPbQc04X1eCeuRVFatNTqQg3YuOD-ereKEVhbyIfh44B5ZHezgr5cWjTPcvDadtB_te1vwsqsWRhBCz4kbMIQKWkr4NX3LAG6pJq-VtBudujqTuQmsdTYIXzsngE3POsZ_tl2GRbkRy4obP5kGM89sJDsPyASUHrtcy1f8rnWMFnGngftbAsEC7jBy7OHgX0HCm8URc5zuDMnP3TRDyhCKMgK4BjAAullgMnQSECY0y7c5DNupqQCbDUiQeq8PA0gYAiJs_jUsqjBPbRokbStL7KfGVY2yp7rpddenWNihGNtC6S__G1g2DCQZdItniz_kUKdUnsIb2J_FVVDIHkHshTRwLZy5-sxfs78zumf1ChQPgvBtu21mmbGflE-nBQfg9R3C7gKs9DsDPCXabwvUIWB31qjtcX7_KHU7pHbVqiJUOPHClhgkiEMKU5K5A5idhW0Z1f5yJvrqiTLTQnYCUD0IAM-qrgpv8n-OrQ1nxQ8Vy2QyGPK3m9SLoIg6jxsuspdTugoMOVliAJ0R8j96KzzzyXm7OJ2Wh4UIsU0Rx868u814xAVI6gNiGVWAdiyAnpcIQuizVN7w-ZNTj1FLKtYIWIZ7sv4FzAabX1BOlW1r6RQHm_oUuUih5nl5-I93WJZh3pMcm5QVM68NH3ao8KbT3HvYWdT00dQ9158dENLUv-4TCSiSUXKlPdfbKEoHSrRNJZRHTmNAV14C3x1EOhNKMBBlJabC67nEYKrzO_0UhejehkgYyY8Zbvsm1UePxwysBNw5AjyW0zplASj9GqoBrE7985WHtARNYdWD0Ihue15K0nG9ro6pwsTmI1Utxj-2Mh9cLiCCKnFbdF1f8Cpm7vKxjIxFmurWj0Krq4qdTgV8omkhJyyfLMHOvx9HCfjices_A0FuRKbxb_HZYgY-0laA_DdX0CIqYXhVKP7JB353YFx-thqTIyCGzrjRf63jZe20PU-3Umce78FaCLJ_aW919t8BR1Kov30JT-s604ex4ObuBfugMKycb0atI1x9CHy5XmndFxLCJg4R7TBxvd51RcM8CHcZNzNXsznP1spOYwv57V5O2Hz16H7y4LTA8YWl2e3p-NhA3-zDBNEAQsxWUTCkvadp-rx0p6-Onpcqv8lmjB5475kofixnKmaBy9zqp6g7TDw7Rzwfo5HuQN1INvCz86VGm0yPrNglNQZq0TLTiY3c61RgCmKJXM-O0kRoNow5BIEAqdUpRNrkeN4VAtmxI31KtqhTMdxTld1DxqvUm1WBrgYy5eQ0x0Ssfzx4QHw_3YUYKieLweFfWLTVdSXwt0U5p389AelwWqfWFn_urhAKFt-8De5yLcCKDr2sRmF89mWPOx7SgZQRzjIvnxGZWvnwYpbBvzLKAQz8BaOO7FLQ1jbmFavASVpAE7JChEdtIbbUoG0pe69ARXc_6CNzdabqXKDAGKxVgOyH3zmEI6FL-DX4bWH_DGMRjE-SdwizkIrayawMCbPTEMcBjclVPWNf5XHUhlijvrPYFJCpUEZzx83-N9-H04VZsliA_5q4AzZeBqOJ3Jp5IQOYnQGWuKSW0EQ8VHmY3KRbHNBR9qJeK3k-50c_CSLsYEDXGIyfK3i3HF-iwrHghw8mPebIkv_SC8M4xLshkAPQiQrYTYoJfS7VOeeGM4s_OKDNVsrij3_eBgQFlI2j5fPFhzNoll3Y2Vw0zJwKRQj04bknBLLmgrG1mRzcxl1EEhI3t966u3qhJtyzWjE6gprJhg-SXO1rq2kOkUnEuKmoeeNpK01oZT38Ucoi5d-5jul_NKIHdHQRpLNxYiXn_MJ-2rDmJNG19zwd23fBrxa5aS9DAqpjFQRsXO2hqpIVCFjUpaZWCHA8p5YNJV4ZE-otj6W1LRkD5pzWZwCbCykOOfjX91nZoukSmkNxi-tId4v2Gm_GA7QN_Pe2R8GkCW_QKDg7W99uO39FLpYCNCjuj5v9lTXgXpn99x9uXwxiapNQ_iZaUKvOTxDKgRA225VCm0x8eLU5v95htYbYngdYZJ-YFJv0ZuVVvll9nilcue6vmw_VGbJVjOffVuvy-EzAJPMEs5GHRIdMGrJiOCdZclYAIOJkPsqAkKk_9-Eszj-KzZPuMkI2bdYZr-6sYsPNbpzRESuNS_lt2yjRyHVe--9lpbyVCfk_4KDhGeOMcMv9jxaJvTwFC-T4LC2n6g5abb-nDEuvrvVZMm0s-rKVFnIsrsALY6jGkWyhfFfIlh09lpE1jqHqDDjbfAy6Wf8HLlhBMUSmkUxXmjpS06ONNd34YOPkVCeKMeo4M9sDLpYxzaGt2gntFVrIpQMrB90IhLQs6EApWpx6EPNF9M7MckpK6gH8ltWu30oH6bETuDbUr3ECTWXlxEccFMK8jaJ3zIkU&cid=CAQSOwBygQiDynw1oJ-DNTakA5itUG8WHcgl-2eRm4T2BuF2_xhznTyyEeGPKgtXo_od3FzsvWuvP-AT5c_KGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=11894181221594616000&adk=3587751834&idt=263&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a5e6df88d4d45622a3ede615c25bc1c7773063b04585c52f3286332d3ec6a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 871A 0
20 B 71ms
70ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9800062565027&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 871A 0
20 B 72ms
72ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9800062565027&version=m202301230201&ct=76&x=1&cor=8401514277473895000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 871A 85 KB
36 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AuseIBz8sJLtVH-z3puJb-47z0g6o0DFrovMAhBHGgxzvxhek38v86ksEtwV7OXzxx9qv1jlSnaLjT8XL9qZkWQjAJdToxkf9-Aaz12rWVRfcsp_-onkHU3wouSHsgnEBlIMOqNhO8wuM17gvsS6Dimb93bmuSwYXnzolBzv_RcbrFHyY&dbm_d=AKAmf-BzKQdvLJWqNYOHg6R6Fx7tKbVcgLjoSlHOtJYI4DKSavu2b-JjZ49ETIwO4SW6DiI7LljtosKghIy90N-VcyZC0I-bFQEP64vvVtDIwzLejwaX3FLom73w87e676Sd48aLeevlCerzRyUOEv5wCmb2-DOy0FJmRgDXpTSoeFV1k-Lp3EcE5WH1i9y4s9s2Bd8MzNu21tvs-w15jIg6cAox4GiFtXtL9mQeUhJD5nLzmvGH_b1b5tekFtxdJ9pOsdKbG9O42DHTqYffDasH3jxRB8hKU5hys2XD40Vml4z1FHrqqaTKx7QjUPowoAI-gZ0suERzHuJ_mS_44qcXbtPkWLQ2DiNoqqc2WtKCpQG20llOSPE0txToaXrcsFtnomG5jNYFdjNvKBmyWQwCB68PpREcl7ZQ-VLaK4dLMHuOZ6AL5-KackBbCUe3wMycwPIB3myqgiLwNjfa_DbtDCjDinqZngtl5Xrcti8k9kb33qb15yBwL1gI2AM-IgaNL_8elArHtCdnPY85bGqcmKA3AsRxtqLCh_mVtWT53ISo548DcBmOWJE3RvDn1-h2G7u5psdOqwCkCKqsPI4bTtqmvdUWQzsQWjKPelhUHTJ68GcIfXk0QJJdrLSCFJyqmXkIdxnUQPJ4v3bG8LMjiA_3vIwu2oH4tz6GlILp-lq2QtAkGmysaJUtCPT6cQEikRPaTlpri-zj7z27igEYFyC6Eojc0iHTxQ8yAms5QkdkkR1kpGOgXRwPTMXUYS0S80kfKk3qTO6qRsJxywS5ks2ThMIMHm_xESq73yUlcpzMhCUrvZ_nFBAMPuzDdv8Wpdi2LBs80CzxkYIdLv9TJ9pDKE39OVt4QMAmZqRyNb764_NM9C85O3RJdXmcTK0qeYxZrDxI2uf1XYcoKgzJL7yPRqKHBoZBl_gaY3b59nwye7vYsCAKS03VQBnCvotWospYpUklW7HjZGCnAmgB6ov7Oa2CEKMQyzaMk0v7WaylZgPHBEr3Ay9HK_xC96LFcmuJuRguHyjN_Qbm7By25dmxLdf9muFA_zoEfP-Jr0iNEpp5mV_B25JtI5BVTset22v5rB9vp5MCiQ1j9Tvg0XyZg8BoeJkUtlqEhChhKjmFPVvt2S9T1Yvh_SrpBCKlSgM42cY6jpJrfPGSElcQ1ZU93NztmTHNOLxpkaLthE4FV569n27VkpTByP3sZil77IZIb9e_IF_D8NJDtqFVnbni8gFG-TlWQQ7BZgsDlnzINWOKoECHjNWYtfj6jxZw3yPcgxXO_IYLtcBiAQXAZ9kC24kaz1ea4dHS2wXiHc-n5I5zB0dt_8v0zGDW1I1vSPxmDBCEbfsKahL6skPfmVT2hWGdIkmpTWvfoclJyZYMGWZLruNQ9q1P6oF16KGQCvWAVFYO4PnPaX62UoTotqblH7-RDlLZuK8xasRpWm9LycAaItwQcGlYpPEF5g2UXHU5oI_ZX4svqFnuOz7Rs2-5GmbE2Kepvm31NNKrc9aBVwuMoTqI1k4Tlpa2XGx4ZnNpPsWDSDhDxKY9Iw5-tfLh4E-ST04tLNAbPvayPRl4oOsmRdy2JrPj7XtZwThEMkyiy-O6ViQEUiUcmml9AtGW2Ai_jj4F3HRRRqtqdzLVLfinbd9sKqkjJt_o2ppNuqJsUFSKihHc9p0FdGquFnozh5WwhLAgJvCQviXfZS-fSIAmJtmyX0nApTqsb8jcJZ6pmXzQeJ7J4m_Q6SRBnjU6zbk1Tr2MB79tWztCZ6FBR0QnNDInzk-vUv2SpNdw5AJLkTnpV1oYVlBcv-3flyR6nFhXfbL6d3QI6pcBIPRmul48OCr8KxDuHU49VOfOCnQPfpDzkmM6xkHmWVL3D8Q-leKgKWShTo17vpdNBFWaeExBm5w2z_y-oQf2QAm5AcDiD5DvYA7bPWq-vSZEycISs6poa83-X8Qy-N1SFhCl2OEQjJ3v9a-NN6ud90xj_31wRlTNEEER_dDYYMaCnwYY_Wl1BMQ0Pt3ZfDMKs-qKoZeRmf0MCVRvitgRyVoDgdjbH7b5_X5eNGa95S-IS-vsboXmR4BJ-vGVhqvutDdEdKbVeyhYIcmBXGX9SW5SnisnX3TmTaDm6vxfPQ0dmHIK8bcXkxDKj72D4JmKHt1rvDZ-ysErBi0CKEuzLmOSy6woZITlY8A6_Sgs1hbJGd0Dxw8duZpeD0lxg9Yqv_9_KW3zdktPDNQyG1eSf-p86K7Zxx6mciNP5gVeS3eyylr46DmUvbPiAI5r5e_2GUBqLKyiUaOytUsOCjaRYm4YLDPWMfh7FTsDqLdrJfN0JLrUxphsFqxj7PYYR0mibEq0_v4N689c0lIKDDWoUxT8TFGGSFO63OQvS9urSTh4o96yCFMDPI9q0CFfFZep4CPDR1Jup4av3uQIXFBIcC3Y63NNvAfKlPXkfYto86CIXvxS7KbTZNCVmg3DLUS_mzvQtB7E9Va56f_Fhx0ZJH2Uh0wRhnfwWD24Rkke19vG-B-1xg9Vqs6Tau0B_mt0QdVJtIjoidwAgz_4QsYGK-fOv6595yV2Yj8LlZNs2WlN7LQE2czVhCF7qq7mr5vJHLNlOXuKkjDAoVEtWJL-bEpKtPH294Ajfbbn1DprLQ6aWPM14RfoD03L5UaHtMmrS0SU-spkXPOlQkXlM1FO2lX7uX-A8HYHoaJmsMx4IV-s0s8tezsb8N85R898ArdgXyxjDFlirD1b1U5eY7yNmi2kV53qg8jhs5XTjiXBJZmU4Mry_EC6qQybqyHYHjq3IEa0F4OvJimRHib80PgFrnGbp2oLy7JDsgqPmzEkD_dOpDzu3G_73DtKuEkb2drX5A73yIG4SwWWwTPc-i6i0wNLcj-YNAMbtOpoyCORJaPUfUiiwjtrbanD-o5Nu1lvHZKHwvYdZXcwsauQDbHBIiRz_yzLTvHbQ56KBHBSkGaurfyQ6aRlPEwefjoEFt8nLabLpfR-wqBiKa9fw14roud8GUV_IMwJR4t7s2el6Z6qj2xGkiAE-j6UVBIiawoYIjF7QZGXjMm7MmsYTu2lGM_17YLplESR6FwBNyUxXHGP2eRbG7GIx59Co40ixL9_xTPSbzONu1J0QUZOrM1wad1dbuiFstfaEdkITHjbXKPcsdxZZWnEIFDo8HckTOoSzwUR5t_wiACpxrrPBemIyu0MNKh1YwktGmRfVga7qJjp-MVzUGOcxhAprfxPl7LSaT0Mrxo9BKwAVVzviGc9Y7psNtHHMUbqmVt54qozPmWB3_QZWD1Qsr40Q7MMj9mtSX9S5Ls9CBdw86avSCWWbkgtDX5X-u8pYvuS--6b1WhNtxXOoB1z8DC2Y21Zcp9pWoS7gKjDfcDiy6rW7UrshxVD7BUV6IWPAGNGdNw9MZnDHvj8nL9quFdYSo6fKQwEgwYYO_XvVZKOoWU38Ie-6FBa2f2itdyXeU87zapE1qoKK1opZBkPDx11s906pkeiAxHjVzhs1jDPxDXHsSK2xZMmIdAAWqqWS3WMPsA2wRFqsEz9DsLAd1ODvy1DjqmGgkG-JMPjep6_L85nJWpL4QPV8xAi_nEQSRPaYlEeDf8XWmDmWYdBXoiWBPBYT-WOpZupKRk18zM&cid=CAQSOwBygQiDGhvjbX3NbPzNDQR5-yKfdfwIniNLE6aOxiMB7eYa5xdAqxGco7_vJwFND_RMxPQJiQZCc79DGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=8401514277473895000&adk=2465470143&idt=323&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a13492d2a8ee8f2ddbfd071c93e56fa48423ce4e0889455a5f1ef841b3b201ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 15A4 2 KB
1 KB 26ms
25ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 701796
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7d299e0488ec1968-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 05 Jun 2023 15:58:28 GMT
expires: Mon, 08 May 2023 00:16:30 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1pS7EL%2BasoLedahQEeXcGqvJvdsaAM3AHVkiUkovyPkP1uheY1VzN4DImb6o%2F0rNm4iL4J%2FDO1oV0Y6AddJxvywQYS2VvyLcZpbNnfdWHnV8M8AS9gk%2Bpi9sAdDmz9%2BTK%2FlQEs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 72AD 2 KB
1 KB 27ms
24ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 701796
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7d299e0488fe1968-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 05 Jun 2023 15:58:28 GMT
expires: Mon, 08 May 2023 00:16:30 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBBivJC8rgrIWMLZFmYr0sDhhTD1U%2FNutc7fXC%2Ba7L%2BxRx26qP1Dd9tU0o0lgSSCqB7rUsoTDHR%2BXv87yOr79o8IR%2F%2F8ndLg2aLpmlVKTVBz5VEWNNbUEUAHTzLS6%2B8ZasmEl2s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 43F4 94 KB
30 KB 63ms
32ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-176eb"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 06 Jun 2023 15:58:28 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D79 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8937555486687&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D79 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8937555486687&version=m202301230201&ct=76&x=1&cor=15588531227062663000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2D79 85 KB
36 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bxgf15rlpQNTcXD3_5fpR-6eEm7_wGvbk2SBuYRUzSk5IDSQlIyBpjNRxJ2C2HkaGcXAexjRolalAWe4qWhPj5LzsRfoHnb3O3JUEKwcUXIltCCxlQEsqR1Rvm3r_cr1EDiXE3orKLxHpbWyUluFRY9Coh3-BDYCBndlzh2BLJJ3PpWbY&dbm_d=AKAmf-Dbt8DAZe6DH2M5LXuOuq-3N0xi-7UUElpXl70k_0MZ923HHReB96POL6uIAJNeZBxuwwDRlod-66vuqQjf6t5Bl4EHCIuOjcqFhUvuPKUj8LcOL8MXxdcMAiqg0N0Q2S7zjxzkajUEtjkgwgtWKvLpl5MycFAr0Rl5r8f09u9LPalY3I9puJy9Dn-RItwo_SX2x0wF-pCo-NiXsUQlNu7p5gxGxTl92V8lBGE1IF-_U19lRwq9ZcfZTyfzUjZa_6N8iBP2OkMmZ016_zPSCZb7ctqDqBLLRTO2IK8TiAg5UJTwYAwlQvA45-1-xehgyy-FQH51ifAFv2Jn6MbRByjKgqfcLkfMgMWNMen0_TmNb9kj1-Ei3H1oVjQdmXgiJL2KXMIbKV9diLf65x6rcdzA-f6lBfy6fV8B3625THgGGaIW_EruUyItP8rKdu3UZzYVXkLkEOwec9AC6mizsiaW7FeUbttEasilBPbYlFjTAHozwn_mCpJcVkTPtd5hxVxs5ehr6tGI-hbA8XCgw_P_PWjO19oUByqnHiDr8z5h1NfF_QpLtK4xLJTvWvblurkibFwx5ej-oF0Zc8pI4cGmqnqRNkiSZ6N_hbXktiwGGGmusbRKSZS1i0dwaV_-BJZ7O9uI36Ia8iC7ne1ieWx5ECyUmaV8dU5USkVM00LjvNasKVXz9p_WjGlxxVJuWCj6K24cAn8Ilauu1Ww6DFKVnJlij63Bs_vHclG21PZu_dBDHcOHQPCs3YNT07mIgPTVF0kXWxbLzMnkIchL6ROKz2_3uZIXyj_uh2Cc6CE6IxYvI9FUQ8X4P0Tjhzpxo82XJyNY7Ak1rBRUliWhcoTUGkwxTs6OIxhBxQcu2uFZZJv9eNwAq1bPloEvQqzWQyE9pziApA7t7L5qahBCpCPlsIk3tUtuemWdlU5kl8WIy6Jjdh8VNAdjy6Yo4SJL-UTNB3UejQd4yme7GrO1wpYM64N8oVPN7G_EZgBLOuqc3XcJMFdQqJe50VPHIVVEI8clHaA6NXy1ndvHThPihNiZvSOKdqzxLHdS_z8w34YSR_y2Ellcep1gYTvVEFDanvXYjHCJ1vtzmatMe133LNKJZjmftFIo3CWRpp7l0cxLKjK1foi-62BroFswK1KSxtAzVVem5lYDH3sCZf_Ndw2C_SXiUVRaADsZsZafHReUGTDm6BWRjLUieglue9VLQmNY5qdUuRLHvBetPk-OmMAjBqm_Yq1PNvThH3Lwd05OLe-Wg_C2eHpIQ_TTuVHtmBOqpv7Y6Uzsx8BmXodq9iUUmyVoKyRTVvANNvxyQyE6WqwjYkjFRPcD89k34YClidTRCKoLekw4aYqOrnFz1Ivi1y8qyztJAaRJgDKJRmCO95NxLulOjurg5vU6G7_wBOQI-pMmmpQa4Aji1BGkEALx2-UY4U1ouksuUyjI_ThE8JjqNHXotrILxuprRB1J_vPk6dMykivJ0sd5s6fm2u0sVFznW-6o6LoJKklQuv5CbAzPhafoA38skMx6mibYzmcROvJzdMiK5_uTgnTU7NHCV8rpwB3-JAKsXJCusYTk1SttPmQ8qxJxWC0ihGL_Z8nDM6ccC5Ki0d1r3DbOt-i658k_aSQ6EQjWd8y1HpUAj67b6ALDMnbyF8Iq1wRtQWxHYmOnCMomS5oYblOjINO13SkAdNVOHutg1EUGOsIg_tkLRuAFlgNpsHVmJHGFBgUvBkp99tklcTTiVgBUoRn-xcIIpkcvXaqQ91k9jchOLIBg8lfdjO5BFjaVcHGfCXe3vySW_BG11FECrxLYqxpssViGrv3ENu3THbg4bWiSYM_uwgrbHGdJ1RNLlroEa5QTwhXyB3MZ2rZX0SiumOcs_daiiDc22osKXRlhNvN6GC6YwyvsenBYbpJheLTmVSlWteNkuwrs6KbokWc4FJLI9Io2KbzmWm0geJZLwiayeyUNZzMUd6r1jVuHDtv0Mmj79sEfeK7X6rDpfPTM6ptzBM0UMdCBFQqEQF62auKFDZ8XhIAGDd_Ou4cqZbu1WoeeQt9ymgktn9q2Bmdb4Y-pxzbdpAATcJhAOKlWy6fx23j5eKE7LcxBBtnW7jUVks1vBOaj3LFnfP1h4gwOJ4f1JhLvDjEnNtnnZvDbBgzw7XjDYg1S5FJHvDVADo8xYhrn-QL-tNEjkb9-_syW_Vhi4FcrJ7o-kau8uhWeA2pg4g1poBfuAPvVdp0OC2FiPUyhotAifn8T0kXHZwMFSC4Bj_aWu0tk3BkLgWVEcM8QlfpMcksY5PicE2we1CG2bOVXWAbIYYa4fxISHIUvQQY6EDaLnKoYRnuwSMglqMqiJhOPdJkXpkbG31gF_YgHVaHxrTerCcaY_CM8FMETekwLutMISnOKwM5llNlYxldoL8KBYFiY3fRA7TWDt8il6CeJ00OqfarYLHEXnDvEPNzCh4So8upuq4aoZwtIgS7M4HnYPbQYbdGo7GNrjXsEbLIThhtA8auco-YVbMxAwBr2HFqw1b76uAVtVeNOACcJkWJ0OutaNfOTJW3xLX3QEZhmhgyoBg5JBXDQ5JSRatUGveG1noEOodI32D44NyG5aHwMQnG5wJxQGLyPUSoNJsbgNJZBHFpGqmwU_yXMzSbI1zOBq5Z6-80KZrc5kzfDtEIQ7AmAa1y6ozMWI1USu4o1h-FfrSSi-FDWy0Xf7xh43itf9Q1Gk6YsjLfQBHaUxJ-Bo6WIZAvIwmDeAHWbtzgwlIiiX8ox8FJoa-cJVy9SlSenycuhirMNB7El-pEyZohouvAinJbt1TqjLxKdOAQ6p8yh99LL4OOoczlIM9GNuztUbwyj-6s8cxn0oJcSJrN6-O2YuFAXNBf5BXjyW588XCi5CEKlr_zMhYopNj1MBHVzXYcUqxOQGMFFyCq4IPl-ECLR36s9E8X4uBVrDfdUqIbkvEbCzYyY9MpoMC7fptc9Cvb_gltWForsRm7midlSOnur6zGEfQt07EtKOZ2BCCKSizyQN3GaCSXT-pzRm26uVy-dzG11SudI-iUTIS8FvrepnxQC0MSf_85IoB7kcBiVcSPVeW8CpsX2I-QVQQoFlbSyotV26gAAHFiQgrry5Dy9yxmpqn8KHdeebddBCMdxURAIh7gY_q5I5mDNE_Kg-ibCXMr7Gq1YGJVGW1uCvpRwYnEDlsnnSW7tvWA4iLzAliKvpBzC27z7IhzTQH7e7i3yFcLBHC4F9HTI7gWXp5JxU0dnzlJ9XAj81_tFpFiXXvq6nyiKoCV_Fm128wNS4p-ACi52YFJ_giqf9rUFmjthM9S0W0E7IGfck34pBdptnK0zGLbohIBVv4EDm9U9oLWSr1zd-LW8zKeAXqS_IGR0_qnJT1EtpXIMeJtIBZvmC45ZG00G2ypr7gOrBGqsmgDJ8YPr5WuOtILDPl6Bf3IUahM2lrCfBM-mH_2Oe6SPuDD59Xbh6gqkqrqre0AeJczsmw7oJDBakjdJxMfkL8oOlOT-Z708b8gLQtm09I0u4egAHV9XAxk8JIS2VxQeS8t52ek1dplR06KyIappZIA&cid=CAQSOwBygQiDgaNRfRVY5Be_ZqwLB0q8SctYXQmTiUxcIpMmYmpZdUmFndnjc5wvpBgoKnRUY7peKKEb4DxDGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=15588531227062663000&adk=578009112&idt=126&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdb58706450ca1bc1f1ee3345816d47d38f844e34c9388362f9fabfdbcca9be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36321
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 143D 170 KB
59 KB 154ms
38ms Script
text/javascript 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Origin: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 05:06:03 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame 143D 11 KB
4 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AS0Sa1pmDhLyC93BQ3qQYsr4KH6ITDtnyQFJ0_8xFtCPs_VpR8sS4k89vk3_Q7xC3aHk7TlWX7CVuhgI0b04KHsUDZiQ2ACzRHDoZvQxPE5qSpJupmTYmRGhrCN8EBjy6WW15CXWPK5Fr59Z6XWqaYr4VNyr9sUrOl2hcMlQWhZkfK6_I&dbm_d=AKAmf-ASffG0bYQpoqUoQBIUvhpRUbCaW9YG-3718OOCngDrrAuYQnOMQvRHr44w6Xpmdvc-GcmiOY4t7PzeMq7be0_oDQh_-ncqCF2tsdC8gcIBgjvFoA0C7b5rrJBEGuaVpPVwLGsUx9n15jojNTs0zjVh0aU-7ZK8tj9QJvi02jgwOMqt0U4oHugsOv_90IdXj6x8Tek2QJr4xQhhONUUk84_7U0F8KuudJX-HKT5p5JM02tly7_MsajZAiJ0MMh_GAxDJQPsPYyiIsNnX3ppTCpa0VzGd48mW_nXa-_OlUDLMPQEMdFVKHhYt4tHBHEK6KokrjTD4kKpuJg_x14dj0QailF1f490fJAunLtG4YBy2_UY_5TalIvUQcuKYTUNKkmmOFR9yZrYqmichX2SGJKFkaQ3Er-M0LCYU5UrfwUJ7SmSD_Ja39mKSGRoDJluT_bfbOt4ve5aThZy4JHYxu_chI_cnzx90hvs41YmsmXy2-XYy8ehFjfEYnIr70wY3iyuwMyt1tlxgiFWq34cQAHbhkHk7C2h_ALjU-T8t0MdneJyuTWFA4bJAz8vOnb24YVTC14MUIpptQ1Y59ngUNwREh68GMq42JzF_4GWX9oq5wY03sR47WhFweYl-zf85V_Qdum6t0Pl2beAXMvNo_a7gHen0PE_MRT-Pw_4SziVSze-w9rwSn5RqxEsHx1SvjqqG1U4S0Js9Ez8H5KWMc0INmEezw_jJ2eef30k6PnYKnizIal0p8WnpPjCPIaRC9q_LivR0OXDSMaJ0XghgkNbucbvnkoKF92CzDfsuNbK_bcFssSMGblAUW6nJlGaFGZQSpgTeSAPKvkSi7RKOm7_Fp7Lqsi4m1kWZsSbCZCDrrnkr4tbuR6eRNATp9oLaD3LzeKontVTUp1YV9GF5j51MiYJGfPBgJfAeETfUfXdcXPW8BkaUjH8gObJA7i4uiDseSqHYVH3YNXk4Edt6oeCuwPT4-Jcd-7LWvfZQR91Sk8aH5_9YrNKWLCvecQFWDtiObG8mMxJuiO1kQtag3gcfFSSdx1IotdKzPkBwjoHxoIxlB5fpHDoKJDPH-34FN2HTKvtfajk9rNaF8zunJvDucPFU7Trfq5OneerF6_ubqTZLotlSEkwEeCQJs4EC5yXjNoWjiZuQSuxgj-qPzrfddTVCRWmNsFNoOp6BJuLxSE5-HF50-XBl3igRbrvCRBS6H0E3qnjqDGFdeSMdVZBoGpCsGtjE94jA3myH6FDGhk1ANpaY8RNvrFQUVn1Fatj8TtYO4u-D297llEtC3zrRtfamInSCyioNLrmSXAXsjCReQnv-QXUAfqOAcguaH1_aAq_sA829CbCA0JcDgAKCz4LMb5bzhAjYlDLHqXhJl43K5515Mf7NcKRIEam-kh_fwgsXpy8V5cDwku55XdJXN0K88djVUoS6-j_FjlKfeGzfHjHkL8vzASSnyfJiH108vZKSzaV-rkYqwLs9ZWdBWHGBLzL7y2Z0AiBa3WKwVD_-k7WXeibYwQf3mWvmGpKygsXcPFprELrtV5SxyuTo4h0Khn8eRgzcBe2JciGApkYgb8SUlxgxJb1FJfLruEGUqd8FQxZ2R3xFUaq97sMV32wZT7ZQ7vuRrn_kPBDlgnVwuHBOrj2CpjSqEewth-xerQ_KxbyiCLD7s-sqqKW9Oz2GrjAdX_vC-2wTbxt4xsiClRxd5kYYCRtItv-I-dZKE2Ib2IgUdwMVG6WEi-uQPJ2xRGl-T9Yc09uERZw7z6yJVI9nU0OZ8HZz8V9NDVOfE74y5JvUvx-nD3J-hoQrk8-MhlKnwIC43ZCUE6AB0l7HiltUb2nKgIzrxLxyUdKPOs9K2sWzN2yPkc2BPoyXeWBJIjuIQZwIJz5n46tIIZP137yyLVOOONcrvMsxyFibtmNY4iu3_9EKx6eE5xI55PDX3iO71l5YY930DZQkBkAcfwXDEVRqz2LR3DQDfLYNJuUvv-9v4vQRVVacoYGEbp7SD3YbtrqNYr-NE95Hlcum7JSzI4jVq1b0OCnmLqLdeM2qj_oSwZQkGA30AhqCxCck_oGLCt8rAebWozJ_WYDNPnlXreECpX9O47jX9EyDhV7aFGs1HviIhXfPnq_gQJB4zuNVbmbkFj-2S7Jhl8NY7XhQ1xdAv94e9fEwFpOSlKEQ2qq36_TlMO7_D-v1OZJ7sdJfkFHKhuOzKHhl73J6fYLWBSo1oSpjDdMbDS3hMorbG3SSnXP8hydPD8Sdm7YdZfNm-If-JfkGrMsRGkfVlxvdi22eiKsJLrlMxQibf98bDhprivnq3uzqp7sf_ncNuKuNJe7g-CHDimaauhM-itDPApmTJq1ZZlzwWdChbrDGcGRiReg7cS9-bqoyM752oUImcclbCNrMIEh97y2vGkkS7wip_-ipCATjcGSb-0hxUndwAH_t2RTyYLykvI5tDyiR3b3gSjq3k9du-Ef-xVPixuLl9ybY9-cowbLvs6eZMqZdWtANsuelJfoFPpFOngcnJueqdXA9biNIQR0WkqZZar_W8G7EthJqXKq2L5nx514LylVE8PsCzfRqPiVdnaO3bUG7j6SQB-3Y_DQYRvYjVY3wAPOXLuvfrMwGj4VtpDpj94HYHWJm0w3d7Ag-Lk7CQFhUh7y3pCpzuk8uSF3jmT-Jl92LQQkBnDQbEetCxIpZNM40oqzsND0qOsy0rsOE82vRvbld3RdSh9Tb0tnz8MnR3ADaVuzzNqo_7uOEi2XfW-5xZgedTEKJsxp-vnKKQtn2Ld9Eh6hOgtUtVg980gIK5LidRAbaWvMKhKo19q0cAWOMq6aR4LwpeF8LdMN95KpUXi4iNVE-Q4KTNtwzFOJ0ekD8jvgmRfdOJ71paghlBJw9gRkoe4B3eKYW9delG0t42sbwDOc9eRV4GnBYnKavOOoqp8TAF-ZGcuBrXTGfqbO12b3idcL5ous7ZITk4kxCpELUXe6p2s4g78XVpc2s5s8JX9i5xldkkjIpCGkKk6BYzsTfiiIb7yfRicfPBZHX-1BRiZD0KWBDo6FaHsgO4syI5OGvIrccmVFC1JFUUnpCrJY8LAwBDWu-EwmOO0CAQIypu9VVaGgIfUychxcdORriazxujHbVldpqIowjf9Lr1EN8KlmV_yy5syUitvxLUHtFcESrZiJKx6MaFu0NbK55RY3rL1NOCI5_779PzMZi6VUXeeJp1bv-J_a24bzsQT8P85OllfoOKRtjycTWjZGIOKvGozxdrFxlz4Y4FOg2shOmvvhz8eOTqb1Pu5k8ArZKhhHCJpRobwzz7waueud6vmqQmoxcXEFniTNwirPI3JhzURDxiGemHyrdkQLnXyv2i3f-UrbaQRIHT8V-ir-UC7Gtv5JnNpdbGrrM-msp3Bvak4XbX6FiJlbyROG7dkKzOtHB5WeX_NzI_gEarIg-pAtHunPZ5ZeqZBhsQSZ3PygHlN8ii7vWULWpQU8lmmzADDk0nU49iT1HFc6SgsYST6YRTF0EZwAkAFDvUjoLgyWdiMReMCKNqwsKhkdaBeIKDdv9tVJi2w&cid=CAQSOwBygQiDMcnw32dpiX2as3fcSC0QkIPAFOZPtLY5G6EY_c55mfsr2LmLGx_wkbua4hGLITncyLhvUzrhGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=14681292129931315000&adk=3887872403&idt=199&cac=0&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 14:15:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 143D 29 KB
11 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 21:03:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68089
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 21:03:39 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 143D 41 KB
15 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 18:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 18:25:16 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 03D6 1 KB
643 B 51ms
51ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 18:15:11 GMT
etag: 48472445140208031
expires: Mon, 05 Jun 2023 18:15:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 143D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc8658196ce186decd7d31b604c2466cde30c10528e20430622966e19ad6ab8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.94.1/948461/AgsNOjEJEPUlQwv1/ Frame 1CF1 0
145 B 27ms
26ms XHR
text/plain 52.19.145.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.94.1/948461/AgsNOjEJEPUlQwv1/postback?oz_pl=1&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE_CONTENTNETWORK&ci=948461&pd=avt&gt=DE&ac=Xmwo1n97Q8&pp=ye-mek.net&pv=130d298a-4687-46a5-9395-952ccb157566&md=1&ti=&to=3&de=2&si=&dm=728x90&dt=9484611597092707615000&ui=&ap=&pi=XRzobPsLhV&psv=2.94.1&_x=1
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE_CONTENTNETWORK&pp=ye-mek.net&ti=&pv=130d298a-4687-46a5-9395-952ccb157566&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.145.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-145-179.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 05 Jun 2023 15:58:28 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2222 0
0 155ms
76ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvet4vPk8mD2YmIsAW5RGBxZEAVNzbFfJ8zd2ClKbKG8wrTTvBy4Ml4G8R8SB8cSaXBqz4kDHRkXUjCNndeaxGXFKfAHmT0HaWMwR-mFjk9A_VglnjXa7B4pch1sV9ukJlEmyN8FxrUB3PeZVpGnfaujzqpHq6Pa5GWijlVTpss7NCMbKWQi9W66CF4m_Rp6AKAJdK3egzWEpfIpIKerkVcbpGKccr7La6I8kt2NmlnzFoGGpMt7HzskNTS5Rr7kKJAnnjCqp1q2mfSiHz4DaMzlOZLBtXAvvyV6OMvDEsDiwp2KBwNRwLMOmS0XYdCNvgw0Jug19kH1tHMZ56VLi2nLmsxVNcuBoZi6eaNFjU2OgkOGVAWyw&sai=AMfl-YR4QiBgW3gQyqbRJO7aIpxGT-_ce_7uiZRpjryytUABrywamSFeIaWxWQqZz-6mMNBC-_zX7d1TWDLtH8ywzDlwmmQQFKP9yTIRaQ2wqFI&sig=Cg0ArKJSzB6-V4dDVJbVEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Jun 2023 15:58:28 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2222 15 KB
11 KB 89ms
88ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230531&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f63522d23e118f6d76b9797aa1c84e9e58dcd7c2005397c4adb831c12362d134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11316
x-xss-protection: 0

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.94.1/948461/AgsNOjEJEPUlQwv1/ Frame 1CF1 0
145 B 27ms
27ms XHR
text/plain 52.19.145.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.94.1/948461/AgsNOjEJEPUlQwv1/postback?di=https%3A%2F%2Fye-mek.net&sr=GOOGLE_CONTENTNETWORK&ci=948461&pd=avt&gt=DE&ac=Xmwo1n97Q8&pp=ye-mek.net&pv=130d298a-4687-46a5-9395-952ccb157566&md=1&ti=&to=3&de=2&si=&dm=728x90&dt=9484611597092707615000&ui=&ap=&pi=XRzobPsLhV&sid=AgsNOjEJEPUlQwv1&oz_sc=945145d43055fdf639d215aa&oz_df=1685980708709&oz_l=1180&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.145.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-145-179.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 05 Jun 2023 15:58:28 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 6FB0 106 KB
37 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Origin: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Jun 2023 20:07:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame 6FB0 11 KB
4 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTYa9FwKlwDOq9vsQXguJQcV_xRnSYBVVwQ6BPPXIPkWRsnp2JrPYumvo3GsG6C6WmY4wJHSREYCPKQlW51is2abLwO0QRE0MiWX9yfjvOTFf7L2-62di79xBv9hco0UeZXXIKC6g7mtrakVJrvmsC2FVXsvf_FOVvGuov9sj2lFhh9VQ&dbm_d=AKAmf-BHkKug-AG6I4C40tBmN3xq3XEPpVJtQfXaHysG0SkwKrYhAFKrAYVdgGwGJzXEEvrqC9D3_feuklB3xynYTf6RieZmrv53pS1HHee6vCzLI2QAZhMYaxqUxyzM3v5AFouCvjJsgG_3lKpVeas_pToU42P1eWwbPUDHiyokXLBjaW5URKuLV3dH-BqUUzXcIi42q5R9qf6GOBfgn4-uJaMU_RfjOH8UW2s0gdl4A3A_DBupGLn6zXar2W5T7iaCwzwSMGOSko3Pr6S2bvq1RBmXXD8QF0tzScuef0eIcaiuW006r8OugIGKyVlZqDeG0AlDZC044bvNuRox38wge39237uNIQwalf8bWJYvfmGr3zjH_OEQUnb1XJ-3ZYkrVBGaEze0j0AHwseZrHTSeeA5C1_VgSdUVCC50a6-HdlBTugwjjq59U8J4zu0_d6xmWcobCwCBy1TPNdZ2qXh4JQt0DwcYu1o5GQvpePhSOsya9fjd4Rb80RnEBXKaAAcM9TSIkzfDf6l364k8b2Vhypr8WjxUghPNDel8cUC6SOMbMXcxVQ6rI7RarBRNREzU_u9fU8juIWXCcqP9xO45y-9Q8BKUNLz-yhdmIydjEt6muCHK7Lykx8CP_rzI53Mxk2ljFho3To18OF3_Ejo2E4GJB5iPJbNx7G8A5xQ1H5KLT0qyUD1WP7MhWPwvYvU0Hr1TyDqsELW4p_YBxMB4z-08Y9Atcmi7qtF4OMhHndGuhkN_8bsLgd3HaCkojd7DtwzKKcg_VDgSJO579Vt-rktKzMNEC21CTsGWRvVb9kHZKrkqSqZEl3Z2y7e66yc6jcEiaM3QH160DPUHfX8m7Y_EOukjOYHdE9iM6ernlRXfgLYy66coTYfIGD_oNv4ESKdksvw-wmQYbG5UXZFhjEGgx6fyzZYjEXyzQIVusdTfSE-kdHNg3Jgz8utQc2g8RA_ZkFyH9f-O5scUIeSkrip7YwL2BbBF7CK9GQngFDgjkczXZd0MLXQyPThk4d1Xr9xbN6dU7AvJ74U0utQCHmGy6OGSZdpKqTxGzy2qF7MEnc2pFsaYV4Fe_j-3jO5co8RDC733jSTqWpHRkfv8emsAHwdvVrCYo-zLRH1KsOldfUhnDOipzp8maJpnj_xbaAiAeww1gAoA-sIJ6JQBGyHLzAwPn41MyBKQGbRLYBGqwHDRGHOi--evonUT0JSd3x3cULVTIToo84c2FPbQc04X1eCeuRVFatNTqQg3YuOD-ereKEVhbyIfh44B5ZHezgr5cWjTPcvDadtB_te1vwsqsWRhBCz4kbMIQKWkr4NX3LAG6pJq-VtBudujqTuQmsdTYIXzsngE3POsZ_tl2GRbkRy4obP5kGM89sJDsPyASUHrtcy1f8rnWMFnGngftbAsEC7jBy7OHgX0HCm8URc5zuDMnP3TRDyhCKMgK4BjAAullgMnQSECY0y7c5DNupqQCbDUiQeq8PA0gYAiJs_jUsqjBPbRokbStL7KfGVY2yp7rpddenWNihGNtC6S__G1g2DCQZdItniz_kUKdUnsIb2J_FVVDIHkHshTRwLZy5-sxfs78zumf1ChQPgvBtu21mmbGflE-nBQfg9R3C7gKs9DsDPCXabwvUIWB31qjtcX7_KHU7pHbVqiJUOPHClhgkiEMKU5K5A5idhW0Z1f5yJvrqiTLTQnYCUD0IAM-qrgpv8n-OrQ1nxQ8Vy2QyGPK3m9SLoIg6jxsuspdTugoMOVliAJ0R8j96KzzzyXm7OJ2Wh4UIsU0Rx868u814xAVI6gNiGVWAdiyAnpcIQuizVN7w-ZNTj1FLKtYIWIZ7sv4FzAabX1BOlW1r6RQHm_oUuUih5nl5-I93WJZh3pMcm5QVM68NH3ao8KbT3HvYWdT00dQ9158dENLUv-4TCSiSUXKlPdfbKEoHSrRNJZRHTmNAV14C3x1EOhNKMBBlJabC67nEYKrzO_0UhejehkgYyY8Zbvsm1UePxwysBNw5AjyW0zplASj9GqoBrE7985WHtARNYdWD0Ihue15K0nG9ro6pwsTmI1Utxj-2Mh9cLiCCKnFbdF1f8Cpm7vKxjIxFmurWj0Krq4qdTgV8omkhJyyfLMHOvx9HCfjices_A0FuRKbxb_HZYgY-0laA_DdX0CIqYXhVKP7JB353YFx-thqTIyCGzrjRf63jZe20PU-3Umce78FaCLJ_aW919t8BR1Kov30JT-s604ex4ObuBfugMKycb0atI1x9CHy5XmndFxLCJg4R7TBxvd51RcM8CHcZNzNXsznP1spOYwv57V5O2Hz16H7y4LTA8YWl2e3p-NhA3-zDBNEAQsxWUTCkvadp-rx0p6-Onpcqv8lmjB5475kofixnKmaBy9zqp6g7TDw7Rzwfo5HuQN1INvCz86VGm0yPrNglNQZq0TLTiY3c61RgCmKJXM-O0kRoNow5BIEAqdUpRNrkeN4VAtmxI31KtqhTMdxTld1DxqvUm1WBrgYy5eQ0x0Ssfzx4QHw_3YUYKieLweFfWLTVdSXwt0U5p389AelwWqfWFn_urhAKFt-8De5yLcCKDr2sRmF89mWPOx7SgZQRzjIvnxGZWvnwYpbBvzLKAQz8BaOO7FLQ1jbmFavASVpAE7JChEdtIbbUoG0pe69ARXc_6CNzdabqXKDAGKxVgOyH3zmEI6FL-DX4bWH_DGMRjE-SdwizkIrayawMCbPTEMcBjclVPWNf5XHUhlijvrPYFJCpUEZzx83-N9-H04VZsliA_5q4AzZeBqOJ3Jp5IQOYnQGWuKSW0EQ8VHmY3KRbHNBR9qJeK3k-50c_CSLsYEDXGIyfK3i3HF-iwrHghw8mPebIkv_SC8M4xLshkAPQiQrYTYoJfS7VOeeGM4s_OKDNVsrij3_eBgQFlI2j5fPFhzNoll3Y2Vw0zJwKRQj04bknBLLmgrG1mRzcxl1EEhI3t966u3qhJtyzWjE6gprJhg-SXO1rq2kOkUnEuKmoeeNpK01oZT38Ucoi5d-5jul_NKIHdHQRpLNxYiXn_MJ-2rDmJNG19zwd23fBrxa5aS9DAqpjFQRsXO2hqpIVCFjUpaZWCHA8p5YNJV4ZE-otj6W1LRkD5pzWZwCbCykOOfjX91nZoukSmkNxi-tId4v2Gm_GA7QN_Pe2R8GkCW_QKDg7W99uO39FLpYCNCjuj5v9lTXgXpn99x9uXwxiapNQ_iZaUKvOTxDKgRA225VCm0x8eLU5v95htYbYngdYZJ-YFJv0ZuVVvll9nilcue6vmw_VGbJVjOffVuvy-EzAJPMEs5GHRIdMGrJiOCdZclYAIOJkPsqAkKk_9-Eszj-KzZPuMkI2bdYZr-6sYsPNbpzRESuNS_lt2yjRyHVe--9lpbyVCfk_4KDhGeOMcMv9jxaJvTwFC-T4LC2n6g5abb-nDEuvrvVZMm0s-rKVFnIsrsALY6jGkWyhfFfIlh09lpE1jqHqDDjbfAy6Wf8HLlhBMUSmkUxXmjpS06ONNd34YOPkVCeKMeo4M9sDLpYxzaGt2gntFVrIpQMrB90IhLQs6EApWpx6EPNF9M7MckpK6gH8ltWu30oH6bETuDbUr3ECTWXlxEccFMK8jaJ3zIkU&cid=CAQSOwBygQiDynw1oJ-DNTakA5itUG8WHcgl-2eRm4T2BuF2_xhznTyyEeGPKgtXo_od3FzsvWuvP-AT5c_KGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=11894181221594616000&adk=3587751834&idt=263&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 14:15:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 6FB0 29 KB
11 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 21:03:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68089
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 21:03:39 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6FB0 41 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 18:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 18:25:16 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 871A 106 KB
37 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Origin: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Jun 2023 20:07:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame 871A 11 KB
4 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AuseIBz8sJLtVH-z3puJb-47z0g6o0DFrovMAhBHGgxzvxhek38v86ksEtwV7OXzxx9qv1jlSnaLjT8XL9qZkWQjAJdToxkf9-Aaz12rWVRfcsp_-onkHU3wouSHsgnEBlIMOqNhO8wuM17gvsS6Dimb93bmuSwYXnzolBzv_RcbrFHyY&dbm_d=AKAmf-BzKQdvLJWqNYOHg6R6Fx7tKbVcgLjoSlHOtJYI4DKSavu2b-JjZ49ETIwO4SW6DiI7LljtosKghIy90N-VcyZC0I-bFQEP64vvVtDIwzLejwaX3FLom73w87e676Sd48aLeevlCerzRyUOEv5wCmb2-DOy0FJmRgDXpTSoeFV1k-Lp3EcE5WH1i9y4s9s2Bd8MzNu21tvs-w15jIg6cAox4GiFtXtL9mQeUhJD5nLzmvGH_b1b5tekFtxdJ9pOsdKbG9O42DHTqYffDasH3jxRB8hKU5hys2XD40Vml4z1FHrqqaTKx7QjUPowoAI-gZ0suERzHuJ_mS_44qcXbtPkWLQ2DiNoqqc2WtKCpQG20llOSPE0txToaXrcsFtnomG5jNYFdjNvKBmyWQwCB68PpREcl7ZQ-VLaK4dLMHuOZ6AL5-KackBbCUe3wMycwPIB3myqgiLwNjfa_DbtDCjDinqZngtl5Xrcti8k9kb33qb15yBwL1gI2AM-IgaNL_8elArHtCdnPY85bGqcmKA3AsRxtqLCh_mVtWT53ISo548DcBmOWJE3RvDn1-h2G7u5psdOqwCkCKqsPI4bTtqmvdUWQzsQWjKPelhUHTJ68GcIfXk0QJJdrLSCFJyqmXkIdxnUQPJ4v3bG8LMjiA_3vIwu2oH4tz6GlILp-lq2QtAkGmysaJUtCPT6cQEikRPaTlpri-zj7z27igEYFyC6Eojc0iHTxQ8yAms5QkdkkR1kpGOgXRwPTMXUYS0S80kfKk3qTO6qRsJxywS5ks2ThMIMHm_xESq73yUlcpzMhCUrvZ_nFBAMPuzDdv8Wpdi2LBs80CzxkYIdLv9TJ9pDKE39OVt4QMAmZqRyNb764_NM9C85O3RJdXmcTK0qeYxZrDxI2uf1XYcoKgzJL7yPRqKHBoZBl_gaY3b59nwye7vYsCAKS03VQBnCvotWospYpUklW7HjZGCnAmgB6ov7Oa2CEKMQyzaMk0v7WaylZgPHBEr3Ay9HK_xC96LFcmuJuRguHyjN_Qbm7By25dmxLdf9muFA_zoEfP-Jr0iNEpp5mV_B25JtI5BVTset22v5rB9vp5MCiQ1j9Tvg0XyZg8BoeJkUtlqEhChhKjmFPVvt2S9T1Yvh_SrpBCKlSgM42cY6jpJrfPGSElcQ1ZU93NztmTHNOLxpkaLthE4FV569n27VkpTByP3sZil77IZIb9e_IF_D8NJDtqFVnbni8gFG-TlWQQ7BZgsDlnzINWOKoECHjNWYtfj6jxZw3yPcgxXO_IYLtcBiAQXAZ9kC24kaz1ea4dHS2wXiHc-n5I5zB0dt_8v0zGDW1I1vSPxmDBCEbfsKahL6skPfmVT2hWGdIkmpTWvfoclJyZYMGWZLruNQ9q1P6oF16KGQCvWAVFYO4PnPaX62UoTotqblH7-RDlLZuK8xasRpWm9LycAaItwQcGlYpPEF5g2UXHU5oI_ZX4svqFnuOz7Rs2-5GmbE2Kepvm31NNKrc9aBVwuMoTqI1k4Tlpa2XGx4ZnNpPsWDSDhDxKY9Iw5-tfLh4E-ST04tLNAbPvayPRl4oOsmRdy2JrPj7XtZwThEMkyiy-O6ViQEUiUcmml9AtGW2Ai_jj4F3HRRRqtqdzLVLfinbd9sKqkjJt_o2ppNuqJsUFSKihHc9p0FdGquFnozh5WwhLAgJvCQviXfZS-fSIAmJtmyX0nApTqsb8jcJZ6pmXzQeJ7J4m_Q6SRBnjU6zbk1Tr2MB79tWztCZ6FBR0QnNDInzk-vUv2SpNdw5AJLkTnpV1oYVlBcv-3flyR6nFhXfbL6d3QI6pcBIPRmul48OCr8KxDuHU49VOfOCnQPfpDzkmM6xkHmWVL3D8Q-leKgKWShTo17vpdNBFWaeExBm5w2z_y-oQf2QAm5AcDiD5DvYA7bPWq-vSZEycISs6poa83-X8Qy-N1SFhCl2OEQjJ3v9a-NN6ud90xj_31wRlTNEEER_dDYYMaCnwYY_Wl1BMQ0Pt3ZfDMKs-qKoZeRmf0MCVRvitgRyVoDgdjbH7b5_X5eNGa95S-IS-vsboXmR4BJ-vGVhqvutDdEdKbVeyhYIcmBXGX9SW5SnisnX3TmTaDm6vxfPQ0dmHIK8bcXkxDKj72D4JmKHt1rvDZ-ysErBi0CKEuzLmOSy6woZITlY8A6_Sgs1hbJGd0Dxw8duZpeD0lxg9Yqv_9_KW3zdktPDNQyG1eSf-p86K7Zxx6mciNP5gVeS3eyylr46DmUvbPiAI5r5e_2GUBqLKyiUaOytUsOCjaRYm4YLDPWMfh7FTsDqLdrJfN0JLrUxphsFqxj7PYYR0mibEq0_v4N689c0lIKDDWoUxT8TFGGSFO63OQvS9urSTh4o96yCFMDPI9q0CFfFZep4CPDR1Jup4av3uQIXFBIcC3Y63NNvAfKlPXkfYto86CIXvxS7KbTZNCVmg3DLUS_mzvQtB7E9Va56f_Fhx0ZJH2Uh0wRhnfwWD24Rkke19vG-B-1xg9Vqs6Tau0B_mt0QdVJtIjoidwAgz_4QsYGK-fOv6595yV2Yj8LlZNs2WlN7LQE2czVhCF7qq7mr5vJHLNlOXuKkjDAoVEtWJL-bEpKtPH294Ajfbbn1DprLQ6aWPM14RfoD03L5UaHtMmrS0SU-spkXPOlQkXlM1FO2lX7uX-A8HYHoaJmsMx4IV-s0s8tezsb8N85R898ArdgXyxjDFlirD1b1U5eY7yNmi2kV53qg8jhs5XTjiXBJZmU4Mry_EC6qQybqyHYHjq3IEa0F4OvJimRHib80PgFrnGbp2oLy7JDsgqPmzEkD_dOpDzu3G_73DtKuEkb2drX5A73yIG4SwWWwTPc-i6i0wNLcj-YNAMbtOpoyCORJaPUfUiiwjtrbanD-o5Nu1lvHZKHwvYdZXcwsauQDbHBIiRz_yzLTvHbQ56KBHBSkGaurfyQ6aRlPEwefjoEFt8nLabLpfR-wqBiKa9fw14roud8GUV_IMwJR4t7s2el6Z6qj2xGkiAE-j6UVBIiawoYIjF7QZGXjMm7MmsYTu2lGM_17YLplESR6FwBNyUxXHGP2eRbG7GIx59Co40ixL9_xTPSbzONu1J0QUZOrM1wad1dbuiFstfaEdkITHjbXKPcsdxZZWnEIFDo8HckTOoSzwUR5t_wiACpxrrPBemIyu0MNKh1YwktGmRfVga7qJjp-MVzUGOcxhAprfxPl7LSaT0Mrxo9BKwAVVzviGc9Y7psNtHHMUbqmVt54qozPmWB3_QZWD1Qsr40Q7MMj9mtSX9S5Ls9CBdw86avSCWWbkgtDX5X-u8pYvuS--6b1WhNtxXOoB1z8DC2Y21Zcp9pWoS7gKjDfcDiy6rW7UrshxVD7BUV6IWPAGNGdNw9MZnDHvj8nL9quFdYSo6fKQwEgwYYO_XvVZKOoWU38Ie-6FBa2f2itdyXeU87zapE1qoKK1opZBkPDx11s906pkeiAxHjVzhs1jDPxDXHsSK2xZMmIdAAWqqWS3WMPsA2wRFqsEz9DsLAd1ODvy1DjqmGgkG-JMPjep6_L85nJWpL4QPV8xAi_nEQSRPaYlEeDf8XWmDmWYdBXoiWBPBYT-WOpZupKRk18zM&cid=CAQSOwBygQiDGhvjbX3NbPzNDQR5-yKfdfwIniNLE6aOxiMB7eYa5xdAqxGco7_vJwFND_RMxPQJiQZCc79DGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=8401514277473895000&adk=2465470143&idt=323&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 14:15:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 871A 29 KB
11 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 21:03:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68089
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 21:03:39 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 871A 41 KB
15 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 18:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 18:25:16 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2D79 170 KB
59 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Origin: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 05:06:03 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame 2D79 11 KB
4 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bxgf15rlpQNTcXD3_5fpR-6eEm7_wGvbk2SBuYRUzSk5IDSQlIyBpjNRxJ2C2HkaGcXAexjRolalAWe4qWhPj5LzsRfoHnb3O3JUEKwcUXIltCCxlQEsqR1Rvm3r_cr1EDiXE3orKLxHpbWyUluFRY9Coh3-BDYCBndlzh2BLJJ3PpWbY&dbm_d=AKAmf-Dbt8DAZe6DH2M5LXuOuq-3N0xi-7UUElpXl70k_0MZ923HHReB96POL6uIAJNeZBxuwwDRlod-66vuqQjf6t5Bl4EHCIuOjcqFhUvuPKUj8LcOL8MXxdcMAiqg0N0Q2S7zjxzkajUEtjkgwgtWKvLpl5MycFAr0Rl5r8f09u9LPalY3I9puJy9Dn-RItwo_SX2x0wF-pCo-NiXsUQlNu7p5gxGxTl92V8lBGE1IF-_U19lRwq9ZcfZTyfzUjZa_6N8iBP2OkMmZ016_zPSCZb7ctqDqBLLRTO2IK8TiAg5UJTwYAwlQvA45-1-xehgyy-FQH51ifAFv2Jn6MbRByjKgqfcLkfMgMWNMen0_TmNb9kj1-Ei3H1oVjQdmXgiJL2KXMIbKV9diLf65x6rcdzA-f6lBfy6fV8B3625THgGGaIW_EruUyItP8rKdu3UZzYVXkLkEOwec9AC6mizsiaW7FeUbttEasilBPbYlFjTAHozwn_mCpJcVkTPtd5hxVxs5ehr6tGI-hbA8XCgw_P_PWjO19oUByqnHiDr8z5h1NfF_QpLtK4xLJTvWvblurkibFwx5ej-oF0Zc8pI4cGmqnqRNkiSZ6N_hbXktiwGGGmusbRKSZS1i0dwaV_-BJZ7O9uI36Ia8iC7ne1ieWx5ECyUmaV8dU5USkVM00LjvNasKVXz9p_WjGlxxVJuWCj6K24cAn8Ilauu1Ww6DFKVnJlij63Bs_vHclG21PZu_dBDHcOHQPCs3YNT07mIgPTVF0kXWxbLzMnkIchL6ROKz2_3uZIXyj_uh2Cc6CE6IxYvI9FUQ8X4P0Tjhzpxo82XJyNY7Ak1rBRUliWhcoTUGkwxTs6OIxhBxQcu2uFZZJv9eNwAq1bPloEvQqzWQyE9pziApA7t7L5qahBCpCPlsIk3tUtuemWdlU5kl8WIy6Jjdh8VNAdjy6Yo4SJL-UTNB3UejQd4yme7GrO1wpYM64N8oVPN7G_EZgBLOuqc3XcJMFdQqJe50VPHIVVEI8clHaA6NXy1ndvHThPihNiZvSOKdqzxLHdS_z8w34YSR_y2Ellcep1gYTvVEFDanvXYjHCJ1vtzmatMe133LNKJZjmftFIo3CWRpp7l0cxLKjK1foi-62BroFswK1KSxtAzVVem5lYDH3sCZf_Ndw2C_SXiUVRaADsZsZafHReUGTDm6BWRjLUieglue9VLQmNY5qdUuRLHvBetPk-OmMAjBqm_Yq1PNvThH3Lwd05OLe-Wg_C2eHpIQ_TTuVHtmBOqpv7Y6Uzsx8BmXodq9iUUmyVoKyRTVvANNvxyQyE6WqwjYkjFRPcD89k34YClidTRCKoLekw4aYqOrnFz1Ivi1y8qyztJAaRJgDKJRmCO95NxLulOjurg5vU6G7_wBOQI-pMmmpQa4Aji1BGkEALx2-UY4U1ouksuUyjI_ThE8JjqNHXotrILxuprRB1J_vPk6dMykivJ0sd5s6fm2u0sVFznW-6o6LoJKklQuv5CbAzPhafoA38skMx6mibYzmcROvJzdMiK5_uTgnTU7NHCV8rpwB3-JAKsXJCusYTk1SttPmQ8qxJxWC0ihGL_Z8nDM6ccC5Ki0d1r3DbOt-i658k_aSQ6EQjWd8y1HpUAj67b6ALDMnbyF8Iq1wRtQWxHYmOnCMomS5oYblOjINO13SkAdNVOHutg1EUGOsIg_tkLRuAFlgNpsHVmJHGFBgUvBkp99tklcTTiVgBUoRn-xcIIpkcvXaqQ91k9jchOLIBg8lfdjO5BFjaVcHGfCXe3vySW_BG11FECrxLYqxpssViGrv3ENu3THbg4bWiSYM_uwgrbHGdJ1RNLlroEa5QTwhXyB3MZ2rZX0SiumOcs_daiiDc22osKXRlhNvN6GC6YwyvsenBYbpJheLTmVSlWteNkuwrs6KbokWc4FJLI9Io2KbzmWm0geJZLwiayeyUNZzMUd6r1jVuHDtv0Mmj79sEfeK7X6rDpfPTM6ptzBM0UMdCBFQqEQF62auKFDZ8XhIAGDd_Ou4cqZbu1WoeeQt9ymgktn9q2Bmdb4Y-pxzbdpAATcJhAOKlWy6fx23j5eKE7LcxBBtnW7jUVks1vBOaj3LFnfP1h4gwOJ4f1JhLvDjEnNtnnZvDbBgzw7XjDYg1S5FJHvDVADo8xYhrn-QL-tNEjkb9-_syW_Vhi4FcrJ7o-kau8uhWeA2pg4g1poBfuAPvVdp0OC2FiPUyhotAifn8T0kXHZwMFSC4Bj_aWu0tk3BkLgWVEcM8QlfpMcksY5PicE2we1CG2bOVXWAbIYYa4fxISHIUvQQY6EDaLnKoYRnuwSMglqMqiJhOPdJkXpkbG31gF_YgHVaHxrTerCcaY_CM8FMETekwLutMISnOKwM5llNlYxldoL8KBYFiY3fRA7TWDt8il6CeJ00OqfarYLHEXnDvEPNzCh4So8upuq4aoZwtIgS7M4HnYPbQYbdGo7GNrjXsEbLIThhtA8auco-YVbMxAwBr2HFqw1b76uAVtVeNOACcJkWJ0OutaNfOTJW3xLX3QEZhmhgyoBg5JBXDQ5JSRatUGveG1noEOodI32D44NyG5aHwMQnG5wJxQGLyPUSoNJsbgNJZBHFpGqmwU_yXMzSbI1zOBq5Z6-80KZrc5kzfDtEIQ7AmAa1y6ozMWI1USu4o1h-FfrSSi-FDWy0Xf7xh43itf9Q1Gk6YsjLfQBHaUxJ-Bo6WIZAvIwmDeAHWbtzgwlIiiX8ox8FJoa-cJVy9SlSenycuhirMNB7El-pEyZohouvAinJbt1TqjLxKdOAQ6p8yh99LL4OOoczlIM9GNuztUbwyj-6s8cxn0oJcSJrN6-O2YuFAXNBf5BXjyW588XCi5CEKlr_zMhYopNj1MBHVzXYcUqxOQGMFFyCq4IPl-ECLR36s9E8X4uBVrDfdUqIbkvEbCzYyY9MpoMC7fptc9Cvb_gltWForsRm7midlSOnur6zGEfQt07EtKOZ2BCCKSizyQN3GaCSXT-pzRm26uVy-dzG11SudI-iUTIS8FvrepnxQC0MSf_85IoB7kcBiVcSPVeW8CpsX2I-QVQQoFlbSyotV26gAAHFiQgrry5Dy9yxmpqn8KHdeebddBCMdxURAIh7gY_q5I5mDNE_Kg-ibCXMr7Gq1YGJVGW1uCvpRwYnEDlsnnSW7tvWA4iLzAliKvpBzC27z7IhzTQH7e7i3yFcLBHC4F9HTI7gWXp5JxU0dnzlJ9XAj81_tFpFiXXvq6nyiKoCV_Fm128wNS4p-ACi52YFJ_giqf9rUFmjthM9S0W0E7IGfck34pBdptnK0zGLbohIBVv4EDm9U9oLWSr1zd-LW8zKeAXqS_IGR0_qnJT1EtpXIMeJtIBZvmC45ZG00G2ypr7gOrBGqsmgDJ8YPr5WuOtILDPl6Bf3IUahM2lrCfBM-mH_2Oe6SPuDD59Xbh6gqkqrqre0AeJczsmw7oJDBakjdJxMfkL8oOlOT-Z708b8gLQtm09I0u4egAHV9XAxk8JIS2VxQeS8t52ek1dplR06KyIappZIA&cid=CAQSOwBygQiDgaNRfRVY5Be_ZqwLB0q8SctYXQmTiUxcIpMmYmpZdUmFndnjc5wvpBgoKnRUY7peKKEb4DxDGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=15588531227062663000&adk=578009112&idt=126&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 14:15:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 2D79 29 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 21:03:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68089
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 21:03:39 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2D79 41 KB
15 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 18:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 18:25:16 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 394C 1 KB
643 B 49ms
42ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 18:15:11 GMT
etag: 48472445140208031
expires: Mon, 05 Jun 2023 18:15:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6FB0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b89c55ccd688ad536f857361ea9168b434b0df78024b353c438115ec30e541a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5F11 1 KB
643 B 43ms
43ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 18:15:11 GMT
etag: 48472445140208031
expires: Mon, 05 Jun 2023 18:15:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 871A 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8716febe159cb3571e40b4e63c3ecd3b68dc1646d3e362760ee4e8f500aa9d4d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03D6
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEN5q8-m6QaBcF9zOjvrxwXo&google_cver=1&google_push=ATf1kGM8lVirTBnzT522dt5HuV4LtLKcR6TXyKgR3NfRhAJecSHOm94djU62GBFTWPqrArtrISl897zN6Q1U7VvrUkt4m1H4QcA1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EAE174DE4ACD4DE78D47EF072B28C0F3&google_push=ATf1kGM8lVirTBnzT522dt5HuV4LtLKcR6TXyKgR3NfRhAJecSHOm94djU62GBFTWPqrArtrISl897zN6Q1U7Vv...

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EAE174DE4ACD4DE78D47EF072B28C0F3&google_push=ATf1kGM8lVirTBnzT522dt5HuV4LtLKcR6TXyKgR3NfRhAJecSHOm94djU62GBFTWPqrArtrISl897zN6Q1U7VvrUkt4m1H4QcA1

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 05 Jun 2023 15:58:28 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EAE174DE4ACD4DE78D47EF072B28C0F3&google_push=ATf1kGM8lVirTBnzT522dt5HuV4LtLKcR6TXyKgR3NfRhAJecSHOm94djU62GBFTWPqrArtrISl897zN6Q1U7VvrUkt4m1H4QcA1
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 04 Jun 2023 15:58:28 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 03D6 70 B
265 B 104ms
32ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDiQsCAqs94tY9DJxlBPXwM&google_cver=1&google_push=ATf1kGOO_T72TC3fqWdfiD3cYUKjXR4pttRDgalslq9bUiKlT94N0ulNlc4gMOFagRN09r6kAchRfYe_cIAb0N462p8XmaPMNGXN
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03D6
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENP_cT2W0bwu9cBXooi9tgA&google_cver=1&google_push=ATf1kGP-kPiW5jzjhmGbMrUD3jqZsuwsdEH3VFxX-lNA6l3XFz3Os8s0y33TLFxb4dUmKmtEx2nde1sbxIs...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGP-kPiW5jzjhmGbMrUD3jqZsuwsdEH3VFxX-lNA6l3XFz3Os8s0y33TLFxb4dUmKmtEx2nde1sbxIsazD7IoXjJBYDPfs0W&google_hm=FqTglvw7TiWlpwmkzTNVap0

170 B
188 B

50ms
49ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGP-kPiW5jzjhmGbMrUD3jqZsuwsdEH3VFxX-lNA6l3XFz3Os8s0y33TLFxb4dUmKmtEx2nde1sbxIsazD7IoXjJBYDPfs0W&google_hm=FqTglvw7TiWlpwmkzTNVap0

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGP-kPiW5jzjhmGbMrUD3jqZsuwsdEH3VFxX-lNA6l3XFz3Os8s0y33TLFxb4dUmKmtEx2nde1sbxIsazD7IoXjJBYDPfs0W&google_hm=FqTglvw7TiWlpwmkzTNVap0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03D6
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFoV750bgS68t4P_hWv1Lnw&google_cver=1&google_push=ATf1kGOZaQuzQvYNPoTsI08RfQdtlNRg7QZ463zhCCv6Y1VDqTFc2mg-tPJOhPn4kngDX_Ya_8kOZf_G_lFgsrPxQbmYb6Z...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOZaQuzQvYNPoTsI08RfQdtlNRg7QZ463zhCCv6Y1VDqTFc2mg-tPJOhPn4kngDX_Ya_8kOZf_G_lFgsrPxQbmYb6Z6ioY-&google_hm=eS1QR1ltR1A1RTJwRWlSRz...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOZaQuzQvYNPoTsI08RfQdtlNRg7QZ463zhCCv6Y1VDqTFc2mg-tPJOhPn4kngDX_Ya_8kOZf_G_lFgsrPxQbmYb6Z6ioY-&google_hm=eS1QR1ltR1A1RTJwRWlSRzZITlNmVVdFSVdIN2NVNHJ6Nn5B

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 05 Jun 2023 15:58:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOZaQuzQvYNPoTsI08RfQdtlNRg7QZ463zhCCv6Y1VDqTFc2mg-tPJOhPn4kngDX_Ya_8kOZf_G_lFgsrPxQbmYb6Z6ioY-&google_hm=eS1QR1ltR1A1RTJwRWlSRzZITlNmVVdFSVdIN2NVNHJ6Nn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03D6
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECI1iEbG-UqaB41GywmzXVc&google_cver=1&google_push=ATf1kGN8eIFHIH_lZCXtGpuvpu_XWIyy2BIfDH5SPVXwQfOr-UZUZzsOqKABBNkB0QOIQBnbWElq4SzDsXj1...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN8eIFHIH_lZCXtGpuvpu_XWIyy2BIfDH5SPVXwQfOr-UZUZzsOqKABBNkB0QOIQBnbWElq4SzDsXj197k_O_8y415U2Lyu

170 B
188 B

48ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN8eIFHIH_lZCXtGpuvpu_XWIyy2BIfDH5SPVXwQfOr-UZUZzsOqKABBNkB0QOIQBnbWElq4SzDsXj197k_O_8y415U2Lyu

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN8eIFHIH_lZCXtGpuvpu_XWIyy2BIfDH5SPVXwQfOr-UZUZzsOqKABBNkB0QOIQBnbWElq4SzDsXj197k_O_8y415U2Lyu
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03D6
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEEXI_blq5cCbrbg8RfgvdXw&google_cver=1&google_push=ATf1kGPSRn8WtnzbmcWV0QloZt_6c6HSdQBT6TSRPxpSxvmbN1UGcfT21BbS_g7k9EBr6dI3KzB8Ko3Fvdua6nnGN5mvg0...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rsdvldWjR-KQ-78UOyNy3g&google_push=ATf1kGPSRn8WtnzbmcWV0QloZt_6c6HSdQBT6TSRPxpSxvmbN1UGcfT21BbS_g7k9EBr6dI3KzB8Ko3Fvdua6nn...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rsdvldWjR-KQ-78UOyNy3g&google_push=ATf1kGPSRn8WtnzbmcWV0QloZt_6c6HSdQBT6TSRPxpSxvmbN1UGcfT21BbS_g7k9EBr6dI3KzB8Ko3Fvdua6nnGN5mvg0McQOGF

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rsdvldWjR-KQ-78UOyNy3g&google_push=ATf1kGPSRn8WtnzbmcWV0QloZt_6c6HSdQBT6TSRPxpSxvmbN1UGcfT21BbS_g7k9EBr6dI3KzB8Ko3Fvdua6nnGN5mvg0McQOGF
access-control-allow-origin: *
date: Mon, 05 Jun 2023 15:58:28 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03D6
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAdhsFSShP0UzwZc2_3RhT8&google_cver=1&google_push=ATf1kGM9FVxIYs2vg8bI5mbNK2-_JLekZsV1JB6yF5gy_JKqtmWzSAwwXX6UBVE4Pn-PBqSOg0oN3eVsoe3CNHcbhpNXP3hUQDle
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MzQzODI2NTU5OTQ4NzQ0MDkyOQ%3D%3D&google_push=ATf1kGM9FVxIYs2vg8bI5mbNK2-_JLekZsV1JB6yF5gy_JKqtmWzSAww...

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MzQzODI2NTU5OTQ4NzQ0MDkyOQ%3D%3D&google_push=ATf1kGM9FVxIYs2vg8bI5mbNK2-_JLekZsV1JB6yF5gy_JKqtmWzSAwwXX6UBVE4Pn-PBqSOg0oN3eVsoe3CNHcbhpNXP3hUQDle

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MzQzODI2NTU5OTQ4NzQ0MDkyOQ%3D%3D&google_push=ATf1kGM9FVxIYs2vg8bI5mbNK2-_JLekZsV1JB6yF5gy_JKqtmWzSAwwXX6UBVE4Pn-PBqSOg0oN3eVsoe3CNHcbhpNXP3hUQDle
date: Mon, 05 Jun 2023 15:58:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 03D6 0
12 B 51ms
50ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I3slgzFFDnK6vW9D6SNwihkivrB_jyfa9LN7FyGYiPrv7SVDZ5w3U_R7rIsJtP1eIp7e2D

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 04C6 22 KB
8 KB 41ms
41ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 202906
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 07:36:42 GMT
expires: Sun, 02 Jun 2024 07:36:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 570B 1 KB
643 B 39ms
39ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 18:15:11 GMT
etag: 48472445140208031
expires: Mon, 05 Jun 2023 18:15:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2D79 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3172c5784a968ba8dad93e7b06b8db314618a2127a3e518a4d06951e9842806

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2222 17 KB
6 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 15:58:28 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 4978 2 KB
2 KB 32ms
31ms XHR
text/plain 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c8442c64d0a9d1b30c714c059d589a7e5834fa4ec8b8a85c339192065c92837

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTUsHjFhbJf5jQCrkLQpgXxjFWk1P%2Bz5GVf%2FeP%2FNTpaCq1pVQhbvEtEPq3SYkCxdFHMIshkRahK6vs97%2B3LTRpT74ClNL0rwUVFUuhf5ujY7qrTX7gRNt5AKJbxuZfnrRPJJZcc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7d299e074cab9a21-FRA
x-backend-server: aa-reachservice-group-europe-west1-4gk8
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 49ms
36ms Preflight
text/plain 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d299e071c729a21-FRA
content-length: 24
content-type: text/plain
date: Mon, 05 Jun 2023 15:58:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbsVM%2F1gG9iFFAX0TgiHtamE27oS%2Falqf3zNrR8tGRKYMteHmn55f10hohxR3i5FHimm0vNCxPeBngDYylSD38d71cNPq8YCcWh%2Bxr2nxsnhLRPqkoUnItjNHytFqXtbXByuLKw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-4gk8

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7493198391404092334/ Frame 46F4 13 KB
3 KB 418ms
74ms Document
text/html 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MHELeOnLyC&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6c6d900511c502a6d0b97a298ecab07040eb48a8756ec785beddb35006825f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2701
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:29 GMT
expires: Tue, 04 Jun 2024 15:58:29 GMT
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 143D 0
0 448ms
86ms Fetch
image/gif 142.250.186.98

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1E7iQYTLPkp8tf5brpvbtxBJo2Mrtx7fqy4Vt8irWLe6ezTudJ0fpJqdngzB4ibrVkMtqGAUfpXJ4e5UvpP0zqm4B-xkh0vru-B5D6JCDPv6svsTtBhDsiPHyikb4jmbb6qWiG9_thFklfkM9PE8hXvNOcmisnqgWYZbtfX2csX40dJ2SjCqhEqF4Ox2jJFrzU2cP30KLiN6P9gkYnNzd4FWdWPqJSZdPpW0dvQsisP3YWqNGsTqxEmPiMaZFP82cJye105SMSUOqhauXoSy5RgkPLGST1JjNgkNt2IqPuUfAcRaeaziRJ3hBsHILVmyAwMB1iRRrwG5cIuFLFToDdo9dpjulHUkPaSjFyD1OJEWwaVjkffxXutx2ptWWMGL1v5kamdOQ9TG0Dqzc68UbuDcRn5ZJkrbtt17WtJ7elgtCodftRB-nkxDY7CadV_Y9qp_2g_bICYhN7crN6lhrf_4KKtsuFh-omiO8u-TRw7mKf2txbKxjlq07U7G41oXexzgZVLAUaucomEHcVTcSREyfi2D-A5HK75qEp2tZOVKO2gAKeNi6eqfkNIssxKDvLmOVhaUznzlUPjVBLgzGuSpT3pZFgmCrYQbPzyPTVdcoIZPvIBWR5BpGcDpWNI4ZLZciDEmXBLn_keT663FS2NSoRiYiF353LmVW8U7aO_w7HCV6Ow_b0lD7Q3AFqExfneiJlo_riuQ-OqyeR7Obh3-GU_Q7WxSXhd5MqNIGljHRCwmtTwpHdy06ahXLnGtL0IYb3FWsgqu6oy16Zp1RKRXcNvpbP8VKowNjx5HztmuzyuGEn-L3VL314WVbZFge5HcUbdKgLq0fgAXeVuTOF7nMdRx450Y5TDL_4hxBQZcrAtL7362fG0z5yG4Ri8DaN8LtgjNPzhKie7myCZTsWfzY5Fd_AUrBOXFeQAKsjAaLuizumC9ZkQDlEz_wE8MLUvAkGwTI_aY-yRda_s2Jdxk-bggtGA4grJApyEhrzSSD6rr15xxVMIAre9c0SemT4F6WZUmMsIJLi16xcrLqTpRlPDWdAJDOp3kdnCbUibNEM48gMXVkX-uE5VUt02eTrpaAj-GoPMTGjrznyUiJV-bisPDTeKHswU2PtJkLhL5Js520bLu8TgahgiHEzbIRPNSJK3VsBoIDGadni7W69vi08aY2E9J4g1k_IVWq14c5iumm_x4N4Z8PF9e1n3eAKMJscG22PRK_Vr46Pl_kz7nXS7ZX9I26uAUSUn64Xib4MN0M5DR_o7sGUg5sOUq3BVfXIzOD5A&sai=AMfl-YQORfIrOi4NwoUNtMsEKONugB4VoM5YstbPlYfymXSV8UGhXDn4ochIjW2wLPzSjhFM_k7y8uMNTV9vzSGYC60JFptRxO9fGYf32zegyJuz0DN5n6X0vn9Rq59Mlj2IQMz2OsRD9Ihk7fEGxx7RYaIpuxoAZr-oc2puU16zYge2JVhUUGpo2jJIkisdlN86AlzLia5YoBzh2iipFRIrVjNvP03uuBe1eZA77ZnCRHIoTYC0hwELNUWW83974j0d3DJ71TnKN776an7xaltcNHODQmETGA&sig=Cg0ArKJSzPmKSt3IIk91EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=387&cbvp=1&cstd=376&cisv=r20230531.41249&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Jun 2023 15:58:29 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:29 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 32ms
32ms Preflight
text/plain 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d299e075cb99a21-FRA
content-length: 24
content-type: text/plain
date: Mon, 05 Jun 2023 15:58:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1DHs7Sz%2Btc3BQbSkx5w%2BsL509lZ0%2FH9FZKJnrFh61xwFmnhsZdmcJUMlOetZcCnPwYdpmpNpkpSwW0OPk6oia%2F7vLoqQUoJqzXtKEAWSDquyfbVEmMFkg3VLrTKHZQp9VoszbE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-4gk8

POST
H3 200 rs Show response
ad4m.at/ Frame 73FB 2 KB
2 KB 36ms
35ms XHR
text/plain 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ccde0b5261813f9779f5edb3e3bd0ddf0de9100bd4112d8e51dd26f4ab7d77d

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXXJdTYjHZz4tyTmv7iLB9LcfseiFyxXygJAKpEnWJkmJ5R7hkkwKayzU6HBbGk4BerLnQJtRRloY3VQv3xk0R8b7B90hrPWXgyUWt9Avcw6mjO8JbzcBkVmzrSZuNu1G8nHF6M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7d299e078cfb9a21-FRA
x-backend-server: aa-reachservice-group-europe-west1-4gk8
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 5419f3f9-1149-4e8c-b4ad-8a22815721e6
https://googleads.g.doubleclick.net/ Frame 066C 186 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/5419f3f9-1149-4e8c-b4ad-8a22815721e6
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Length: 186
Content-Type: application/javascript

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 394C
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMt8bG15net19Lhc5ca36Iw&google_cver=1&google_push=ATf1kGNDvnI-D9NN_1RDc_WKOc3qtn9vdkqF1P0caCWV8hN95vyBEqmCZDFwywpN3MkrElKjRA4IQtK-1HJ5sV_EYP-0RwySqfVZ&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMt8bG15net19Lhc5ca36Iw&google_cver=1&google_push=ATf1kGNDvnI-D9NN_1RDc_WKOc3qtn9vdkqF1P0caCWV8hN95vyBEqmCZDFwywpN3MkrElKjRA4IQtK-1HJ5sV_EYP-0RwySqfV...

43 B
416 B

162ms
162ms

Image
image/gif

2606:4700::6812:19ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMt8bG15net19Lhc5ca36Iw&google_cver=1&google_push=ATf1kGNDvnI-D9NN_1RDc_WKOc3qtn9vdkqF1P0caCWV8hN95vyBEqmCZDFwywpN3MkrElKjRA4IQtK-1HJ5sV_EYP-0RwySqfVZ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNDvnI-D9NN_1RDc_WKOc3qtn9vdkqF1P0caCWV8hN95vyBEqmCZDFwywpN3MkrElKjRA4IQtK-1HJ5sV_EYP-0RwySqfVZ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d299e0afcc635e5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 435
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMt8bG15net19Lhc5ca36Iw&google_cver=1&google_push=ATf1kGNDvnI-D9NN_1RDc_WKOc3qtn9vdkqF1P0caCWV8hN95vyBEqmCZDFwywpN3MkrElKjRA4IQtK-1HJ5sV_EYP-0RwySqfVZ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNDvnI-D9NN_1RDc_WKOc3qtn9vdkqF1P0caCWV8hN95vyBEqmCZDFwywpN3MkrElKjRA4IQtK-1HJ5sV_EYP-0RwySqfVZ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d299e097b2835e5-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 394C 43 B
363 B 330ms
14ms Image
image/gif 178.250.1.9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESECjAZ4tyXSFQmgZ4YkmnydM&google_cver=1&google_push=ATf1kGPsGqeU6IA8xNxo8b8-xNiRi7DMESPoZjUA022b0KoIiesZHarQ2YCvPpi3eEJt-pzllW2UaNWqhfjs5tNds_0FPJ0KC7E

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 310424
expires: Mon, 05 Jun 2023 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 394C 43 B
103 B 338ms
22ms Image
image/gif 35.186.253.211

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECG_4q-oyMrG-Z8-JAeuKg4&google_cver=1&google_push=ATf1kGPrvimf8dV5xNxwyB6pY1_tkfOjCz_ExkCdxoUoJ1l1ZGalA_7mA14grEe4NC_mUcL1Ug_mepaAromjuu-HqRPGPgs3KLw
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 394C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=97KFMZMxT-OdPI8lfCQGvg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

48ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=97KFMZMxT-OdPI8lfCQGvg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGME6v-dS6kPlWAbkGm2OSSyB5Yz1cBDiPOCRNnJZjc5Fw9bQogXWLYjgVx3DI4k9KCiP1bfb_4qqdLar74fSQzQOQ4ihjVd

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=97KFMZMxT-OdPI8lfCQGvg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGME6v-dS6kPlWAbkGm2OSSyB5Yz1cBDiPOCRNnJZjc5Fw9bQogXWLYjgVx3DI4k9KCiP1bfb_4qqdLar74fSQzQOQ4ihjVd
date: Mon, 05 Jun 2023 15:58:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 394C
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBFZzAwrHw1uHmvpGYL25ms&google_cver=1&google_push=ATf1kGPnZwgY8hLYb-gpvEPXPsyIMAN7dp5e1O6Nb30n5eC1zT2dfGTvOSN8UVqzYeWa39u0QGNLTqMZLNT_GdAvc...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBFZzAwrHw1uHmvpGYL25ms&google_cver=1&google_push=ATf1kGPnZwgY8hLYb-gpvEPXPsyIMAN7dp5e1O6Nb30n5eC1zT2dfGTvOSN8UVqzYeWa39u0QGNLTqMZLNT_GdAvc...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPnZwgY8hLYb-gpvEPXPsyIMAN7dp5e1O6Nb30n5eC1zT2dfGTvOSN8UVqzYeWa39u0QGNLTqMZLNT_GdAvcVlXfo5UvHh3&google_hm=GxAetGZHtWb6Ec3hTu-_TlQc

170 B
188 B

47ms
47ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPnZwgY8hLYb-gpvEPXPsyIMAN7dp5e1O6Nb30n5eC1zT2dfGTvOSN8UVqzYeWa39u0QGNLTqMZLNT_GdAvcVlXfo5UvHh3&google_hm=GxAetGZHtWb6Ec3hTu-_TlQc

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 05 Jun 2023 15:58:29 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPnZwgY8hLYb-gpvEPXPsyIMAN7dp5e1O6Nb30n5eC1zT2dfGTvOSN8UVqzYeWa39u0QGNLTqMZLNT_GdAvcVlXfo5UvHh3&google_hm=GxAetGZHtWb6Ec3hTu-_TlQc
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 394C 0
44 B 24ms
17ms Image
text/plain 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELiyzYHz_nbsa1_BYb3HAEs&google_cver=1&google_push=ATf1kGMDP0nUSI856_IM_bv9XGsem0LMGd3MPX0YX5CSZ6vdf141qxdvJNItnkC-JDShJHN33_2Y2yNAoibMENfxuUub7Msk1e5D
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:28 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 394C
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMCDmxNvA...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=22f18878-b33b-4f00-9742-bb100b243031&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

48ms
47ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=22f18878-b33b-4f00-9742-bb100b243031&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=22f18878-b33b-4f00-9742-bb100b243031&%%GOOGLE_PUSH_PAIR%%
date: Mon, 05 Jun 2023 15:58:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 394C 0
12 B 52ms
46ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K4goqkWN98ALkE35oKMQ2rD6TR1HHRO4U9ICmliiMnEssKfUjH499SKurGtWNcx40VKNzRTw

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18023719642905169595/ Frame BADC 4 KB
1 KB 308ms
39ms Document
text/html 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18023719642905169595/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e9c7a67c3d44c39ec0b46ca27dbd51e84b709212fc6cc5a901c34c1944fdcab8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 166232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1505
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 17:47:57 GMT
expires: Sun, 02 Jun 2024 17:47:57 GMT
last-modified: Wed, 26 Oct 2022 05:45:57 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 871A 0
0 382ms
86ms Fetch
image/gif 142.250.186.98

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdKUQjgjUJVdEhnxMrZvTTgP-fnM9FECV8HW5-AcjeoLWqDAcqBWQ82TJjAfDmq9tQ1fZdTxoChGx2dNmiLXR2Ev0Wg91Kn8GZ22tx4I0jw1HL2PHO24CBmI1CwSNBywRKxsOsmLqPcu5gzMdVQwpQ5Cf8qttZ6kY4chGoencLU2kASLpT9dOV8EoX7b45B9Omz5nmy_hK917L4eXRIvbgTGo5-ltvtFULSEpm-fgDTD08T-6eqjtYhjwgBGBWQSZp9FYILzgA7DJRo2hfRD4hBS8d0pQf30GLHw975Y8BknIq4bg_HjXhyYRvMtraLGEPWx2Mv4HjgFQjRb0rQDBxfblRUTaQje9jO8-o8b1UfYux4F_wcUzHg8gIJfpeCtynWcuJWVF9Cmp70ODiXdF-rZW3ho9U-Rjk8u-x_QBP1GTAqD8umRYlgQgXXpkOqKYifWkrnIvIWSbL5CIzxzfpZBsIZaAvKDpSzROkafRJFm3DsLplKqC7fgfDY4qstWxMUaR0r1KFlDazWgsRPIrFXUi41JdJpRtPFKlyI0lrhaxTLeLclT94PSSpuFfZEfqdhUElIF0g8ZTJjsYGkp2aQ5iga_tcZz8Gat0N7Pd4c-3sw--VO6c9cOSBfOYYH-DEw4mE6zCBnBXdRxTJKAzcVf5vSks6hXPHJsAuxnn0RN7fiCbYifs9Q1W7jOrbNC9L4rFHjz6-2G7nhxsWCJdJrYwut0nKx1vRKONbMdl56rIkXbF4iWq5eI5p-qIhQTzNBLM3ektMj0TP_nSZ5P39TCprYV9KlDXIyHnf8VDe7KHksdit2Hv-soagM10N2r4NqeBZ8C0MLuypLQ77L8ep047R2LUriRgw2dV4jEje061VV_G6IPvX0WnJTxwxBLWVjE3olIccfg047QZEMJ4llZcKBXnIO0fhIRpJbVe79hUu7NqyGtaDMZXUIUbhs084jXV1dPf-8vPbnCJ1tGdLc35anCZ6gPG0ttRVE-KiJYmAOIuS3O_RMmLaX5vRiyCkbyUgorxLtlED9pDf9Bsn6GUOPvF1UqWKQ5fANf02qAnLhj2XNr3CaJmOExJZi9MKXSSJyENbGXRN09kQvWJ-inHIYAmR4qffallC1z-ch-uTl0_GvVzxj5erqIhg6U2Q1GTK22wA_YU8CQuXkEveYwSFYZuz9ATKvTv7aNd1qRGeQzJdoq7E00pwfF1RSz7Is80tXyzq54SOiPtvlea0tBiio7vwIYA-PbTTkHVq3x3TWWHIqHe3NoX6DjNWrp6nrgIOy_DMJQjB&sai=AMfl-YQEDw7z__gEAPFhuUIH0pOB9cRfFV3Z_VpRq2K-yNkU6kUcITeSxY1b_tMkktk6aklnyrjdU9PXm4Vv4lDG76VFSR3C2wU7CHZohzhO9tCKT5dKS0v25Fn_a7gyHeM46VCkcxL9NBssZPK7KdmSTjY_o3-ZrmYEl6qrt6hscN48vYbaSL2VXXLU-Pry6wkxZnhBry1jFxkKMUoNBab9mASJUsk1Xn-4EOOM1CRnMHds6zZAMwqaAgqlDxE4WOx-orcy&sig=Cg0ArKJSzHrL5qKD9norEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=290&cbvp=1&cstd=285&cisv=r20230531.39379&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Jun 2023 15:58:29 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:29 GMT

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame 871A
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202210_es_hunger_dv_pros_347628237&atb_dpuid=di_dv&gdpr=&gdpr_consent=
https://d.adtriba.com/px.gif

42 B
227 B

10ms
9ms

Image
image/gif

52.29.216.32

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Server: 52.29.216.32 -, , ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 15:58:29 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Mon, 05 Jun 2023 15:58:29 GMT
Last-Modified: Mon, 05 Jun 2023 15:58:29 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18023719642905169595/ Frame 28D7 4 KB
1 KB 61ms
38ms Document
text/html 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18023719642905169595/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e9c7a67c3d44c39ec0b46ca27dbd51e84b709212fc6cc5a901c34c1944fdcab8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 166232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1505
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 17:47:57 GMT
expires: Sun, 02 Jun 2024 17:47:57 GMT
last-modified: Wed, 26 Oct 2022 05:45:57 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6FB0 0
0 373ms
84ms Fetch
image/gif 142.250.186.98

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsstDsNqmu7SXKriEdACH5Y_H4FA9GfedlnFCMoqkxnXxrPJlGwHC3ziJJaAyABn5Y504YI0MWbebfKMUW9-TCqoQqIMCBLCABGhr_I5TzPtp49ZBk3FZ6neyCYBZuJO9wO11YYPDezo2a-9w6LEAtfwgFpTfqZvIQtHLLvA6CMI7RSiBwUSOAVAeu270znS6Nm789lLrMO8OiEgQUpdrJBqUBVt6ywUC1-ddUUdVioeW7FMDDqNMrB7f5GOlYj-67hoKUVUsTUoDq5x56f-_sYg5NeQkHqjNkUqDCeo6b2xYi9VAJGuEXel-P3c_qRH8bhk8gVz9rYonE4yTgmuhig-WelryPMfb2N3XZktgkJckWBvXEt2KDrnenp-hBNiH-ys7Puh1vzVY_PVgO08gHDQRfMrypX0M3swj4I2mjbH6dxp93LHOeHyH8t-RUPp6NHLpvXF5AfFchfhuy95cF4Pup0f3nmbPYhqxp4er1spaz4Q4V6EDQvYppUn2fdCVyy__7ygNAc9Yb_H9XwpfZaeox1B8opNwzY--TMw3-s3wQtyY-kz3FZjoQMogDTsIns2Pa5usgHk57jhoEAn2ryH5o8bldyCb5TWHCNH98HhVZJkkm272IBfEoiYS2XDE4waRI6FlM8i8-KbaqUnrvoseOoHPUWFNZUsx_TIDL13Ootdy4xPOARiSev0xCTL5gpRqFJRXmznhu6Y12k-tI3rFqCAxUu_C55HEIADH0q0cJQYHtH1JXsTf96dy_gDXq27hPf7BYpRE2Jvfr7oW81LiGSpOQyztBlPZPhfzXiflbHxZTVlEZdub0epHk7RE9E643ahq9Xy7iss2fnmYvTqb4kF1nhM7U_637-AgmeRazVQozq9eYV5y73CUOGe2L_irKsOew7hDiX8rPPhAgi58gnsjl72QkDsautI28xZMGN2Z0vxQFPpWNyC-fd-hm-JHJNABAr9bu1VJKd7BT8Dnm1lOQkLOilHWfKzAbOzLdOVOq-SLR2P_fe9J51DJ18I-pSIuR_s01ieH7URaCfSkkA_9czO5KT8LmiyKCHM-HR2mIUQZe7Awjw6T_3h16RPeV51EPAltZR340EmgOZSzjp9RXsr7R2W2rjUJNL6HF6D32KDKVlDfYpnw2oTk934ThDu0HBxQBdgsq8hon9jZbJoF4oN3kmvDbZJr2FSQk4VTL6U7hJkydc3RfCeX6r1cBbdTyi4qyost-9bm08HOxBdMmrDKB6sdi_8ixM6nQ1uJ09ruiARc2_6gJIFa_7YKW1dyThPRBn5&sai=AMfl-YQCXV7Rl4PJWISP09gl5SThkb34a0mP9f0mNG9I-LBYVsHT9HNbOy1z15-isqi4UQzb8QEtybUlB0wiVBndp5j3qpFzUB9r_I_uVjvlusg7pdLg03XqCFJ0nZa0NhUYLN7M8wuffAFZ6rTyUy4ZYPnKzs6fATfXMkvWwPGGjUEGoXG70s22yhuKnp7Fusmg42W_V2JgaALvzJjNWtRIZBx3KgYxj6ZvEqu5jjIR2R1ti9MQayFVCdBK_p2MSPYzvxVH&sig=Cg0ArKJSzNCpVHcYNfcaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=312&cbvp=1&cstd=309&cisv=r20230531.95479&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Jun 2023 15:58:29 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:29 GMT

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame 6FB0
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202210_es_hunger_dv_pros_347628237&atb_dpuid=di_dv&gdpr=&gdpr_consent=
https://d.adtriba.com/px.gif

42 B
227 B

10ms
10ms

Image
image/gif

52.29.216.32

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Server: 52.29.216.32 -, , ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 15:58:29 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Mon, 05 Jun 2023 15:58:29 GMT
Last-Modified: Mon, 05 Jun 2023 15:58:29 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7493198391404092334/ Frame D424 13 KB
3 KB 96ms
74ms Document
text/html 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=jmKKvXTGGo&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6c6d900511c502a6d0b97a298ecab07040eb48a8756ec785beddb35006825f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2701
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:29 GMT
expires: Tue, 04 Jun 2024 15:58:29 GMT
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2D79 0
0 343ms
84ms Fetch
image/gif 142.250.186.98

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstOU2967VvVVFLyqXPG3h5Wt1CZlJqrGShi6v1DSCj6XnRBgglRligvfufHhiqgIonQNVM4nXSd6qFouF92sCBYdPvRDLQNZYoMIIYk6VaWqk2kfHJ97KA1fmUFplocJ1I3P5opFg--cfYvFSqudL6xJr2pyIpDla6SyU-91EXglFzVxVVGxRPpm7eb03UD_V5SVt4sSyrKkMRo-z1_4fRgJ-czT9g_MKp7VBkaxCRnuI2aOUxho_xKE0TyTyaZyTUS-YaugFTzk6Rn2dJLLR-tUAFQZW5EVnNFghGEo_SW8PEi_TH3cDShSCJQCIuutjeNVar1h2usi_b3ZSG1-q7a3uP4HPKls0XOj7uSnJbEpJXOJ7qkaOxU6o9xKkv48Arb-o3FQ0LyzuBErqX61JXhyvDr9unbvXczAxuAFDvAy9wv8m8Azh-vL041CVuYTQcJ0vclbEkxor5jz9j4v1YDvpTUfjB9_kzBygfwPIveYVZJv__UvMtS1OVWeVzHqwADeDriWvu86Tck2DBl0vwCP-4Jfx1b8OoRNHP4-Hh8VJPodcnwtOUphgXM6uzeXV-ZFDuMN23bgnHum_-DYwvFexwmZsejks1JQdaFzMRvimiDm3GZXa7VaqeFETdGcrxFPK268vrBLOf4S2_Dfvt2uJf1fAvyDk96YoxOjSCXCliym4fctxu9ES9hQVA-L1CZTba3bnKNii89inXomjSy_xbR5GhPxtLcR7OSWs2kd1SGcW5HbTAuwVZUX3sdoz3-jfq3q5_esDS2yLart0gpxNS0GC309T31cY1cNicJw5I6-ksWmQ6v3U4kJ_Qcy-Nq7nHfcjC_e1u8wDlQ6AMxxg1zJvV4xznNPvwps3omcohsMnH-T2TK4K3WzT_mtWS3McEEwPkWZg9sI8f4va30OW3s6cha_9DK-n6O8zJo-6U_kl5-fm911aT2NZMReKbiDjcjnVwJWa0bQfjT23WvbKu4RpGkfYQOGeTwmS3xV4PoTOfoUvnfGmaX1YDT4tGBgH88vDXECj9kduAqq1tArz7r6Z5XjaLYUyDBrCTX6heNfYf7vyLAW_MvbpjAX9BQCcCBq1OL-Pa83rY7RjLgkBlXirPCjqg6wIvV_plI0iPWJuiK12Nhy4bS6mMoplPSCu_Hj7KinrMdpGyeCJMdKdlpZlKDWjhi-lgsKr2ZVYUcHc-en4X3dMzrAskCDHQ_5MCBXplO5Dw4tCfqfUomlfLaG9XXrDcN_J3PoeWvcfsIGWOuwfAeqvIrULDVxxq4cZegwbDF-Q&sai=AMfl-YSU9BxtBhJFlJ8cMIgsRm27tzybrQQ6p5aLBNt1Ayvs27NBUeRlOBrlsXl5zVtdpl5E3yrtuw9NKahj7GGJ8g-y8wtrGr-Mb8JBwI1HHpCNrx75uicvG6wVk_9wZZSQMUxOBmSwsW2Y8Fuq7phimc2j3WHsb8MJif3FCK_4NJGZM0qHeDNhbEErQZFSuEc7zFvfrXfBS830JOGPXN5JUmeZZvcd31jJ-hGu-pPU7l5rAwiyaWW0z-AawvQBH3lXfg5EgDXgpoTDACU9k5SQtT1MSNEm8Q&sig=Cg0ArKJSzA2mP3SyGb2hEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=309&cbvp=1&cstd=300&cisv=r20230531.89814&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Jun 2023 15:58:29 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 05 Jun 2023 15:58:29 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F11
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrf91KEK4I6qtxveVhVmiQ&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZUdMRjVNMVkxUTZjQmU1&google_gid=CAESEMrf91KEK4I6qtxveVhVmiQ&google_cver=1&google_push=ATf1kGOFEvKVB-lSbYZOo5htt9piGYi1Al5aS-ZxVwNevfa...

170 B
188 B

49ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZUdMRjVNMVkxUTZjQmU1&google_gid=CAESEMrf91KEK4I6qtxveVhVmiQ&google_cver=1&google_push=ATf1kGOFEvKVB-lSbYZOo5htt9piGYi1Al5aS-ZxVwNevfaxU13hAvNuOEFaBZmQ42YSiHyDqpbcOsvE82JT1l84JhgLIvU5HQWk-g

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:58:28 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-085c90e762a864cb4@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZUdMRjVNMVkxUTZjQmU1&google_gid=CAESEMrf91KEK4I6qtxveVhVmiQ&google_cver=1&google_push=ATf1kGOFEvKVB-lSbYZOo5htt9piGYi1Al5aS-ZxVwNevfaxU13hAvNuOEFaBZmQ42YSiHyDqpbcOsvE82JT1l84JhgLIvU5HQWk-g
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 5F11
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMt8bG15net19Lhc5ca36Iw&google_cver=1&google_push=ATf1kGNMEO6ZYxqjHIfEQsq1XSGM7YeN-rguSY2oiYldcPxmz39ZcOreiXTDWrv7wL_ZuF25EFaW7V-mmOInXNersghSvPGSISN2Q...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMt8bG15net19Lhc5ca36Iw&google_cver=1&google_push=ATf1kGNMEO6ZYxqjHIfEQsq1XSGM7YeN-rguSY2oiYldcPxmz39ZcOreiXTDWrv7wL_ZuF25EFaW7V-mmOInXNersghSvPGSISN...

43 B
389 B

175ms
175ms

Image
image/gif

2606:4700::6812:19ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMt8bG15net19Lhc5ca36Iw&google_cver=1&google_push=ATf1kGNMEO6ZYxqjHIfEQsq1XSGM7YeN-rguSY2oiYldcPxmz39ZcOreiXTDWrv7wL_ZuF25EFaW7V-mmOInXNersghSvPGSISN2Qw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNMEO6ZYxqjHIfEQsq1XSGM7YeN-rguSY2oiYldcPxmz39ZcOreiXTDWrv7wL_ZuF25EFaW7V-mmOInXNersghSvPGSISN2Qw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d299e0afcc535e5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 515
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMt8bG15net19Lhc5ca36Iw&google_cver=1&google_push=ATf1kGNMEO6ZYxqjHIfEQsq1XSGM7YeN-rguSY2oiYldcPxmz39ZcOreiXTDWrv7wL_ZuF25EFaW7V-mmOInXNersghSvPGSISN2Qw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNMEO6ZYxqjHIfEQsq1XSGM7YeN-rguSY2oiYldcPxmz39ZcOreiXTDWrv7wL_ZuF25EFaW7V-mmOInXNersghSvPGSISN2Qw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d299e097b2a35e5-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 5F11 70 B
264 B 34ms
32ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDiQsCAqs94tY9DJxlBPXwM&google_cver=1&google_push=ATf1kGNE9DuM1BBDmkwHgVoMsjGsujmRtxp5L3H9-o2RpEz9j-64Hplz0Ea7pn8YmnTzUB9Ky0O4OJF7PHpoULq63Lc3BoEiVh6lUw
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 5F11 0
173 B 274ms
21ms Image
text/plain 34.96.105.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECiHBFhd5dH5ViRPqLuHgjI&google_cver=1&google_push=ATf1kGNhMzG0YDAWXS0EblBFjTSO68vRsj1YZvZxg6SyWEf2SYys5jqn-aTULA80h3XvbT_ugqCeCnB2ES6rzoE2GiTGAW3hzEZkyw
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5F11 43 B
245 B 272ms
19ms Image
image/gif 35.186.253.211

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECG_4q-oyMrG-Z8-JAeuKg4&google_cver=1&google_push=ATf1kGN-xx2MATujjw8XCzNosw_77AtUJZ6jMPrnIG9nSZAJaXbCNZkZFNQmRStD-qicPWRkf97B8FYXQURJ9VtJVN_3-XGHjm2pbw
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F11
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIy-VVOuDrrZByc5zbIkQxU&google_cver=1&google_push=ATf1kGOtq0ZyJc_RW6HXyEFH8ZvN2PHfnryTBBnUakwa5eIASzC0koFYlnwhUwVzeZXhvKAHgA...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Yc0lmQ3J0RTJ1RzkwWS5yQjd1U0NGTnZfQkplSnlZNn5B&google_push=ATf1kGOtq0ZyJc_RW6HXyEFH8ZvN2PHfnryTBBnUakwa5eIASzC0koFYl...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Yc0lmQ3J0RTJ1RzkwWS5yQjd1U0NGTnZfQkplSnlZNn5B&google_push=ATf1kGOtq0ZyJc_RW6HXyEFH8ZvN2PHfnryTBBnUakwa5eIASzC0koFYlnwhUwVzeZXhvKAHgAId7-OfGbZ4CNrLLHMiaXKCEcHNrI4

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Yc0lmQ3J0RTJ1RzkwWS5yQjd1U0NGTnZfQkplSnlZNn5B&google_push=ATf1kGOtq0ZyJc_RW6HXyEFH8ZvN2PHfnryTBBnUakwa5eIASzC0koFYlnwhUwVzeZXhvKAHgAId7-OfGbZ4CNrLLHMiaXKCEcHNrI4
date: Mon, 05 Jun 2023 15:58:29 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET um
cs.emxdgt.com/ Frame 5F11 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5F11 0
12 B 46ms
45ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KEwS8L1mbu88fNPxVT-GOqNl47n2KQI9TB8nb-y_c4JXderpSs98V4RyI3Zb58NcuqfUVtfDQ

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.94.1/948461/AgsNOjEJEPUlQwv1/ Frame 1CF1 0
145 B 27ms
27ms XHR
text/plain 52.19.145.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.94.1/948461/AgsNOjEJEPUlQwv1/postback?di=https%3A%2F%2Fye-mek.net&sr=GOOGLE_CONTENTNETWORK&ci=948461&pd=avt&gt=DE&ac=Xmwo1n97Q8&pp=ye-mek.net&pv=130d298a-4687-46a5-9395-952ccb157566&md=1&ti=&to=3&de=2&si=&dm=728x90&dt=9484611597092707615000&ui=&ap=&pi=XRzobPsLhV&sid=AgsNOjEJEPUlQwv1&oz_sc=945145d43055fdf639d215aa&oz_df=1685980709015&oz_l=5214&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.145.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-145-179.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 05 Jun 2023 15:58:28 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame B6AB 11 KB
4 KB 40ms
40ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=56bca1593c2d9df88d1d19ce5e0db5ee%2F17299989425428735876&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685980708999&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmg2mnvpza9km91bxj7pr2rtdyccfx8z130gh1bnn4w6q66gq01xrakcn8n6bsdt3k46axdpdz0xgnrmzek14k6fj6b1ddgcndjxns0z9g39c1s03scxr2b98zeccb5bc22mp1nehehprxsgx2m0j4n0v9xmadxg1vw09afnt3fjnwgfnd1crqehz3vqg5agw6f49vvwm38j6pnmd1rgwfs6g07vknrkgss4e0f0tk45q6e7stneawzpnwgcszbhdnff3e3rtsy0r6aeqsnwkkt2m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83ea5a92614946f883e27708b26e4554e9daaf142b8bcc67c2893bfef4cfc7c2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1ht9mz6sx5w6wv6dt4bvk5pvm02ee63gcdeg4b0qq92jfjwys4g4s0ga1h3ckf6wbksyg7mdn21keq5ee2ktewvpktyyv8dbn5qsn2d3ejf2cdr93b773eebb7p01aszy48t2avp0hc5d77ktaetbndj2a8hj7n59bh1ty54z7zxj2ev643ey5ake4r2d9sw5vv0avrj5hgtwwykqf5t4n649d3t49m9b0k49bjk039p2803rrx66a3h5t5ybhgrv7a8gjtzynasgj589vehevtb6e9htz73s8smgc6tpg836w5z2s76rmyrhm6a154qxay8897th113s0mgtd3etgpn155yg9fx54zf74qjz86tw98ma1vdf1rt9rpec24r592xvsfrasghe4c3fcge4cvwamx9qr5k87vjp7f9be5frc16795mq57ynnwqfweapk567ch7gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%26client%3Dca-pub-7983651257838282%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d299e0968b01968-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:29 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 41E2 22 KB
8 KB 54ms
35ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 202907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 07:36:42 GMT
expires: Sun, 02 Jun 2024 07:36:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DBDA 22 KB
8 KB 55ms
37ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 202907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 07:36:42 GMT
expires: Sun, 02 Jun 2024 07:36:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 8D32 9 KB
4 KB 42ms
41ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=7e2c6af8eab4b1fb15a9a42a0a21ab25%2F1300045842771027411&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685980709041&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz5nf0478tdx1mfs1s99vyjg8wwwnd0f8csrecd38ks1xtp898h9z5agatsxp683rcfdt5aq96pgbm249sc4smmswm7gnx5rysb794wdm2kb1vh64xbhq2j956hsk81c32c29kn95vf5xh3xz3gfax2p6brere55snef7nt1hdwq140h7kwpef338am292qdgrg2qs8tjy3wgq3sags5sbkzptrj0vqm49e1f3cvhwb5j6nnb4rnst9vesnhzv5h7wtdjp16yx883gnc0pg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06fc5b5a42d5c518b1a31e7bd7726f096ea5e002328d68b5cd64e4c04a0f8efd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1k2ka8qp7s1nhbda1r4xmg7z2mmsb3aph62j8rpg28nv5gg06pyg0dbnne6dwq8fd1bj8t1ecyc791meye9s524rwsrqsgp823mjzqyr94qfew1b0gm1ttvsmke2q2gwhqnhfmvp208ycvyt304wztxm8spfp2q8p74s870137rw4cwyxpksjrvqqsqynkwdqwaj2k5324y2v604ddve713dggybjekmx093r4c40bfttt04spyp0rfqrbderzv9m86y9777wksrnwwx72pmevjncm51rdqdx1rsmdtrd4zteq53bba6ng2qrefrm20c38erzzm4f00brv3837w1w6qrstspjbm880fa889jvzj6vfk4sesr262pw4nnnhtjtnk4cbgtc5jep5s6q3rrq3rs46h0rphcjcq0garh3e24szzg4mw0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d299e0968b31968-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:29 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 570B
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMt8bG15net19Lhc5ca36Iw&google_cver=1&google_push=ATf1kGPRuHlC-szmebuhPNGyZADKwAlKRWyCq0SJAsflJoL41QDGqOZgr-tii6fct46kiucLBCiwVXahgl3sx-c8XkJ97OIo6Lxf&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMt8bG15net19Lhc5ca36Iw&google_cver=1&google_push=ATf1kGPRuHlC-szmebuhPNGyZADKwAlKRWyCq0SJAsflJoL41QDGqOZgr-tii6fct46kiucLBCiwVXahgl3sx-c8XkJ97OIo6Lx...

43 B
418 B

179ms
169ms

Image
image/gif

2606:4700::6812:19ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMt8bG15net19Lhc5ca36Iw&google_cver=1&google_push=ATf1kGPRuHlC-szmebuhPNGyZADKwAlKRWyCq0SJAsflJoL41QDGqOZgr-tii6fct46kiucLBCiwVXahgl3sx-c8XkJ97OIo6Lxf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPRuHlC-szmebuhPNGyZADKwAlKRWyCq0SJAsflJoL41QDGqOZgr-tii6fct46kiucLBCiwVXahgl3sx-c8XkJ97OIo6Lxf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d299e0adca435e5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 3429
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMt8bG15net19Lhc5ca36Iw&google_cver=1&google_push=ATf1kGPRuHlC-szmebuhPNGyZADKwAlKRWyCq0SJAsflJoL41QDGqOZgr-tii6fct46kiucLBCiwVXahgl3sx-c8XkJ97OIo6Lxf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPRuHlC-szmebuhPNGyZADKwAlKRWyCq0SJAsflJoL41QDGqOZgr-tii6fct46kiucLBCiwVXahgl3sx-c8XkJ97OIo6Lxf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d299e097b2b35e5-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 570B
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENP_cT2W0bwu9cBXooi9tgA&google_cver=1&google_push=ATf1kGNqbVjIn4hRV5iztyXl1Sw4c11E-CuPhIpMt_mRwvD90m9swLTj2mLC_CjgG8ZfT0mQ53OAWY-UcFV...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGNqbVjIn4hRV5iztyXl1Sw4c11E-CuPhIpMt_mRwvD90m9swLTj2mLC_CjgG8ZfT0mQ53OAWY-UcFVwmBBVKRTG-c13eEry&google_hm=FqTglvw7TiWlpwmkzTNVap0

170 B
188 B

48ms
47ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGNqbVjIn4hRV5iztyXl1Sw4c11E-CuPhIpMt_mRwvD90m9swLTj2mLC_CjgG8ZfT0mQ53OAWY-UcFVwmBBVKRTG-c13eEry&google_hm=FqTglvw7TiWlpwmkzTNVap0

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:28 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGNqbVjIn4hRV5iztyXl1Sw4c11E-CuPhIpMt_mRwvD90m9swLTj2mLC_CjgG8ZfT0mQ53OAWY-UcFVwmBBVKRTG-c13eEry&google_hm=FqTglvw7TiWlpwmkzTNVap0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 570B
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN_ITPlR24bEuPMaPii-UIc&google_cver=1&google_push=ATf1kGPDLTEacT8yZefMgvzp1UjTtEHdkFmVLj316UUCc3mluiqCyZSAX0MzI0_7l-wY5VXv-UVSEqIy...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMzNzQzNDM3OTc2ODc0NjUxNQ&google_push=ATf1kGPDLTEacT8yZefMgvzp1UjTtEHdkFmVLj316UUCc3mluiqCyZSAX0MzI0_7l-wY5VXv-UVSEq...

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMzNzQzNDM3OTc2ODc0NjUxNQ&google_push=ATf1kGPDLTEacT8yZefMgvzp1UjTtEHdkFmVLj316UUCc3mluiqCyZSAX0MzI0_7l-wY5VXv-UVSEqIyF8o73FN_7vv3LQUXZgE3

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMzNzQzNDM3OTc2ODc0NjUxNQ&google_push=ATf1kGPDLTEacT8yZefMgvzp1UjTtEHdkFmVLj316UUCc3mluiqCyZSAX0MzI0_7l-wY5VXv-UVSEqIyF8o73FN_7vv3LQUXZgE3
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 570B
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEEYc-zyDnk3_r-O1LXfW3X0&google_cver=1&google_push=ATf1kGMnUv2Tl_5XkDO2uInHot0tM2dHajw_b_njQRhmuJ_p3w-0OqMuUoEVvPfdxT_1MYxiYyJOSMMTCPKtWxdLiy-yb1T...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMnUv2Tl_5XkDO2uInHot0tM2dHajw_b_njQRhmuJ_p3w-0OqMuUoEVvPfdxT_1MYxiYyJOSMMTCPKtWxdLiy-yb1TKo4c3

170 B
188 B

54ms
54ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMnUv2Tl_5XkDO2uInHot0tM2dHajw_b_njQRhmuJ_p3w-0OqMuUoEVvPfdxT_1MYxiYyJOSMMTCPKtWxdLiy-yb1TKo4c3

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMnUv2Tl_5XkDO2uInHot0tM2dHajw_b_njQRhmuJ_p3w-0OqMuUoEVvPfdxT_1MYxiYyJOSMMTCPKtWxdLiy-yb1TKo4c3
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 dds
rtb.openx.net/sync/ Frame 570B 43 B
103 B 236ms
20ms Image
image/gif 35.186.253.211

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECG_4q-oyMrG-Z8-JAeuKg4&google_cver=1&google_push=ATf1kGOVKrSSxCN-mEDBO8edMBEYuQbp3v51ejIRkUSFAmNBZ4FdWwSlVQW5U3C3qV7zTmmKdX5C9f1mKuGJWPW2dpW1_U4vTKo
Requested by: Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 570B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPHF_L0_zQjgrkUK5IcDC1g&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPHF_L0_zQjgrkUK5IcDC1g&google_hm=ZH4GJKnBzOMdWUG9ulo-VwAADIEAAAIB&google_nid=index&google_push=ATf1kGNIIU7QCdJ29Q1B3xCqBen2XHuQQK9Nl...

170 B
188 B

48ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPHF_L0_zQjgrkUK5IcDC1g&google_hm=ZH4GJKnBzOMdWUG9ulo-VwAADIEAAAIB&google_nid=index&google_push=ATf1kGNIIU7QCdJ29Q1B3xCqBen2XHuQQK9Nlsj48Qv2U_IvyuETI4Ratpfji2jPMdsIvXugyvlxQuMOkwwxbqVSJvMns8IOHXMp

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:58:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPHF_L0_zQjgrkUK5IcDC1g&google_hm=ZH4GJKnBzOMdWUG9ulo-VwAADIEAAAIB&google_nid=index&google_push=ATf1kGNIIU7QCdJ29Q1B3xCqBen2XHuQQK9Nlsj48Qv2U_IvyuETI4Ratpfji2jPMdsIvXugyvlxQuMOkwwxbqVSJvMns8IOHXMp
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 570B
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMCDmxNvA...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=22f18878-b33b-4f00-9742-bb100b243031&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

50ms
49ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=22f18878-b33b-4f00-9742-bb100b243031&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=22f18878-b33b-4f00-9742-bb100b243031&%%GOOGLE_PUSH_PAIR%%
date: Mon, 05 Jun 2023 15:58:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 570B 0
12 B 48ms
47ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13It7XvdS8YxIrHx2YCJnRokTscZRcByVxGOltGsZ_MpGC8ZaE4A2HGI6MvDVmVrjDKMrT5U4A

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9A44 22 KB
8 KB 55ms
39ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 202907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 07:36:42 GMT
expires: Sun, 02 Jun 2024 07:36:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js Show response
pagead2.googlesyndication.com/bg/ Frame 04C6 37 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14684
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 08:20:43 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3D82 13 KB
5 KB 58ms
43ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 13:13:27 GMT
expires: Tue, 04 Jun 2024 13:13:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3DDB 783 B
534 B 63ms
48ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eba1cc3044da8d70f4edfa61e4b4415e751b8840977ebdd698a5f580e16a3697

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gHonM4mNXbnQjl7Ov-MabA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-gHonM4mNXbnQjl7Ov-MabA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:29 GMT
expires: Mon, 05 Jun 2023 15:58:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame 43F4 0
209 B 46ms
46ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685980706309&userId=vnet07d2b9d2-e53d-4a8d-b2ba-70547ce20081
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 15:58:29 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/18023719642905169595/ Frame BADC 829 B
431 B 39ms
39ms Stylesheet
text/css 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18023719642905169595/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6c3294ef598667c6169398d34721280ddbc9dffcba5bc3ac190357374f841347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 01:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482936
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 402
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 May 2024 01:49:33 GMT

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame BADC 109 KB
37 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Jun 2023 15:58:29 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/18023719642905169595/ Frame BADC 4 KB
1 KB 40ms
40ms Script
application/x-javascript 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18023719642905169595/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f66701275896763806723b24a98618b5ae17e48da67fea9132b98f31aaab60ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 16:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1399
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 16:45:01 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame B6AB 103 KB
13 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=56bca1593c2d9df88d1d19ce5e0db5ee%2F17299989425428735876&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685980708999&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmg2mnvpza9km91bxj7pr2rtdyccfx8z130gh1bnn4w6q66gq01xrakcn8n6bsdt3k46axdpdz0xgnrmzek14k6fj6b1ddgcndjxns0z9g39c1s03scxr2b98zeccb5bc22mp1nehehprxsgx2m0j4n0v9xmadxg1vw09afnt3fjnwgfnd1crqehz3vqg5agw6f49vvwm38j6pnmd1rgwfs6g07vknrkgss4e0f0tk45q6e7stneawzpnwgcszbhdnff3e3rtsy0r6aeqsnwkkt2m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=56bca1593c2d9df88d1d19ce5e0db5ee%2F17299989425428735876&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685980708999&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmg2mnvpza9km91bxj7pr2rtdyccfx8z130gh1bnn4w6q66gq01xrakcn8n6bsdt3k46axdpdz0xgnrmzek14k6fj6b1ddgcndjxns0z9g39c1s03scxr2b98zeccb5bc22mp1nehehprxsgx2m0j4n0v9xmadxg1vw09afnt3fjnwgfnd1crqehz3vqg5agw6f49vvwm38j6pnmd1rgwfs6g07vknrkgss4e0f0tk45q6e7stneawzpnwgcszbhdnff3e3rtsy0r6aeqsnwkkt2m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 944303
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itAF7%2FGFxXpJ%2FScAp0csbhwkpQH61qbx2BnrC8IOVWLElZ4sxm66SdWGaOiCKRgrj8SmlymCKnABC3buOQzUinWH%2FSfVfJ19bzLzbJE%2B6GzQyab3aA%2FxF5HLZJry%2F9bMS931InDYSiw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7d299e09b92f1968-FRA
expires: Mon, 05 Jun 2023 16:58:29 GMT

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame B6AB 5 KB
5 KB 54ms
39ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=56bca1593c2d9df88d1d19ce5e0db5ee%2F17299989425428735876&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685980708999&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmg2mnvpza9km91bxj7pr2rtdyccfx8z130gh1bnn4w6q66gq01xrakcn8n6bsdt3k46axdpdz0xgnrmzek14k6fj6b1ddgcndjxns0z9g39c1s03scxr2b98zeccb5bc22mp1nehehprxsgx2m0j4n0v9xmadxg1vw09afnt3fjnwgfnd1crqehz3vqg5agw6f49vvwm38j6pnmd1rgwfs6g07vknrkgss4e0f0tk45q6e7stneawzpnwgcszbhdnff3e3rtsy0r6aeqsnwkkt2m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193558
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7nWJgNFmO2ci2lTBtjDUCnaGS%2F39b%2Bm0WjJTgUWt5VYMS8R46jNct1QiNO%2BwWL3WQGkTSbJkTYTdOkcXIo1IagKAVhFZMkXU9MxiDxhZev3%2FLf3DppB%2B%2BEorC5MK3tbjUZ%2B55I8MMkd4R8P"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d299e09dcce046a-FRA
expires: Tue, 06 Jun 2023 15:58:29 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame B6AB 91 KB
91 KB 28ms
23ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=56bca1593c2d9df88d1d19ce5e0db5ee%2F17299989425428735876&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685980708999&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmg2mnvpza9km91bxj7pr2rtdyccfx8z130gh1bnn4w6q66gq01xrakcn8n6bsdt3k46axdpdz0xgnrmzek14k6fj6b1ddgcndjxns0z9g39c1s03scxr2b98zeccb5bc22mp1nehehprxsgx2m0j4n0v9xmadxg1vw09afnt3fjnwgfnd1crqehz3vqg5agw6f49vvwm38j6pnmd1rgwfs6g07vknrkgss4e0f0tk45q6e7stneawzpnwgcszbhdnff3e3rtsy0r6aeqsnwkkt2m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1316480
cf-polished: origSize=105738, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 92686
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsWLOyY6ZO%2B6DTx%2BOBIUT2prz%2F48jJ0MqjGvw0Xe7GRQAlzQ5QQronmJOeyPmh3i0LrAOmkweNrCUm27WouIYhqfiYbHMthz7ClqoEkQaH4S3XaCQO05pFIeuQUJwIvG7VdMYt5eMJC4%2B5E6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d299e09dcc9046a-FRA
expires: Tue, 06 Jun 2023 15:58:29 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame B6AB 2 KB
3 KB 42ms
37ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=56bca1593c2d9df88d1d19ce5e0db5ee%2F17299989425428735876&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685980708999&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmg2mnvpza9km91bxj7pr2rtdyccfx8z130gh1bnn4w6q66gq01xrakcn8n6bsdt3k46axdpdz0xgnrmzek14k6fj6b1ddgcndjxns0z9g39c1s03scxr2b98zeccb5bc22mp1nehehprxsgx2m0j4n0v9xmadxg1vw09afnt3fjnwgfnd1crqehz3vqg5agw6f49vvwm38j6pnmd1rgwfs6g07vknrkgss4e0f0tk45q6e7stneawzpnwgcszbhdnff3e3rtsy0r6aeqsnwkkt2m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1003128
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7abPEUPDW7QXw2g5torQgx5Wcxzvn0GJCOV4K%2B5tZ8HDLDsazAMBVPe%2B0QCFiMTWAez6RwgFL317B8E5OP5aD1Bqs4butEUqY4e9xu8qm9nMACnWka2jexcL%2FPCO%2FPHo1YaUk%2BGZVjIWYEW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d299e09dccb046a-FRA
expires: Tue, 06 Jun 2023 15:58:29 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame B6AB 339 KB
340 KB 44ms
39ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=56bca1593c2d9df88d1d19ce5e0db5ee%2F17299989425428735876&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685980708999&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmg2mnvpza9km91bxj7pr2rtdyccfx8z130gh1bnn4w6q66gq01xrakcn8n6bsdt3k46axdpdz0xgnrmzek14k6fj6b1ddgcndjxns0z9g39c1s03scxr2b98zeccb5bc22mp1nehehprxsgx2m0j4n0v9xmadxg1vw09afnt3fjnwgfnd1crqehz3vqg5agw6f49vvwm38j6pnmd1rgwfs6g07vknrkgss4e0f0tk45q6e7stneawzpnwgcszbhdnff3e3rtsy0r6aeqsnwkkt2m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 583006
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTvH8fUwpcPQ6R%2FtwS23HzugRAaUIKM%2B6pZ54B68roj3GgekJJirhYVpplyNZ1w3Vz3BT8u8Nh5%2FvEfT4IKVPKhtc7BRe4RKRtJo4pUsKjZSyy7C6qOWULRNoywkJH8ydvw0z5f6ls5Nc%2FpA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d299e09dccf046a-FRA
expires: Tue, 06 Jun 2023 15:58:29 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame B6AB 43 B
705 B 93ms
67ms Image
image/gif 104.102.45.165

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=56bca1593c2d9df88d1d19ce5e0db5ee%2F17299989425428735876&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685980708999&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmg2mnvpza9km91bxj7pr2rtdyccfx8z130gh1bnn4w6q66gq01xrakcn8n6bsdt3k46axdpdz0xgnrmzek14k6fj6b1ddgcndjxns0z9g39c1s03scxr2b98zeccb5bc22mp1nehehprxsgx2m0j4n0v9xmadxg1vw09afnt3fjnwgfnd1crqehz3vqg5agw6f49vvwm38j6pnmd1rgwfs6g07vknrkgss4e0f0tk45q6e7stneawzpnwgcszbhdnff3e3rtsy0r6aeqsnwkkt2m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 -, , ASN (),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:58:29 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame B6AB 36 KB
36 KB 42ms
38ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=56bca1593c2d9df88d1d19ce5e0db5ee%2F17299989425428735876&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685980708999&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmg2mnvpza9km91bxj7pr2rtdyccfx8z130gh1bnn4w6q66gq01xrakcn8n6bsdt3k46axdpdz0xgnrmzek14k6fj6b1ddgcndjxns0z9g39c1s03scxr2b98zeccb5bc22mp1nehehprxsgx2m0j4n0v9xmadxg1vw09afnt3fjnwgfnd1crqehz3vqg5agw6f49vvwm38j6pnmd1rgwfs6g07vknrkgss4e0f0tk45q6e7stneawzpnwgcszbhdnff3e3rtsy0r6aeqsnwkkt2m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 501660
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VI7JjVw%2FP11CmsFUxJV%2FhDGKyz8%2BnEamZ7d725krdasj9JPqIJQQk6nYIug0XWcAq2e5tveSnsEH5QRs%2B%2B9mpJTccXV1w2tnyVzlON2b5dnzvhOTrQZrUQVMmnyoEOtGXuHPIn4n4HZtFO%2FX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d299e09dcd1046a-FRA
expires: Tue, 06 Jun 2023 15:58:29 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame B6AB 28 KB
28 KB 43ms
38ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=56bca1593c2d9df88d1d19ce5e0db5ee%2F17299989425428735876&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685980708999&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmg2mnvpza9km91bxj7pr2rtdyccfx8z130gh1bnn4w6q66gq01xrakcn8n6bsdt3k46axdpdz0xgnrmzek14k6fj6b1ddgcndjxns0z9g39c1s03scxr2b98zeccb5bc22mp1nehehprxsgx2m0j4n0v9xmadxg1vw09afnt3fjnwgfnd1crqehz3vqg5agw6f49vvwm38j6pnmd1rgwfs6g07vknrkgss4e0f0tk45q6e7stneawzpnwgcszbhdnff3e3rtsy0r6aeqsnwkkt2m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1716056
cf-polished: qual=85, origFmt=jpeg, origSize=133780
alt-svc: h3=":443"; ma=86400
content-length: 28740
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKxOmC9UTbm1GYrnwV%2FASGqM2Nlcpk3U7n9tkYHY4ilmeaYdBIE27wq3BTeYTb3RLR8Mf5r4Z5u%2BhdLcvJGhYpEWJLL2RIL5Dn5kkjteYTyvxkp0c4PYYaFDMWhpBGtJ7fjlSAFFCyBgKR5D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d299e09dcc7046a-FRA
expires: Tue, 06 Jun 2023 15:58:29 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame B6AB 43 B
705 B 91ms
65ms Image
image/gif 104.102.45.165

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 -, , ASN (),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 15:58:29 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 8D32 103 KB
13 KB 37ms
35ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=7e2c6af8eab4b1fb15a9a42a0a21ab25%2F1300045842771027411&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685980709041&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz5nf0478tdx1mfs1s99vyjg8wwwnd0f8csrecd38ks1xtp898h9z5agatsxp683rcfdt5aq96pgbm249sc4smmswm7gnx5rysb794wdm2kb1vh64xbhq2j956hsk81c32c29kn95vf5xh3xz3gfax2p6brere55snef7nt1hdwq140h7kwpef338am292qdgrg2qs8tjy3wgq3sags5sbkzptrj0vqm49e1f3cvhwb5j6nnb4rnst9vesnhzv5h7wtdjp16yx883gnc0pg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=7e2c6af8eab4b1fb15a9a42a0a21ab25%2F1300045842771027411&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685980709041&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz5nf0478tdx1mfs1s99vyjg8wwwnd0f8csrecd38ks1xtp898h9z5agatsxp683rcfdt5aq96pgbm249sc4smmswm7gnx5rysb794wdm2kb1vh64xbhq2j956hsk81c32c29kn95vf5xh3xz3gfax2p6brere55snef7nt1hdwq140h7kwpef338am292qdgrg2qs8tjy3wgq3sags5sbkzptrj0vqm49e1f3cvhwb5j6nnb4rnst9vesnhzv5h7wtdjp16yx883gnc0pg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 944303
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMr0rZ3DjfXgJv5y%2Brum7SBsqv0LqfSLncylrnO5PAxDHP%2BO0Robfkn25fdqqjI7EB9Pgg18XOY10Cnols3%2Fcamw7dBuGT3HaWDGHJv%2BuFy86u9GFToI72XerRpdmZGJShh1mZMQm7E%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7d299e09c9421968-FRA
expires: Mon, 05 Jun 2023 16:58:29 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 8D32 44 KB
44 KB 47ms
36ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=7e2c6af8eab4b1fb15a9a42a0a21ab25%2F1300045842771027411&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685980709041&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz5nf0478tdx1mfs1s99vyjg8wwwnd0f8csrecd38ks1xtp898h9z5agatsxp683rcfdt5aq96pgbm249sc4smmswm7gnx5rysb794wdm2kb1vh64xbhq2j956hsk81c32c29kn95vf5xh3xz3gfax2p6brere55snef7nt1hdwq140h7kwpef338am292qdgrg2qs8tjy3wgq3sags5sbkzptrj0vqm49e1f3cvhwb5j6nnb4rnst9vesnhzv5h7wtdjp16yx883gnc0pg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1709288
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsDqJlQkER24WcIrQQRmj2eGOalpCmIEobwOouUK8byMFpyrgcykttvoKLPSUcscXRhH7kDkJ0BqLt%2B%2BVGgW%2BW%2BefJizO6AQNlXtXsz9IyzJyO6bVxOkqbG557rRbXTS77iHH3naSKkZF742"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d299e09dcca046a-FRA
expires: Tue, 06 Jun 2023 15:58:29 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 8D32 222 KB
222 KB 40ms
37ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=7e2c6af8eab4b1fb15a9a42a0a21ab25%2F1300045842771027411&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685980709041&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz5nf0478tdx1mfs1s99vyjg8wwwnd0f8csrecd38ks1xtp898h9z5agatsxp683rcfdt5aq96pgbm249sc4smmswm7gnx5rysb794wdm2kb1vh64xbhq2j956hsk81c32c29kn95vf5xh3xz3gfax2p6brere55snef7nt1hdwq140h7kwpef338am292qdgrg2qs8tjy3wgq3sags5sbkzptrj0vqm49e1f3cvhwb5j6nnb4rnst9vesnhzv5h7wtdjp16yx883gnc0pg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1701882
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400
content-length: 226916
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmcOik03V9kaYPOxPK2Xr6YyAycoKD6MtA5MffsNZiz5gg66iJDloNxPlFX0PlzFRZHejY1PKcgXKTKFo2Qs1G1ZGc1qzhkcDTKnkEuqYwDErw8nUjykxKT36bQcTL5aZ7h1FSxS5%2BeCRVMh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d299e09dcd3046a-FRA
expires: Tue, 06 Jun 2023 15:58:29 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 8D32
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1685980709_d061af81-03b9-11ee-9d45-2261c3620022&insert=AW&&gdpr=0&gdpr_consent=

0
473 B

171ms
36ms

Image
text/plain

2606:4700::6812:7f05

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1685980709_d061af81-03b9-11ee-9d45-2261c3620022&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=7e2c6af8eab4b1fb15a9a42a0a21ab25%2F1300045842771027411&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685980709041&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz5nf0478tdx1mfs1s99vyjg8wwwnd0f8csrecd38ks1xtp898h9z5agatsxp683rcfdt5aq96pgbm249sc4smmswm7gnx5rysb794wdm2kb1vh64xbhq2j956hsk81c32c29kn95vf5xh3xz3gfax2p6brere55snef7nt1hdwq140h7kwpef338am292qdgrg2qs8tjy3wgq3sags5sbkzptrj0vqm49e1f3cvhwb5j6nnb4rnst9vesnhzv5h7wtdjp16yx883gnc0pg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7f05 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
cache-control: no-cache
cf-ray: 7d299e0b99122c3e-FRA
content-length: 0
expires: -1

Redirect headers

Date: Mon, 05 Jun 2023 15:58:29 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1685980709_d061af81-03b9-11ee-9d45-2261c3620022&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 8D32 53 KB
54 KB 40ms
37ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=7e2c6af8eab4b1fb15a9a42a0a21ab25%2F1300045842771027411&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685980709041&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz5nf0478tdx1mfs1s99vyjg8wwwnd0f8csrecd38ks1xtp898h9z5agatsxp683rcfdt5aq96pgbm249sc4smmswm7gnx5rysb794wdm2kb1vh64xbhq2j956hsk81c32c29kn95vf5xh3xz3gfax2p6brere55snef7nt1hdwq140h7kwpef338am292qdgrg2qs8tjy3wgq3sags5sbkzptrj0vqm49e1f3cvhwb5j6nnb4rnst9vesnhzv5h7wtdjp16yx883gnc0pg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1550869
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWjAGFm7F0qhi2WvDUKrZtdO9yyB0PCXLiDCY41BFflJnzoNZP%2BkvkSwB%2BuhyRi2QdBf3M9yNxLxGxhpRa1kpo3j%2F2X0MLLUPJ4SaIjNWK78grDVdd9c5l4bQd2WmjFG61X%2FxHTxmPvpO%2F0X"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d299e09dcd4046a-FRA
expires: Tue, 06 Jun 2023 15:58:29 GMT

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 8D32 23 KB
23 KB 41ms
38ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=7e2c6af8eab4b1fb15a9a42a0a21ab25%2F1300045842771027411&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685980709041&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz5nf0478tdx1mfs1s99vyjg8wwwnd0f8csrecd38ks1xtp898h9z5agatsxp683rcfdt5aq96pgbm249sc4smmswm7gnx5rysb794wdm2kb1vh64xbhq2j956hsk81c32c29kn95vf5xh3xz3gfax2p6brere55snef7nt1hdwq140h7kwpef338am292qdgrg2qs8tjy3wgq3sags5sbkzptrj0vqm49e1f3cvhwb5j6nnb4rnst9vesnhzv5h7wtdjp16yx883gnc0pg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1550666
cf-polished: qual=85, origFmt=jpeg, origSize=132437
alt-svc: h3=":443"; ma=86400
content-length: 23154
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y15amEKJfsFNjIrmQPrwDBaG%2BWygBC2ElbTv3zCJe0T7akk%2BnM8JbRWJ%2F4J94dUD39%2FHsoB6KKSkHOIky%2FUgN8zJLL4%2FSgeXfZuX9roDkBZiE9kAQCxXV33FLYf5frj1n1WuS5Iq8ir8%2B5sg"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d299e09dcd5046a-FRA
expires: Tue, 06 Jun 2023 15:58:29 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 8D32
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CM70p8q_rP8CFSvxEQgdjvUEtg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023060517582985630890753X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...

49 B
1 KB

91ms
24ms

Image
image/gif

167.233.13.224

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023060517582985630890753X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023060517582985630890753X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=7e2c6af8eab4b1fb15a9a42a0a21ab25%2F1300045842771027411&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685980709041&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz5nf0478tdx1mfs1s99vyjg8wwwnd0f8csrecd38ks1xtp898h9z5agatsxp683rcfdt5aq96pgbm249sc4smmswm7gnx5rysb794wdm2kb1vh64xbhq2j956hsk81c32c29kn95vf5xh3xz3gfax2p6brere55snef7nt1hdwq140h7kwpef338am292qdgrg2qs8tjy3wgq3sags5sbkzptrj0vqm49e1f3cvhwb5j6nnb4rnst9vesnhzv5h7wtdjp16yx883gnc0pg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 -, , ASN (),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 15:58:30 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023060517582985630890753X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023060517582985630890753X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date: Mon, 05 Jun 2023 15:58:29 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 8D32 13 KB
14 KB 52ms
50ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=7e2c6af8eab4b1fb15a9a42a0a21ab25%2F1300045842771027411&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685980709041&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz5nf0478tdx1mfs1s99vyjg8wwwnd0f8csrecd38ks1xtp898h9z5agatsxp683rcfdt5aq96pgbm249sc4smmswm7gnx5rysb794wdm2kb1vh64xbhq2j956hsk81c32c29kn95vf5xh3xz3gfax2p6brere55snef7nt1hdwq140h7kwpef338am292qdgrg2qs8tjy3wgq3sags5sbkzptrj0vqm49e1f3cvhwb5j6nnb4rnst9vesnhzv5h7wtdjp16yx883gnc0pg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1972187
cf-polished: origSize=24833, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 13494
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZVPEnrGzPUINCSrvJ7fwqyo95toUwFiQc0BLA5B3UekZic2YmCgAkmIG0HTF%2FjYUZszlb40tSiYT03cm50mnhxYkkJDA0qBW3kni1j4GSkCs4DRjPqKhC1%2Fi51TeLQf%2F0huiTJK625jVGcT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d299e09fced046a-FRA
expires: Tue, 06 Jun 2023 15:58:29 GMT

GET
H2 200 4203BD8B6DFC28122A57CD0F74F9CECD38E430D5675BBE6AD8D38A36BACBF4464C414E9D6B7C9D424BC78DD3AF8507AB207AAFC56090D4E89249C87620F96EE7
assets.ad4m.at/ Frame 8D32 12 KB
13 KB 53ms
51ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/4203BD8B6DFC28122A57CD0F74F9CECD38E430D5675BBE6AD8D38A36BACBF4464C414E9D6B7C9D424BC78DD3AF8507AB207AAFC56090D4E89249C87620F96EE7
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=7e2c6af8eab4b1fb15a9a42a0a21ab25%2F1300045842771027411&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685980709041&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz5nf0478tdx1mfs1s99vyjg8wwwnd0f8csrecd38ks1xtp898h9z5agatsxp683rcfdt5aq96pgbm249sc4smmswm7gnx5rysb794wdm2kb1vh64xbhq2j956hsk81c32c29kn95vf5xh3xz3gfax2p6brere55snef7nt1hdwq140h7kwpef338am292qdgrg2qs8tjy3wgq3sags5sbkzptrj0vqm49e1f3cvhwb5j6nnb4rnst9vesnhzv5h7wtdjp16yx883gnc0pg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b7e05564f91fc8ac5e933d73eb80f92bc95037220fe493bd7d617bf24d4aa00

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1291209
cf-polished: qual=85, origFmt=jpeg, origSize=42379
alt-svc: h3=":443"; ma=86400
content-length: 12442
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Apr 2023 14:20:26 GMT
server: cloudflare
etag: "d065bd00faf2a542b1b900322391648c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXDVLbph4jpWzC%2F6jL8IqXkoVSBlmM7eL5jtVxqeiOfzaKXuhoH8H3e7s3jUqWZxViBzDihWHKl6k6SuVYGFQ9DxgGeaf8J2PS594qHEi6VNq6ujecxBh62LB98ScXK2o9uiP4kEkiIrc4sN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d299e09fcef046a-FRA
expires: Tue, 06 Jun 2023 15:58:29 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 8D32
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=COD5p8q_rP8CFTGE_QcdK6YHwA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=mm_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=mm_SUBIDTEST_view
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023060517582985630890755X117663V1225131106MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

49 B
1 KB

93ms
23ms

Image
image/gif

167.233.13.224

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023060517582985630890755X117663V1225131106MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=7e2c6af8eab4b1fb15a9a42a0a21ab25%2F1300045842771027411&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685980709041&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz5nf0478tdx1mfs1s99vyjg8wwwnd0f8csrecd38ks1xtp898h9z5agatsxp683rcfdt5aq96pgbm249sc4smmswm7gnx5rysb794wdm2kb1vh64xbhq2j956hsk81c32c29kn95vf5xh3xz3gfax2p6brere55snef7nt1hdwq140h7kwpef338am292qdgrg2qs8tjy3wgq3sags5sbkzptrj0vqm49e1f3cvhwb5j6nnb4rnst9vesnhzv5h7wtdjp16yx883gnc0pg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 -, , ASN (),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 15:58:30 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023060517582985630890755X117663V1225131106MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date: Mon, 05 Jun 2023 15:58:29 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/18023719642905169595/ Frame 28D7 829 B
431 B 41ms
38ms Stylesheet
text/css 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18023719642905169595/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6c3294ef598667c6169398d34721280ddbc9dffcba5bc3ac190357374f841347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 01:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482936
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 402
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 May 2024 01:49:33 GMT

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 28D7 109 KB
37 KB 82ms
80ms Script
text/javascript 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Jun 2023 15:58:29 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/18023719642905169595/ Frame 28D7 4 KB
1 KB 41ms
38ms Script
application/x-javascript 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18023719642905169595/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f66701275896763806723b24a98618b5ae17e48da67fea9132b98f31aaab60ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 16:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1399
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 16:45:01 GMT

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/7493198391404092334/css/ Frame 46F4 6 KB
1 KB 43ms
42ms Stylesheet
text/css 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MHELeOnLyC&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ac2429c9dd60bbe0eeab4fb4322667db2a3566125b4a1d772c488381de05b9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MHELeOnLyC&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230336
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1446
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Jun 2024 23:59:33 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 46F4 118 KB
40 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MHELeOnLyC&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MHELeOnLyC&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19328
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 10:36:21 GMT

GET
H3 200 overlay.png
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame 46F4 95 B
122 B 40ms
40ms Image
image/png 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/img/overlay.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MHELeOnLyC&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MHELeOnLyC&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 17:47:50 GMT
x-content-type-options: nosniff
age: 166239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 17:47:50 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame 46F4 6 KB
3 KB 42ms
41ms Image
image/svg+xml 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/img/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MHELeOnLyC&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MHELeOnLyC&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 11:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2563
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 11:00:17 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 46F4 60 KB
24 KB 106ms
106ms Script
text/javascript 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MHELeOnLyC&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MHELeOnLyC&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Jun 2023 15:58:29 GMT

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/7493198391404092334/css/ Frame D424 6 KB
1 KB 40ms
39ms Stylesheet
text/css 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=jmKKvXTGGo&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ac2429c9dd60bbe0eeab4fb4322667db2a3566125b4a1d772c488381de05b9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=jmKKvXTGGo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230336
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1446
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Jun 2024 23:59:33 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame D424 118 KB
40 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=jmKKvXTGGo&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=jmKKvXTGGo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19328
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 10:36:21 GMT

GET
H3 200 overlay.png
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame D424 95 B
122 B 41ms
41ms Image
image/png 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/img/overlay.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=jmKKvXTGGo&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=jmKKvXTGGo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 17:47:50 GMT
x-content-type-options: nosniff
age: 166239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 17:47:50 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame D424 6 KB
3 KB 40ms
40ms Image
image/svg+xml 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/img/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=jmKKvXTGGo&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=jmKKvXTGGo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 11:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2563
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 11:00:17 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D424 60 KB
24 KB 88ms
86ms Script
text/javascript 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=jmKKvXTGGo&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=jmKKvXTGGo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Jun 2023 15:58:29 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame B6AB 2 KB
2 KB 247ms
73ms Script
text/html 13.42.219.105

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g1s4a4m38g9h24b4sd2ss885qzcp2j5gw6wwmvtnw0gw034c5qgkh9cfq49f3554e63ttkgs54hqv6ny16ct3rket86tbjzka3ejeasc9n3xz9qgam46hs237sthe74hn45j186wppc50m3nftzdcgye0qdck6htx6ydagf4wpk83gnw184x9g0et6k4ngy4qss1f5dgd2d908e2h4bwaw7axkm5jmnep7tnmzagssjkh9y1fjapj3qwx15t44sew2qw%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmg2mnvpza9km91bxj7pr2rtdyccfx8z130gh1bnn4w6q66gq01xrakcn8n6bsdt3k46axdpdz0xgnrmzek14k6fj6b1ddgcndjxns0z9g39c1s03scxr2b98zeccb5bc22mp1nehehprxsgx2m0j4n0v9xmadxg1vw09afnt3fjnwgfnd1crqehz3vqg5agw6f49vvwm38j6pnmd1rgwfs6g07vknrkgss4e0f0tk45q6e7stneawzpnwgcszbhdnff3e3rtsy0r6aeqsnwkkt2m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%252526client%25253Dca-pub-7983651257838282%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=56bca1593c2d9df88d1d19ce5e0db5ee%2F17299989425428735876&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685980708999&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmg2mnvpza9km91bxj7pr2rtdyccfx8z130gh1bnn4w6q66gq01xrakcn8n6bsdt3k46axdpdz0xgnrmzek14k6fj6b1ddgcndjxns0z9g39c1s03scxr2b98zeccb5bc22mp1nehehprxsgx2m0j4n0v9xmadxg1vw09afnt3fjnwgfnd1crqehz3vqg5agw6f49vvwm38j6pnmd1rgwfs6g07vknrkgss4e0f0tk45q6e7stneawzpnwgcszbhdnff3e3rtsy0r6aeqsnwkkt2m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.219.105 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: bd64234ea26f76eb0e8d2c361c59020f15aad32cced60d6dfb871c62b7076eac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
last-modified: Mon, 05 Jun 2023 15:58:29 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 05 Jun 2023 15:59:29 GMT

GET
H3 200 021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js Show response
pagead2.googlesyndication.com/bg/ Frame 41E2 37 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14684
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 08:20:43 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2600 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQzOp8DrHC1o0nrvYlD6pCmnJc0cYqhLgOBhLMuUbG2KQ2b-90RJ3lHk7GjJypFKnPuM_ZvAv9qB-lB8hM4n6izI8m&sig=Cg0ArKJSzMirHkgwWjXvEAE&id=lidar2&mcvt=1056&p=0,0,90,970&mtos=1056,1056,1056,1056,1056&tos=1056,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3050045420&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685980708031&rpt=385&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 850C 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusMm35poACy3za4ViQHMtwDhZltajTe66dG3UpSpcgDuKP0o4hrL3xJdnRV-VCwzRVick4sjHOdf1LmfihdAZDfIQr&sig=Cg0ArKJSzGYkhKVvLMhwEAE&id=lidar2&mcvt=1057&p=0,0,90,728&mtos=1057,1057,1057,1057,1057&tos=1057,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=456810305&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685980708082&rpt=376&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js Show response
pagead2.googlesyndication.com/bg/ Frame DBDA 37 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14684
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 08:20:43 GMT

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.94.1/948461/AgsNOjEJEPUlQwv1/ Frame 1CF1 0
145 B 30ms
30ms XHR
text/plain 52.19.145.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.94.1/948461/AgsNOjEJEPUlQwv1/postback?di=https%3A%2F%2Fye-mek.net&sr=GOOGLE_CONTENTNETWORK&ci=948461&pd=avt&gt=DE&ac=Xmwo1n97Q8&pp=ye-mek.net&pv=130d298a-4687-46a5-9395-952ccb157566&md=1&ti=&to=3&de=2&si=&dm=728x90&dt=9484611597092707615000&ui=&ap=&pi=XRzobPsLhV&sid=AgsNOjEJEPUlQwv1&oz_sc=945145d43055fdf639d215aa&oz_df=1685980709475&oz_l=3609&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.145.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-145-179.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 05 Jun 2023 15:58:29 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A44 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14684
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 08:20:43 GMT

GET
H2 200 5ed7638be4b07a92411bbffe
ng.virgul.com/tck/i_vb2/ Frame 43F4 0
209 B 47ms
46ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed7638be4b07a92411bbffe?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1685980709546&userId=vnet07d2b9d2-e53d-4a8d-b2ba-70547ce20081
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 15:58:29 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame 43F4 0
209 B 47ms
46ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1685980709546&userId=vnet07d2b9d2-e53d-4a8d-b2ba-70547ce20081
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 15:58:29 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771bae4b07a92411bc04c
ng.virgul.com/tck/i_vb2/ Frame 43F4 0
209 B 48ms
47ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1685980709547&userId=vnet07d2b9d2-e53d-4a8d-b2ba-70547ce20081
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 15:58:29 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771e3e4b07a92411bc04e
ng.virgul.com/tck/i_vb2/ Frame 43F4 0
209 B 47ms
47ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1685980709547&userId=vnet07d2b9d2-e53d-4a8d-b2ba-70547ce20081
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 15:58:29 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3DDB 0
0 75ms
75ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230531&jk=168256876745976&rc=
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/18023719642905169595/ Frame BADC 32 KB
32 KB 46ms
45ms Image
image/jpeg 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18023719642905169595/bg.jpg

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6b8c267b6b6f05577adb4fa34d9fc6fdbb2abdb55a9bd0e1e33838cc3747f9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 18:13:33 GMT
x-content-type-options: nosniff
age: 164696
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32562
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 18:13:33 GMT

GET
H3 200 band.png
s0.2mdn.net/sadbundle/18023719642905169595/ Frame BADC 3 KB
3 KB 44ms
43ms Image
image/png 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18023719642905169595/band.png

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

147154470a9824945cb7ec7b51309b8d52066bc8c27bacafeb2d0a49a65d26e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:11:08 GMT
x-content-type-options: nosniff
age: 197241
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3410
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 09:11:08 GMT

GET
H3 200 text2.png
s0.2mdn.net/sadbundle/18023719642905169595/ Frame BADC 6 KB
6 KB 48ms
47ms Image
image/png 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18023719642905169595/text2.png

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7e97639114954ac5d65f5065c56d92d777ed1592dd283b3009959fa5473218cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:36:12 GMT
x-content-type-options: nosniff
age: 159737
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6323
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 19:36:12 GMT

GET
H3 200 text3.png
s0.2mdn.net/sadbundle/18023719642905169595/ Frame BADC 5 KB
5 KB 45ms
44ms Image
image/png 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18023719642905169595/text3.png

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

209756ca5d587e33595747af61be5d7a42c1e20a78dc02d9526186c46bbbe0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 00:21:09 GMT
x-content-type-options: nosniff
age: 229040
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4639
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 00:21:09 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/18023719642905169595/ Frame BADC 2 KB
2 KB 44ms
43ms Image
image/png 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18023719642905169595/cta.png

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d6c6699a632aac7b20247601a044bcb1151bcf638d9b435ef4c29aac1d911b3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 22:35:47 GMT
x-content-type-options: nosniff
age: 148962
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2416
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 22:35:47 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/18023719642905169595/ Frame BADC 3 KB
3 KB 48ms
47ms Image
image/png 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18023719642905169595/logo.png

Requested by

Host: ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
URL: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ca5186c45c8b98fd128a56f0778172c5088be7086f94ab4d9c0fc0657081f29e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 16:38:25 GMT
x-content-type-options: nosniff
age: 170404
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2635
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 16:38:25 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 871A 0
0 80ms
79ms Fetch
image/gif 142.250.186.98

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdKUQjgjUJVdEhnxMrZvTTgP-fnM9FECV8HW5-AcjeoLWqDAcqBWQ82TJjAfDmq9tQ1fZdTxoChGx2dNmiLXR2Ev0Wg91Kn8GZ22tx4I0jw1HL2PHO24CBmI1CwSNBywRKxsOsmLqPcu5gzMdVQwpQ5Cf8qttZ6kY4chGoencLU2kASLpT9dOV8EoX7b45B9Omz5nmy_hK917L4eXRIvbgTGo5-ltvtFULSEpm-fgDTD08T-6eqjtYhjwgBGBWQSZp9FYILzgA7DJRo2hfRD4hBS8d0pQf30GLHw975Y8BknIq4bg_HjXhyYRvMtraLGEPWx2Mv4HjgFQjRb0rQDBxfblRUTaQje9jO8-o8b1UfYux4F_wcUzHg8gIJfpeCtynWcuJWVF9Cmp70ODiXdF-rZW3ho9U-Rjk8u-x_QBP1GTAqD8umRYlgQgXXpkOqKYifWkrnIvIWSbL5CIzxzfpZBsIZaAvKDpSzROkafRJFm3DsLplKqC7fgfDY4qstWxMUaR0r1KFlDazWgsRPIrFXUi41JdJpRtPFKlyI0lrhaxTLeLclT94PSSpuFfZEfqdhUElIF0g8ZTJjsYGkp2aQ5iga_tcZz8Gat0N7Pd4c-3sw--VO6c9cOSBfOYYH-DEw4mE6zCBnBXdRxTJKAzcVf5vSks6hXPHJsAuxnn0RN7fiCbYifs9Q1W7jOrbNC9L4rFHjz6-2G7nhxsWCJdJrYwut0nKx1vRKONbMdl56rIkXbF4iWq5eI5p-qIhQTzNBLM3ektMj0TP_nSZ5P39TCprYV9KlDXIyHnf8VDe7KHksdit2Hv-soagM10N2r4NqeBZ8C0MLuypLQ77L8ep047R2LUriRgw2dV4jEje061VV_G6IPvX0WnJTxwxBLWVjE3olIccfg047QZEMJ4llZcKBXnIO0fhIRpJbVe79hUu7NqyGtaDMZXUIUbhs084jXV1dPf-8vPbnCJ1tGdLc35anCZ6gPG0ttRVE-KiJYmAOIuS3O_RMmLaX5vRiyCkbyUgorxLtlED9pDf9Bsn6GUOPvF1UqWKQ5fANf02qAnLhj2XNr3CaJmOExJZi9MKXSSJyENbGXRN09kQvWJ-inHIYAmR4qffallC1z-ch-uTl0_GvVzxj5erqIhg6U2Q1GTK22wA_YU8CQuXkEveYwSFYZuz9ATKvTv7aNd1qRGeQzJdoq7E00pwfF1RSz7Is80tXyzq54SOiPtvlea0tBiio7vwIYA-PbTTkHVq3x3TWWHIqHe3NoX6DjNWrp6nrgIOy_DMJQjB&sai=AMfl-YQEDw7z__gEAPFhuUIH0pOB9cRfFV3Z_VpRq2K-yNkU6kUcITeSxY1b_tMkktk6aklnyrjdU9PXm4Vv4lDG76VFSR3C2wU7CHZohzhO9tCKT5dKS0v25Fn_a7gyHeM46VCkcxL9NBssZPK7KdmSTjY_o3-ZrmYEl6qrt6hscN48vYbaSL2VXXLU-Pry6wkxZnhBry1jFxkKMUoNBab9mASJUsk1Xn-4EOOM1CRnMHds6zZAMwqaAgqlDxE4WOx-orcy&sig=Cg0ArKJSzHrL5qKD9norEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=834&vt=11&dtpt=544&dett=3&cstd=285&cisv=r20230531.39379&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Jun 2023 15:58:29 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/18023719642905169595/ Frame 28D7 32 KB
32 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18023719642905169595/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18023719642905169595/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6b8c267b6b6f05577adb4fa34d9fc6fdbb2abdb55a9bd0e1e33838cc3747f9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 18:13:33 GMT
x-content-type-options: nosniff
age: 164696
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32562
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 18:13:33 GMT

GET
H3 200 band.png
s0.2mdn.net/sadbundle/18023719642905169595/ Frame 28D7 3 KB
3 KB 45ms
44ms Image
image/png 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18023719642905169595/band.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18023719642905169595/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

147154470a9824945cb7ec7b51309b8d52066bc8c27bacafeb2d0a49a65d26e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:11:08 GMT
x-content-type-options: nosniff
age: 197241
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3410
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 09:11:08 GMT

GET
H3 200 text2.png
s0.2mdn.net/sadbundle/18023719642905169595/ Frame 28D7 6 KB
6 KB 45ms
45ms Image
image/png 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18023719642905169595/text2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18023719642905169595/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7e97639114954ac5d65f5065c56d92d777ed1592dd283b3009959fa5473218cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:36:12 GMT
x-content-type-options: nosniff
age: 159737
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6323
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 19:36:12 GMT

GET
H3 200 text3.png
s0.2mdn.net/sadbundle/18023719642905169595/ Frame 28D7 5 KB
5 KB 45ms
45ms Image
image/png 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18023719642905169595/text3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18023719642905169595/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

209756ca5d587e33595747af61be5d7a42c1e20a78dc02d9526186c46bbbe0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 00:21:09 GMT
x-content-type-options: nosniff
age: 229040
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4639
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 00:21:09 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/18023719642905169595/ Frame 28D7 2 KB
2 KB 47ms
46ms Image
image/png 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18023719642905169595/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18023719642905169595/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d6c6699a632aac7b20247601a044bcb1151bcf638d9b435ef4c29aac1d911b3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 22:35:47 GMT
x-content-type-options: nosniff
age: 148962
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2416
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 22:35:47 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/18023719642905169595/ Frame 28D7 3 KB
3 KB 47ms
46ms Image
image/png 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18023719642905169595/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18023719642905169595/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ca5186c45c8b98fd128a56f0778172c5088be7086f94ab4d9c0fc0657081f29e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18023719642905169595/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 16:38:25 GMT
x-content-type-options: nosniff
age: 170404
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2635
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 16:38:25 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6FB0 0
0 76ms
76ms Fetch
image/gif 142.250.186.98

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsstDsNqmu7SXKriEdACH5Y_H4FA9GfedlnFCMoqkxnXxrPJlGwHC3ziJJaAyABn5Y504YI0MWbebfKMUW9-TCqoQqIMCBLCABGhr_I5TzPtp49ZBk3FZ6neyCYBZuJO9wO11YYPDezo2a-9w6LEAtfwgFpTfqZvIQtHLLvA6CMI7RSiBwUSOAVAeu270znS6Nm789lLrMO8OiEgQUpdrJBqUBVt6ywUC1-ddUUdVioeW7FMDDqNMrB7f5GOlYj-67hoKUVUsTUoDq5x56f-_sYg5NeQkHqjNkUqDCeo6b2xYi9VAJGuEXel-P3c_qRH8bhk8gVz9rYonE4yTgmuhig-WelryPMfb2N3XZktgkJckWBvXEt2KDrnenp-hBNiH-ys7Puh1vzVY_PVgO08gHDQRfMrypX0M3swj4I2mjbH6dxp93LHOeHyH8t-RUPp6NHLpvXF5AfFchfhuy95cF4Pup0f3nmbPYhqxp4er1spaz4Q4V6EDQvYppUn2fdCVyy__7ygNAc9Yb_H9XwpfZaeox1B8opNwzY--TMw3-s3wQtyY-kz3FZjoQMogDTsIns2Pa5usgHk57jhoEAn2ryH5o8bldyCb5TWHCNH98HhVZJkkm272IBfEoiYS2XDE4waRI6FlM8i8-KbaqUnrvoseOoHPUWFNZUsx_TIDL13Ootdy4xPOARiSev0xCTL5gpRqFJRXmznhu6Y12k-tI3rFqCAxUu_C55HEIADH0q0cJQYHtH1JXsTf96dy_gDXq27hPf7BYpRE2Jvfr7oW81LiGSpOQyztBlPZPhfzXiflbHxZTVlEZdub0epHk7RE9E643ahq9Xy7iss2fnmYvTqb4kF1nhM7U_637-AgmeRazVQozq9eYV5y73CUOGe2L_irKsOew7hDiX8rPPhAgi58gnsjl72QkDsautI28xZMGN2Z0vxQFPpWNyC-fd-hm-JHJNABAr9bu1VJKd7BT8Dnm1lOQkLOilHWfKzAbOzLdOVOq-SLR2P_fe9J51DJ18I-pSIuR_s01ieH7URaCfSkkA_9czO5KT8LmiyKCHM-HR2mIUQZe7Awjw6T_3h16RPeV51EPAltZR340EmgOZSzjp9RXsr7R2W2rjUJNL6HF6D32KDKVlDfYpnw2oTk934ThDu0HBxQBdgsq8hon9jZbJoF4oN3kmvDbZJr2FSQk4VTL6U7hJkydc3RfCeX6r1cBbdTyi4qyost-9bm08HOxBdMmrDKB6sdi_8ixM6nQ1uJ09ruiARc2_6gJIFa_7YKW1dyThPRBn5&sai=AMfl-YQCXV7Rl4PJWISP09gl5SThkb34a0mP9f0mNG9I-LBYVsHT9HNbOy1z15-isqi4UQzb8QEtybUlB0wiVBndp5j3qpFzUB9r_I_uVjvlusg7pdLg03XqCFJ0nZa0NhUYLN7M8wuffAFZ6rTyUy4ZYPnKzs6fATfXMkvWwPGGjUEGoXG70s22yhuKnp7Fusmg42W_V2JgaALvzJjNWtRIZBx3KgYxj6ZvEqu5jjIR2R1ti9MQayFVCdBK_p2MSPYzvxVH&sig=Cg0ArKJSzNCpVHcYNfcaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=858&vt=11&dtpt=546&dett=3&cstd=309&cisv=r20230531.95479&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Jun 2023 15:58:29 GMT

GET
H3 200 021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D82 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14684
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 08:20:43 GMT

GET
H3 200 FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame 46F4 13 KB
13 KB 42ms
41ms Font
font/woff 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaCondMedium.subline.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:35:05 GMT
x-content-type-options: nosniff
age: 354204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13336
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 31 May 2024 13:35:05 GMT

GET
H3 200 FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame 46F4 12 KB
12 KB 54ms
54ms Font
font/woff 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaBlack.headline.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:50:37 GMT
x-content-type-options: nosniff
age: 198472
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11876
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 08:50:37 GMT

GET
H3 200 FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame 46F4 14 KB
14 KB 40ms
39ms Font
font/woff 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaRegular.legal.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:36:27 GMT
x-content-type-options: nosniff
age: 159722
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14468
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 19:36:27 GMT

GET
H3 200 FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame D424 13 KB
13 KB 50ms
50ms Font
font/woff 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaCondMedium.subline.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:35:05 GMT
x-content-type-options: nosniff
age: 354204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13336
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 31 May 2024 13:35:05 GMT

GET
H3 200 FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame D424 12 KB
12 KB 52ms
51ms Font
font/woff 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaBlack.headline.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:50:37 GMT
x-content-type-options: nosniff
age: 198472
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11876
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 08:50:37 GMT

GET
H3 200 FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame D424 14 KB
14 KB 52ms
51ms Font
font/woff 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaRegular.legal.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:36:27 GMT
x-content-type-options: nosniff
age: 159722
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14468
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jun 2024 19:36:27 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 46F4 7 KB
6 KB 83ms
80ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

480fbebc29bc34934d9f94580ff9ba7957dc210acd5f026dc933ffb69af0e230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5737
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D424 7 KB
6 KB 79ms
79ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

964782412c5a1eab56dbcfcf43894d049871beb9a704c96409c8e4c9ab189e7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5698
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 46F4 17 KB
6 KB 140ms
139ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 15:58:30 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 143D 0
0 89ms
88ms Fetch
image/gif 142.250.186.98

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1E7iQYTLPkp8tf5brpvbtxBJo2Mrtx7fqy4Vt8irWLe6ezTudJ0fpJqdngzB4ibrVkMtqGAUfpXJ4e5UvpP0zqm4B-xkh0vru-B5D6JCDPv6svsTtBhDsiPHyikb4jmbb6qWiG9_thFklfkM9PE8hXvNOcmisnqgWYZbtfX2csX40dJ2SjCqhEqF4Ox2jJFrzU2cP30KLiN6P9gkYnNzd4FWdWPqJSZdPpW0dvQsisP3YWqNGsTqxEmPiMaZFP82cJye105SMSUOqhauXoSy5RgkPLGST1JjNgkNt2IqPuUfAcRaeaziRJ3hBsHILVmyAwMB1iRRrwG5cIuFLFToDdo9dpjulHUkPaSjFyD1OJEWwaVjkffxXutx2ptWWMGL1v5kamdOQ9TG0Dqzc68UbuDcRn5ZJkrbtt17WtJ7elgtCodftRB-nkxDY7CadV_Y9qp_2g_bICYhN7crN6lhrf_4KKtsuFh-omiO8u-TRw7mKf2txbKxjlq07U7G41oXexzgZVLAUaucomEHcVTcSREyfi2D-A5HK75qEp2tZOVKO2gAKeNi6eqfkNIssxKDvLmOVhaUznzlUPjVBLgzGuSpT3pZFgmCrYQbPzyPTVdcoIZPvIBWR5BpGcDpWNI4ZLZciDEmXBLn_keT663FS2NSoRiYiF353LmVW8U7aO_w7HCV6Ow_b0lD7Q3AFqExfneiJlo_riuQ-OqyeR7Obh3-GU_Q7WxSXhd5MqNIGljHRCwmtTwpHdy06ahXLnGtL0IYb3FWsgqu6oy16Zp1RKRXcNvpbP8VKowNjx5HztmuzyuGEn-L3VL314WVbZFge5HcUbdKgLq0fgAXeVuTOF7nMdRx450Y5TDL_4hxBQZcrAtL7362fG0z5yG4Ri8DaN8LtgjNPzhKie7myCZTsWfzY5Fd_AUrBOXFeQAKsjAaLuizumC9ZkQDlEz_wE8MLUvAkGwTI_aY-yRda_s2Jdxk-bggtGA4grJApyEhrzSSD6rr15xxVMIAre9c0SemT4F6WZUmMsIJLi16xcrLqTpRlPDWdAJDOp3kdnCbUibNEM48gMXVkX-uE5VUt02eTrpaAj-GoPMTGjrznyUiJV-bisPDTeKHswU2PtJkLhL5Js520bLu8TgahgiHEzbIRPNSJK3VsBoIDGadni7W69vi08aY2E9J4g1k_IVWq14c5iumm_x4N4Z8PF9e1n3eAKMJscG22PRK_Vr46Pl_kz7nXS7ZX9I26uAUSUn64Xib4MN0M5DR_o7sGUg5sOUq3BVfXIzOD5A&sai=AMfl-YQORfIrOi4NwoUNtMsEKONugB4VoM5YstbPlYfymXSV8UGhXDn4ochIjW2wLPzSjhFM_k7y8uMNTV9vzSGYC60JFptRxO9fGYf32zegyJuz0DN5n6X0vn9Rq59Mlj2IQMz2OsRD9Ihk7fEGxx7RYaIpuxoAZr-oc2puU16zYge2JVhUUGpo2jJIkisdlN86AlzLia5YoBzh2iipFRIrVjNvP03uuBe1eZA77ZnCRHIoTYC0hwELNUWW83974j0d3DJ71TnKN776an7xaltcNHODQmETGA&sig=Cg0ArKJSzPmKSt3IIk91EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1310&vt=11&dtpt=923&dett=3&cstd=376&cisv=r20230531.41249&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Jun 2023 15:58:29 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2D79 0
0 88ms
87ms Fetch
image/gif 142.250.186.98

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstOU2967VvVVFLyqXPG3h5Wt1CZlJqrGShi6v1DSCj6XnRBgglRligvfufHhiqgIonQNVM4nXSd6qFouF92sCBYdPvRDLQNZYoMIIYk6VaWqk2kfHJ97KA1fmUFplocJ1I3P5opFg--cfYvFSqudL6xJr2pyIpDla6SyU-91EXglFzVxVVGxRPpm7eb03UD_V5SVt4sSyrKkMRo-z1_4fRgJ-czT9g_MKp7VBkaxCRnuI2aOUxho_xKE0TyTyaZyTUS-YaugFTzk6Rn2dJLLR-tUAFQZW5EVnNFghGEo_SW8PEi_TH3cDShSCJQCIuutjeNVar1h2usi_b3ZSG1-q7a3uP4HPKls0XOj7uSnJbEpJXOJ7qkaOxU6o9xKkv48Arb-o3FQ0LyzuBErqX61JXhyvDr9unbvXczAxuAFDvAy9wv8m8Azh-vL041CVuYTQcJ0vclbEkxor5jz9j4v1YDvpTUfjB9_kzBygfwPIveYVZJv__UvMtS1OVWeVzHqwADeDriWvu86Tck2DBl0vwCP-4Jfx1b8OoRNHP4-Hh8VJPodcnwtOUphgXM6uzeXV-ZFDuMN23bgnHum_-DYwvFexwmZsejks1JQdaFzMRvimiDm3GZXa7VaqeFETdGcrxFPK268vrBLOf4S2_Dfvt2uJf1fAvyDk96YoxOjSCXCliym4fctxu9ES9hQVA-L1CZTba3bnKNii89inXomjSy_xbR5GhPxtLcR7OSWs2kd1SGcW5HbTAuwVZUX3sdoz3-jfq3q5_esDS2yLart0gpxNS0GC309T31cY1cNicJw5I6-ksWmQ6v3U4kJ_Qcy-Nq7nHfcjC_e1u8wDlQ6AMxxg1zJvV4xznNPvwps3omcohsMnH-T2TK4K3WzT_mtWS3McEEwPkWZg9sI8f4va30OW3s6cha_9DK-n6O8zJo-6U_kl5-fm911aT2NZMReKbiDjcjnVwJWa0bQfjT23WvbKu4RpGkfYQOGeTwmS3xV4PoTOfoUvnfGmaX1YDT4tGBgH88vDXECj9kduAqq1tArz7r6Z5XjaLYUyDBrCTX6heNfYf7vyLAW_MvbpjAX9BQCcCBq1OL-Pa83rY7RjLgkBlXirPCjqg6wIvV_plI0iPWJuiK12Nhy4bS6mMoplPSCu_Hj7KinrMdpGyeCJMdKdlpZlKDWjhi-lgsKr2ZVYUcHc-en4X3dMzrAskCDHQ_5MCBXplO5Dw4tCfqfUomlfLaG9XXrDcN_J3PoeWvcfsIGWOuwfAeqvIrULDVxxq4cZegwbDF-Q&sai=AMfl-YSU9BxtBhJFlJ8cMIgsRm27tzybrQQ6p5aLBNt1Ayvs27NBUeRlOBrlsXl5zVtdpl5E3yrtuw9NKahj7GGJ8g-y8wtrGr-Mb8JBwI1HHpCNrx75uicvG6wVk_9wZZSQMUxOBmSwsW2Y8Fuq7phimc2j3WHsb8MJif3FCK_4NJGZM0qHeDNhbEErQZFSuEc7zFvfrXfBS830JOGPXN5JUmeZZvcd31jJ-hGu-pPU7l5rAwiyaWW0z-AawvQBH3lXfg5EgDXgpoTDACU9k5SQtT1MSNEm8Q&sig=Cg0ArKJSzA2mP3SyGb2hEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1131&vt=11&dtpt=822&dett=3&cstd=300&cisv=r20230531.89814&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Jun 2023 15:58:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 04C6 0
20 B 86ms
86ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBznTJAZ-ZOzBIJaPjuwPv8Cj4AwAAAAAOAHgBAI&bg=!FBelF0PNAAY9J7QfHSc7ADkAdvg8WgQdwGqBOBjjjXUS7Gigvn66dbhvlhQGlaTKL0cVSN_ymPtJHmeaNIqdE-mrD6bsd1QRXL4CAAABklIAAAADaAEHmQNP8p6FsEJskWbZ7UtZIPYRPG8Kw8ew2k4PVCioXkk6N4l9X6wTxM1Gc_U2rtMVFmBqpBWAvLWqHCBbeLEgDScb00EqP8yv5BBbXv6k9QMll0vnyFHK3b0XrJscYO1wI_1m0yOiMSEy2x-RGz1roDKe1ob_V3XG8EFy8D1aGjgO9tJoKXBEM50CvORohXwZVoE-0eAgpgBZQgPeCB_VddGG-6i92EGfWkxJ1EikcF9mBdMTBH8HTpIS19bTBVzfleWYbTpTtMT0TJKF5NJkaLbO1FuZT1sVrKm3wJCg61FscazKyDxDri6LcOo4gKJF1kE9nl1bIppYzu6DrFD7hdytcG3kejHLnDgCDNSX5NW7uPZH4B0J3kxodrlIcOuY0TuVEEKzgkhy5zkBPYOXXRvInzqqhMT9RwoBR30kcdSDTYvhR41gUJ71E7KkgXumy-3pxwSN3NcacyNxAuwKmN0HdlxFCdlybxzZjbWU-mywPZjMQOz86KX4d_AZks7PlsyzKdlmfZhuCgfHUHXxTeFYujzbMtB3-ne5sURw4alIa9lYqCpMwCQYiHBvNgFBBcqxKcMEiX63uT2zpKOMTdhkoOOGcvgvWLcTXP1iPtP8zhPT_WPK7OATAxBBue_DiCKA40a5hQnz74WQlVRAfebJ_fUXlDXTpRCr5R-93E6pSAYp8exlMqGJVj_1eYF3ZnnKcqm4LhTxsgYE7rJ0lxNAoz2DtY0Jtu01myOOxz_ioNpHnuGhuJsSpp4UcVGUVFoSI4kQQMSCeZHH18KF-uj1wzorqbaT0VJfu1OQ5yXtN_nGNLViSw-ytHhrzNd6COKkIbcRq5jxCtuA6UgNdZV7gWMEEoEAyI9J50PxhJ0APMHgQ5YPN53q72TmuU3E2WX2FgHmUjEqEi2bRWAnpGcfa0X-tyWS0RiaiaB7xy-u2ACJyybpH9Ktjb349157kS-N06jTs_Sp87Iph6hg4ElzpVnGcm7ZvWTzLhbbhif9GL4_4q2hV3SpiEwdJnXJFGYAYAZKueY_08ds1e22KfWWKqcgZ9alGYHQqeVHxWpYRjZ5GNjOaTATmZnieOPdrr8Q__ZaNxNjQK1_E9kaaHkJfbo0-YOrnZLl7_lF6j5OUQ

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.94.1/948461/AgsNOjEJEPUlQwv1/ Frame 1CF1 0
145 B 26ms
26ms XHR
text/plain 52.19.145.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.94.1/948461/AgsNOjEJEPUlQwv1/postback?di=https%3A%2F%2Fye-mek.net&sr=GOOGLE_CONTENTNETWORK&ci=948461&pd=avt&gt=DE&ac=Xmwo1n97Q8&pp=ye-mek.net&pv=130d298a-4687-46a5-9395-952ccb157566&md=1&ti=&to=3&de=2&si=&dm=728x90&dt=9484611597092707615000&ui=&ap=&pi=XRzobPsLhV&sid=AgsNOjEJEPUlQwv1&oz_sc=945145d43055fdf639d215aa&oz_df=1685980709880&oz_l=263&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.145.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-145-179.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 05 Jun 2023 15:58:29 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame B6AB 85 KB
31 KB 228ms
10ms Script
text/javascript 18.66.147.52

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g1s4a4m38g9h24b4sd2ss885qzcp2j5gw6wwmvtnw0gw034c5qgkh9cfq49f3554e63ttkgs54hqv6ny16ct3rket86tbjzka3ejeasc9n3xz9qgam46hs237sthe74hn45j186wppc50m3nftzdcgye0qdck6htx6ydagf4wpk83gnw184x9g0et6k4ngy4qss1f5dgd2d908e2h4bwaw7axkm5jmnep7tnmzagssjkh9y1fjapj3qwx15t44sew2qw%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmg2mnvpza9km91bxj7pr2rtdyccfx8z130gh1bnn4w6q66gq01xrakcn8n6bsdt3k46axdpdz0xgnrmzek14k6fj6b1ddgcndjxns0z9g39c1s03scxr2b98zeccb5bc22mp1nehehprxsgx2m0j4n0v9xmadxg1vw09afnt3fjnwgfnd1crqehz3vqg5agw6f49vvwm38j6pnmd1rgwfs6g07vknrkgss4e0f0tk45q6e7stneawzpnwgcszbhdnff3e3rtsy0r6aeqsnwkkt2m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%252526client%25253Dca-pub-7983651257838282%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:02:22 GMT
content-encoding: gzip
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 6969
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: gCfbFz3GihMWCmtT4EJl_p71klF_ehZIv-fRmKlrGMszP0VjtRiUnA==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame B6AB 15 KB
15 KB 88ms
23ms Image
image/png 108.138.36.55

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1685981009&Signature=WGLGZjIpLaRXd-xomq4Dmri2ND7AIYMmMpLpT5PvPGuOzcT~CX7eXEoNEiukL0uFW8N~QKgrZffAIxf2715b6a31pdiBRY7fIR5P9PFbObtoDydMa3mRujBpsKmMQ~xr49gRrfpceFHP21i1MhF6fP-v44RkbwJmSl1w4olDn1ga0DKvABZmm6kjBkOdD4KQuJEOkiKhyPpp92jhzU9bCBsFe6-nhBfJSDSwVYYIpIAi6lmL-qHUHZbJ4Hv1uy2rlLKjrEVu8PFxE7viw-0jFE5CK0J~m91v2J0i8mp5Hpx53DMKU-ULwsxZS~t4DXfKVRBtZEDK0xzjkIPp~UUDzA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=56bca1593c2d9df88d1d19ce5e0db5ee%2F17299989425428735876&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685980708999&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmg2mnvpza9km91bxj7pr2rtdyccfx8z130gh1bnn4w6q66gq01xrakcn8n6bsdt3k46axdpdz0xgnrmzek14k6fj6b1ddgcndjxns0z9g39c1s03scxr2b98zeccb5bc22mp1nehehprxsgx2m0j4n0v9xmadxg1vw09afnt3fjnwgfnd1crqehz3vqg5agw6f49vvwm38j6pnmd1rgwfs6g07vknrkgss4e0f0tk45q6e7stneawzpnwgcszbhdnff3e3rtsy0r6aeqsnwkkt2m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.55 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 05 Jun 2023 15:17:07 GMT
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 24606
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: PqDE6tPVlCZbL_a-urNNnBjOXrdWmV3NM-o_uBYhJFj_hBPG6KMzdA==

GET
H3 200 visual.jpg
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame 46F4 84 KB
84 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/img/visual.jpg

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b438fcb0b6409866bcf245a57397590528a9db351cceb09953f27f9105069895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MHELeOnLyC&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:03:54 GMT
x-content-type-options: nosniff
age: 233675
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86025
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Jun 2024 23:03:54 GMT

GET
H3 200 visual.jpg
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame D424 84 KB
84 KB 44ms
43ms Image
image/jpeg 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/img/visual.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=jmKKvXTGGo&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b438fcb0b6409866bcf245a57397590528a9db351cceb09953f27f9105069895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=jmKKvXTGGo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 23:03:54 GMT
x-content-type-options: nosniff
age: 233675
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86025
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Jun 2024 23:03:54 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D424 17 KB
6 KB 179ms
178ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 15:58:30 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 143D 42 B
64 B 81ms
80ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4-p4GlnMooFwRYvMSkAYAGAgwvrDA7uIAyhaQfdzQccC95V3bF-5qAY4VNlRpQODzItCVzFSET8kWpaaMt1e1cOfKDo5GzaKEhYuY6_uF9_Izm4Ljsw8UYsljnAogw2D-pGeJvQ&sai=AMfl-YSFudpVhb066dV296mKe7aHX1979yuSg8ooGFAJuDYVtS3Bjg_0NZEq4B6TMlgLfTD3W1LO6t5MCjdJBgQHLO9ORZ7o8hL0iE_Go2xclvwL8O3G9QT4mB_EBS0&sig=Cg0ArKJSzIYtMjLRH12NEAE&cid=CAQSOwBygQiDMcnw32dpiX2as3fcSC0QkIPAFOZPtLY5G6EY_c55mfsr2LmLGx_wkbua4hGLITncyLhvUzrhGAE&id=lidar2&mcvt=1031&p=0,119,40,160&mtos=1031,1031,1031,1031,1031&tos=1031,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3299242717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685980708004&rpt=642&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.94.1/948461/AgsNOjEJEPUlQwv1/ Frame 1CF1 0
145 B 28ms
27ms XHR
text/plain 52.19.145.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.94.1/948461/AgsNOjEJEPUlQwv1/postback?di=https%3A%2F%2Fye-mek.net&sr=GOOGLE_CONTENTNETWORK&ci=948461&pd=avt&gt=DE&ac=Xmwo1n97Q8&pp=ye-mek.net&pv=130d298a-4687-46a5-9395-952ccb157566&md=1&ti=&to=3&de=2&si=&dm=728x90&dt=9484611597092707615000&ui=&ap=&pi=XRzobPsLhV&sid=AgsNOjEJEPUlQwv1&oz_sc=945145d43055fdf639d215aa&oz_df=1685980710093&oz_l=337&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.145.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-145-179.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 05 Jun 2023 15:58:29 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame 43F4 0
209 B 47ms
46ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685980706309&userId=vnet07d2b9d2-e53d-4a8d-b2ba-70547ce20081
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 15:58:30 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2D79 42 B
64 B 80ms
79ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugMWugA3udAAQX6fXB1x10Fppe4KhC0plcqhU7L3AlVfLh5uTvhqHXR9iX7y4x40CcG0CvtcTwxYKJI_FI9SSB2XELoKOXRG5b9nWjfBjVmRB0lPxUFIwaw8xm0pS9fdaRW4Dalg&sai=AMfl-YQdVoUCUEErbPPTGojwUdkZ4IA1oorz2V5LGTU0FJHsPvOWQaLM4iQZ81ZzT8mGJpy3BULHCrd-PBd4Dmvfh-E4T7soiB4OPVhg3GhL0ChMAMzmOwuKysQWLu0&sig=Cg0ArKJSzKp3GA22x3R2EAE&cid=CAQSOwBygQiDgaNRfRVY5Be_ZqwLB0q8SctYXQmTiUxcIpMmYmpZdUmFndnjc5wvpBgoKnRUY7peKKEb4DxDGAE&id=lidar2&mcvt=1024&p=0,119,40,160&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3203893797&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685980708235&rpt=705&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js Show response
pagead2.googlesyndication.com/bg/ Frame 57EE 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14684
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 08:20:43 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3D82 0
10 B 35ms
35ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9dnGvQ
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js Show response
pagead2.googlesyndication.com/bg/ Frame D0EB 37 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14684
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 08:20:43 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 43F4 14 KB
11 KB 86ms
86ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305300101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e8dbcc269895e119be184cf4bb8b7fe99bed9efdf0455b55bbfe049663d4b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11154
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DF4D 15 KB
6 KB 63ms
16ms Document
text/html 2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:30 GMT
server: Kestrel
server-processing-duration-in-ticks: 579438
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 41E2 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQLCUJAZ-ZMeJI5y99u8Pvq27uAIAAAAAOAHgBAI&bg=!fX6lfirNAAY9J7QfHSc7ADkAdvg8Ws_Jfq4d9saftehVzBGPrK2kSflYUmS3cLL_rvNAhDfBeidd0prYhw8OWcAd92xSfej39jUCAAAB91IAAAADaAEHmQNYdU17ieSZrlngfHCI9gHNpIHca05kSTAd5MZNcM3VMTg4eTC8CzQsu-t-DDznxhYvVrHymuW-XW8hGDefjtrgquf0QCNgVYf9oDReulJpe9SmkWNCCE4TgnHniBjEIPgqz_7jlJBtak1RKsjGity_Z42hb2W5jBZFj7wvEzqK3tWzPudaoI_7KgKTxkFgL1u8Aw6MoBlwdC9y65SB0fFxzQN_W90xP-M-fDLv-p5mrMkMtLEKsMacmT1x393idUfeEYBAeNB5i2p7p-hy0gPX3ox3CKUqszgXXsr-_xeq6iTps0-8TowVVI2o40-NBIJ3tE0Q1SQnXwb7aphCIKvlPAM5XHuQpqAXHi2rxDR3uK2iQVMakBkg31KCjkPlofBKftsEJXkOEmV_Uzswj331lF22jEcTJ5ZoAI10Drw-y0mbc9wF5SXlYACCXClqcIowOqF3ZlhSckcKv6leI9W4oK7N9x7OcbWd64rE8jT0ZlVqr9Yjl1eQOBxj26ngJ6QzWNgpVcQKXYz2cBczPdjYovkKuvAeAq0oPJ7ari9nXr8muUD0Bo1QGncSVlEqVxZHUdtyI0NrDr3hAou90a-Xij4tJ-2eDFtvAkAG1MpFdyvsWWZVSj49jSc5cGxzSZuy2NAOnS7RFxKN--89pOy_YF8xfN0WHCLq2YnsKk2lnwmuTCTYMJ2Eb5I-2zUybURDDGzgPjxcB0DgDZq_s0ydFKei3D_aR1ZYAryy_0sozaJxiQA_uIARQIa-hwxLEU8qkFqIIe3ASMF9Mdtl3sStabf4LlK4RAxGqXcWdVZA71MbHg3sd5KLMlDSWsscTkQ4Qv-PamoWIgIyahVxtYVsA1wbTXW3G6p-q8VauP6ESSfDB5CInUVu0feNhTMIFlJuyhSPctJnKsQQKbGxpOUEPxK_Peb005OStm6V0pfUlCICMwQ9yvszNo8KCKXrfF4yGxg7D8DS-67tlluCQIOBGvCOxNdJfMHJ-hzPiA-WM44RQG12BZoIgv9zrKQt48sSo6-Ah4a0bKoo9n8YIox7s0OlEoayjbeZapf7vIKFFJGmlitt9MB3VjCXB9sFIDGXqc0hfXU35a9OkFWqkBysjJ1tatNHAf8_EQR4ZwmK38LMgUQpa6v5Rw

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DBDA 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BB4hVJAZ-ZO-wI-bO7_UP8bm28AMAAAAAOAHgBAI&bg=!EBOlE0fNAAY9J7QfHSc7ADkAdvg8Wu377LpzjhEWq1c-yOjYV1Ff87InlHmGeq0HWBA660JmXDHZbmI7JqFvmSOiS6nVtiWeIR8CAAAB8lIAAAAFaAEHmQNKQ1jYOcxbCWhKRHxiTukOuBG7kORzi85aAwr632puti0VcIvgwOEZf-24Z7nJSZyYiuTVZ-AUMdrpKclk2Jz_cZUYEgD298aQJSRGl0iMfJ_d0-BS98E8EvpBnv9vbEo7AO1h0dkIRcV4h5Lwauwq7keIYFwjfMu4lapnLv7DA4vLJKcHozjoGBAmFCgSvKO-cPxpA2HCafJEaXQh8bOMRq_V4Xb8LcJ86Mit3AEoqn8ymX8vvwXZUwGjCn8PK62wi8fzyi49jJY7BxtdL30BU3KlJYxqQyKJL9dxoqHqJgGhTdhvfdiZR3HKTaPfB-L1VgsEpSo7DOs6Tj3UbwlESQXpwMDJebogrLMknNbMfiQaPwI9k1F8uS5e5VYhUkAXjo0hxJLjP7SACWPsNJ3g7mVuQJ9cm3tLcu5GSmjyhB4JiRlFkr0sXvBPsc4ZZCxRCvpJd-LKomskcIwPolks_nHbdBed2_k2Bc4uxNgoh588-2Ou_K34tvziQ9-2xAXcZo8OgAxqtxXNR21Z2Pp40SdUtprKkjraejPOHIn9idCh8jEGq6NZNdxPtChqDymotJhgJMYbqtfylrbwEv48wPJRGC3oPFBKcy-OtSqhSZZkG62J0oL4U2VrU-BCpVOwousC51Z3SKyYBXTcJraxzNLh-HxHoOsmiWcs5LOTYerJlY6oPBZeKXdRBsWjS9TbXiCYCyOl-3fzrtqv_wdKkEIr1CewsEfDzCd_kmW0b1M_kASDCw6DqfP2I9T2oHJNyWyOhuE8WdTRH4KjFEIA_kHh1I4wiWRN5X_HbpAa1avYeAlcu9XERH2bYBixFu2VwqKa7eX_HOQzyGq0GeP7kAWpJS8CAlgkdGxTDmR3qS2Epell1zqxG46BggHWwCQT0-37-GNaKf0uUhtLsDDphO95G3BpNfyxuJTPyJrZXbPiJqtvT_CK_dzpEMluXpHZIHneqaqwOaV7gQy6v1z8s2SFa1iYuhoygCgBle17DNEguu106Yzh_IRHAuC2hMEU4fcYF95XNXCIdazA-HWcIrva3Jv4aQuRdm0pTuWJQDOSXA9SOVbLk6CxmZEwwLUO0V-KKTbhjLJOeBAHhkpdq_FLDGLf6QOkVcA

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A44 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVOfOJAZ-ZLKTJeWD4gHi642IDwAAAAA4AeAEAg&bg=!kJOlk8fNAAY9J7QfHSc7ADkAdvg8Wj1CRm89VlTNRKsM1HkOFQiWeOv04Dc4o2hP0x0zSFERiuI1r7emSsTYYb6XhrDAWkGFbXoCAAAB61IAAAAJaAEHCgAYVU_UvAKg6GhuuBAMpcbHb2O8kNZolTFrmQM1ursNYlNkmCALZxujaLtVQMYWnXCjtZwgStKrdrq81xX-6gKr33IbGv9jua4wsEIzg3eTun9RfhIlQl6OztzMPO4lPWN0T9p8815lFGYKswjm4_B_IeET6yxGpb6upbeKNwCv20ziezx-YlblKId3HE6PNEzwZFK2Hd46MfUzfYOElRsWyuJFjrfaSFUr8xuPNYo5mqMMfe11MyTmvwlzfvyIv7Njep_9-5KVlROWjbgunsFBS3P-s9Gwc_8_dYn9HynuqiwsbICftyOwWZYU80b-KpEz4tQZMS49VKUh3im7bVch9v7cC4VAs9eYAuDEDpGGrvmnI0BgCgbudquOb-HvkaPaYrEW8rASujdC3y3kOMUd5LEqnlz_NPLm_LliNFZUQYPYdpVDcCQyV2RU8JgOZU6EvAUoGzyJncP6Hf_jI16NCLwv0Q9wkpv-yxhqODY0GRTxYMnkaH23fba8CqqTsS7ESUwVBTf2j6-ntovW9QPs0EyVPpKHO7A3OAUHGEThHzsExxwVhQ3RxLy6oPifnh5SQ7KPmgIlXSw_fpt0OBxpRAOJV06--zRH3sA_KJ6uKEvsIWT8AnLDuyz7iEgovT4gDAmxFoIkMkK8zYh8FwP4qf6AfCgb7RYWakGgCwR66RPum76ndeNsELaUkAKumiY57shgy3wQwQaKsASFWU6LNYfjRP-VOR1emIxlBHzAyqUSlGutK5GPoLbQPZlfiQfWLLmIzJlUYdMeV5iJSSTBNviP5_olMyRh4UvtWkNWvTu4MiT_4xR22NUJ_TgltVQXyV1AG4SfV4iTzsp23Wn4g7dwqB4W5gRSApnrGdpG7AhWj7Asjhq4z58fo4-DhHwsbloGq-0PqnMj7si9RaSY9Pq9oIbEmk3vIgad4Lnx6H9J7Dmuc8nWzZlwD_TWZ5LNxRwwP6ugQXOZoJqz-Mg8NpBF-loywPQH-HD7nvYhrV_2qRhe-mfE4Ve6mSX58V7DcD5U2JIfcnw4fumLx3x95el3_2VmZCiSPuXzUVZ_B0QjTuuE6cax3QkhLojvl_MT0Sy_x9Rejf3qUaGNs3seYSUNPEGxUdDcWhUiPqjSJ-k

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.94.1/948461/AgsNOjEJEPUlQwv1/ Frame 1CF1 0
145 B 26ms
26ms XHR
text/plain 52.19.145.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.94.1/948461/AgsNOjEJEPUlQwv1/postback?di=https%3A%2F%2Fye-mek.net&sr=GOOGLE_CONTENTNETWORK&ci=948461&pd=avt&gt=DE&ac=Xmwo1n97Q8&pp=ye-mek.net&pv=130d298a-4687-46a5-9395-952ccb157566&md=1&ti=&to=3&de=2&si=&dm=728x90&dt=9484611597092707615000&ui=&ap=&pi=XRzobPsLhV&sid=AgsNOjEJEPUlQwv1&oz_sc=945145d43055fdf639d215aa&oz_df=1685980710408&oz_l=35&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.145.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-145-179.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 05 Jun 2023 15:58:29 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 4882503a-e019-4c38-8e47-fb1ee52633b5
https://googleads.g.doubleclick.net/ Frame 1CF1 817 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/4882503a-e019-4c38-8e47-fb1ee52633b5
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c21f115524e9e4a50120f3e71d42530bb0341b3c847b568558e4f41385c427fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Length: 817
Content-Type

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 43F4 17 KB
6 KB 102ms
102ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 15:58:30 GMT

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.94.1/948461/AgsNOjEJEPUlQwv1/ Frame 1CF1 0
145 B 27ms
27ms XHR
text/plain 52.19.145.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.94.1/948461/AgsNOjEJEPUlQwv1/postback?di=https%3A%2F%2Fye-mek.net&sr=GOOGLE_CONTENTNETWORK&ci=948461&pd=avt&gt=DE&ac=Xmwo1n97Q8&pp=ye-mek.net&pv=130d298a-4687-46a5-9395-952ccb157566&md=1&ti=&to=3&de=2&si=&dm=728x90&dt=9484611597092707615000&ui=&ap=&pi=XRzobPsLhV&sid=AgsNOjEJEPUlQwv1&oz_sc=945145d43055fdf639d215aa&oz_df=1685980710580&oz_l=332&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.94.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.145.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-145-179.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 05 Jun 2023 15:58:30 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET event
unilever.demdex.net/ Frame 43F4 0
0

GET

sid
mug.criteo.com/ Frame DF4D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=_m1eLHxhazJaTldUTHlJVmRRWWw3TEVTUDVkNjlNUzBHNlJiWlNSU3REWExZdHRqSVV6dnpxTWs3WnlnRkNQNlcxRTIyMUFyNG5RZHhJZ3B0RDZtcnViZGliTzY2RUI0Y1lGTHR2VElHV0hoWUtrMFN5bmZuZVQ1ajZYVm...

0
0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 43F4 63 B
385 B 33ms
33ms XHR
application/json 35.71.131.137

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a71b01fe1f96fc3f5287c54312e1efe386d0d9612122c926e216c6ed2c98c8e4

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Jun 2023 15:58:30 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ye-mek.net
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 05 Jul 2023 15:58:30 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 871A 0
20 B 71ms
70ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9800062565027&version=m202301230201&ct=76&x=1&cor=8401514277473895000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 15:58:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FB0 0
0

GET check.html
biddr.brealtime.com/ Frame F55D 0
0

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame 2F58 0
0 78ms
7ms Document
text/html 151.101.65.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 28805
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 05 Jun 2023 15:58:30 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 24 May 2023 07:58:00 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1992, 219460
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230020-FRA
X-Timer: S1685980711.779201,VS0,VE0

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 0511 0
0 59ms
7ms Document
text/html 23.201.255.110

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Jun 2023 15:58:30 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B0FE 0
0 40ms
9ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=133414
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Mon, 05 Jun 2023 15:58:30 GMT
expires: Wed, 07 Jun 2023 05:02:04 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5B47 0
0 36ms
35ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9903
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 13:13:27 GMT
expires: Tue, 04 Jun 2024 13:13:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame AC80 0
0 48ms
47ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-utWLCkZ-O1fUoaFtFBYXkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-utWLCkZ-O1fUoaFtFBYXkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 15:58:30 GMT
expires: Mon, 05 Jun 2023 15:58:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hb.emxdgt.com
URL: https://hb.emxdgt.com/?t=1500&ts=1685980706802&src=pbjs

Domain: cs.emxdgt.com
URL: https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESENTcRGY9P3ntPptgWy0bqAc&google_cver=1&google_push=ATf1kGNwXenzzQnGvYOTrpLfOg8pGgFjC8Q8bO7igks-RooZhEyBKowX7MvWI4VGn3zsndG-l6O0wcbfnMaWqb2O6y1SI6s39U2IBQ

Domain: cs.emxdgt.com
URL: https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESENTcRGY9P3ntPptgWy0bqAc&google_cver=1&google_push=ATf1kGNSR2Z47pb4mDC2Qx-RIWFeJoiZgQVzmivyA4KsaPKJDwKdMGASq_0d92VyZv0HGgwuQXZyciFGoP6o76sJyQcAUeiid2KCSYs

Domain: unilever.demdex.net
URL: https://unilever.demdex.net/event?d_sid=25453995&cs=1685980710595

Domain: mug.criteo.com
URL: https://mug.criteo.com/sid?cpp=_m1eLHxhazJaTldUTHlJVmRRWWw3TEVTUDVkNjlNUzBHNlJiWlNSU3REWExZdHRqSVV6dnpxTWs3WnlnRkNQNlcxRTIyMUFyNG5RZHhJZ3B0RDZtcnViZGliTzY2RUI0Y1lGTHR2VElHV0hoWUtrMFN5bmZuZVQ1ajZYVmRKeDFtb0xHeFg1THhkelUwSjNYYXhqVFJDQXU5ODN3ZDFqamNnSCttRlh1dWNKU1MvV1plNEpFM1QzUnhqbHlhMUtWK1RHNlo5dG5mRjNPVW9lK2wyNEt3eGNJbVlodGYwKy93WGVWM3h0ME1WSkNIVlQvTVQvandVOTdsbWEwZDdQK251K2N5UXk0dmUvR2hEWXpjVHVNRVNIKzVzV29HNHhjeHJEM0hFTXNwd2dUNEQvcz18&cppv=2

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7103435417767&version=m202301230201&ct=76&x=1&cor=11894181221594616000

Domain: biddr.brealtime.com
URL: https://biddr.brealtime.com/check.html

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rubiconproject.com/	1970-01-20 21:05:16	Name: khaos Value: LIJ1DR94-I-IEFM
.rubiconproject.com/	1970-01-20 21:05:16	Name: audit Value: 1\|naVuGyos1qp/EaIqIC0M6j5APvdogVCbaTd6KyMQnau+SmvwaNDOni9gR4qolinrDqDbQAwtYdFN+011ZXQEx2pNjxJ85LHdsqlSNZOaaDQ=
.doubleclick.net/	1970-01-20 21:41:16	Name: IDE Value: AHWqTUmgzTXzy2_tYhdMcyPr_0X-V4_drAPBvd6bvYLmqkwGirJT0NEXT0jkduTexqo
.adnxs.com/	1970-01-20 14:29:16	Name: icu Value: ChgI5MdxEAoYASABKAEwo4z4owY4AUABSAEQo4z4owYYAA..
.adnxs.com/	1970-01-20 14:29:16	Name: uuid2 Value: 3516661396845895669
.w55c.net/	1970-01-20 21:49:55	Name: wfivefivec Value: eGLF5M1Y1Q6cBe5
.hspvst.com/	1969-12-31 23:59:59	Name: VI2677 Value: %7B%22time%22%3A1685980706%2C%22utid%22%3A%2234e6e1a70427b6359ee8236e4c31b403%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/	1969-12-31 23:59:59	Name: VIP2677 Value: 1
.casalemedia.com/	1970-01-20 21:05:16	Name: CMID Value: ZH4GJKnBzOMdWUG9ulo.VwAA
.casalemedia.com/	1970-01-20 14:29:16	Name: CMPS Value: 3201
.casalemedia.com/	1970-01-20 14:29:16	Name: CMPRO Value: 3201
.3lift.com/	1970-01-20 14:29:16	Name: tluid Value: 1943438265599487440929
.bidswitch.net/	1970-01-20 21:05:16	Name: tuuid Value: 22f18878-b33b-4f00-9742-bb100b243031
.bidswitch.net/	1970-01-20 21:05:16	Name: c Value: 1685980708
.bidswitch.net/	1970-01-20 21:05:16	Name: tuuid_lu Value: 1685980708
.quantserve.com/	1970-01-20 14:29:16	Name: d Value: ECUBCQGUKYEA
.quantserve.com/	1970-01-20 21:49:55	Name: mc Value: 647e0624-601a5-ea707-b7b68
.w55c.net/	1970-01-20 13:02:52	Name: matchgoogle Value: 5
.simpli.fi/	1970-01-20 21:06:43	Name: suid Value: EAE174DE4ACD4DE78D47EF072B28C0F3
.travelaudience.com/	1970-01-20 21:49:55	Name: _tracker Value: %7B%22UUID%22%3A%2286822BD3-27FE-4FE3-8C3A-1A15F12CBEB0%22%7D
.de17a.com/	1970-01-20 20:58:04	Name: guid Value: 1.8847953626581417334
.adform.net/	1970-01-20 13:02:52	Name: C Value: 1
.yahoo.com/	1970-01-20 21:05:38	Name: A3 Value: d=AQABBCQGfmQCEK9hxVRIZ-JVGD8rbbaABpkFEgEBAQFXf2SHZAAAAAAA_eMAAA&S=AQAAAli0MkyY2jrIGNUsDPP7VXY
.everesttech.net/	1970-01-20 21:05:16	Name: everest_g_v2 Value: g_surferid~ZH4GJAAPje21kwBa
.adnxs.com/	1970-01-20 14:29:16	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>2ej[W>!]tbPl1M>e)ZlrFUfJ+tGXxpKVwB=QLC/oCb?)1>8_[(#HVQoFYZR'f./jjybpRzqF1`b`TH>J5G
.360yield.com/	1970-01-20 14:29:16	Name: tuuid Value: aec76f95-d5a3-47e2-90fb-bf143b2372de
.360yield.com/	1970-01-20 14:29:16	Name: tuuid_lu Value: 1685980708
.adform.net/	1970-01-20 13:46:04	Name: uid Value: 8337434379768746515
.sportradarserving.com/	1970-01-20 21:05:16	Name: zuuid Value: 8ce3eb19-775b-4cc5-a803-51577f010f33
.sportradarserving.com/	1970-01-20 21:05:16	Name: c Value: 1685980708
.sportradarserving.com/	1970-01-20 21:05:16	Name: zuuid_lu Value: 1685980708
.sportradarserving.com/	1970-01-20 21:05:16	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 21:05:16	Name: zuuid_k_lu Value: 1685980708
.id5-sync.com/	1970-01-20 12:19:41	Name: cf Value:
.id5-sync.com/	1970-01-20 12:19:41	Name: cip Value:
.id5-sync.com/	1970-01-20 12:19:41	Name: cnac Value:
.id5-sync.com/	1970-01-20 12:19:41	Name: car Value:
.id5-sync.com/	1970-01-20 12:19:41	Name: gdpr Value:
.id5-sync.com/	1970-01-20 12:19:41	Name: callback Value:

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pcloak.blob.core.windows.net/web/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript	error	URL: https://ye-mek.net/(Line 39) Message: Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x69807j0b5.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network	error	URL: https://hb.emxdgt.com/?t=1500&ts=1685980706802&src=pbjs Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685980706548&bpp=4&bdt=887&idt=279&shv=r20230531&mjsv=m202305310101&ptt=9&saldr=aa&nras=1&correlator=4800735757698&frm=24&ife=1&pv=2&ga_vid=854444417.1685980706&ga_sid=1685980707&ga_hid=59647142&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759837%2C44759876%2C31075004%2C44788441%2C31071260&oid=2&pvsid=1497102148338384&tmod=355982566&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.b71lvrwtbxb7&fsb=1&dtd=294 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://as.ad4m.at/ad/dr?ed=1k2ka8qp7s1nhbda1r4xmg7z2mmsb3aph62j8rpg28nv5gg06pyg0dbnne6dwq8fd1bj8t1ecyc791meye9s524rwsrqsgp823mjzqyr94qfew1b0gm1ttvsmke2q2gwhqnhfmvp208ycvyt304wztxm8spfp2q8p74s870137rw4cwyxpksjrvqqsqynkwdqwaj2k5324y2v604ddve713dggybjekmx093r4c40bfttt04spyp0rfqrbderzv9m86y9777wksrnwwx72pmevjncm51rdqdx1rsmdtrd4zteq53bba6ng2qrefrm20c38erzzm4f00brv3837w1w6qrstspjbm880fa889jvzj6vfk4sesr262pw4nnnhtjtnk4cbgtc5jep5s6q3rrq3rs46h0rphcjcq0garh3e24szzg4mw0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%26client%3Dca-pub-7983651257838282%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1ht9mz6sx5w6wv6dt4bvk5pvm02ee63gcdeg4b0qq92jfjwys4g4s0ga1h3ckf6wbksyg7mdn21keq5ee2ktewvpktyyv8dbn5qsn2d3ejf2cdr93b773eebb7p01aszy48t2avp0hc5d77ktaetbndj2a8hj7n59bh1ty54z7zxj2ev643ey5ake4r2d9sw5vv0avrj5hgtwwykqf5t4n649d3t49m9b0k49bjk039p2803rrx66a3h5t5ybhgrv7a8gjtzynasgj589vehevtb6e9htz73s8smgc6tpg836w5z2s76rmyrhm6a154qxay8897th113s0mgtd3etgpn155yg9fx54zf74qjz86tw98ma1vdf1rt9rpec24r592xvsfrasghe4c3fcge4cvwamx9qr5k87vjp7f9be5frc16795mq57ynnwqfweapk567ch7gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%26client%3Dca-pub-7983651257838282%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
worker	error	URL: blob:https://googleads.g.doubleclick.net/5419f3f9-1149-4e8c-b4ad-8a22815721e6 Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/5419f3f9-1149-4e8c-b4ad-8a22815721e6' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://googleads.g.doubleclick.net/5419f3f9-1149-4e8c-b4ad-8a22815721e6 Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/5419f3f9-1149-4e8c-b4ad-8a22815721e6' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=56bca1593c2d9df88d1d19ce5e0db5ee%2F17299989425428735876&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685980708999&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gmg2mnvpza9km91bxj7pr2rtdyccfx8z130gh1bnn4w6q66gq01xrakcn8n6bsdt3k46axdpdz0xgnrmzek14k6fj6b1ddgcndjxns0z9g39c1s03scxr2b98zeccb5bc22mp1nehehprxsgx2m0j4n0v9xmadxg1vw09afnt3fjnwgfnd1crqehz3vqg5agw6f49vvwm38j6pnmd1rgwfs6g07vknrkgss4e0f0tk45q6e7stneawzpnwgcszbhdnff3e3rtsy0r6aeqsnwkkt2m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCATFuIwZ-ZIaWLd-H7_UP4f6C2AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE5gFP0MVdlS3lHAdwUKoHOE3V_tGwivg5M-cw7senM0MZGevwAMXNf4SF8r5iNMh_bWAhoaL4JOu7KTJkBJwabbm4P67RV7dkdkgO5uPMw9YN9SW9gAsm00X3GIuAGqCHLj-vWh46GQrpUoYs5xinaphzrAuTywa9DnhB_uRXYJGUzk2qttgq_apzSUFWaIJqq--D6YPqywA8UMOF6wI4B-Itb7Tt8MqQO4JpzUWuyXEHwVXmUB-x37B4N9TLl4bTMIxsH18nq7pcEDEdhUPMfLPbT_MwT5C9HkbI97Umd55KSDqD0M_rp-AEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_23ZyDtgER8OzZiJlnjifwFl938iA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C195017&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C71gSqfWBsj2ZKtrHXHgtAtVVZCGT1TKqCM&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CEbGSDfqQSE1QkCzHAHjt6C44bfqTVT1dc7&c=728&d=90&e=&g=7e2c6af8eab4b1fb15a9a42a0a21ab25%2F1300045842771027411&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685980709041&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz5nf0478tdx1mfs1s99vyjg8wwwnd0f8csrecd38ks1xtp898h9z5agatsxp683rcfdt5aq96pgbm249sc4smmswm7gnx5rysb794wdm2kb1vh64xbhq2j956hsk81c32c29kn95vf5xh3xz3gfax2p6brere55snef7nt1hdwq140h7kwpef338am292qdgrg2qs8tjy3wgq3sags5sbkzptrj0vqm49e1f3cvhwb5j6nnb4rnst9vesnhzv5h7wtdjp16yx883gnc0pg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCV1_7IwZ-ZP6BLeWi9u8P6_yM-AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQI1M_Wjz_CxPuACAKgDAaoE-gFP0DREZMooBBkUjUAxsD2bMMpq-NixcZBua4ukoJLEETNk2GvqO9rJdnSEmjy043RhmuTWx3pq36LjC8gHA5llviRwpdNkcKodJfrmWRzpbNfNfRwXjmeD_u29fWMCtDd7fpui4DVdqokEicHPbOmjTUKNw3e7zOWGlVswJ1-GJm0TlMMhKdU3ZCNmv3uxMXh9ShsYcZfB22KinHvvjTkGNDhZjHsMlNx_W4YO2nulM69kFgpa8Jlz-FPgi1c8nP4luUO-8iMBHaomdiLAlKEmvmrf0hpRvov5nAwyTlGcfgOxfBBO2tueZvG8yv3WtRzgHVZ2rZGprnez4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1WU5rHpZFXU6XKAdOC8C_4iWnDWQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad4m.at
ad9e31b0a07a87f73501e2086df8e6da.safeframe.googlesyndication.com
ads.pubmatic.com
ads.travelaudience.com
ads.w55c.net
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
as.ad4m.at
assets.ad4m.at
bidder.criteo.com
biddr.brealtime.com
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
cdn.track.production.webgains.team
cdn.ye-mek.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cpm.programattik.com
cs.emxdgt.com
cti.w55c.net
d.adtriba.com
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
feed.pghub.io
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
i.w55c.net
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
images.dmca.com
imasdk.googleapis.com
match.360yield.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
ng.virgul.com
ng2.virgul.com
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pcloak.blob.core.windows.net
pghub.io
pixel-sync.sitescout.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prod-rtb.ad4mat.net
rtb.openx.net
s.h.w55c.net
s.tribalfusion.com
s0.2mdn.net
s7.addthis.com
script.4dex.io
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
static.virgul.com
sync-tm.everesttech.net
sync.inmobi.com
sync.teads.tv
t.hspvst.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
um.simpli.fi
unilever.demdex.net
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.cloakan.co
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
ye-mek.net
biddr.brealtime.com
cs.emxdgt.com
hb.emxdgt.com
mug.criteo.com
pagead2.googlesyndication.com
unilever.demdex.net
104.102.45.165
108.138.1.25
108.138.36.55
13.248.245.213
13.42.219.105
142.250.186.66
142.250.186.98
151.101.2.49
151.101.65.108
151.139.128.10
154.58.197.185
162.19.138.82
167.233.13.224
172.217.18.6
178.250.1.9
18.184.185.174
18.66.147.52
18.66.190.43
185.64.189.112
185.64.190.78
185.7.176.221
185.7.176.222
185.80.39.216
185.86.139.101
192.229.233.53
2.18.161.51
2.18.232.7
20.127.253.7
20.60.220.36
213.155.156.181
216.52.2.48
23.201.255.110
23.206.208.114
23.35.236.201
2600:1901:0:76b9::
2600:9000:2491:8400:1b:f040:3600:93a1
2602:803:c003:200::51
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700:20::ac43:4bf1
2606:4700::6812:19ad
2606:4700::6812:272
2606:4700::6812:7f05
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:813::2006
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::2
2a02:6ea0:c700::18
2a03:2880:f084:d:face:b00c:0:3
2a05:d018:d29:3602:4721:f1a6:82e5:32b7
3.126.192.167
3.64.112.248
3.75.62.37
34.102.243.38
34.96.105.8
34.98.64.218
35.156.251.164
35.157.134.200
35.186.193.173
35.186.253.211
35.190.0.66
35.204.158.49
35.241.45.217
35.71.131.137
37.157.4.24
37.157.6.243
37.252.171.22
51.89.9.253
52.19.145.179
52.29.216.32
54.171.9.188
77.245.159.14
84.200.5.215
85.111.6.48
94.138.206.83
98.98.134.243
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00ce306cf481fb8e0a4fda19526dde1a8a9d670a07f143d832a445fbcf2db6eb
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02dae736d2648c67319cc03736039f03dd6e6304f15177c973f1eb9051d83230
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d3065ec1a397538dab9bcd38ad1018815b97d02fce10aa2f6fa254d21773fd
06fc5b5a42d5c518b1a31e7bd7726f096ea5e002328d68b5cd64e4c04a0f8efd
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
147154470a9824945cb7ec7b51309b8d52066bc8c27bacafeb2d0a49a65d26e7
15b5a605bb9183577c6e19c44b73d8952e76ef02009f61164cf0bd6928f484ca
167b361207c0dbe5cc3e6a4aded1c1523af5ca6241dd25f5087a33d63ed89ed0
19bdae6a2dfecc818ce36202d7dbbbece891e4ac5c415c196df82a43ae9ac0e6
1c9af0fc292c8fb8f9dc82487cf57b1854797659160b14b7afd9566c7d068c2c
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1dd6622825f3d518fd677e8575cae0654a3afbc78a92bf1b2942ea2fe04afe83
1e3a7651e485bbd08be45c3794ce29db6668bd23f89ef0f62d86ac8f6488378e
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
209756ca5d587e33595747af61be5d7a42c1e20a78dc02d9526186c46bbbe0c5
229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227
24e5b6406f1198bfb04b6f08100e3ef763e320acd6dd748876d0db542dd8bb20
2581753667ea9096139c6e824317f55122ac3bc2c6c0227fe9168cd247061a1e
298e30cd4e01948d540e8aff796e294da1ae095578b2403f2b97280e3b969a6f
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2c481ccdb6e10e0136132ac25c732c873df15b1cf23a063a714f63606159551e
2c8442c64d0a9d1b30c714c059d589a7e5834fa4ec8b8a85c339192065c92837
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
325be98d467be29fd7b3d1c36f2e137806b171ca7d73ef3b535e198ec0bd1dc1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
35093c99d945fbf48f632120ce401af37721bb4b690fbe0fb452611d8959793e
36039db5f9d8089c6d01f67144d50ccfa6f65a27ab0375b2a15f7b2f846aea36
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
38a45d2622d89b3d2da8101fa1ecdc03ed87f51af4d93f1358530610ffd7cfcf
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
39ddfa0e149ffe66b2480afecb8501822ac2d7aba2f841103eb7caab5ab7fe2a
3c2fc0614d14f19c7b68d795bbd361ec0baa28f2f72f7fd645cb7967f380af07
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
40d704fcf4405f97ac78ba9d102e436a0482e3a47576de24a70f370f970dc0f3
40e79ea3833e391579a893edcb1311f9d82372fcf6ad18ebd245b7535bc2eef1
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
42957ef601fd013119bccbb5d1a6a656f89851c80a3e5a1482315b87251f53be
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
43c1db258054fd904a5ea889573e183fce6b54fbe0217e7d72cf1ef6881c94ec
44530944f7cb09698bcc30c8b32262310894965b660c221e3247a526cbb01939
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
473ec323dd2d8150c0ba0ee8abee7f178403d20c050ab5f396308b373f1c7f07
480fbebc29bc34934d9f94580ff9ba7957dc210acd5f026dc933ffb69af0e230
483acb0168bc17f82b187df42c6775bba45663f508b2f5fe5ccf31efb230b732
48d917e694d5cffc5b77251a040a7ee481eb319fb77ca4d191285ff50498b794
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b89c55ccd688ad536f857361ea9168b434b0df78024b353c438115ec30e541a
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50282fee83281adfa1bd8aa7771950d435a2799ca90959ae8f3a483ff4fb0be0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184
515203da31600e4f2429b9526b03543b3fda990d8d32ca48d18572cd017d4b63
55341425c7731deed45d8c3ed1dd69ae8519f67657d0f30257a4c702ebcbc0e5
555665b12b601c0a84c27141c368f4a93af445bf000307e99f2df6e4a86515c3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57d6270f8a2410ea0ae988122b1d818fcf9a73b139b68c281c344bd48431558a
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d7432628543445b8e9fc4db3d5548094165c6c22107b66d429529116becf8d3
5e6d7062caa79a05cf74de173ba9902aea28bb7a0b0c142ef6ab8a1209cd23db
5edaa7a6259fe1e4afeeece18097c7661291921e025ffd0bcadb2203479b403a
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306
65676ff9ee174f1af8dd161a2b306631500e0e3ee01ace918e221312048e9bc6
68bbcab002cfe978fe70454b240f442046de6170bdef247b98f4819f1e7f2417
6a5e6df88d4d45622a3ede615c25bc1c7773063b04585c52f3286332d3ec6a46
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a88e0d82ba2998038cc86adc47bfb48d21e6114e18d97f0ecd05f5df519a95f
6b7e05564f91fc8ac5e933d73eb80f92bc95037220fe493bd7d617bf24d4aa00
6b8c267b6b6f05577adb4fa34d9fc6fdbb2abdb55a9bd0e1e33838cc3747f9d6
6ba2129b7dd383098316594bc36d4da139fce7dccedaa1398482ace451c8bec9
6c3294ef598667c6169398d34721280ddbc9dffcba5bc3ac190357374f841347
6c6d900511c502a6d0b97a298ecab07040eb48a8756ec785beddb35006825f0a
6d4b039e13080924553d42c56051ec773abb13dd903a5ea542eb3d23702a821a
6d735ee9e8a233928f4788ed6b6c5a25a6d434e80a2af59d107fa242aec2a8ac
6e8dbcc269895e119be184cf4bb8b7fe99bed9efdf0455b55bbfe049663d4b46
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
79076f5e5894a65c86f101fdc051b1b77e6dcdefa5e657675cf047e0e84c3358
7a6bdf6ab6555a5f03c43b18cb3dadf141244daabc4f7d04387c8547bb0ee474
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
7c61fa1cf06e1231a6cbcbd22e6fd065c2934749e2e2af038318feaa79f54c93
7e97639114954ac5d65f5065c56d92d777ed1592dd283b3009959fa5473218cf
7fb65548f1070a02531030355eb69c1dbdaa000acc7997f5c2af52e01bc29aa4
83125d18c38dbcb80355cbca6eefda232f3e0cb6cf7f31d81b6bed70824d135d
83ea5a92614946f883e27708b26e4554e9daaf142b8bcc67c2893bfef4cfc7c2
8441152de26940c5204f4ce8dba8c6e76e8c50bf9c81f4e9a6d2f5fbaaa2a4a1
8716febe159cb3571e40b4e63c3ecd3b68dc1646d3e362760ee4e8f500aa9d4d
88fa000bc8302f91fb338ee7e13616a8dd55baa9b7df544b84914574e506f682
8b57e7b72427d4fdaa116fa3987ded1efed330eedd098e65711d9f10efd12648
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
94dc350acb3e491e883e23665acdfe801c1559d67026fbcd533dfce70d5a6270
964782412c5a1eab56dbcfcf43894d049871beb9a704c96409c8e4c9ab189e7e
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96e22a33f827f042ac4b239c21f468a17c87545df3f6b90e100d3a91b253a1e7
97dae340808fd5f481766982b3423d7e9eef1a8086a772ba978d9d0eee1f1baa
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9ccde0b5261813f9779f5edb3e3bd0ddf0de9100bd4112d8e51dd26f4ab7d77d
9d0e3af038ce6780e1df0406fc7c1e9d34d0d4fb15e9009ecea1c8e4bb910056
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
9edb23e141fe20aa066d445f9933b24561e461ab1f90a02d40dd2027023a94cc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a13492d2a8ee8f2ddbfd071c93e56fa48423ce4e0889455a5f1ef841b3b201ec
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a401ab3b7ec5aad2e82fd1df7e4b4c9eb24ea37d3689ffd3384ceaafd4571226
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e20e17e33fe6f4b0488f8547af1e685ff73b8ece971d6c780db52c6391ab38
a71b01fe1f96fc3f5287c54312e1efe386d0d9612122c926e216c6ed2c98c8e4
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
ac2429c9dd60bbe0eeab4fb4322667db2a3566125b4a1d772c488381de05b9e6
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2614739e5032eef7a58aa35faf7010861d20c62b93b0e8d42a1e8d0a2a7ffa2
b3fce6c522254e35e5dbbdd484afaacc4007ffc56c7cb235b9a6e7b15d3d6f5a
b438fcb0b6409866bcf245a57397590528a9db351cceb09953f27f9105069895
b5ba825c60f8eef36a88df50b232a9783d439faac27b00cf18c2d600469643c4
b5c7f061f5c975fc10c73d3687a8ea76711216f711d97282b5a6ea5b602a5059
b626cb98565e377b5fbb449fcb91acaaa421a333bcea9850b70ac58cf9fc4432
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b7e6c6aeb9050f23219b8ab26024f00056154a586f5a28ceb52ff0df1ea5e914
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
bc8658196ce186decd7d31b604c2466cde30c10528e20430622966e19ad6ab8d
bd64234ea26f76eb0e8d2c361c59020f15aad32cced60d6dfb871c62b7076eac
bdb58706450ca1bc1f1ee3345816d47d38f844e34c9388362f9fabfdbcca9be6
be02ae98453460a498abc7211c7048b17c3d77dd290412d5335a1bd47db09b88
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c21f115524e9e4a50120f3e71d42530bb0341b3c847b568558e4f41385c427fe
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c5f8b4170bce8ae3ccf764003a02f508d29710a8d212e596fc4ebcd388620000
ca138e0e125de786e1444b2a71ee42335397a6d1c97828fa54ed803efeda0388
ca5186c45c8b98fd128a56f0778172c5088be7086f94ab4d9c0fc0657081f29e
ca52a0eec13c48696bf05cbe5e76a0b67c73967c1f8825cfe4b733e24a775580
ccfcb6a21cb761524bd52d88d68bc9e91b82984b5d4011d36c6df1c77719cfda
cedde82046765566d0552a548e7d855bc71468381190d845685f5e24d16bc330
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1f7d57c54a2f168df796106063e89d2c6dc208ceeb2fca5257ed9297ec2bf88
d3172c5784a968ba8dad93e7b06b8db314618a2127a3e518a4d06951e9842806
d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d
d469330093a2cebd898628a339df6abaf5edcb89e85769ff79840371195a7d1f
d4c1f6add2cb4767abeb3bd68800c055096f7fbfd99006d23fc286fabae7aa5e
d5352b3b0a0852a22dee798975fdb3c764d664eeea3ffe84799e71aaf539a5fe
d6c6699a632aac7b20247601a044bcb1151bcf638d9b435ef4c29aac1d911b3f
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
da7a299825aafa3b10bce5eda176f57902d7a3e83ce413cad46deaa4dfd85a9a
db725e2f455d418fe503bf105ae1f43045035eb576fa2f667e21a8c290e06d17
dfb24cd229db2187732c7a2744b85312cf3da6be84e6e55ff7fc0e166a78d492
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e5805a7872653e56e14219ba8b955f962aa17dc6726bafdd37df1f2e45167856
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e83a6e6d3b514c443964ced040878fe12d03f326240804355adc29084ed7ca8c
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
e9c7a67c3d44c39ec0b46ca27dbd51e84b709212fc6cc5a901c34c1944fdcab8
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eba1cc3044da8d70f4edfa61e4b4415e751b8840977ebdd698a5f580e16a3697
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f63522d23e118f6d76b9797aa1c84e9e58dcd7c2005397c4adb831c12362d134
f66701275896763806723b24a98618b5ae17e48da67fea9132b98f31aaab60ae
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fcc8d02d1890db4b4310e06955eb7c309069e9672717fe97e043d6114cd105ae
fed6dc193732581a952882b0b41fdeedbf4bd20d89d631e9a94140fcb1f2c8a0
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

pcloak.blob.core.windows.net Open in urlscan Pro 20.60.220.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

450 Requests

86 %HTTPS

34 %IPv6

67 Domains

103 Subdomains

74 IPs

10 Countries

5069 kBTransfer

11237 kBSize

39 Cookies

0 Outgoing links

Redirected requests

450 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Screenshot
Live screenshot

Full Image

450
Requests

86 %
HTTPS

34 %
IPv6

67
Domains

103
Subdomains

74
IPs

10
Countries

5069 kB
Transfer

11237 kB
Size

39
Cookies

450 HTTP transactions
8 data transactions