urlscan.io logo urlscan.io
SecurityTrails logo

www.eokultv.com Open in urlscan Pro
62.182.80.100  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.eokultv.com/
Submission: On April 02 via manual from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 77 IPs in 16 countries across 64 domains to perform 308 HTTP transactions. The main IP is 62.182.80.100, located in Kyiv, Ukraine and belongs to YURTEH-AS, UA. The main domain is www.eokultv.com. The Cisco Umbrella rank of the primary domain is 272824.
TLS certificate: Issued by R3 on March 9th 2022. Valid for: 3 months.
This is the only time www.eokultv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 62.182.80.100 30860 (YURTEH-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:224... 16509 (AMAZON-02)
23 185.7.176.221 42910 (PREMIERDC...)
3 7 2a02:6b8::1:119 208722 (YNDX)
3 2a00:1450:400... 15169 (GOOGLE)
2 137.59.203.101 18229 (CTRLS-AS-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 142.250.184.226 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
3 108.156.255.177 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 37.157.4.25 198622 (ADFORM)
4 185.7.176.223 42910 (PREMIERDC...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 18.168.166.39 16509 (AMAZON-02)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
3 185.86.138.121 201081 (SMARTADSE...)
3 10 185.33.220.240 29990 (ASN-APPNEX)
1 35.241.45.217 15169 (GOOGLE)
1 34.102.243.38 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:401... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638::b 44788 (ASN-CRITE...)
7 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2600:9000:21a... 16509 (AMAZON-02)
1 178.250.0.160 44788 (ASN-CRITE...)
7 178.250.2.135 44788 (ASN-CRITE...)
3 178.250.0.162 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 68.67.179.87 29990 (ASN-APPNEX)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 142.250.186.98 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
7 26 172.217.18.98 15169 (GOOGLE)
3 10 69.192.160.245 16625 (AKAMAI-AS)
1 185.7.176.4 42910 (PREMIERDC...)
2 18.200.144.205 16509 (AMAZON-02)
2 3 2001:678:cb4:... 56396 (AMOBEE)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 159.122.14.34 36351 (SOFTLAYER)
3 52.223.40.198 16509 (AMAZON-02)
2 2 213.155.156.169 1299 (TWELVE99 ...)
3 4 192.82.242.209 62713 (AS-PUBMATIC)
3 3 18.156.0.31 16509 (AMAZON-02)
2 2600:9000:224... 16509 (AMAZON-02)
1 213.202.235.9 24961 (MYLOC-AS ...)
1 1 151.101.66.49 54113 (FASTLY)
3 3 37.157.2.237 198622 (ADFORM)
1 1 69.173.144.165 26667 (RUBICONPR...)
1 185.86.139.104 201081 (SMARTADSE...)
1 1 20.72.149.136 8075 (MICROSOFT...)
2 141.95.3.10 16276 (OVH)
1 138.201.84.245 24940 (HETZNER-AS)
2 4 103.229.206.240 30419 (MEDIAMATH...)
1 2.18.233.201 16625 (AKAMAI-AS)
3 69.192.160.186 16625 (AKAMAI-AS)
12 104.244.36.20 7415 (ADSAFE-1)
1 5 138.201.84.244 24940 (HETZNER-AS)
1 1 185.7.176.222 42910 (PREMIERDC...)
1 2 142.250.185.230 15169 (GOOGLE)
2 85.114.131.234 24961 (MYLOC-AS ...)
2 172.217.23.98 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 18.194.74.100 16509 (AMAZON-02)
1 72.251.249.14 29791 (VOXEL-DOT...)
1 1 34.203.157.179 14618 (AMAZON-AES)
2 2 188.42.29.167 7979 (SERVERS-COM)
1 2600:9000:224... 16509 (AMAZON-02)
2 3 213.19.147.45 3356 (LEVEL3)
1 51.89.9.251 16276 (OVH)
1 184.87.212.214 16625 (AKAMAI-AS)
1 2 209.54.180.3 16509 (AMAZON-02)
1 185.33.221.91 29990 (ASN-APPNEX)
1 173.231.180.197 29791 (VOXEL-DOT...)
1 1 52.44.238.197 14618 (AMAZON-AES)
1 66.155.71.149 13768 (COGECO-PEER1)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
308 77
8    62.182.80.100 (Kyiv, Ukraine)

ASN30860 (YURTEH-AS, UA)
PTR: hosted-by.specialservers
www.eokultv.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:9000:224a:7a00:7:6b7b:1000:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdki.truepush.com
23    185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
static.virgul.com
ng.virgul.com
ng2.virgul.com
logger.virgul.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    137.59.203.101 (India)

ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN)
sdk.truepush.com
1    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
13    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
pubads.g.doubleclick.net
26    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    108.156.255.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-255-177.dus51.r.cloudfront.net
c.amazon-adsystem.com
13    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
4    185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
c1.imgiz.com
i1.imgiz.com
istr-n23.nktcdn.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    18.168.166.39 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-166-39.eu-west-2.compute.amazonaws.com
spadsync.com
8    2606:4700:10::ac43:2ac9 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
3    185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
10    185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
1    34.102.243.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.243.102.34.bc.googleusercontent.com
pandg.tapad.com
4    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
3    2a00:1450:4014:80e::200a (Ireland)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
19    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
7    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2600:9000:21a1:a800:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
7    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
3    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    68.67.179.87 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com
1    2606:4700:3033::6815:3f0d (United States)

ASN13335 (CLOUDFLARENET, US)
quantumsyndication.com
4    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
12    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
26    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
10    69.192.160.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-245.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    185.7.176.4 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
panel.izlesene.com
2    18.200.144.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-144-205.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
3    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    213.155.156.169 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-169.teliacarrier-cust.com
d5p.de17a.com
4    192.82.242.209 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2600:9000:224a:4a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    213.202.235.9 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
1    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    20.72.149.136 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    141.95.3.10 (France)

ASN16276 (OVH, FR)
PTR: p31.id5-sync.com
id5-sync.com
1    138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de
hal9000.redintelligence.net
4    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
sync.mathtag.com
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
3    69.192.160.186 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-186.deploy.static.akamaitechnologies.com
cdn.adnxs.com
acdn.adnxs.com
12    104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com
dt.adsafeprotected.com
5    138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de
hal900026.redintelligence.net
1    185.7.176.222 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
istr.izlesene.com
2    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
5994599.fls.doubleclick.net
2    85.114.131.234 (Rheinfelden, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21038.dus4.fastwebserver.de
cdn.contentspread.net
2    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
ade.googlesyndication.com
3    2a00:1450:4006:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    18.194.74.100 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-74-100.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    34.203.157.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-157-179.compute-1.amazonaws.com
ssp.disqus.com
2    188.42.29.167 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    2600:9000:224a:e600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    213.19.147.45 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
usermatch.targeting.unrulymedia.com
sync.1rx.io
1    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    184.87.212.214 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-212-214.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: ams-delivery-4.sys.adgear.com
cm.adgrx.com
1    52.44.238.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-238-197.compute-1.amazonaws.com
nep.advangelists.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    85.114.159.93 (Rheinfelden, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
Apex Domain
Subdomains		 Transfer
55 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
cm.g.doubleclick.net — Cisco Umbrella Rank: 206
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 66848
pubads.g.doubleclick.net — Cisco Umbrella Rank: 478
323 KB
51 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 125
ade.googlesyndication.com — Cisco Umbrella Rank: 261
393 KB
23 virgul.com
static.virgul.com — Cisco Umbrella Rank: 99502
ng.virgul.com — Cisco Umbrella Rank: 73704
ng2.virgul.com — Cisco Umbrella Rank: 80391
logger.virgul.com — Cisco Umbrella Rank: 144938
214 KB
19 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 245
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1300
cdn.adnxs.com — Cisco Umbrella Rank: 1396
acdn.adnxs.com — Cisco Umbrella Rank: 560
secure.adnxs.com — Cisco Umbrella Rank: 436
89 KB
17 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
pix.eu.criteo.net — Cisco Umbrella Rank: 7880
csm.eu.criteo.net — Cisco Umbrella Rank: 7886
32 KB
16 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 523
static.adsafeprotected.com — Cisco Umbrella Rank: 524
dt.adsafeprotected.com — Cisco Umbrella Rank: 468
99 KB
12 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 257
349 KB
10 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 536
11 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 7
adservice.google.com — Cisco Umbrella Rank: 76
2 KB
8 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 10254
sync.quantumdex.io — Cisco Umbrella Rank: 4416
4 KB
8 eokultv.com
www.eokultv.com — Cisco Umbrella Rank: 272824
160 KB
7 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 280
imasdk.googleapis.com — Cisco Umbrella Rank: 405
fonts.googleapis.com — Cisco Umbrella Rank: 45
416 KB
6 gstatic.com
csi.gstatic.com
www.gstatic.com
14 KB
6 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 31903
hal900026.redintelligence.net — Cisco Umbrella Rank: 237283
8 KB
5 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 2574
pixel.mathtag.com — Cisco Umbrella Rank: 1197
sync.mathtag.com — Cisco Umbrella Rank: 438
3 KB
5 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 610
ads.pubmatic.com — Cisco Umbrella Rank: 453
7 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 169
181 KB
5 adform.net
adx.adform.net — Cisco Umbrella Rank: 3975
c1.adform.net — Cisco Umbrella Rank: 571
2 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 290
s.amazon-adsystem.com — Cisco Umbrella Rank: 278
41 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 5640
adservice.google.de — Cisco Umbrella Rank: 8069
2 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9053
2 KB
4 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1328
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1219
1 KB
4 truepush.com
sdki.truepush.com — Cisco Umbrella Rank: 49246
sdk.truepush.com — Cisco Umbrella Rank: 62134
22 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
1 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 326
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 756
r.turn.com — Cisco Umbrella Rank: 3000
1 KB
3 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14133
ads.eu.criteo.com — Cisco Umbrella Rank: 7887
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10325
53 KB
3 imgiz.com
c1.imgiz.com — Cisco Umbrella Rank: 138484
i1.imgiz.com — Cisco Umbrella Rank: 341423
132 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
55 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 534
1 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1734
1 KB
2 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 52453
35 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 607
2 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5026
720 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 809
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2899
207 B
2 izlesene.com
panel.izlesene.com — Cisco Umbrella Rank: 275298
istr.izlesene.com — Cisco Umbrella Rank: 172050
1 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1906
24 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2894
69 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
68 KB
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1593
584 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 613
191 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2321
232 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1479
408 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 841
814 B
1 unrulymedia.com
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 3286
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 728
241 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 8081
291 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 602
277 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 588
239 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 207
1 KB
1 nktcdn.com
istr-n23.nktcdn.com — Cisco Umbrella Rank: 450749
1 MB
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2716
1000 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 348
460 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 575
536 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 13097
1 KB
1 quantumsyndication.com
quantumsyndication.com — Cisco Umbrella Rank: 43389
570 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 431
9 KB
1 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1381
689 B
1 tapad.com
pandg.tapad.com — Cisco Umbrella Rank: 1783
221 B
1 pghub.io
pghub.io — Cisco Umbrella Rank: 1598
4 KB
1 spadsync.com
spadsync.com — Cisco Umbrella Rank: 125937
308 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 782
416 B
0 googlevideo.com Failed
rr3---sn-4g5lznek.googlevideo.com — Cisco Umbrella Rank: 58002 Failed
308 64
Domain Requested by
26 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
www.eokultv.com
ssum-sec.casalemedia.com
26 pagead2.googlesyndication.com static.virgul.com
pagead2.googlesyndication.com
www.eokultv.com
7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
srcdoc
tpc.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
19 tpc.googlesyndication.com googleads.g.doubleclick.net
www.eokultv.com
7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
12 dt.adsafeprotected.com 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
www.eokultv.com
12 s0.2mdn.net 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
imasdk.googleapis.com
www.eokultv.com
s0.2mdn.net
10 ib.adnxs.com 3 redirects static.virgul.com
googleads.g.doubleclick.net
acdn.adnxs.com
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
www.eokultv.com
10 securepubads.g.doubleclick.net static.virgul.com
securepubads.g.doubleclick.net
www.eokultv.com
www.googletagservices.com
9 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
8 ng.virgul.com static.virgul.com
www.eokultv.com
8 www.eokultv.com www.eokultv.com
7 sync.quantumdex.io static.virgul.com
sync.quantumdex.io
ssum-sec.casalemedia.com
7 pix.eu.criteo.net ads.eu.criteo.com
7 static.criteo.net ads.eu.criteo.com
6 logger.virgul.com c1.imgiz.com
6 static.virgul.com www.eokultv.com
static.virgul.com
5 hal900026.redintelligence.net 1 redirects www.eokultv.com
hal900026.redintelligence.net
5 nym1-ib.adnxs.com static.virgul.com
nym1-ib.adnxs.com
cdn.adnxs.com
5 www.googletagservices.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
5 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5994599.fls.doubleclick.net
imasdk.googleapis.com
5 mc.yandex.com 2 redirects www.eokultv.com
4 image6.pubmatic.com 3 redirects ads.pubmatic.com
4 googleads4.g.doubleclick.net www.eokultv.com
4 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
4 www.google.com 1 redirects www.eokultv.com
7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 www.gstatic.com 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
3 fonts.googleapis.com 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
client
3 csi.gstatic.com imasdk.googleapis.com
3 tags.mathtag.com 1 redirects www.eokultv.com
nym1-ib.adnxs.com
3 c1.adform.net 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 match.adsrvr.org 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
static.virgul.com
ssum-sec.casalemedia.com
3 ng2.virgul.com www.eokultv.com
3 csm.eu.criteo.net ads.eu.criteo.com
3 imasdk.googleapis.com c1.imgiz.com
imasdk.googleapis.com
www.eokultv.com
3 prg.smartadserver.com static.virgul.com
3 c.amazon-adsystem.com static.virgul.com
c.amazon-adsystem.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 sync.1rx.io 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 ads.betweendigital.com 2 redirects
2 pubads.g.doubleclick.net imasdk.googleapis.com
www.eokultv.com
2 ade.googlesyndication.com www.eokultv.com
2 cdn.contentspread.net hal900026.redintelligence.net
2 acdn.adnxs.com www.eokultv.com
static.virgul.com
2 5994599.fls.doubleclick.net 1 redirects www.eokultv.com
2 id5-sync.com 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
sync.quantumdex.io
2 static.adsafeprotected.com pixel.adsafeprotected.com
7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
2 d5p.de17a.com 2 redirects
2 um.simpli.fi 2 redirects
2 dclk-match.dotomi.com 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 pixel.adsafeprotected.com 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
2 script.4dex.io static.virgul.com
script.4dex.io
2 c1.imgiz.com www.eokultv.com
c1.imgiz.com
2 adx.adform.net static.virgul.com
2 sdk.truepush.com sdki.truepush.com
2 mc.yandex.ru 1 redirects www.eokultv.com
2 sdki.truepush.com www.eokultv.com
sdki.truepush.com
2 www.googletagmanager.com www.eokultv.com
1 dsp.adfarm1.adition.com 1 redirects
1 sync.mathtag.com 1 redirects
1 pixel-sync.sitescout.com ssum-sec.casalemedia.com
1 nep.advangelists.com 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 secure.adnxs.com ssum-sec.casalemedia.com
1 ads.pubmatic.com sync.quantumdex.io
1 onetag-sys.com sync.quantumdex.io
1 usermatch.targeting.unrulymedia.com sync.quantumdex.io
1 ssum-sec.casalemedia.com sync.quantumdex.io
1 s.ad.smaato.net sync.quantumdex.io
1 ssp.disqus.com 1 redirects
1 ap.lijit.com sync.quantumdex.io
1 match.sharethrough.com 1 redirects
1 yt3.ggpht.com www.eokultv.com
1 istr-n23.nktcdn.com www.eokultv.com
1 istr.izlesene.com 1 redirects
1 i1.imgiz.com www.eokultv.com
1 cdn.adnxs.com nym1-ib.adnxs.com
1 pixel.mathtag.com nym1-ib.adnxs.com
1 hal9000.redintelligence.net www.eokultv.com
1 sync.inmobi.com 1 redirects
1 ssbsync.smartadserver.com 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 m.exactag.com 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
1 r.turn.com www.eokultv.com
1 panel.izlesene.com c1.imgiz.com
1 quantumsyndication.com static.virgul.com
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 secure-gl.imrworldwide.com ads.eu.criteo.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
1 pandg.tapad.com pghub.io
1 pghub.io static.virgul.com
1 useast.quantumdex.io static.virgul.com
1 spadsync.com static.virgul.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.de www.eokultv.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ajax.googleapis.com www.eokultv.com
0 rr3---sn-4g5lznek.googlevideo.com Failed www.eokultv.com
308 104

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
Subject Issuer Validity Valid
cpanel.eokultv.com
R3		 2022-03-09 -
2022-06-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
sdki.truepush.com
Amazon		 2021-09-24 -
2022-10-23		 a year crt.sh
*.virgul.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-04 -
2022-11-04		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.truepush.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-13 -
2022-09-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.imgiz.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-08 -
2022-10-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-08 -
2022-07-07		 a year crt.sh
www.spadsync.com
Sectigo RSA Domain Validation Secure Server CA		 2021-04-26 -
2022-04-26		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-02 -
2023-02-17		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-13 -
2022-06-09		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-19 -
2022-06-18		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-03 -
2022-05-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.izlesene.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-11 -
2022-10-13		 2 years crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2021-08-16 -
2022-09-14		 a year crt.sh
redintelligence.net
R3		 2022-03-29 -
2022-06-27		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.adsafeprotected.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-26 -
2022-06-17		 a year crt.sh
contentspread.net
R3		 2022-03-31 -
2022-06-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh

This page contains 36 frames:

Primary Page: https://www.eokultv.com/
Frame ID: E66FCE985B077E71173C01F439A4976E
Requests: 99 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html
Frame ID: 34B082B4EDED763C056E8F74117CDBE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3025194257&lmt=1648919878&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.eokultv.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648919878168&bpp=3&bdt=530&idt=103&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2447291369905&frm=20&pv=2&ga_vid=1853782577.1648919878&ga_sid=1648919878&ga_hid=1348238626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065922&oid=2&pvsid=2854345458056617&pem=914&tmod=2081614314&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=119
Frame ID: D58050018B6A82CEE22F262A775AB379
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7001363072656594&output=html&h=280&slotname=9259565938&adk=630483377&adf=1964865421&pi=t.ma~as.9259565938&w=640&fwrn=4&fwrnh=100&lmt=1648919878&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fwww.eokultv.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648919878171&bpp=2&bdt=533&idt=121&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2447291369905&frm=20&pv=2&ga_vid=1853782577.1648919878&ga_sid=1648919878&ga_hid=1348238626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065922&oid=2&pvsid=2854345458056617&pem=914&tmod=2081614314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BupTCMWROF&p=https%3A//www.eokultv.com&dtd=124
Frame ID: 5A08F4B026EF58B218413A04C16B753B
Requests: 8 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Fwww.eokultv.com%2F&owner=P%26G&bp_id=noktacommedya&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: F0100334DFF1FD14E7B2184A9CAA5EF4
Requests: 1 HTTP requests in this frame

Frame: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D86C05EE8464F5E0660BED4B563BED3C
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Frame ID: DA40A0D974216BEE6126F9FFEAE85B5D
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqruJ6PFCE6k60nqMu3H_gOsAZfXuIG4AWDaRbosUeVJjx7nxPttIk2Ki6JXPvTPRRhUIDmFJy5m93ddeQd718nsXUY5LbNBSC_Am6tLP5N_h5mcSzqsixICKXoJI8vAfA36JQvWf_sAbkXH_3u2aS-rinvVQ7uFEUo3o-GawTcVCcmDptyhB4ImOOMm4M1w6zKu5ilXlcmGJ7LTFRQGTMqKnjEv-bPtt9npfrq9vdzYRo1-akuCsT2m261iYwctjgPwA_dPrR1lfoW2_3vlTpgOqRVKArsvbTSOWjWADsUaTkfhlTCZi4QR7I8_guzvwL7NNfXXhc&sig=Cg0ArKJSzH2X0xiJdDv8EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6DFFCEB7ABF205BB6D439727632EE08A
Requests: 18 HTTP requests in this frame

Frame: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F2BDD1DC39AC4EB8EED27CC288EE28A0
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhD9lnEY7oqTwAEwAQ&v=APEucNUnhrK4g47vgMXiJOFXGsxIZdDUZdbtlv0V-OR_yLf8pW0D0x2uVc-MjEl1Zz28PZWlrr3loSjmV7FHfmN_9pFgf1xXb5MSoWm7FeNbTAeDIAXraMRKtzEBWn2nYTjdW4EshreMb6WgjPozTzGBldzgR3uMszpI62KiFe5eDrFqB6VTTQA
Frame ID: F6B60BA05889CBCEC1A9E8F557705880
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FE9DF414BD68E0C634BFD7647146DEA0
Requests: 9 HTTP requests in this frame

Frame: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B414CBE18B8216E06C0E54FA453859B2
Requests: 32 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 063BCFF9779E7F6C78EE96CF8A07108F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.508.0_tr.html
Frame ID: 3B81076D6FEA2AFDD0FC8A03700A5B1B
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D9609B36D3D9D13C00A4D8528A7B7161
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY7sWavQEwAQ&v=APEucNXaxQASN137WfVVwXpxR-9vZ0GIMs8XqmMymmXGa4Wu0ykc-ffBgQrG-d538GpTA0mYnU9Y1DT2tc6Y2mRdeNnLnTKQEPzGzqkrauljpKgyL6otUHm50dPHi7ajWTnjVM4DLSn4GXyoKMK3NbAtr3mbiZT4Lgc_xb-GZwO_Jm46LC5ptzs
Frame ID: 6A8C9FD497015205AB907A9710848DD7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 56EC61364B9E26958C60D6A60A86CD62
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18373632269202048398/index.html?e=69&leftOffset=0&topOffset=0&c=RU0O2hr8RI&t=1&renderingType=2
Frame ID: B8BD55967A3487E359455EF79F3B8DF1
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 76B5A7EDD993FC6EB0B04360F2D95DF5
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 7242B6A45178534BE238CA319A59E5A9
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIK71J3x9fYCFSZDHQkdQDMJaQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=291758397655.0353
Frame ID: 2D40259E669785C93173B62C6AAD1031
Requests: 2 HTTP requests in this frame

Frame: https://hal900026.redintelligence.net/request_content.php?s=71568300167186400951423011917026&a=5a583894
Frame ID: E6AFBA92DBE2A1C29A611811B7399FFE
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11711&pub_id=1863631
Frame ID: 59EEA78062F12A081C31E7074FF3B3E2
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Frame ID: AEBE8FDBC4D51647EE0617D8DEA04BE0
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 38E998188D0B2131A8BE244618E38F09
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 318ADC18F698901B20C73088B509CE6C
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 7292D03CFA76CF2B42E4D8A1FA7DA5BF
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 45E7A59E07CFA47E75D3EA52823E54B9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 119A6F48D0B71206F5B21C7D73C51D9C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: D01F54792823BDEB459E71548D73AF31
Requests: 2 HTTP requests in this frame

Frame: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 82723A8ECDAED264C261E71DD2BAA109
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 0C1B448E85E5051DDC81FD0D19B5BF04
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A8C0A982DB3A4E0D8D4A81A332C317E0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ECA41A41778ADF355B73119361EB950C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 27537EEE59CE39D294692D5C63BDC28B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D122069219A88E50EE285A9187E96EA1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Konu anlatımları, Ders Notları ve Test Soruları Çözümleri

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

308
Requests

87 %
HTTPS

37 %
IPv6

64
Domains

104
Subdomains

77
IPs

16
Countries

4198 kB
Transfer

8938 kB
Size

62
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9596.0D5AAtRXZXfBIm_-EY9hNI3dZW0Npu5pHxuyYt8IYNJxSX0hBY3XrFCGhrT33jph.y1Z6NmxmfuvfF-Ibi2-R29itZsk%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9596.0Yz08ESKxNOi5B9yZzE4L6-YGQMP6rPlpvzAmlUJAoI7HuZYvhoaCiWZHaiB32pwUVM-bnhuPv5-uCnRjJCvWQ%2C%2C.LVC9imt9aS7f0mcrEVdiTL-Os3w%2C
Request Chain 38
  • https://mc.yandex.com/watch/24313435?wmode=7&page-url=https%3A%2F%2Fwww.eokultv.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn5rb8pyhvi%3Afp%3A286%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A388799882254%3Ahid%3A305579638%3Az%3A0%3Ai%3A20220402171758%3Aet%3A1648919878%3Ac%3A1%3Arn%3A68203955%3Arqn%3A1%3Au%3A1648919878788021874%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1648919877490%3Ads%3A22%2C81%2C39%2C1%2C%2C0%2C%2C192%2C9%2C%2C%2C%2C336%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1648919878%3At%3AKonu%20anlat%C4%B1mlar%C4%B1%2C%20Ders%20Notlar%C4%B1%20ve%20Test%20Sorular%C4%B1%20%C3%87%C3%B6z%C3%BCmleri&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/24313435/1?wmode=7&page-url=https%3A%2F%2Fwww.eokultv.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn5rb8pyhvi%3Afp%3A286%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A388799882254%3Ahid%3A305579638%3Az%3A0%3Ai%3A20220402171758%3Aet%3A1648919878%3Ac%3A1%3Arn%3A68203955%3Arqn%3A1%3Au%3A1648919878788021874%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1648919877490%3Ads%3A22%2C81%2C39%2C1%2C%2C0%2C%2C192%2C9%2C%2C%2C%2C336%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1648919878%3At%3AKonu%20anlat%C4%B1mlar%C4%B1%2C%20Ders%20Notlar%C4%B1%20ve%20Test%20Sorular%C4%B1%20%C3%87%C3%B6z%C3%BCmleri&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 110
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAh4SeR2yKWpTkJqpIc6Flk&google_cver=1
Request Chain 111
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkiFRzp8vi1ZJDnFZ9B05QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELmQ3PG-yEY67XdthEvKkoo&google_cver=1
Request Chain 112
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBCvCDa37B8oFDuDMjjAQao&google_cver=1
Request Chain 113
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0OTQ2Mzc1NzY2MTcxNTAzNQ%3D%3D
Request Chain 131
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAAwISpzs0FZFMZB2LcZD2U&google_cver=1&google_push=AYg5qPL4AUy8FDO884PLFnW0o3PlxLjcCzT8zFW5NpLilaz1f2_gzyz40tqG-RV75aSUQALAtSflndxql4PuawMPfqYsmOP5Zv0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA1MDYzMTM5OTc2MjI2ODQzNA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHEkKjhnAKzK6ILF5AM-IKc&google_cver=1
Request Chain 133
  • https://um.simpli.fi/gp_match?google_gid=CAESEIj7CHJ5me573CEoSRjhxwg&google_cver=1&google_push=AYg5qPIKGho0cUMjqitW5j1UfX9cGjEN9MVpmQDykP1WL9e4qbIJHYh8yFVQDLNaHpTE85oPciyv-1q7Fp4Dhyytt-O2SGm9PRE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E091AEA1DD4D4C56A8296EC52DF39C32&google_push=AYg5qPIKGho0cUMjqitW5j1UfX9cGjEN9MVpmQDykP1WL9e4qbIJHYh8yFVQDLNaHpTE85oPciyv-1q7Fp4Dhyytt-O2SGm9PRE
Request Chain 135
  • https://d5p.de17a.com/cookies/google?google_gid=CAESECDn9w1M9JxfILoacl_P6Ps&google_cver=1&google_push=AYg5qPJmNWbUjyTctvjnQBlvX1qPq6JrzEU2cIKCe-kXkXafN6ve0RElxI2mIf3MRBU86rUeqYMj-szpOq1oCX2sHL-jmQz5K0LV HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESECDn9w1M9JxfILoacl_P6Ps&google_cver=1&google_push=AYg5qPJmNWbUjyTctvjnQBlvX1qPq6JrzEU2cIKCe-kXkXafN6ve0RElxI2mIf3MRBU86rUeqYMj-szpOq1oCX2sHL-jmQz5K0LV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJmNWbUjyTctvjnQBlvX1qPq6JrzEU2cIKCe-kXkXafN6ve0RElxI2mIf3MRBU86rUeqYMj-szpOq1oCX2sHL-jmQz5K0LV
Request Chain 136
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELRv5ucSxIpsk_LO13duDR8&google_cver=1&google_push=AYg5qPJt-cA0CKCuADBS1gJZXOpidAtEk8oaz1p_wRMXfSwm3vICKsedxnX4SoOu7n2lGLp3ZPSMSqJauV9mcnRi9lDAV2j8xPfg HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELRv5ucSxIpsk_LO13duDR8&google_cver=1&google_push=AYg5qPJt-cA0CKCuADBS1gJZXOpidAtEk8oaz1p_wRMXfSwm3vICKsedxnX4SoOu7n2lGLp3ZPSMSqJauV9mcnRi9lDAV2j8xPfg&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bY4PdLL2TMmXM7bCTa3c1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJt-cA0CKCuADBS1gJZXOpidAtEk8oaz1p_wRMXfSwm3vICKsedxnX4SoOu7n2lGLp3ZPSMSqJauV9mcnRi9lDAV2j8xPfg
Request Chain 137
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOUvUm4kXLxar3RB64rJNpA&google_cver=1&google_push=AYg5qPKkMgWK1a83_9mxMVDEjj7m5rU7tOWtvNFp-NJUiz1SUVAArZVkkJXrk9tn2PDWrvaBLtOXKPQaNzlROoY-dSQK3N8mVToczg HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOUvUm4kXLxar3RB64rJNpA&google_cver=1&google_push=AYg5qPKkMgWK1a83_9mxMVDEjj7m5rU7tOWtvNFp-NJUiz1SUVAArZVkkJXrk9tn2PDWrvaBLtOXKPQaNzlROoY-dSQK3N8mVToczg&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS13N3FLbjJKRTJ1RkZTVkdWVmo0TGVtb2c3RVZqWFZMMX5B&google_push=AYg5qPKkMgWK1a83_9mxMVDEjj7m5rU7tOWtvNFp-NJUiz1SUVAArZVkkJXrk9tn2PDWrvaBLtOXKPQaNzlROoY-dSQK3N8mVToczg
Request Chain 140
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELmQ3PG-yEY67XdthEvKkoo&google_cver=1
Request Chain 141
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkiFRzp8vi1ZJDnFZ9B05QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELmQ3PG-yEY67XdthEvKkoo&google_cver=1
Request Chain 142
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBCvCDa37B8oFDuDMjjAQao&google_cver=1
Request Chain 143
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0OTQ2Mzc1NzY2MTcxNTAzNQ%3D%3D
Request Chain 160
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDIhqDTOc-7AcSyyNhDej3M&google_cver=1&google_push=AYg5qPKiPclo0E6O4s8JfMAE1lXr8e5-9LCTSqiUlSB0VH2GtMWf8C9aozqzX_3Bnm5tRFqStJfDIw-JJm9NZJ0hKUdmEYAwDAc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDIhqDTOc-7AcSyyNhDej3M&google_push=AYg5qPKiPclo0E6O4s8JfMAE1lXr8e5-9LCTSqiUlSB0VH2GtMWf8C9aozqzX_3Bnm5tRFqStJfDIw-JJm9NZJ0hKUdmEYAwDAc
Request Chain 161
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDXbd0nnV66rhcMDtvubGKs&google_cver=1&google_push=AYg5qPLloIyyMLneibnW-mmP4WOMKg4pfEnB7LT8XM2vjTtNQxK6IFw0U7dShd1idFtuis3NhPPvJ0eRjN4E0XgkturXBcN6Gks HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDXbd0nnV66rhcMDtvubGKs&google_cver=1&google_push=AYg5qPLloIyyMLneibnW-mmP4WOMKg4pfEnB7LT8XM2vjTtNQxK6IFw0U7dShd1idFtuis3NhPPvJ0eRjN4E0XgkturXBcN6Gks HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTYwMDM5NDEzMTc3NzY5MTI2OQ&google_push=AYg5qPLloIyyMLneibnW-mmP4WOMKg4pfEnB7LT8XM2vjTtNQxK6IFw0U7dShd1idFtuis3NhPPvJ0eRjN4E0XgkturXBcN6Gks
Request Chain 162
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFop7N24A2raGQsJVX6V2G0&google_cver=1&google_push=AYg5qPL2Wa7TfV2YK-1R2OxR3yZwWcFchgpeyMmmWieCwspQi6_vVaNZYuw6CO5t2B_NAh7ER80ykyE6hsgxbnPLd__819jZKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFJNEJMWTAtMU0tSDRZMA==&google_push=AYg5qPL2Wa7TfV2YK-1R2OxR3yZwWcFchgpeyMmmWieCwspQi6_vVaNZYuw6CO5t2B_NAh7ER80ykyE6hsgxbnPLd__819jZKR4
Request Chain 163
  • https://match.360yield.com/match/ebda?google_gid=CAESEPjvL5716R-62drWrEebQD8&google_cver=1&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEPjvL5716R-62drWrEebQD8&google_cver=1&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4
Request Chain 165
  • https://sync.inmobi.com/gob?google_gid=CAESEB58FgWt1l8iGki_OO84ajE&google_cver=1&google_push=AYg5qPI0mxo9o1JbPpWQ6VQbwWvmnz8M72wMnouNqilHWsN0aQ8UA6JlknHHY3_5YMm9DWa8sWdRNzLT4EjbOTxpuZPr7rqNjnlg HTTP 302
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAYg5qPI0mxo9o1JbPpWQ6VQbwWvmnz8M72wMnouNqilHWsN0aQ8UA6JlknHHY3_5YMm9DWa8sWdRNzLT4EjbOTxpuZPr7rqNjnlg&gdpr_consent=&gdpr=
Request Chain 168
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTlRReU5qUXlPR0V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNzIxODg1NzIxNzgxMzIzMjkvNjYyMjM5Mi80NTYyMzEyLzEzL1BlbXpRQWFSM0I1dVJGREFuYjNKUHdMXzBtY3hxN1pjTjR6VEU4a0o0X0UvMS8xMy8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYyNzIxODg1NzIxNzgxMzIzMjkvaWFkLzAvOTE3LzgwLzk5OS8zMjIvMjAwMTphYzg6MjA6MzAwOjovMC4wMDAvMTY0ODkxOTg3OC8xNjQ4OTMyNDc4LzEzLzExNzExLw/iKkTldxNSmxuxsSp2Skm5sU0aH4&nodeid=1929&group=iad&auctionid=6272188572178132329&shardkey=6272188572178132329&sid=4562312&cid=6622392&bp=a_bahafd&nfy_act=LD5wew&bfip=10.128.52.92&type=imp&client=c2s HTTP 302
  • https://tags.mathtag.com/ck-confirm?bid_id=6272188572178132329&node_id=1929&exch_id=13
Request Chain 183
  • https://hal900026.redintelligence.net/request.php?zone=29avbfd1vdzq&nw=20&renderingType=javascript&namespace=eec858300f&subid=&uid=5167180dfb3fc3d8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6272188572178132329%26mt_id%3D6622392%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.eokultv.com%2F&ancestorOrigins=https%3A%2F%2Fwww.eokultv.com&random=7232040054237&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900026.redintelligence.net/request.php?zone=29avbfd1vdzq&nw=20&renderingType=javascript&namespace=eec858300f&subid=&uid=5167180dfb3fc3d8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6272188572178132329%26mt_id%3D6622392%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.eokultv.com%2F&ancestorOrigins=https%3A%2F%2Fwww.eokultv.com&random=7232040054237&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 194
  • https://istr.izlesene.com/data/videos/10522/10522896-360_2-135k.mp4?token=KrpHzNxuwmfaTajsHD63tQ&ts=1649009879&playername=npm_eokultv HTTP 302
  • https://istr-n23.nktcdn.com/data/videos/10522/10522896-360_2-135k.mp4?playername=npm_eokultv&token=GiBnQ06xo3jywaowHX7Jfg&ts=1649006280
Request Chain 196
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=291758397655.0353 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CIK71J3x9fYCFSZDHQkdQDMJaQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=291758397655.0353
Request Chain 241
  • https://rr3---sn-4g5lznek.googlevideo.com/videoplayback?expire=1648948680&ei=SIVIYsCINbqO6dsP8o-KqA4&ip=193.27.14.10&id=e804c2edd0197e60&itag=22&source=youtube&requiressl=yes&mh=xh&mm=31&mn=sn-4g5lznek&ms=au&mv=m&mvi=3&pl=26&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=38.986&lmt=1647357437585532&mt=1648919578&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAM9-6RT5YpgeYk42ToIxxyQORovnFzycEX6S4R8Z-hCqAiAA5yNgYalQf6abTRsKlI-pEEKppyVkUOdGJ6uD4ekGEA==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAInoSEmCKSRxiHsHpzIirvAPqbuYzBR-l2KWoO_TLeTHAiEAk4UsgYHs-0FhvNuxedSmVuSnzxNTNQsTgY_NUuAEKhE=&cpn=Dx5lBcoMaQkvUtat HTTP 302
  • https://rr3---sn-4g5lznek.googlevideo.com/videoplayback?expire=1648948680&ei=SIVIYsCINbqO6dsP8o-KqA4&ip=193.27.14.10&id=e804c2edd0197e60&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=38.986&lmt=1647357437585532&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAM9-6RT5YpgeYk42ToIxxyQORovnFzycEX6S4R8Z-hCqAiAA5yNgYalQf6abTRsKlI-pEEKppyVkUOdGJ6uD4ekGEA==&cpn=Dx5lBcoMaQkvUtat&redirect_counter=1&rm=sn-4g5ekk7s&req_id=2e25eaa457a836e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=xh&mip=2001:ac8:20:301::201e&mm=31&mn=sn-4g5lznek&ms=au&mt=1648919578&mv=m&mvi=3&pl=54&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgA5vWEGY8puEHmslhvbqg6cdAwu1VQCIe4frcHEPj9UcCIQC6KRiW0Zor3YhP2saFiJPIlfjNs3_kImCzMNuEhdL-5w%3D%3D
Request Chain 255
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=fcca19f4-df06-4786-9726-4f5af91e6267
Request Chain 256
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7349463757661715035
Request Chain 257
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-75Iy8lRE2uHpRAex.UBmfZpsOjZ9ZnQoeYNqWfM-~A
Request Chain 259
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=1b9c11a1-b25f-f3b2-943e-ee3a0566a6b2
Request Chain 260
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=fbbc8923-f5c5-515c-9455-4d70f61dc83a
Request Chain 268
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkiFRzp8vi1ZJDnFZ9B05QAABL0AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkiFRzp8vi1ZJDnFZ9B05QAABL0AAAAB&dcc=t
Request Chain 272
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3050631399762268434
Request Chain 273
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-8bb696fd-3178-43e4-9120-fc766414e0ae
Request Chain 292
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHKlHH0ktRG8J0n4u_F_3V0&google_cver=1&google_push=AYg5qPK0lkwN59SfGKQLGn6hEtZKaAvrnYxuu1CuTKwmHESOiO9yDFGq1gLg_dUO5qxninX8kKo_57j71NIs9HmCMXHVtBFhvjYR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=P4NiSIVIQwGzuPuJ0Jg9jw&google_push=AYg5qPK0lkwN59SfGKQLGn6hEtZKaAvrnYxuu1CuTKwmHESOiO9yDFGq1gLg_dUO5qxninX8kKo_57j71NIs9HmCMXHVtBFhvjYR
Request Chain 293
  • https://um.simpli.fi/gp_match?google_gid=CAESENSBsj6hzdnm36KaCXdto-o&google_cver=1&google_push=AYg5qPLHFoJHiVA68nrlSw17Cap_XnJ6rdHHZo4C32GAY7E4rfgoRPNW-1NSCTrKwQWlKOvAO1MLh2buhUyK6A27saPBtsYZBySM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E091AEA1DD4D4C56A8296EC52DF39C32&google_push=AYg5qPLHFoJHiVA68nrlSw17Cap_XnJ6rdHHZo4C32GAY7E4rfgoRPNW-1NSCTrKwQWlKOvAO1MLh2buhUyK6A27saPBtsYZBySM
Request Chain 294
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIjIBsajZTNkz0iFeOGX3kE&google_cver=1&google_push=AYg5qPKNzSM-RYM9LHxzyCe4Nzbfx27DETzfZFHaavXu1H8fvKvGz_7NhYVCsXn055FQYPxsVmljWQxGHeI_EPk_un7KWuEWTwPi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA4MjA1Njk2NjkyMTg0NDg4Mg%3D%3D&google_push=AYg5qPKNzSM-RYM9LHxzyCe4Nzbfx27DETzfZFHaavXu1H8fvKvGz_7NhYVCsXn055FQYPxsVmljWQxGHeI_EPk_un7KWuEWTwPi
Request Chain 296
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDXbd0nnV66rhcMDtvubGKs&google_cver=1&google_push=AYg5qPIgbSM0MRO-Y5GOJ11WKBsteVj5pEoxWauODuCd5OypHZAwRy0CzADD0tnw6olZOfd6bMUuk21kO07GazeOsfDOJdEUS3-s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTYwMDM5NDEzMTc3NzY5MTI2OQ&google_push=AYg5qPIgbSM0MRO-Y5GOJ11WKBsteVj5pEoxWauODuCd5OypHZAwRy0CzADD0tnw6olZOfd6bMUuk21kO07GazeOsfDOJdEUS3-s
Request Chain 297
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE3S7qjmhYuVuGxiCV6Rwjk&google_cver=1&google_push=AYg5qPIbjx2jLVRODm1zU1bjGB1i1F5xHYgDls9LltLNG9uR84ezCq2qGQhcgO_U0pbYc-6gqLvx_671uABeUAdIbtzHZScABx4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bY4PdLL2TMmXM7bCTa3c1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIbjx2jLVRODm1zU1bjGB1i1F5xHYgDls9LltLNG9uR84ezCq2qGQhcgO_U0pbYc-6gqLvx_671uABeUAdIbtzHZScABx4
Request Chain 298
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI7naOHqbVigIwKrH50QYqE&google_cver=1&google_push=AYg5qPJsN7bt-r-yyAe-7b2tlvYwvgmmhUhJE9Ih8X9p3OSX0bv4aLKkmJSEEXJUxu12UJ45Ba3mfu8uReZG6Bh-fm8l4Av04LM HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPJsN7bt-r-yyAe-7b2tlvYwvgmmhUhJE9Ih8X9p3OSX0bv4aLKkmJSEEXJUxu12UJ45Ba3mfu8uReZG6Bh-fm8l4Av04LM&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1648919882288 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJsN7bt-r-yyAe-7b2tlvYwvgmmhUhJE9Ih8X9p3OSX0bv4aLKkmJSEEXJUxu12UJ45Ba3mfu8uReZG6Bh-fm8l4Av04LM&google_hm=
Request Chain 300
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

308 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.eokultv.com/ 		56 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.eokultv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
62.182.80.100 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
hosted-by.specialservers
Software
LiteSpeed /
Resource Hash
0ff85b135c1caa96468ba1b0e602adc17191a39890f496cdf509da5c609a3f71

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
12759
content-type
text/html; charset=UTF-8
date
Sat, 02 Apr 2022 17:17:51 GMT
etag
"483814-1648878713;br"
link
<https://www.eokultv.com/wp-json/>; rel="https://api.w.org/"
server
LiteSpeed
vary
Accept-Encoding
x-dns-prefetch-control
on
x-litespeed-cache
hit
3b02fc6f00176eee9785d17128ab057d.css
www.eokultv.com/wp-content/litespeed/css/ 		221 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.eokultv.com/wp-content/litespeed/css/3b02fc6f00176eee9785d17128ab057d.css?ver=28515
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
62.182.80.100 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
hosted-by.specialservers
Software
LiteSpeed /
Resource Hash
568224b4dd6a136ac82ac53a7549d9cd8f0d2bb81c386e29c171b2350d1ebbfa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:51 GMT
content-encoding
br
last-modified
Thu, 31 Mar 2022 08:37:30 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=9557600
accept-ranges
bytes
content-length
34081
expires
Fri, 22 Jul 2022 08:11:11 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js?ver=1.11.3
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 02:32:50 GMT
x-content-type-options
nosniff
age
571507
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95992
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Mar 2023 02:32:50 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-77747364-1
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1cc2680f54743e359387f47ff8d53689c70c21ca7098868125b4ef537e7a7552
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38071
x-xss-protection
0
last-modified
Sat, 02 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 02 Apr 2022 17:17:57 GMT
app.js
sdki.truepush.com/sdk/v2.0.2/ 		1 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sdki.truepush.com/sdk/v2.0.2/app.js
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:7a00:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c600adb1e3d6281621818ba058f98a8fa9ba43bd31a97c2cf98901400ba6f461

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 20:56:30 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 07:22:36 GMT
server
AmazonS3
age
2492488
etag
"b861f6349fdb27190bd25dbfcd7674ff"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
cache-control
max-age=864000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
581
x-amz-cf-id
_b0PqbkQBD-hAVvTJepp4924eVJYVxFaX1xJgx64WqQPc_ffvG57wQ==
ddff47423acc2977f2133ac75982fde2.js
www.eokultv.com/wp-content/litespeed/js/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.eokultv.com/wp-content/litespeed/js/ddff47423acc2977f2133ac75982fde2.js?ver=28515
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
62.182.80.100 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
hosted-by.specialservers
Software
LiteSpeed /
Resource Hash
993ab74e4e6ba0446a3a736205e969d4adbbb0c48b8396e81dfc8bb9227400d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:51 GMT
content-encoding
br
last-modified
Thu, 31 Mar 2022 08:37:31 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=9557600
accept-ranges
bytes
content-length
33104
expires
Fri, 22 Jul 2022 08:11:11 GMT
gtm.js
www.googletagmanager.com/ 		78 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T9D9LMJ
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4a1d57a67541aa08804071d11cc74a7e17b13bb667eb2527700efa39f1c36ed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31157
x-xss-protection
0
last-modified
Sat, 02 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 02 Apr 2022 17:17:57 GMT
truncated
/ 		541 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56ccade3930ecd2a0b5182954c44bcf42987ffe664c95678ae78a2f0d1a8ba6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
cssspr.png
www.eokultv.com/wp-content/themes/netegitim/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.eokultv.com/wp-content/themes/netegitim/cssspr.png
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/wp-content/litespeed/css/3b02fc6f00176eee9785d17128ab057d.css?ver=28515
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.182.80.100 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
hosted-by.specialservers
Software
LiteSpeed /
Resource Hash
eb08598849aeb07ab4cf9eb083f665672a690700791647e48c11828486696823

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/wp-content/litespeed/css/3b02fc6f00176eee9785d17128ab057d.css?ver=28515
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:51 GMT
last-modified
Fri, 17 Sep 2021 21:46:03 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=9557600
accept-ranges
bytes
content-length
1175
expires
Fri, 22 Jul 2022 08:11:11 GMT
truncated
/ 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
643d6f2ff70d3e19c32e392bf11475635d6d896d7f3847c964c2250c3c46f7b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
icon-calendar-widget.png
www.eokultv.com/wp-content/themes/netegitim/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.eokultv.com/wp-content/themes/netegitim/images/icon-calendar-widget.png
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/wp-content/litespeed/css/3b02fc6f00176eee9785d17128ab057d.css?ver=28515
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.182.80.100 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
hosted-by.specialservers
Software
LiteSpeed /
Resource Hash
54aca18f5e54f1055c43b6cc4627b13315a1ca5982fe9b9787f98786be996b26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/wp-content/litespeed/css/3b02fc6f00176eee9785d17128ab057d.css?ver=28515
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:51 GMT
last-modified
Fri, 17 Sep 2021 21:46:15 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=9557600
accept-ranges
bytes
content-length
1072
expires
Fri, 22 Jul 2022 08:11:11 GMT
fontawesome-webfont.woff2
www.eokultv.com/wp-content/themes/netegitim/font/fonts/ 		69 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.eokultv.com/wp-content/themes/netegitim/font/fonts/fontawesome-webfont.woff2?v=4.6.1
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/wp-content/litespeed/css/3b02fc6f00176eee9785d17128ab057d.css?ver=28515
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.182.80.100 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
hosted-by.specialservers
Software
LiteSpeed /
Resource Hash
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Request headers

Referer
https://www.eokultv.com/wp-content/litespeed/css/3b02fc6f00176eee9785d17128ab057d.css?ver=28515
Origin
https://www.eokultv.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:51 GMT
last-modified
Fri, 17 Sep 2021 21:46:11 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=9557600
accept-ranges
bytes
content-length
70728
expires
Fri, 22 Jul 2022 08:11:11 GMT
outside.js
static.virgul.com/theme/mockups/adcode/ 		60 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19084
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/wp-content/litespeed/js/ddff47423acc2977f2133ac75982fde2.js?ver=28515
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e30d4fb893ea492cc8ac135f3d526254e3bda79496c11915aaaa1aac3308382e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
last-modified
Thu, 24 Mar 2022 09:57:48 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
tag.js
mc.yandex.ru/metrika/ 		200 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/wp-content/litespeed/js/ddff47423acc2977f2133ac75982fde2.js?ver=28515
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
9eb7f6271088b0cca8df60382ad3db6bbc55143451782958f6842b1c50ef45d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:57 GMT
content-encoding
br
last-modified
Fri, 01 Apr 2022 11:13:49 GMT
etag
"6246b43d-11134"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
69940
expires
Sat, 02 Apr 2022 18:17:57 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-77747364-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4391
date
Sat, 02 Apr 2022 16:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 02 Apr 2022 18:04:46 GMT
version.json
sdki.truepush.com/sdk/ 		0
0
main.js
sdki.truepush.com/sdk/v2.0.3/ 		80 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdki.truepush.com/sdk/v2.0.3/main.js
Requested by
Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.2/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:7a00:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f3fb15f561ea7342c0ea5169ea76b2c4b438968daa6f63bddd17ce77540cdf3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 10:45:26 GMT
content-encoding
gzip
last-modified
Tue, 15 Feb 2022 10:44:09 GMT
server
AmazonS3
age
1405952
etag
"5a2c3e761383ded1b599587640880805"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
18934
x-amz-cf-id
IhyxWGziGyxIdKxZIWEJZnzt6I06isGWeM6niij-4C-DnaI5ujC_4g==
js
www.google-analytics.com/gtm/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-M6HPFQM&t=gtag_UA_77747364_1&cid=1853782577.1648919878&aip=true
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2e2edda79ec7bef8c267843d95507b5dd9a8911ce905978f4ddc4ed8d3cb05b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36376
x-xss-protection
0
last-modified
Sat, 02 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 02 Apr 2022 17:17:57 GMT
truepushSDKPlatfromDetails
sdk.truepush.com/api/v2/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.truepush.com/api/v2/truepushSDKPlatfromDetails
Requested by
Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.3/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.59.203.101 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
/
Resource Hash
a2eae8b4270202a89a44b619007379c9379c11724a93158d78575d5b5f2a0f46
Security Headers
Name Value
Content-Security-Policy img-src * data:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.eokultv.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

Content-Security-Policy
img-src * data:
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Vary
Origin, X-HTTP-Method-Override, Accept-Encoding
X-XSS-Protection
0
Referrer-Policy
no-referrer
X-Frame-Options
SAMEORIGIN
Date
Sat, 02 Apr 2022 17:18:03 GMT
Expect-CT
max-age=0
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.eokultv.com
Transfer-Encoding
chunked
ETag
W/"41d-UwyrgZH56jqV6+Qz5Oy2/0wlL54"
Access-Control-Allow-Credentials
true
truepushSDKPlatfromDetails
sdk.truepush.com/api/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.truepush.com/api/v2/truepushSDKPlatfromDetails
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.59.203.101 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.eokultv.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://www.eokultv.com
Content-Length
0
Date
Sat, 02 Apr 2022 17:18:00 GMT
Vary
Origin, Access-Control-Request-Headers
X-Powered-By
Express
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1348238626&t=pageview&_s=1&dl=https%3A%2F%2Fwww.eokultv.com%2F&ul=en-us&de=UTF-8&dt=Konu%20anlat%C4%B1mlar%C4%B1%2C%20Ders%20Notlar%C4%B1%20ve%20Test%20Sorular%C4%B1%20%C3%87%C3%B6z%C3%BCmleri&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACUADRAAAAC~&jid=770598958&gjid=78775134&cid=1853782577.1648919878&tid=UA-77747364-1&_gid=796002613.1648919878&_r=1&gtm=2ou3u0&did=dZTNiMT&gdid=dZTNiMT&z=4277823
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.eokultv.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.eokultv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-77747364-1&cid=1853782577.1648919878&jid=770598958&gjid=78775134&_gid=796002613.1648919878&_u=aGBACUACRAAAAC~&z=1192776668
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.eokultv.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 02 Apr 2022 17:17:58 GMT
content-type
text/plain
access-control-allow-origin
https://www.eokultv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9596.0D5AAtRXZXfBIm_-EY9hNI3dZW0Npu5pHxuyYt8IYNJxSX0hBY3XrFCGhrT33jph.y1Z6NmxmfuvfF-Ibi2-R29itZsk%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9596.0Yz08ESKxNOi5B9yZzE4L6-YGQMP6rPlpvzAmlUJAoI7HuZYvhoaCiWZHaiB32pwUVM-bnhuPv5-uCnRjJCvWQ%2C%2C.LVC9imt9aS7f0mcrEVdiTL-Os3w%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9596.0Yz08ESKxNOi5B9yZzE4L6-YGQMP6rPlpvzAmlUJAoI7HuZYvhoaCiWZHaiB32pwUVM-bnhuPv5-uCnRjJCvWQ%2C%2C.LVC9imt9aS7f0mcrEVdiTL-Os3w%2C
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9596.0Yz08ESKxNOi5B9yZzE4L6-YGQMP6rPlpvzAmlUJAoI7HuZYvhoaCiWZHaiB32pwUVM-bnhuPv5-uCnRjJCvWQ%2C%2C.LVC9imt9aS7f0mcrEVdiTL-Os3w%2C
date
Sat, 02 Apr 2022 17:17:58 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
last-modified
Fri, 01 Apr 2022 11:13:49 GMT
etag
"6246b43d-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 02 Apr 2022 18:17:58 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-77747364-1&cid=1853782577.1648919878&jid=770598958&_u=aGBACUACRAAAAC~&z=1046888955
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-77747364-1&cid=1853782577.1648919878&jid=770598958&_u=aGBACUACRAAAAC~&z=1046888955
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
ecf0b855aed06cdba6fcbdfa58950ead633b7c0cdd9b380b4141acc964f8558d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28200
x-xss-protection
0
server
sffe
etag
"1175 / 684 of 1000 / last-modified: 1648850695"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 02 Apr 2022 17:17:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9977af821a8c8d6640369b9e8849bf4b5bcb619b9f1ce787f9f7e62c4a85d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eokultv.com/
Origin
https://www.eokultv.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54077
x-xss-protection
0
server
cafe
etag
15633177005693763291
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 02 Apr 2022 17:17:58 GMT
prebid6.15.0.js
static.virgul.com/theme/mockups/outside/ 		417 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/prebid6.15.0.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
762f3b25e10189e11f8957f80938333f1b0fd1390a23ee1da8ce3c5fb62953f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 07:40:49 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
cDw9qPFdR3WLu_gch_nIk4UAdfcPuNG7
content-encoding
gzip
etag
4e3fad24a118a07cea7ce88b2721a583
age
359
x-cache
Hit from cloudfront
server
Server
x-amz-rid
06YMAK8A38SJHKS651QB
date
Sat, 02 Apr 2022 17:12:08 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
zAv-HheuF5zqQTXUzFY0LrrpgtzwEYmMJNozzu0sDgZzznHaObFCmg==
pageview
ng.virgul.com/ 		29 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/pageview?c=site_geneli&mt=1648919878081&v=https%3A%2F%2Fwww.eokultv.com%2F&r=eokultv:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1&info=&ref=&rdmt=0.7776870667467088
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
49306f1f48fefb2da93306f95ee2275cb8d4f98787bf2e78b72f6c01b2b4c32e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
server
openresty/1.15.8.3
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://www.eokultv.com
access-control-allow-credentials
true
content-type
application/javascript
content-length
30121
expires
Tue, 04 Jan 2022 10:49:40 GMT
eokultv.js
static.virgul.com/theme/mockups/fallback/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/fallback/eokultv.js?dts=19084
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
721bdd797741ea7cb427d6505f34769a0255f4c0d920b0dd7548d67edf942413

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
last-modified
Tue, 22 Jun 2021 08:21:32 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
ads.js
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ 		120 B
283 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 17:17:58 GMT
last-modified
Wed, 25 Dec 2019 09:23:27 GMT
server
openresty/1.15.8.3
accept-ranges
bytes
content-length
120
content-type
application/javascript
config
c.amazon-adsystem.com/cdn/prod/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.eokultv.com&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 13:02:08 GMT
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
server
Server
age
15349
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.eokultv.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
IPk8ZABObwoELr8Vnfratg6S-Qpt7Rs4Io7Gs_cYP7pkX4m-6wedqg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
53357
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
date
Sat, 02 Apr 2022 02:50:48 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
_mQrE87NnIX9EvY27QDrTQpYYLUisD-1gIYCJXvujkmp8FOjPRpaXQ==
pubads_impl_2022032106.js
securepubads.g.doubleclick.net/gpt/ 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 12:43:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126678
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 20:13:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Apr 2023 12:43:25 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		98 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.eokultv.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c3458782b500965714387d3b769dd3d3c0dddc4e62b93abb00a149a897b92440
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0
expires
Sat, 02 Apr 2022 17:17:58 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203280101/ 		300 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6593523210010154&plah=www.eokultv.com&bust=31065922
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d025af7dcbd821e505ec92bb6c4baa654503ca9a5ae3c1c1e28080e1e49ca39c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109971
x-xss-protection
0
server
cafe
etag
3839240819304479117
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 02 Apr 2022 17:17:58 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/ Frame 34B0 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
64289
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 23:26:29 GMT
etag
4044455266028820542
expires
Fri, 15 Apr 2022 23:26:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1
mc.yandex.com/watch/24313435/
Redirect Chain
  • https://mc.yandex.com/watch/24313435?wmode=7&page-url=https%3A%2F%2Fwww.eokultv.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn5rb8pyhvi%3Afp%3A286%3Afu%3A0%3Aen%3Autf-8%3Ala...
  • https://mc.yandex.com/watch/24313435/1?wmode=7&page-url=https%3A%2F%2Fwww.eokultv.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn5rb8pyhvi%3Afp%3A286%3Afu%3A0%3Aen%3Autf-8%3A...
338 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/24313435/1?wmode=7&page-url=https%3A%2F%2Fwww.eokultv.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn5rb8pyhvi%3Afp%3A286%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A388799882254%3Ahid%3A305579638%3Az%3A0%3Ai%3A20220402171758%3Aet%3A1648919878%3Ac%3A1%3Arn%3A68203955%3Arqn%3A1%3Au%3A1648919878788021874%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1648919877490%3Ads%3A22%2C81%2C39%2C1%2C%2C0%2C%2C192%2C9%2C%2C%2C%2C336%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1648919878%3At%3AKonu%20anlat%C4%B1mlar%C4%B1%2C%20Ders%20Notlar%C4%B1%20ve%20Test%20Sorular%C4%B1%20%C3%87%C3%B6z%C3%BCmleri&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e81d1310e350f816dfbfb5d8808c8f0e1fb882697995a397fd07546aa5baa617
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:58 GMT
x-content-type-options
nosniff
last-modified
Sat, 02-Apr-2022 17:17:58 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.eokultv.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
338
x-xss-protection
1; mode=block
expires
Sat, 02-Apr-2022 17:17:58 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:58 GMT
last-modified
Sat, 02-Apr-2022 17:17:58 GMT
location
/watch/24313435/1?wmode=7&page-url=https%3A%2F%2Fwww.eokultv.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn5rb8pyhvi%3Afp%3A286%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A388799882254%3Ahid%3A305579638%3Az%3A0%3Ai%3A20220402171758%3Aet%3A1648919878%3Ac%3A1%3Arn%3A68203955%3Arqn%3A1%3Au%3A1648919878788021874%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1648919877490%3Ads%3A22%2C81%2C39%2C1%2C%2C0%2C%2C192%2C9%2C%2C%2C%2C336%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1648919878%3At%3AKonu%20anlat%C4%B1mlar%C4%B1%2C%20Ders%20Notlar%C4%B1%20ve%20Test%20Sorular%C4%B1%20%C3%87%C3%B6z%C3%BCmleri&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.eokultv.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 02-Apr-2022 17:17:58 GMT
cookie.js
partner.googleadservices.com/gampad/ 		215 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.eokultv.com&callback=_gfp_s_&client=ca-pub-6593523210010154
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6593523210010154&plah=www.eokultv.com&bust=31065922
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
2575b7c2b79bca0eaa751f015afc373f287176a33ad660618abe00e439d9a312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.eokultv.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6593523210010154&plah=www.eokultv.com&bust=31065922
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.eokultv.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6593523210010154&plah=www.eokultv.com&bust=31065922
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D580 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3025194257&lmt=1648919878&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.eokultv.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648919878168&bpp=3&bdt=530&idt=103&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2447291369905&frm=20&pv=2&ga_vid=1853782577.1648919878&ga_sid=1648919878&ga_hid=1348238626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065922&oid=2&pvsid=2854345458056617&pem=914&tmod=2081614314&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=119
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6593523210010154&plah=www.eokultv.com&bust=31065922
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 17:17:58 GMT
expires
Sat, 02 Apr 2022 17:17:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5A08 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7001363072656594&output=html&h=280&slotname=9259565938&adk=630483377&adf=1964865421&pi=t.ma~as.9259565938&w=640&fwrn=4&fwrnh=100&lmt=1648919878&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fwww.eokultv.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648919878171&bpp=2&bdt=533&idt=121&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2447291369905&frm=20&pv=2&ga_vid=1853782577.1648919878&ga_sid=1648919878&ga_hid=1348238626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065922&oid=2&pvsid=2854345458056617&pem=914&tmod=2081614314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BupTCMWROF&p=https%3A//www.eokultv.com&dtd=124
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6593523210010154&plah=www.eokultv.com&bust=31065922
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e5a773f5eea1665c2804522cde67d16805a923e952eb18c4949b5c041e4a97d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9787
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 17:17:58 GMT
expires
Sat, 02 Apr 2022 17:17:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.eokultv.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.eokultv.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sat, 02 Apr 2022 17:17:58 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
NoktaNpmPlayerApi.js
c1.imgiz.com/player_others/html5/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19084
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 11:58:21 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sat, 09 Apr 2022 17:17:58 GMT
localstore.js
script.4dex.io/ 		483 B
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
979319
x-amz-request-id
txcb277395650a4fbcbe1a5-00623993cb
x-amz-id-2
txcb277395650a4fbcbe1a5-00623993cb
last-modified
Tue, 22 Mar 2022 09:15:21 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZzTQbUsOMc778FjHggDnrv5Nj8%2Fw%2BA0enmAH%2FExe1tYsJaBcBSfvKLRNSi9v7BuwXPyQrd2wRy2xbo2aT1EEgM7%2F7tvQfKD7QTwzIKAMrUttoXVZ9naynxnTGHTCvMPQowPWMPyOmxoM5Yx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1647940521027959
cf-ray
6f5b38985a915a25-MXP
sync
spadsync.com/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spadsync.com/sync?sptoken=52c29642-a17f-4f1c-87f1-484a032a68b491a5&sspid=n8k&ssphost=www.eokultv.com
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.166.39 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-166-39.eu-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.eokultv.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
server
openresty
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.eokultv.com
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
openrtb
adx.adform.net/adx/ 		0
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.eokultv.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:58 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.eokultv.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
apacdex
useast.quantumdex.io/auction/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0e63867db72023b81e6f2122b25a0ba0add50da648838b78a85e605d0f15425

Request headers

Referer
https://www.eokultv.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
https://www.eokultv.com
access-control-allow-credentials
true
cf-ray
6f5b38986ec5cc46-ZRH
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.eokultv.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:58 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.eokultv.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.eokultv.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:57 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.eokultv.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.eokultv.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:58 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.eokultv.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
86f5c1a1fd17a49959e0d63f54b2ffd451129cecf2cad72ff08016e9af90afe2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.eokultv.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 02 Apr 2022 17:17:58 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7ed4e4ae-f4ea-4a35-8587-417cd14444aa
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.eokultv.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
eokultv.js
static.virgul.com/theme/mockups/sites/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/sites/eokultv.js?dts=458033
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
54d89920a31847bf7393f723940bc6493074014a1ac18b5c6530611feebc9b5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
last-modified
Thu, 24 Dec 2020 06:41:16 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
pandg-sdk.js
pghub.io/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:37:52 GMT
content-encoding
gzip
age
2406
x-guploader-uploadid
ADPycds_Jk0GZYLHTNEjQoPpHnH94KXVuNEduwtmCu_dLTiVLZu2q38xgQHIR52XQnd7DNYyK_Sd2MZHC0azcdl7HvY6xLpiXQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3637
last-modified
Mon, 22 Nov 2021 21:22:46 GMT
server
UploadServer
etag
"9f5012774da47c70284c82ae0ce443d7"
vary
Accept-Encoding
x-goog-hash
crc32c=oAHW2w==, md5=n1ASd02kfHAoTIKuDORD1w==
x-goog-generation
1637616166247508
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
3637
accept-ranges
bytes
content-type
application/javascript
zoneview
ng.virgul.com/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1648919878402&v=https%3A%2F%2Fwww.eokultv.com%2F&r=153631@153632@153626@153628:eokultv&userId=vnetd2851632-a4dc-4b8c-9979-10d20ae100eb&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1&info=&ref=&rdmt=0.7448691089487791
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://www.eokultv.com
date
Sat, 02 Apr 2022 17:17:58 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
buster.min.js
static.virgul.com/theme/mockups/adcode/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/adcode/buster.min.js?t=2-4-2022
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
fe3299538ac2fd9918bb082f6e60411811c958bc1bd59a0dda68231e9836bf3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
last-modified
Sat, 12 Feb 2022 19:47:00 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
tag
pandg.tapad.com/ Frame F010 		13 B
221 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Fwww.eokultv.com%2F&owner=P%26G&bp_id=noktacommedya&data=%7B%22category%22%3A%22site_geneli%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
clear
content-length
13
content-security-policy
default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Sat, 02 Apr 2022 17:17:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
979121
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx0a7c9006c70b4ecfa2151-0062399482
x-amz-id-2
tx0a7c9006c70b4ecfa2151-0062399482
last-modified
Tue, 22 Mar 2022 09:15:19 GMT
server
cloudflare
etag
W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HI4oqilVPQY0AqMfxyIpA7Jf%2FRB6CtfYGj2jwUN2dRGjPS6b9FGih9W08jUXcNZt%2F1d%2BTFglYiFKAro1XAQsAV3yz%2FPQ2aSbGNgD52I4DoEZ8Lzlm53skblh1YthYWLprftOhZhIqKL31J91"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647940519211847
cf-ray
6f5b3898dd0559b3-MXP
access-control-allow-headers
Authorization
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.eokultv.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.eokultv.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		69 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2854345458056617&correlator=4067040912166218&eid=31064685&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=21728129623%3A22455267735%2Cweb_eokultv_tower_right&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=3&adks=1438585451&sfv=1-0-38&ecs=20220402&fsapi=false&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26viewable%3D2%26site%3Deokultv%26mt%3D1648919878081%26pager%3D1%2540site_geneli%2540eokultv%253Asite_geneli%26host%3Dwww.eokultv.com%26url%3Dhttps%253A%252F%252Fwww.eokultv.com%252F%26targetCtr%3D0%26pid%3Dvnetd2851632-a4dc-4b8c-9979-10d20ae100eb%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&ppid=vnetd2851632a4dc4b8c997910d20ae100eb&sc=1&cookie=ID%3Dce5b4ffd910be3b5-229a3cc56bcd0002%3AT%3D1648919878%3ART%3D1648919878%3AS%3DALNI_MYaP__AMPVdHSls76eHIrMIj3RyDA&abxe=1&dt=1648919878732&lmt=1648919878&dlt=1648919877637&idt=575&biw=1600&bih=1200&adxs=1430&adys=80&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.eokultv.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&fws=644&ohw=160&ga_vid=1853782577.1648919878&ga_sid=1648919878&ga_hid=1348238626&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
d253e4f9d04b851c04581ee99537a1b6d746808a6e1ce76cbf3921c5dcd45b3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34453
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.eokultv.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2854345458056617&correlator=3859195533545287&eid=31064685&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=21728129623%3A22455267735%2Cweb_eokultv_tower_left&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=4&adks=2149371335&sfv=1-0-38&ecs=20220402&fsapi=false&prev_scp=hb_format%3Dbanner%26hb_size%3D120x600%26hb_pb%3D1.13%26hb_adid%3D24eb5bef9c1ba6d%26hb_bidder%3Dapacdex%26hb_format_apacdex%3Dbanner%26hb_size_apacdex%3D120x600%26hb_pb_apacdex%3D1.13%26hb_adid_apacdex%3D24eb5bef9c1ba6d%26hb_bidder_apacdex%3Dapacdex%26hg_pb%3D1.13&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26viewable%3D2%26site%3Deokultv%26mt%3D1648919878081%26pager%3D1%2540site_geneli%2540eokultv%253Asite_geneli%26host%3Dwww.eokultv.com%26url%3Dhttps%253A%252F%252Fwww.eokultv.com%252F%26targetCtr%3D0%26pid%3Dvnetd2851632-a4dc-4b8c-9979-10d20ae100eb%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&ppid=vnetd2851632a4dc4b8c997910d20ae100eb&sc=1&cookie=ID%3Dce5b4ffd910be3b5-229a3cc56bcd0002%3AT%3D1648919878%3ART%3D1648919878%3AS%3DALNI_MYaP__AMPVdHSls76eHIrMIj3RyDA&abxe=1&dt=1648919878740&lmt=1648919878&dlt=1648919877637&idt=575&biw=1600&bih=1200&adxs=10&adys=80&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.eokultv.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&fws=644&ohw=160&ga_vid=1853782577.1648919878&ga_sid=1648919878&ga_hid=1348238626&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b2cc04d30b78872a0815e82220a1bc5dec12305fe32b51cc3b7cf8d32928cc26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8769
x-xss-protection
0
google-lineitem-id
5617217975
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339352911
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.eokultv.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2854345458056617&correlator=2721043057458652&eid=31064685&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=21728129623%3A22455267735%2Cweb_eokultv_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C468x60%7C680x90%7C300x250&fluid=height&ifi=5&adks=1871473940&sfv=1-0-38&ecs=20220402&fsapi=false&prev_scp=hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.22%26hb_adid%3D23e8e521e254ec5%26hb_bidder%3Dappnexus%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.22%26hb_adid_appnexus%3D23e8e521e254ec5%26hb_bidder_appnexus%3Dappnexus%26hg_pb%3D0.22&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26viewable%3D2%26site%3Deokultv%26mt%3D1648919878081%26pager%3D1%2540site_geneli%2540eokultv%253Asite_geneli%26host%3Dwww.eokultv.com%26url%3Dhttps%253A%252F%252Fwww.eokultv.com%252F%26targetCtr%3D0%26pid%3Dvnetd2851632-a4dc-4b8c-9979-10d20ae100eb%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&ppid=vnetd2851632a4dc4b8c997910d20ae100eb&sc=1&cookie=ID%3Dce5b4ffd910be3b5-229a3cc56bcd0002%3AT%3D1648919878%3ART%3D1648919878%3AS%3DALNI_MYaP__AMPVdHSls76eHIrMIj3RyDA&abxe=1&dt=1648919878745&lmt=1648919878&dlt=1648919877637&idt=575&biw=1600&bih=1200&adxs=315&adys=164&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.eokultv.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x0&msz=1600x0&fws=128&ohw=0&ga_vid=1853782577.1648919878&ga_sid=1648919878&ga_hid=1348238626&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
fc48e3dbf8fb70585f1d3792ec75b12fc440b8ef7396ca069e06ecd9e83f63cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9743
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.eokultv.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D86C 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 17:17:58 GMT
expires
Sun, 02 Apr 2023 17:17:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		375 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e352006cc3bc3c7c2206316ef5ecc3a319959d6b6a3b4da9702afd1dff10de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127864
x-xss-protection
0
expires
Sat, 02 Apr 2022 17:17:58 GMT
NoktaPlayer.js
c1.imgiz.com/player_others/html5/ 		399 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=4/2/2022
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
944a55aa3921673c00bb33ef32fc71a0f66e5c3638c2e6251a032ff5fc1e2747

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 10:36:04 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sat, 09 Apr 2022 17:17:58 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 5A08 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7001363072656594&output=html&h=280&slotname=9259565938&adk=630483377&adf=1964865421&pi=t.ma~as.9259565938&w=640&fwrn=4&fwrnh=100&lmt=1648919878&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fwww.eokultv.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648919878171&bpp=2&bdt=533&idt=121&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2447291369905&frm=20&pv=2&ga_vid=1853782577.1648919878&ga_sid=1648919878&ga_hid=1348238626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065922&oid=2&pvsid=2854345458056617&pem=914&tmod=2081614314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BupTCMWROF&p=https%3A//www.eokultv.com&dtd=124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Apr 2022 17:16:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 5A08 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7001363072656594&output=html&h=280&slotname=9259565938&adk=630483377&adf=1964865421&pi=t.ma~as.9259565938&w=640&fwrn=4&fwrnh=100&lmt=1648919878&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fwww.eokultv.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648919878171&bpp=2&bdt=533&idt=121&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2447291369905&frm=20&pv=2&ga_vid=1853782577.1648919878&ga_sid=1648919878&ga_hid=1348238626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065922&oid=2&pvsid=2854345458056617&pem=914&tmod=2081614314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BupTCMWROF&p=https%3A//www.eokultv.com&dtd=124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:16:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Apr 2022 17:16:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5A08 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7001363072656594&output=html&h=280&slotname=9259565938&adk=630483377&adf=1964865421&pi=t.ma~as.9259565938&w=640&fwrn=4&fwrnh=100&lmt=1648919878&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fwww.eokultv.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648919878171&bpp=2&bdt=533&idt=121&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2447291369905&frm=20&pv=2&ga_vid=1853782577.1648919878&ga_sid=1648919878&ga_hid=1348238626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065922&oid=2&pvsid=2854345458056617&pem=914&tmod=2081614314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BupTCMWROF&p=https%3A//www.eokultv.com&dtd=124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 02 Apr 2022 17:17:58 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5A08 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CyPavRoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMQBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgxv5M1168ZuR6Gohzggq_whybf-qCLb8MTUnejLoDv5ts89x3F0aIAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzAwMTM2MzA3MjY1NjU5NBgA&sigh=o1sJJi2OlGY&uach_m=[UACH]&cid=CAQSGwCNIrLM1TR829hZxQ9jiroOx8Mr17HGodg31RgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7001363072656594&output=html&h=280&slotname=9259565938&adk=630483377&adf=1964865421&pi=t.ma~as.9259565938&w=640&fwrn=4&fwrnh=100&lmt=1648919878&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fwww.eokultv.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648919878171&bpp=2&bdt=533&idt=121&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2447291369905&frm=20&pv=2&ga_vid=1853782577.1648919878&ga_sid=1648919878&ga_hid=1348238626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065922&oid=2&pvsid=2854345458056617&pem=914&tmod=2081614314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BupTCMWROF&p=https%3A//www.eokultv.com&dtd=124
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7001363072656594&output=html&h=280&slotname=9259565938&adk=630483377&adf=1964865421&pi=t.ma~as.9259565938&w=640&fwrn=4&fwrnh=100&lmt=1648919878&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fwww.eokultv.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648919878171&bpp=2&bdt=533&idt=121&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2447291369905&frm=20&pv=2&ga_vid=1853782577.1648919878&ga_sid=1648919878&ga_hid=1348238626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065922&oid=2&pvsid=2854345458056617&pem=914&tmod=2081614314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BupTCMWROF&p=https%3A//www.eokultv.com&dtd=124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 02 Apr 2022 17:17:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 02 Apr 2022 17:17:58 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 5A08 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UOb8EMz6RIAFmAKdg2ICAgAAAJ91CzdSMmqPEEWFSGJtN9sGKJA7rKWoXwAS&wp=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7001363072656594&output=html&h=280&slotname=9259565938&adk=630483377&adf=1964865421&pi=t.ma~as.9259565938&w=640&fwrn=4&fwrnh=100&lmt=1648919878&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fwww.eokultv.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648919878171&bpp=2&bdt=533&idt=121&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2447291369905&frm=20&pv=2&ga_vid=1853782577.1648919878&ga_sid=1648919878&ga_hid=1348238626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065922&oid=2&pvsid=2854345458056617&pem=914&tmod=2081614314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BupTCMWROF&p=https%3A//www.eokultv.com&dtd=124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
server
Kestrel
server-processing-duration-in-ticks
350955
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame DA40 		164 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7001363072656594&output=html&h=280&slotname=9259565938&adk=630483377&adf=1964865421&pi=t.ma~as.9259565938&w=640&fwrn=4&fwrnh=100&lmt=1648919878&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fwww.eokultv.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648919878171&bpp=2&bdt=533&idt=121&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2447291369905&frm=20&pv=2&ga_vid=1853782577.1648919878&ga_sid=1648919878&ga_hid=1348238626&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065922&oid=2&pvsid=2854345458056617&pem=914&tmod=2081614314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BupTCMWROF&p=https%3A//www.eokultv.com&dtd=124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
53a3a08555e0daf18e67df918913a3828ee211b516ed33c7c6f88532ce593210
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 17:17:58 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=lAuLBVYaZzbnZf77nr3Vk9kjkks4qNbWGfF-IgKvTJL_0TfIF2N0o2i6nkmryIrptA5ZjeynAmbb9Tq70EjP_aKS4pVZA4aNVC8tgEHzDism-T92Kfy21SR_G8QWGMijgg0OS9jgNXxrDBBW3z-JPlmfDoGpN0IXTMmM7p-DJRZWBOqoxfboStrAFWt0VadMjd-KlKs44yJ117zCKceHCBJya_cdfmt-AAeZdSdRB4kGAts3EFEhm54gN1_mKatklOEQOA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
155794046
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame 5A08 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74821631c68fbe9d012f95961b6c91b584a1a58f052e15467d7e6b0903c61eee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame DA40 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 28 Mar 2023 17:17:59 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame DA40 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 28 Mar 2023 17:17:59 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame DA40 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 28 Mar 2023 17:17:59 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame DA40 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Tue, 28 Mar 2023 17:17:59 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame DA40 		0
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1648919878
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a1:a800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
via
1.1 d13bba4e84358ea24a28ff509b72784e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MUC51-C1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
UHoF4-1vtQ4s5acwgWSSEXUFfpIUghhMG7CbQO4MHrkCan_gb1idXQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame DA40 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=1GTcg6Igar3PdS5R9BM-mVDRxQULeFvwRKRnBnzcZUiIio-q_gxCoLft_fpukuOGthv6wsU13AD3tgO_vOAmfbf8YNVvoUOfIKFttAoJY_UFxOam2Yu5Gj3AnRWxFME7KH02QVOgZ-gNfNN83Uamd77zmITa9Bq2M4H5tcWKXDaXSO5rS2t3HkESG96shUkBKbFPLe0aqIpS1tthbx0UDWmwkyMVo4xAWE2LJo_XNUdO-n03NXgf1Wg-vm-knSjcKlLpMSYhUDeLxM-wMwiVJ6yVaDlPgA_M6l9JA3C8CyICFlP-5RJoOmbl8sDTdZGkOOhlZx24_zDouFHz0etM_Q-O_SFp3LotxoAcjLvENdnpXp3tbSyUl0f3EAgfPL9m0BIo4ER0itm2rp9glkYSxjN_tg7YEWVC6dbaX5cUZsReJyc70i4PXM7kRDd76HKMh5KZ8w
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:58 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3732089
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame DA40 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 28 Mar 2023 17:17:59 GMT
img
pix.eu.criteo.net/img/ Frame DA40 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=nkm37OBN4xyh5x9UPHeLVYZl
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30645374
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6722
expires
Thu, 23 Mar 2023 09:54:13 GMT
img
pix.eu.criteo.net/img/ Frame DA40 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FZ%2FlogoZiraat-Bank-International-AG-32289DE.gif%3Feb%3D1&v=3&w=800&s=c1MT4LGB4YhAAQkCKq3-4Smj&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
46828483ec079cc92c83b884b3877eeb436873054e8b06ca40fb16ad7ea7ef9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1098285
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1810
expires
Fri, 15 Apr 2022 10:22:44 GMT
img
pix.eu.criteo.net/img/ Frame DA40 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F9%2FlogoVTI-Ventil-Technik-GmbH-167187DE-2107131055.gif%3Feb%3D1&v=3&w=800&s=NgSXUPoJNOZPZ8aXOUp8AhmZ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a85cee3f38466b5cbaba873e4c49cfd70b20a438078b2c2aa5ae08618af729d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1277091
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1068
expires
Sun, 17 Apr 2022 12:02:50 GMT
img
pix.eu.criteo.net/img/ Frame DA40 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FV%2FlogoVolksbank-Odenwald-eG-Niederlassung-der-Vereinigte-207966DE.gif%3Feb%3D1&v=3&w=800&s=xfHaYlop3mbpVaD0DIQk67J1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
be207a72668ba574ad76932e76f3c64f2e8eaf1733e3979a5ad3d3b3ff3f2898
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=763141
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1882
expires
Mon, 11 Apr 2022 13:17:00 GMT
img
pix.eu.criteo.net/img/ Frame DA40 		970 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FU%2Flogousd-AG-1546DE.gif%3Feb%3D1&v=3&w=800&s=Zn9wQrqTh1i1phhVZvLWPZ-m&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bd48cfc51f425d9fabba14bd5552f923a5e7f80ece114a845c53af97ac2fce94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1538971
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
970
expires
Wed, 20 Apr 2022 12:47:30 GMT
img
pix.eu.criteo.net/img/ Frame DA40 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoDACHSER-SE-4891DE-2003241016.gif%3Feb%3D1&v=3&w=800&s=-NKa3pfVJKd0lBXy__JFn_5j&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d8f169f581e9e8d07c8e5a0cec347ca2a1e05452725c9bbc3063808a0a720c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1215869
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4666
expires
Sat, 16 Apr 2022 19:02:28 GMT
img
pix.eu.criteo.net/img/ Frame DA40 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBrillux_GmbH___Co._KG____86340DE.gif%3Feb%3D1&v=3&w=800&s=nhp8NgVXF9KqB0XVXz1ft6ok&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ce915dd9b4f4a174862895ae9c8f35fb9115c065b7ec2ce01ddecc3cb1b2ce0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=1900660
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1030
expires
Sun, 24 Apr 2022 17:15:39 GMT
all
csm.eu.criteo.net/ Frame DA40 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=lAuLBVYaZzbnZf77nr3Vk9kjkks4qNbWGfF-IgKvTJL_0TfIF2N0o2i6nkmryIrptA5ZjeynAmbb9Tq70EjP_aKS4pVZA4aNVC8tgEHzDism-T92Kfy21SR_G8QWGMijgg0OS9jgNXxrDBBW3z-JPlmfDoGpN0IXTMmM7p-DJRZWBOqoxfboStrAFWt0VadMjd-KlKs44yJ117zCKceHCBJya_cdfmt-AAeZdSdRB4kGAts3EFEhm54gN1_mKatklOEQOA&sds=2&rev=80956&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 17:17:59 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DA40 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 28 Mar 2023 17:17:59 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame DA40 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 28 Mar 2023 17:17:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6DFF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqruJ6PFCE6k60nqMu3H_gOsAZfXuIG4AWDaRbosUeVJjx7nxPttIk2Ki6JXPvTPRRhUIDmFJy5m93ddeQd718nsXUY5LbNBSC_Am6tLP5N_h5mcSzqsixICKXoJI8vAfA36JQvWf_sAbkXH_3u2aS-rinvVQ7uFEUo3o-GawTcVCcmDptyhB4ImOOMm4M1w6zKu5ilXlcmGJ7LTFRQGTMqKnjEv-bPtt9npfrq9vdzYRo1-akuCsT2m261iYwctjgPwA_dPrR1lfoW2_3vlTpgOqRVKArsvbTSOWjWADsUaTkfhlTCZi4QR7I8_guzvwL7NNfXXhc&sig=Cg0ArKJSzH2X0xiJdDv8EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Apr 2022 17:17:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 6DFF 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
28555
x-jsd-version
1.13.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19162-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6f5b389c9f67233d-ZRH
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6DFF 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 02 Apr 2022 17:17:59 GMT
ab
nym1-ib.adnxs.com/ Frame 6DFF 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.eokultv.com%2F&e=wqT_3QKmGPBMJgwAAAMA1gAFAQjGiqKSBhDG07aH8NiRvX8Y1uedpIXpgb0_KjYJ203wTdNnuz8Rr6QmC6nstT8ZAAAAYLge8T8hr6QmC6nstT8p200JJNAxAAAA4FG4nj8wnvrSCTi_W0AdSAhQpeOohgFYy7aOAWAAaPqnpwF4racFgAEBigEDVVNEkgUG8PWYAXigAdgEqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEA2AIA4AIA6gIYaHR0cHM6Ly93d3cuZW9rdWx0di5jb20v8gIaChNbQklEX0FUVFIuZXhjaGFuZ2VdEgNhcG7yAiYKD1tSQU5ET01fTlVNQkVSXRITNjI3MjE4ODU3MjE3ODEzMjMyOfICywEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEqwBaHR0cHM6Ly9waXhlbC5tYXRodGFnLmNvbS9jbGljay9pbWc_ZXhjaF9haWQ9OTMyNTY5MTU3NDU5MzcxMzEmbXRfYWlkPTYyNzI6fAA0Jm10X2lkPTY2MjIzOTIBDihhZGlkPTIxNjUzNgEPJHNpZD00NTYyMzEFHhhleGlkPTEzARoYaW5hcHA9MAELQG9zPSZyZWRpcmVjdD3yAhcKPRVEZ2Rwcl9zdHJdEgDyAhkKFFtCMS8FGkBmbGFnXRIBMPICHgoUW0FEXyVKMGFkdmVydGlzZXJdEgYJjRDyAh0KEhUhLGNyZWF0aXZlXRIHNgm8EPICKAoRGV0gYmlkX2lkXRITUnEB2PwJChJbTk9USUZJQ0FUSU9OX1VSSV0S5Qk8aW1nIHNyYz1odHRwczovL3RhZ3MubWF0aHRhZy4h9FRub3RpZnkvaW1nP2V4Y2g9YXBuJnNfFQvQaWQ9NWFXOTVxMmpMekl6THlBdlRsUlJlVTVxVVhsUFIwVjBUVVJCZDAxRE1IZE5SRUYzVEYFEBBFUVhSTgUQAFUREAkgLEx6WXlOekl4T0RnMQEI8J9Oemd4TXpJek1qa3ZOall5TWpNNU1pODBOVFl5TXpFeUx6RXpMMUJsYlhwUlFXRlNNMEkxZFZKR1JFRnVZak5LVUhkTVh6QnRZM2h4TjFwalRqUjZWRVU0YTBvMFgwVXZNUzh4TXk4d0x6QXZPVFUyT0RBekx6QXZNakUyTlRNMkx6WTFNVGczTVM4eEx6QXZNQzlOUkVGM1RVUkJkMDFFGcgMTXdkMAHYDGRNVkUNIABFBRA66AAMY3ZNQwlwCQhm8AAMYVdGawF08E9PVEUzTHpnd0x6azVPUzh6TWpJdk1qQXdNVHBoWXpnNk1qQTZNekF3T2pvdk1DNHdNREF2TVRZME9Ea3hPVGczT0M4eE5qUTRPVE15TkRjNCU08El6RXhOekV4THcvaUtrVGxkeE5TbXh1eHNTcDJTa201c1UwYUg0Jm5vZGVpZD0xOTI5Jmdyb3VwPWlhZCZhdWN0aW9uaWQ9NjI3Mj5mAyBzaGFyZGtleT1KjgIEJnN9YwRjaXmN8GlicD1hX2JhaGFmZCZuZnlfYWN0PUxENXdldyZiZmlwPTEwLjEyOC41Mi45MiZ0eXBlPWltcCZjbGllbnQ9YzJzIHdpZHRoPTEgaGVpZ2h0PTE-XHgzQ2RpdiB3aWR0aD0nMScgaGVpZ2h0BQuwc3R5bGU9J2Rpc3BsYXk6bm9uZTsgb3ZlcmZsb3c6aGlkZGVuJz5ceDNDaW1nES40bGVmdDotMTBweDt0b3ANChAgcG9zaSEOKDphYnNvbHV0ZScgYVQAJ7FICHBpeDrHBBBldmVudGVViZEYMTM2ODg3NYFdkZEsNzY0JnYxPTEzJnYyUkgBLHYzPTY1MTg3MSZ2NJW0BHY1Lt0ERG5zeW5jPTEmbm9fYXR0cj0xJ1YMAQAvVugAADkR5wEJguYAAHQ-OwQZ5SWuLG1tSW1wVHJhY2smZZFKAGJBAE5BAgB0FdIkdGltZT1bSU1QX6UrAQ8AXS6VAnLTAIAvZGl2PoADAIgDAZADAJgDFKADAaoDoAYK1wVodHRwOi9GtgAAbv7xBP7xBO7xBInxdERKaWVFaGlMV2xuWlZocmRrSkZiSFJIVjI5WVdqUf7xBP7xBP7xBP7xBIHxaFdwNC0tU3pFMGZ4V2dMVGhncDZfR2d6eWx4US5cAv7xBInxLHByaWNlPSR7QVVDVOF8FFBSSUNFfTLkBAhmM1VK5QReKgWBXQxhcGkmZVcMYnVybLEGCHMyc1ICCKAaEzkxODU3MzIyMTA1MDM1NTk2MjIiCTI4MTY4NjQzNyoGMTAxOTM2Oh5eCPBhwAOsAsgDANgDAOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFTIwMDE6YWM4OjIwOjMwMTo6MjAxZagEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8AQSswoM-gQSCQ7sChBtDUlAEQ7aCvBMTUIhQIgFAZgFAKAF662Kv7uV1KUBqgUkNmU3ZjVhMTQtZmE5YS00MDZjLThkODAtYmZjYzZkODNhOTk1wAUAyQUAAAAAAADwP9IFCQkJDHgAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBvmrAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwGqBwapfQi6Bw8BUg3qLL0GQADIB62nBdIHDQHaBQEBQQjaBwYJJ0TgBwDqBwIIAPAHh-MCiggCEAA.&s=280de7b66d8f62e39a51f091b698481632ba1104&pp=0.085642
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.87 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3e32b4cd6f6148ac9c1dbfd4c746ef1107fee05b66228fd5f4948ccdc0fc9279
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Sat, 02 Apr 2022 17:17:59 GMT
Content-Encoding
gzip
X-Creative-ID
281686437
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1abeac41-b398-4d70-90e5-4186061c354a
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
0cae7368-5b78-4548-882a-4bfac775b659
quantumsyndication.com/pixel/ Frame 6DFF 		43 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quantumsyndication.com/pixel/0cae7368-5b78-4548-882a-4bfac775b659
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddMv19pFKq2%2BBfVz0iF3iqizVAL1BGB4QumKsu6oZWGk%2BJEbhAevaueG1s3PRbWxIWtc9pIt7y%2Fy93Nzk7qQKXNDkWmDGLSnt5n4AQp2AI0au13KSylXiayB7rw7hOTlTniTQYCR6%2BS%2B8TLfd1Fru0a2atQr"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6f5b389d6c1f41d7-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
container.html
7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F2BD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 17:17:58 GMT
expires
Sun, 02 Apr 2023 17:17:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame F6B6 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhD9lnEY7oqTwAEwAQ&v=APEucNUnhrK4g47vgMXiJOFXGsxIZdDUZdbtlv0V-OR_yLf8pW0D0x2uVc-MjEl1Zz28PZWlrr3loSjmV7FHfmN_9pFgf1xXb5MSoWm7FeNbTAeDIAXraMRKtzEBWn2nYTjdW4EshreMb6WgjPozTzGBldzgR3uMszpI62KiFe5eDrFqB6VTTQA
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 17:17:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame F2BD 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2021.js
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a1471ca7e22e8d7fbd213278b0ae7fb0aceb5315df9342f27b5c935f572a873
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 09:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26547
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7837
x-xss-protection
0
server
cafe
etag
11989895151606364259
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Apr 2022 09:55:32 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/ Frame F2BD 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:46:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1917
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2628
x-xss-protection
0
server
cafe
etag
1103433747108554897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Apr 2022 16:46:02 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F2BD 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuaZJc8POja6QYv7zVHIwtHMotSJuVX-E1uOvNzO6sipVjND85moIgH6II4tsNLkyGCnh4vNFq6lrf5G6-gAGvJZJ9GVCdwc31Ci0zfFSbg0eWekBVQ5TjhDecsoDRhbZDqIdI6O0muSYvi2hOCyTTC1q3y9LPctoUkaj6AAhj2KVLKUUaUe2tEwBIEc7z0nkytzQnvNoMFLC4H0DwSLcG1j2bMXW2Ul1PijnBtwplLeE41t5HQ48baHzbsPEGJUKa3cZ4ZGdkpSSPtlJK17BL9IY7-M6qazY9TQetlQpmAgzaDK_sdfWfaRgyIgbeGtqqF_FTF7C6BoJ8shanLBu84UCr3u5drFY8XkzwL5izxAkutpP3GkYWeVBc0qANmaTss4oeYGCdgxTxt0-hGcPmZDQrUwf-J90OY1skhCMHo11xUeY-L1xeI5xBzdJrhTDGEW5Mc8tRyy7DRhxGRh6TnxW0QscGHD-KmSI0pUCLx_Zep20v6q3PngOClPNdF2Rr8wmzwmPEMCy9pNvQ7DC7GyZ7hvSTkGw6OLMLryeJexTGXo88uEzY8T75Oc_mG9ysQ_fqZQN7N5fmCkMMzAoTWhARfS83MVDxafkDWHXvDUqDiaOuyBDiqKMrWrxVxDTuAoXrUW7FePf-Xud4RTZzlWIODp2yFWFjr9JGd1e_lTzkhcbDQ0H7nswxwlmP7mDkts3J0GwjEvJNHN4ScPUH1Fcw36oTdr-RUbSzL3eEs0T4p_NhnSWo8Aqw3Pou1FOgSMjrb1PxLy0aTJgw1CuSc2GVW_DG_X3hGJyiSy4nPzS-bI3UOqpR4v0G1MNyypsEQSEtgbxlLbkLJimd9xEehb_rKjqzAoD3QMsIuE-jDNjjsRqLdt5h0oHBI-jgM08d_hxE5SMCmq_OPkOXriaRqAEpi5_40ttIJc15RSbrPghSNho7-dzSUmf2H8es-cKjmMB3s4rvvkzdz5Fmwpnszi7HcQHfuxYwFKBjeZcWBtQqW8kUKg9wJ4_yVbODRu2ApjoSxzj-rtA94uFmF7wJ-MIRuQxTf6NNBneragOVd77JotJp9c4xsibPjW-LzIb9dpjjcajEiU4f-A_DERUeg3ttPPpJQr28WU8-DF6mKSJsK2XMy1dmZLsboHuxpXTKGHuxb1s58Cl828W_lyq452hmv-Kcw8M_H3bMmpjpKpPA_95x1jjCyA41QA3pq8jtBrRYDPc17LqO9omivWhPFHDeA7mB8r8xQ-qDQtheNpsg&sai=AMfl-YS4hDrJXbQry-O68P4n_7UIYOcxXNA0_NZp-szBWZzw1UwX3DcS36mp5czcRwm7ZV4yZ3F3lGs98MhkiN8L10oRUq_OmbNBzeQa7xPNmAgY72tu7aaERQPCXVpaPsWWZkmUBpNqHOeSJAIC30uBcAZDGOtc0YZodQWewtaZRKn_EEwwUk6glA0_zFWbXrOZAd3qn-MQpPLwryBtZj4R38UOL23S-D6zoAcBLBqgdNZ1hNODeeyG9ThN7ruwxZRnloMQvqINBP2yw8at-Sdah8KS_9M916RvhWgm4HYDhxc6&sig=Cg0ArKJSzPQlDI-Tnet3EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220330.36262&adurl=
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 02 Apr 2022 17:17:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F2BD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 13:41:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F2BD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dhs4lajM90GS-Y-hB-oRv5lokKMppVlKvLmNWVe-FiISYYBYcrpJWhQLp6_td7ME8TLhlDZlx0pGKI8yNuZyeo-yPm6j4oXHi7qopR-IBRTPbDsqQ
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame F2BD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 15:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Apr 2022 15:36:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F2BD 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 02 Apr 2022 17:17:59 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame F2BD 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c82a58123e9f042fb6f68695578cff668b16b22915e0a8cb8acca14741df2bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:14:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6367
x-xss-protection
0
server
cafe
etag
1939740185073438140
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Apr 2022 17:14:31 GMT
l
www.google.com/ads/measurement/ Frame F2BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUWbMhiFY7flBMuQjTQ6iSB0-CA5zudprYjSYaitY1zPJIgDw1JNadEbDgITc4A4HXb81ZLZFn8OJ7VjEElIwMNmIY-w
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
8385543450551322620
s0.2mdn.net/simgad/ Frame F2BD 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8385543450551322620
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ea2711155c00911dfa5f84af9477489f3908147d28fb328cf856593ff390822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 18:13:47 GMT
x-content-type-options
nosniff
age
255852
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76310
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 16:12:42 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Mar 2023 18:13:47 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FE9D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
13907
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 13:26:12 GMT
etag
48472445140208031
expires
Sun, 03 Apr 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame F6B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAh4SeR2yKWpTkJqpIc6Flk&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAh4SeR2yKWpTkJqpIc6Flk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhD9lnEY7oqTwAEwAQ&v=APEucNUnhrK4g47vgMXiJOFXGsxIZdDUZdbtlv0V-OR_yLf8pW0D0x2uVc-MjEl1Zz28PZWlrr3loSjmV7FHfmN_9pFgf1xXb5MSoWm7FeNbTAeDIAXraMRKtzEBWn2nYTjdW4EshreMb6WgjPozTzGBldzgR3uMszpI62KiFe5eDrFqB6VTTQA
Protocol
HTTP/1.1
Server
69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-245.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 02 Apr 2022 17:17:59 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAh4SeR2yKWpTkJqpIc6Flk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F6B6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkiFRzp8vi1ZJDnFZ9B05QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELmQ3PG-yEY67XdthEvKkoo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELmQ3PG-yEY67XdthEvKkoo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhD9lnEY7oqTwAEwAQ&v=APEucNUnhrK4g47vgMXiJOFXGsxIZdDUZdbtlv0V-OR_yLf8pW0D0x2uVc-MjEl1Zz28PZWlrr3loSjmV7FHfmN_9pFgf1xXb5MSoWm7FeNbTAeDIAXraMRKtzEBWn2nYTjdW4EshreMb6WgjPozTzGBldzgR3uMszpI62KiFe5eDrFqB6VTTQA
Protocol
HTTP/1.1
Server
69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-245.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 02 Apr 2022 17:17:59 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELmQ3PG-yEY67XdthEvKkoo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F6B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBCvCDa37B8oFDuDMjjAQao&google_cver=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBCvCDa37B8oFDuDMjjAQao&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhD9lnEY7oqTwAEwAQ&v=APEucNUnhrK4g47vgMXiJOFXGsxIZdDUZdbtlv0V-OR_yLf8pW0D0x2uVc-MjEl1Zz28PZWlrr3loSjmV7FHfmN_9pFgf1xXb5MSoWm7FeNbTAeDIAXraMRKtzEBWn2nYTjdW4EshreMb6WgjPozTzGBldzgR3uMszpI62KiFe5eDrFqB6VTTQA
Protocol
HTTP/1.1
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cc531087-521f-4c3a-b49c-1854c9e290a5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBCvCDa37B8oFDuDMjjAQao&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F6B6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0OTQ2Mzc1NzY2MTcxNTAzNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0OTQ2Mzc1NzY2MTcxNTAzNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhD9lnEY7oqTwAEwAQ&v=APEucNUnhrK4g47vgMXiJOFXGsxIZdDUZdbtlv0V-OR_yLf8pW0D0x2uVc-MjEl1Zz28PZWlrr3loSjmV7FHfmN_9pFgf1xXb5MSoWm7FeNbTAeDIAXraMRKtzEBWn2nYTjdW4EshreMb6WgjPozTzGBldzgR3uMszpI62KiFe5eDrFqB6VTTQA
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f8f07e39-b637-46e5-b02d-505cdcdb191b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0OTQ2Mzc1NzY2MTcxNTAzNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B414 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 17:17:58 GMT
expires
Sun, 02 Apr 2023 17:17:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 063B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
210311
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 06:52:48 GMT
expires
Fri, 31 Mar 2023 06:52:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.508.0_tr.html
imasdk.googleapis.com/js/core/ Frame 3B81 		592 KB
193 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.508.0_tr.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70965b5c853d94a20a4c5a0a2f543701961a4619d0fe65ad0719d2beb08995a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
30134
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
197303
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 08:55:45 GMT
expires
Sun, 02 Apr 2023 08:55:45 GMT
last-modified
Mon, 28 Mar 2022 15:10:05 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Apr 2022 17:17:59 GMT
10522896
panel.izlesene.com/api/player/npm_eokultv/ 		972 B
1008 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://panel.izlesene.com/api/player/npm_eokultv/10522896
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19084
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.7.176.4 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
nginx/1.4.4 /
Resource Hash
800720ad6518b86999da920fa6467c9325d0e2e924f90ab5580ed5584d7ae41c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
Content-Encoding
gzip
Server
nginx/1.4.4
Age
0
Access-Control-Allow-Methods
GET, POST
Content-Type
application/json
Via
1.1 varnish
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
X-Varnish
2963412658
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
565
Expires
Sat, 26 Jul 1997 05:00:00 GMT
favicon.ico
www.eokultv.com/ 		915 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.eokultv.com/favicon.ico
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.182.80.100 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
hosted-by.specialservers
Software
LiteSpeed /
Resource Hash
009b3ba6fd5dad87408bf0fb1304c5e7b4e7d7e0c1e2d8bdab346916e2d96302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:53 GMT
content-encoding
br
last-modified
Sat, 17 Dec 2016 17:27:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=9557600
accept-ranges
bytes
content-length
847
expires
Fri, 22 Jul 2022 08:11:13 GMT
truncated
/ Frame F2BD 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5745f58ab27f5f42808731ded9f55eb3fd715acc2fe9c295fe0144c25193736a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D960 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 02 Apr 2022 17:52:12 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F2BD 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuaZJc8POja6QYv7zVHIwtHMotSJuVX-E1uOvNzO6sipVjND85moIgH6II4tsNLkyGCnh4vNFq6lrf5G6-gAGvJZJ9GVCdwc31Ci0zfFSbg0eWekBVQ5TjhDecsoDRhbZDqIdI6O0muSYvi2hOCyTTC1q3y9LPctoUkaj6AAhj2KVLKUUaUe2tEwBIEc7z0nkytzQnvNoMFLC4H0DwSLcG1j2bMXW2Ul1PijnBtwplLeE41t5HQ48baHzbsPEGJUKa3cZ4ZGdkpSSPtlJK17BL9IY7-M6qazY9TQetlQpmAgzaDK_sdfWfaRgyIgbeGtqqF_FTF7C6BoJ8shanLBu84UCr3u5drFY8XkzwL5izxAkutpP3GkYWeVBc0qANmaTss4oeYGCdgxTxt0-hGcPmZDQrUwf-J90OY1skhCMHo11xUeY-L1xeI5xBzdJrhTDGEW5Mc8tRyy7DRhxGRh6TnxW0QscGHD-KmSI0pUCLx_Zep20v6q3PngOClPNdF2Rr8wmzwmPEMCy9pNvQ7DC7GyZ7hvSTkGw6OLMLryeJexTGXo88uEzY8T75Oc_mG9ysQ_fqZQN7N5fmCkMMzAoTWhARfS83MVDxafkDWHXvDUqDiaOuyBDiqKMrWrxVxDTuAoXrUW7FePf-Xud4RTZzlWIODp2yFWFjr9JGd1e_lTzkhcbDQ0H7nswxwlmP7mDkts3J0GwjEvJNHN4ScPUH1Fcw36oTdr-RUbSzL3eEs0T4p_NhnSWo8Aqw3Pou1FOgSMjrb1PxLy0aTJgw1CuSc2GVW_DG_X3hGJyiSy4nPzS-bI3UOqpR4v0G1MNyypsEQSEtgbxlLbkLJimd9xEehb_rKjqzAoD3QMsIuE-jDNjjsRqLdt5h0oHBI-jgM08d_hxE5SMCmq_OPkOXriaRqAEpi5_40ttIJc15RSbrPghSNho7-dzSUmf2H8es-cKjmMB3s4rvvkzdz5Fmwpnszi7HcQHfuxYwFKBjeZcWBtQqW8kUKg9wJ4_yVbODRu2ApjoSxzj-rtA94uFmF7wJ-MIRuQxTf6NNBneragOVd77JotJp9c4xsibPjW-LzIb9dpjjcajEiU4f-A_DERUeg3ttPPpJQr28WU8-DF6mKSJsK2XMy1dmZLsboHuxpXTKGHuxb1s58Cl828W_lyq452hmv-Kcw8M_H3bMmpjpKpPA_95x1jjCyA41QA3pq8jtBrRYDPc17LqO9omivWhPFHDeA7mB8r8xQ-qDQtheNpsg&sai=AMfl-YS4hDrJXbQry-O68P4n_7UIYOcxXNA0_NZp-szBWZzw1UwX3DcS36mp5czcRwm7ZV4yZ3F3lGs98MhkiN8L10oRUq_OmbNBzeQa7xPNmAgY72tu7aaERQPCXVpaPsWWZkmUBpNqHOeSJAIC30uBcAZDGOtc0YZodQWewtaZRKn_EEwwUk6glA0_zFWbXrOZAd3qn-MQpPLwryBtZj4R38UOL23S-D6zoAcBLBqgdNZ1hNODeeyG9ThN7ruwxZRnloMQvqINBP2yw8at-Sdah8KS_9M916RvhWgm4HYDhxc6&sig=Cg0ArKJSzPQlDI-Tnet3EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=106&vt=11&dtpt=105&dett=2&cstd=0&cisv=r20220330.36262&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Apr 2022 17:17:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
5fe2f0a3e4b0b8eb9e6627b1
ng2.virgul.com/tck/imp/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5fe2f0a3e4b0b8eb9e6627b1?scm=240000&g=1&t=google_banner&sdr=https&tp=&r=153631@site_geneli@eokultv:site_geneli&l=&info=&os=&mt=1648919878081&userId=vnetd2851632-a4dc-4b8c-9979-10d20ae100eb
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://www.eokultv.com
date
Sat, 02 Apr 2022 17:17:59 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6A8C 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY7sWavQEwAQ&v=APEucNXaxQASN137WfVVwXpxR-9vZ0GIMs8XqmMymmXGa4Wu0ykc-ffBgQrG-d538GpTA0mYnU9Y1DT2tc6Y2mRdeNnLnTKQEPzGzqkrauljpKgyL6otUHm50dPHi7ajWTnjVM4DLSn4GXyoKMK3NbAtr3mbiZT4Lgc_xb-GZwO_Jm46LC5ptzs
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 17:17:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame B414 		83 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxXxt_Ea3e2L1QXQZvGD1mwiYegb-Z4_Oj3BTs-uOJL4YgmZw4KaGfESIwpmpK2qvGMCBGtgQ1l9RvYGMWrl0vAPPyX7ov6PY1kzWLe0zj1gzisFtjFymGE0Ii_TbT82HTa8ACunLLoNyj5feNaaZGero_kw&dbm_d=AKAmf-DuF5EH4umhqRUmtUHhX_n_P0x9nvuJBBtAYZh1s12dZbkvG34nDV8Bo2D4upipr1qYGaK4p_nNRdfcx4OD7L5k1Ysvf8JTwVYUdqo-eODbsuKbFnCPQuENUtfQdLeHgw_Eae9Cdrfyk_UnF69uga6ElwsqwFLmApxLZpsTgfLC8dDkHElXRgRSs9r642qkiTrjFep73-vUY8NcHj1Q0Dyhucdj9m1ua7kYtvTjcIVohXpjyUvBOpGcRTymobmSqcrWiRmrXFtFEqofN4OcNE4bbEFqAbSgl0qYJEm7mX5kTtusyIcMyjALOF1qGzSIBujM9Zyt7kHnNUoTvmOHjE5jT0RHPsgpnTxpa4iYBeV_ONm0iCKV-A_0zaPND7x48H_sGd46lGMPnA2k3ps3e2c142CJKowixrReumrEru8N1f6SuaLABNTwPGNQilafTDj3ajyZqtXzbiWtJA9NgxzqQESi8vVdn0araQS5HoMTXuYHe4Y10XV05NE0PnBez5FCYClxVu63EzXHVrVIk5oIqyny88QeOzoTaXK_17qZhvwAspi30ruZQrbf3lTmlmtJzy4UvTDeqmY-aJydOZLhs5IcjldBXyRednM6eLvL2nMN4qnjEQpUUXbOBXr8yMSsVqxoPgHHOqDdMqQiQIO-_0EWbVRsS_Y8LCW6yKT4t_SDwGrEpOMVQbWdFTQu5iOnwP4IR0D1fkdaz-0rDcQx9qld5wxAAHOSIbQuVtmJWmjjw1EK4Lj1TyfMBkGi75zq0U9bC3gVg2Tp4h-9ChAqkhbo3lwdqaZ-bae1ewSvvqZYw-DJpeO4pzHRPehVOov28ruq7LVmG45P9samcYMgLOjT9zoPtzzV-aOT8vApIYYvrvtLc3G2R5f2EXFt0HaTS8r1d2JXJ0ik24N7Kbz-Y-l-ltoNnAxuxM628kRbo_KrYVS6luYWUyRZ2X4BRYTUGYVVKkni2QavVH6X_k9w4iWLOaHOFNV8WwP5uyBLUhdo3PJmoNAhWAtgR7mnXTFygZ3MqkBPWT-5t7Oy9sPGLi7AkZ8XBLhMqOn2gmGZDezycx2m6kRWntqDwbMYlj-VNVvvY28qJMmHIhpa-uNZuZRd_7owL285hSJ6-tm46fH60gkNycDz6I68CKBe_0L39kfr8K0u3_nZvmG_yHGdsDcYfnlIh1u7rr4l1MSXn7yHrpmhYSzWZiTAUbjZ2ErZvlA8zd9bhqop2LUg-sdHOVbEug-A7jZHYjZxVMUbfj4Pd1-i3Cw830HSK3G7h7GRBDKX4EN-JTAW4PqICtePyH0KbIHFJSJOcmx0OnvEvNGfyYWUzuL2m506N6yEybZ3sAsd6JldfUnq7Tn9ulAacAaEf-nf_BxtxTQVXnHJxvAgUkJ1xnwVl008K9xLbgEHJxKx1f54ZEQGSfFKM2YVCzQPqf9NzoHB585YuMf6w8OEVIR8SEhM3y6Oz4QMJyooVzeMT1OV1KVeZbpfNG_NnFRJMXI1Iaeoxnh3iBRzjK-FVsssXvgWZcza7Q0PRkXDxnz6ojCv0PP0qluvnEFbjUUb-A0Vx0GMepmIs_XeMpJeqdPWQWfPTFpOJX4GRGuXgU9r216AIWqnNG9x5awG7N7aEW3vMmtsKepPAQDaii9FElZd2j87QcsOqqVl9fTaE-HGTczhNdQ-YE-FMrMIAAQl2-d-dX-vU85Fr1NvbtlLm6oyMz3FHglVPMqdEoUKD3ugpnz76rYnO15nIOWz925uyr5py5ak3afqDbfXQdgTau8GOVyQuq_Rn0qiY_qpJbtkP5yHW67I6py-w66nSLVTkFZ3JuYPVdggFyG6RXzMEU9QauElCbfcDofHK_J6ZhQbOTKSs3kXjA9Kwyd3JSIgNHMg-y4v4kI3t7bE5XPf79gyrbdX9FCRR3c2kJcv8w0Ist_dHF_QV3Kml0cTip-WvnfHzt0m5i20e_Jj700aHtlDCZY1xLffRO9gq9XrIFk4kdzWMjB7_ExIF3VwMLMQEUJyZWZmYxF3Wrp3DUbjE3zh4S1Pk7eJ4kAx2QdDlp7CiTumQ437S9NDDgjB4ZNzmzOC-jvUa0jGiG7KrM38tV7BUG9FvIOa1A0FsgdLCrZPnWnJmkxNymYXJj4Hjx63z0AFwRkfNSeEHMRd9hJiRci4RdPVACB_GzP-ZVg6NIU9BOvqeCnpQWi-qCoEHIyCS1vQ6LzSsDVNloCZ2hSL_axvoSr9GNJfWwlEXS0p8liwIwiAomV1RP6EVQvs_lFYnrAM6wFsFiy69ZFjsq4LTBPPVGA0PQFtdeAXihfn1GTkMEj8xEIhSS1-XI2psP9nsZKskJpBc-S-bM40sFZhBJIG8wQJRsrxzaOmlDt7cWmshpODAYvrJUWeyHivAvmjOcxKi4SXv493ssjgnsKrujXf60F7db_thoxp71yYLjuhV00XzhQnwJ5fLbv29m4F3p5T-UEhtenVe-sdEbA6rg21xBkFlVSkx1DQTxPdxTc-e4NN7JNDCHGShR4p3CXSNCWuIG6fcs0-A4g3WJd4VxW_QtqX38QypA5oHwyOA5VemDvf8s8S8MwcljsN2xa-csyCYGJBHzMJs9rdsscJs_ZPFGZ4ienu5Xsuy_YQjbOPMRNY5-IW7eClsEVQcfuTaOfi28GcHnCRchwR263zibPz7uejY1w2qCPA5ARfCXS9Hm_r7xF2KacWgpvHxp_P4hHu9OZMubeMpVuUHbifmqyRp8sM0P85RWFmF7g5-zjdH5nEhlAf7YYHLrQKaq1zscNbr0SRUyVp32p5nuy04nykn5MnKZyzgLcBSZVqSS977WBhP_P7k9ZaKlJZSoz10gVEwzNflr6fJrOSVi8dS7YbS0U1jjrPjw9USVdlsdVyCg_0eSXNLpIJwf7pdYT-HQJpY3IuGT4MMQDlu4hxfBRhCzK0m1MdSk9IVuyoVQrvT0Shb64iP2acIr1Ap5ukafFk18eOtHiDcAFMCsbnhV2w17Sfw-XLfDa8jhZjC2ULmxpSuCcFmROaojHd3jq8KPH-CO9nHjruA19cL11XPBX8ZBjYtlq5-2N9q6AdyEvDpJCYScsSKFoczSI7rCgMuAiKNOnT5_p5K-StSp2tGWYZq3u1ITwqLyF4oiWtbP5ntocQ1MGhYhrt3Sue4FrnVLcYTAYrNFb1pot6KwJDlvprIsFboo37x9fdCpywmXDB9o0ByCh_ayBlwCi24rv0YjWNMJ2DCpzwJv8PnzMgnAs0PlH92txKA9B0hMmSbsEeyMEu8Kb-BjGkHTUyg9PKtq1rQPu4NyIFRACKcH6HROadPjcHFxgXqdTt4NninMV46ugRiDza4k9lZyG0_qg20qf9RHYcdvQgZs7EIzxFgI4&cid=CAASJeRoeXuGOJgwoy1frc9zKpkUXntBYCJESjhPTNwMIXoX7Yh7_DY&rfl=1%2Chttps%253A%252F%252Fwww.eokultv.com%252F%240
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e11dae2495cb8616b96cdd17e029cc781634e1550685294455ce4a4eb45657e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34315
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B414 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B55AgNjRymOJmcHnbqMWvu7mnlBGYyR_HM0iVaX5qTWDNRhPzG4KuUyZBMWrrXfcQl8bQsujYaYKP6Ai6Mxzgix7VmEiMAe5Jr2IgZzXc5y7ip9zc
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame B414 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15481227570&pubId=1&placementId=396796654&adsafe_par&bundleId=&dealId=&bidurl=https://www.eokultv.com/
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.144.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-144-205.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
247facfe10aae5497ef8f4978c5cf2f2b69b6a67347e1f64895164e59e5ea62b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
gzip
x-server-name
app10.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame B414 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:11:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
360
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Apr 2022 17:11:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B414 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 02 Apr 2022 17:17:59 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame B414 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Apr 2022 17:17:31 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame FE9D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAAwISpzs0FZFMZB2LcZD2U&google_cver=1&google_push=AYg5qPL4AUy8FDO884PLFnW0o3PlxLjcCzT8zFW5NpLilaz1f2_gzyz40tqG-RV75aSUQALAtSflndxql4PuawMPfqYsmOP5Zv0
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA1MDYzMTM5OTc2MjI2ODQzNA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHEkKjhnAKzK6ILF5AM-IKc&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHEkKjhnAKzK6ILF5AM-IKc&google_cver=1
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHEkKjhnAKzK6ILF5AM-IKc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame FE9D 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGdo-0n0QVPAUpt3wUHTaVg&google_cver=1&google_push=AYg5qPLiyz47JU18amEz-5HYKAVyr2HMNSyYGOBR8gY7uNcp1dYlat4Tsc3ClzjSxdyYhCf41Bn7k660buWVqPHmNFj9cdZA0Kzw
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame FE9D
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEIj7CHJ5me573CEoSRjhxwg&google_cver=1&google_push=AYg5qPIKGho0cUMjqitW5j1UfX9cGjEN9MVpmQDykP1WL9e4qbIJHYh8yFVQDLNaHpTE85oPciyv-1q7Fp4Dhyytt-O2SGm9PRE
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E091AEA1DD4D4C56A8296EC52DF39C32&google_push=AYg5qPIKGho0cUMjqitW5j1UfX9cGjEN9MVpmQDykP1WL9e4qbIJHYh8yFVQDLNaHpTE85oPciyv-1q7Fp4Dhyy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E091AEA1DD4D4C56A8296EC52DF39C32&google_push=AYg5qPIKGho0cUMjqitW5j1UfX9cGjEN9MVpmQDykP1WL9e4qbIJHYh8yFVQDLNaHpTE85oPciyv-1q7Fp4Dhyytt-O2SGm9PRE
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 02 Apr 2022 17:17:59 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E091AEA1DD4D4C56A8296EC52DF39C32&google_push=AYg5qPIKGho0cUMjqitW5j1UfX9cGjEN9MVpmQDykP1WL9e4qbIJHYh8yFVQDLNaHpTE85oPciyv-1q7Fp4Dhyytt-O2SGm9PRE
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 01 Apr 2022 17:17:59 GMT
google
match.adsrvr.org/track/cmf/ Frame FE9D 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFYLI1HLZ4lAIDI0sazf1y8&google_cver=1&google_push=AYg5qPKSQaOjKfCpPjLg2wKMdlU14y-LpEik6iKG_m4Q0KYWrtbV4yyMpIO3smb5hYmS1m8Yg1GqUejjLI-aD8qDewg168BjohBA
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame FE9D
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESECDn9w1M9JxfILoacl_P6Ps&google_cver=1&google_push=AYg5qPJmNWbUjyTctvjnQBlvX1qPq6JrzEU2cIKCe-kXkXafN6ve0RElxI2mIf3MRBU86rUeqYMj-szpOq1oCX2sHL-jmQz...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESECDn9w1M9JxfILoacl_P6Ps&google_cver=1&google_push=AYg5qPJmNWbUjyTctvjnQBlvX1qPq6JrzEU2cIKCe-kXkXafN6ve0RElxI2mIf3MRBU86rUeqYMj-szpOq1oCX2sHL-jm...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJmNWbUjyTctvjnQBlvX1qPq6JrzEU2cIKCe-kXkXafN6ve0RElxI2mIf3MRBU86rUeqYMj-szpOq1oCX2sHL-jmQz5K0LV
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJmNWbUjyTctvjnQBlvX1qPq6JrzEU2cIKCe-kXkXafN6ve0RElxI2mIf3MRBU86rUeqYMj-szpOq1oCX2sHL-jmQz5K0LV
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJmNWbUjyTctvjnQBlvX1qPq6JrzEU2cIKCe-kXkXafN6ve0RElxI2mIf3MRBU86rUeqYMj-szpOq1oCX2sHL-jmQz5K0LV
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame FE9D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bY4PdLL2TMmXM7bCTa3c1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bY4PdLL2TMmXM7bCTa3c1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJt-cA0CKCuADBS1gJZXOpidAtEk8oaz1p_wRMXfSwm3vICKsedxnX4SoOu7n2lGLp3ZPSMSqJauV9mcnRi9lDAV2j8xPfg
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bY4PdLL2TMmXM7bCTa3c1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJt-cA0CKCuADBS1gJZXOpidAtEk8oaz1p_wRMXfSwm3vICKsedxnX4SoOu7n2lGLp3ZPSMSqJauV9mcnRi9lDAV2j8xPfg
date
Sat, 02 Apr 2022 17:17:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame FE9D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOUvUm4kXLxar3RB64rJNpA&google_cver=1&google_push=AYg5qPKkMgWK1a83_9mxMVDEjj7m5rU7tOWtvNFp-NJUiz1SUVAArZVkkJXrk9tn2PDWrvaBLt...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOUvUm4kXLxar3RB64rJNpA&google_cver=1&google_push=AYg5qPKkMgWK1a83_9mxMVDEjj7m5rU7tOWtvNFp-NJUiz1SUVAArZVkkJXrk9tn2PDWrvaBLt...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS13N3FLbjJKRTJ1RkZTVkdWVmo0TGVtb2c3RVZqWFZMMX5B&google_push=AYg5qPKkMgWK1a83_9mxMVDEjj7m5rU7tOWtvNFp-NJUiz1SUVAArZVkk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS13N3FLbjJKRTJ1RkZTVkdWVmo0TGVtb2c3RVZqWFZMMX5B&google_push=AYg5qPKkMgWK1a83_9mxMVDEjj7m5rU7tOWtvNFp-NJUiz1SUVAArZVkkJXrk9tn2PDWrvaBLtOXKPQaNzlROoY-dSQK3N8mVToczg
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS13N3FLbjJKRTJ1RkZTVkdWVmo0TGVtb2c3RVZqWFZMMX5B&google_push=AYg5qPKkMgWK1a83_9mxMVDEjj7m5rU7tOWtvNFp-NJUiz1SUVAArZVkkJXrk9tn2PDWrvaBLtOXKPQaNzlROoY-dSQK3N8mVToczg
date
Sat, 02 Apr 2022 17:17:59 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame FE9D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K8qHOiE_nWXMtbnN9CyCJ-3iVZuGKLbGENU9XQ4OfFq1BH2N--iNS-5MPf5lzfIFBjNM4zXA
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
xnyDcLTJFFqRrOSh_tGs93TmBGWOIlQl9rUvBjKFBOc.js
pagead2.googlesyndication.com/bg/ Frame 063B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/xnyDcLTJFFqRrOSh_tGs93TmBGWOIlQl9rUvBjKFBOc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c67c8370b4c9145a91ace4a1fed1acf774e604658e225425f6b52f06328504e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
129433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13781
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Apr 2023 05:20:46 GMT
rum
dsum-sec.casalemedia.com/ Frame 6A8C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELmQ3PG-yEY67XdthEvKkoo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELmQ3PG-yEY67XdthEvKkoo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY7sWavQEwAQ&v=APEucNXaxQASN137WfVVwXpxR-9vZ0GIMs8XqmMymmXGa4Wu0ykc-ffBgQrG-d538GpTA0mYnU9Y1DT2tc6Y2mRdeNnLnTKQEPzGzqkrauljpKgyL6otUHm50dPHi7ajWTnjVM4DLSn4GXyoKMK3NbAtr3mbiZT4Lgc_xb-GZwO_Jm46LC5ptzs
Protocol
HTTP/1.1
Server
69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-245.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 02 Apr 2022 17:17:59 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELmQ3PG-yEY67XdthEvKkoo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6A8C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkiFRzp8vi1ZJDnFZ9B05QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELmQ3PG-yEY67XdthEvKkoo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELmQ3PG-yEY67XdthEvKkoo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY7sWavQEwAQ&v=APEucNXaxQASN137WfVVwXpxR-9vZ0GIMs8XqmMymmXGa4Wu0ykc-ffBgQrG-d538GpTA0mYnU9Y1DT2tc6Y2mRdeNnLnTKQEPzGzqkrauljpKgyL6otUHm50dPHi7ajWTnjVM4DLSn4GXyoKMK3NbAtr3mbiZT4Lgc_xb-GZwO_Jm46LC5ptzs
Protocol
HTTP/1.1
Server
69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-245.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 02 Apr 2022 17:17:59 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELmQ3PG-yEY67XdthEvKkoo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6A8C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBCvCDa37B8oFDuDMjjAQao&google_cver=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBCvCDa37B8oFDuDMjjAQao&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY7sWavQEwAQ&v=APEucNXaxQASN137WfVVwXpxR-9vZ0GIMs8XqmMymmXGa4Wu0ykc-ffBgQrG-d538GpTA0mYnU9Y1DT2tc6Y2mRdeNnLnTKQEPzGzqkrauljpKgyL6otUHm50dPHi7ajWTnjVM4DLSn4GXyoKMK3NbAtr3mbiZT4Lgc_xb-GZwO_Jm46LC5ptzs
Protocol
HTTP/1.1
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cffda3d1-ffff-4e49-a2c1-8288bf718906
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBCvCDa37B8oFDuDMjjAQao&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6A8C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0OTQ2Mzc1NzY2MTcxNTAzNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0OTQ2Mzc1NzY2MTcxNTAzNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY7sWavQEwAQ&v=APEucNXaxQASN137WfVVwXpxR-9vZ0GIMs8XqmMymmXGa4Wu0ykc-ffBgQrG-d538GpTA0mYnU9Y1DT2tc6Y2mRdeNnLnTKQEPzGzqkrauljpKgyL6otUHm50dPHi7ajWTnjVM4DLSn4GXyoKMK3NbAtr3mbiZT4Lgc_xb-GZwO_Jm46LC5ptzs
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
17655416-2852-48da-b938-cb8a3fd30497
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0OTQ2Mzc1NzY2MTcxNTAzNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame B414 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
Origin
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 13:42:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 03 Apr 2022 13:42:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/ Frame B414 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxXxt_Ea3e2L1QXQZvGD1mwiYegb-Z4_Oj3BTs-uOJL4YgmZw4KaGfESIwpmpK2qvGMCBGtgQ1l9RvYGMWrl0vAPPyX7ov6PY1kzWLe0zj1gzisFtjFymGE0Ii_TbT82HTa8ACunLLoNyj5feNaaZGero_kw&dbm_d=AKAmf-DuF5EH4umhqRUmtUHhX_n_P0x9nvuJBBtAYZh1s12dZbkvG34nDV8Bo2D4upipr1qYGaK4p_nNRdfcx4OD7L5k1Ysvf8JTwVYUdqo-eODbsuKbFnCPQuENUtfQdLeHgw_Eae9Cdrfyk_UnF69uga6ElwsqwFLmApxLZpsTgfLC8dDkHElXRgRSs9r642qkiTrjFep73-vUY8NcHj1Q0Dyhucdj9m1ua7kYtvTjcIVohXpjyUvBOpGcRTymobmSqcrWiRmrXFtFEqofN4OcNE4bbEFqAbSgl0qYJEm7mX5kTtusyIcMyjALOF1qGzSIBujM9Zyt7kHnNUoTvmOHjE5jT0RHPsgpnTxpa4iYBeV_ONm0iCKV-A_0zaPND7x48H_sGd46lGMPnA2k3ps3e2c142CJKowixrReumrEru8N1f6SuaLABNTwPGNQilafTDj3ajyZqtXzbiWtJA9NgxzqQESi8vVdn0araQS5HoMTXuYHe4Y10XV05NE0PnBez5FCYClxVu63EzXHVrVIk5oIqyny88QeOzoTaXK_17qZhvwAspi30ruZQrbf3lTmlmtJzy4UvTDeqmY-aJydOZLhs5IcjldBXyRednM6eLvL2nMN4qnjEQpUUXbOBXr8yMSsVqxoPgHHOqDdMqQiQIO-_0EWbVRsS_Y8LCW6yKT4t_SDwGrEpOMVQbWdFTQu5iOnwP4IR0D1fkdaz-0rDcQx9qld5wxAAHOSIbQuVtmJWmjjw1EK4Lj1TyfMBkGi75zq0U9bC3gVg2Tp4h-9ChAqkhbo3lwdqaZ-bae1ewSvvqZYw-DJpeO4pzHRPehVOov28ruq7LVmG45P9samcYMgLOjT9zoPtzzV-aOT8vApIYYvrvtLc3G2R5f2EXFt0HaTS8r1d2JXJ0ik24N7Kbz-Y-l-ltoNnAxuxM628kRbo_KrYVS6luYWUyRZ2X4BRYTUGYVVKkni2QavVH6X_k9w4iWLOaHOFNV8WwP5uyBLUhdo3PJmoNAhWAtgR7mnXTFygZ3MqkBPWT-5t7Oy9sPGLi7AkZ8XBLhMqOn2gmGZDezycx2m6kRWntqDwbMYlj-VNVvvY28qJMmHIhpa-uNZuZRd_7owL285hSJ6-tm46fH60gkNycDz6I68CKBe_0L39kfr8K0u3_nZvmG_yHGdsDcYfnlIh1u7rr4l1MSXn7yHrpmhYSzWZiTAUbjZ2ErZvlA8zd9bhqop2LUg-sdHOVbEug-A7jZHYjZxVMUbfj4Pd1-i3Cw830HSK3G7h7GRBDKX4EN-JTAW4PqICtePyH0KbIHFJSJOcmx0OnvEvNGfyYWUzuL2m506N6yEybZ3sAsd6JldfUnq7Tn9ulAacAaEf-nf_BxtxTQVXnHJxvAgUkJ1xnwVl008K9xLbgEHJxKx1f54ZEQGSfFKM2YVCzQPqf9NzoHB585YuMf6w8OEVIR8SEhM3y6Oz4QMJyooVzeMT1OV1KVeZbpfNG_NnFRJMXI1Iaeoxnh3iBRzjK-FVsssXvgWZcza7Q0PRkXDxnz6ojCv0PP0qluvnEFbjUUb-A0Vx0GMepmIs_XeMpJeqdPWQWfPTFpOJX4GRGuXgU9r216AIWqnNG9x5awG7N7aEW3vMmtsKepPAQDaii9FElZd2j87QcsOqqVl9fTaE-HGTczhNdQ-YE-FMrMIAAQl2-d-dX-vU85Fr1NvbtlLm6oyMz3FHglVPMqdEoUKD3ugpnz76rYnO15nIOWz925uyr5py5ak3afqDbfXQdgTau8GOVyQuq_Rn0qiY_qpJbtkP5yHW67I6py-w66nSLVTkFZ3JuYPVdggFyG6RXzMEU9QauElCbfcDofHK_J6ZhQbOTKSs3kXjA9Kwyd3JSIgNHMg-y4v4kI3t7bE5XPf79gyrbdX9FCRR3c2kJcv8w0Ist_dHF_QV3Kml0cTip-WvnfHzt0m5i20e_Jj700aHtlDCZY1xLffRO9gq9XrIFk4kdzWMjB7_ExIF3VwMLMQEUJyZWZmYxF3Wrp3DUbjE3zh4S1Pk7eJ4kAx2QdDlp7CiTumQ437S9NDDgjB4ZNzmzOC-jvUa0jGiG7KrM38tV7BUG9FvIOa1A0FsgdLCrZPnWnJmkxNymYXJj4Hjx63z0AFwRkfNSeEHMRd9hJiRci4RdPVACB_GzP-ZVg6NIU9BOvqeCnpQWi-qCoEHIyCS1vQ6LzSsDVNloCZ2hSL_axvoSr9GNJfWwlEXS0p8liwIwiAomV1RP6EVQvs_lFYnrAM6wFsFiy69ZFjsq4LTBPPVGA0PQFtdeAXihfn1GTkMEj8xEIhSS1-XI2psP9nsZKskJpBc-S-bM40sFZhBJIG8wQJRsrxzaOmlDt7cWmshpODAYvrJUWeyHivAvmjOcxKi4SXv493ssjgnsKrujXf60F7db_thoxp71yYLjuhV00XzhQnwJ5fLbv29m4F3p5T-UEhtenVe-sdEbA6rg21xBkFlVSkx1DQTxPdxTc-e4NN7JNDCHGShR4p3CXSNCWuIG6fcs0-A4g3WJd4VxW_QtqX38QypA5oHwyOA5VemDvf8s8S8MwcljsN2xa-csyCYGJBHzMJs9rdsscJs_ZPFGZ4ienu5Xsuy_YQjbOPMRNY5-IW7eClsEVQcfuTaOfi28GcHnCRchwR263zibPz7uejY1w2qCPA5ARfCXS9Hm_r7xF2KacWgpvHxp_P4hHu9OZMubeMpVuUHbifmqyRp8sM0P85RWFmF7g5-zjdH5nEhlAf7YYHLrQKaq1zscNbr0SRUyVp32p5nuy04nykn5MnKZyzgLcBSZVqSS977WBhP_P7k9ZaKlJZSoz10gVEwzNflr6fJrOSVi8dS7YbS0U1jjrPjw9USVdlsdVyCg_0eSXNLpIJwf7pdYT-HQJpY3IuGT4MMQDlu4hxfBRhCzK0m1MdSk9IVuyoVQrvT0Shb64iP2acIr1Ap5ukafFk18eOtHiDcAFMCsbnhV2w17Sfw-XLfDa8jhZjC2ULmxpSuCcFmROaojHd3jq8KPH-CO9nHjruA19cL11XPBX8ZBjYtlq5-2N9q6AdyEvDpJCYScsSKFoczSI7rCgMuAiKNOnT5_p5K-StSp2tGWYZq3u1ITwqLyF4oiWtbP5ntocQ1MGhYhrt3Sue4FrnVLcYTAYrNFb1pot6KwJDlvprIsFboo37x9fdCpywmXDB9o0ByCh_ayBlwCi24rv0YjWNMJ2DCpzwJv8PnzMgnAs0PlH92txKA9B0hMmSbsEeyMEu8Kb-BjGkHTUyg9PKtq1rQPu4NyIFRACKcH6HROadPjcHFxgXqdTt4NninMV46ugRiDza4k9lZyG0_qg20qf9RHYcdvQgZs7EIzxFgI4&cid=CAASJeRoeXuGOJgwoy1frc9zKpkUXntBYCJESjhPTNwMIXoX7Yh7_DY&rfl=1%2Chttps%253A%252F%252Fwww.eokultv.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:04:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
785
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Apr 2022 17:04:54 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame B414 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxXxt_Ea3e2L1QXQZvGD1mwiYegb-Z4_Oj3BTs-uOJL4YgmZw4KaGfESIwpmpK2qvGMCBGtgQ1l9RvYGMWrl0vAPPyX7ov6PY1kzWLe0zj1gzisFtjFymGE0Ii_TbT82HTa8ACunLLoNyj5feNaaZGero_kw&dbm_d=AKAmf-DuF5EH4umhqRUmtUHhX_n_P0x9nvuJBBtAYZh1s12dZbkvG34nDV8Bo2D4upipr1qYGaK4p_nNRdfcx4OD7L5k1Ysvf8JTwVYUdqo-eODbsuKbFnCPQuENUtfQdLeHgw_Eae9Cdrfyk_UnF69uga6ElwsqwFLmApxLZpsTgfLC8dDkHElXRgRSs9r642qkiTrjFep73-vUY8NcHj1Q0Dyhucdj9m1ua7kYtvTjcIVohXpjyUvBOpGcRTymobmSqcrWiRmrXFtFEqofN4OcNE4bbEFqAbSgl0qYJEm7mX5kTtusyIcMyjALOF1qGzSIBujM9Zyt7kHnNUoTvmOHjE5jT0RHPsgpnTxpa4iYBeV_ONm0iCKV-A_0zaPND7x48H_sGd46lGMPnA2k3ps3e2c142CJKowixrReumrEru8N1f6SuaLABNTwPGNQilafTDj3ajyZqtXzbiWtJA9NgxzqQESi8vVdn0araQS5HoMTXuYHe4Y10XV05NE0PnBez5FCYClxVu63EzXHVrVIk5oIqyny88QeOzoTaXK_17qZhvwAspi30ruZQrbf3lTmlmtJzy4UvTDeqmY-aJydOZLhs5IcjldBXyRednM6eLvL2nMN4qnjEQpUUXbOBXr8yMSsVqxoPgHHOqDdMqQiQIO-_0EWbVRsS_Y8LCW6yKT4t_SDwGrEpOMVQbWdFTQu5iOnwP4IR0D1fkdaz-0rDcQx9qld5wxAAHOSIbQuVtmJWmjjw1EK4Lj1TyfMBkGi75zq0U9bC3gVg2Tp4h-9ChAqkhbo3lwdqaZ-bae1ewSvvqZYw-DJpeO4pzHRPehVOov28ruq7LVmG45P9samcYMgLOjT9zoPtzzV-aOT8vApIYYvrvtLc3G2R5f2EXFt0HaTS8r1d2JXJ0ik24N7Kbz-Y-l-ltoNnAxuxM628kRbo_KrYVS6luYWUyRZ2X4BRYTUGYVVKkni2QavVH6X_k9w4iWLOaHOFNV8WwP5uyBLUhdo3PJmoNAhWAtgR7mnXTFygZ3MqkBPWT-5t7Oy9sPGLi7AkZ8XBLhMqOn2gmGZDezycx2m6kRWntqDwbMYlj-VNVvvY28qJMmHIhpa-uNZuZRd_7owL285hSJ6-tm46fH60gkNycDz6I68CKBe_0L39kfr8K0u3_nZvmG_yHGdsDcYfnlIh1u7rr4l1MSXn7yHrpmhYSzWZiTAUbjZ2ErZvlA8zd9bhqop2LUg-sdHOVbEug-A7jZHYjZxVMUbfj4Pd1-i3Cw830HSK3G7h7GRBDKX4EN-JTAW4PqICtePyH0KbIHFJSJOcmx0OnvEvNGfyYWUzuL2m506N6yEybZ3sAsd6JldfUnq7Tn9ulAacAaEf-nf_BxtxTQVXnHJxvAgUkJ1xnwVl008K9xLbgEHJxKx1f54ZEQGSfFKM2YVCzQPqf9NzoHB585YuMf6w8OEVIR8SEhM3y6Oz4QMJyooVzeMT1OV1KVeZbpfNG_NnFRJMXI1Iaeoxnh3iBRzjK-FVsssXvgWZcza7Q0PRkXDxnz6ojCv0PP0qluvnEFbjUUb-A0Vx0GMepmIs_XeMpJeqdPWQWfPTFpOJX4GRGuXgU9r216AIWqnNG9x5awG7N7aEW3vMmtsKepPAQDaii9FElZd2j87QcsOqqVl9fTaE-HGTczhNdQ-YE-FMrMIAAQl2-d-dX-vU85Fr1NvbtlLm6oyMz3FHglVPMqdEoUKD3ugpnz76rYnO15nIOWz925uyr5py5ak3afqDbfXQdgTau8GOVyQuq_Rn0qiY_qpJbtkP5yHW67I6py-w66nSLVTkFZ3JuYPVdggFyG6RXzMEU9QauElCbfcDofHK_J6ZhQbOTKSs3kXjA9Kwyd3JSIgNHMg-y4v4kI3t7bE5XPf79gyrbdX9FCRR3c2kJcv8w0Ist_dHF_QV3Kml0cTip-WvnfHzt0m5i20e_Jj700aHtlDCZY1xLffRO9gq9XrIFk4kdzWMjB7_ExIF3VwMLMQEUJyZWZmYxF3Wrp3DUbjE3zh4S1Pk7eJ4kAx2QdDlp7CiTumQ437S9NDDgjB4ZNzmzOC-jvUa0jGiG7KrM38tV7BUG9FvIOa1A0FsgdLCrZPnWnJmkxNymYXJj4Hjx63z0AFwRkfNSeEHMRd9hJiRci4RdPVACB_GzP-ZVg6NIU9BOvqeCnpQWi-qCoEHIyCS1vQ6LzSsDVNloCZ2hSL_axvoSr9GNJfWwlEXS0p8liwIwiAomV1RP6EVQvs_lFYnrAM6wFsFiy69ZFjsq4LTBPPVGA0PQFtdeAXihfn1GTkMEj8xEIhSS1-XI2psP9nsZKskJpBc-S-bM40sFZhBJIG8wQJRsrxzaOmlDt7cWmshpODAYvrJUWeyHivAvmjOcxKi4SXv493ssjgnsKrujXf60F7db_thoxp71yYLjuhV00XzhQnwJ5fLbv29m4F3p5T-UEhtenVe-sdEbA6rg21xBkFlVSkx1DQTxPdxTc-e4NN7JNDCHGShR4p3CXSNCWuIG6fcs0-A4g3WJd4VxW_QtqX38QypA5oHwyOA5VemDvf8s8S8MwcljsN2xa-csyCYGJBHzMJs9rdsscJs_ZPFGZ4ienu5Xsuy_YQjbOPMRNY5-IW7eClsEVQcfuTaOfi28GcHnCRchwR263zibPz7uejY1w2qCPA5ARfCXS9Hm_r7xF2KacWgpvHxp_P4hHu9OZMubeMpVuUHbifmqyRp8sM0P85RWFmF7g5-zjdH5nEhlAf7YYHLrQKaq1zscNbr0SRUyVp32p5nuy04nykn5MnKZyzgLcBSZVqSS977WBhP_P7k9ZaKlJZSoz10gVEwzNflr6fJrOSVi8dS7YbS0U1jjrPjw9USVdlsdVyCg_0eSXNLpIJwf7pdYT-HQJpY3IuGT4MMQDlu4hxfBRhCzK0m1MdSk9IVuyoVQrvT0Shb64iP2acIr1Ap5ukafFk18eOtHiDcAFMCsbnhV2w17Sfw-XLfDa8jhZjC2ULmxpSuCcFmROaojHd3jq8KPH-CO9nHjruA19cL11XPBX8ZBjYtlq5-2N9q6AdyEvDpJCYScsSKFoczSI7rCgMuAiKNOnT5_p5K-StSp2tGWYZq3u1ITwqLyF4oiWtbP5ntocQ1MGhYhrt3Sue4FrnVLcYTAYrNFb1pot6KwJDlvprIsFboo37x9fdCpywmXDB9o0ByCh_ayBlwCi24rv0YjWNMJ2DCpzwJv8PnzMgnAs0PlH92txKA9B0hMmSbsEeyMEu8Kb-BjGkHTUyg9PKtq1rQPu4NyIFRACKcH6HROadPjcHFxgXqdTt4NninMV46ugRiDza4k9lZyG0_qg20qf9RHYcdvQgZs7EIzxFgI4&cid=CAASJeRoeXuGOJgwoy1frc9zKpkUXntBYCJESjhPTNwMIXoX7Yh7_DY&rfl=1%2Chttps%253A%252F%252Fwww.eokultv.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Apr 2022 17:17:06 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B414 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 13:41:03 GMT
main.gr.19.8.299.js
static.adsafeprotected.com/ Frame B414 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.299.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15481227570&pubId=1&placementId=396796654&adsafe_par&bundleId=&dealId=&bidurl=https://www.eokultv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:4a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 20:37:01 GMT
content-encoding
gzip
age
2234459
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Mar 2022 19:11:01 GMT
server
AmazonS3
etag
W/"587738d3e44b43a2620f42eb51d89fbf"
vary
Accept-Encoding
x-amz-version-id
kp2GPcLunARmvxyYiu0RKpd0_UaoR.nW
via
1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
content-type
application/javascript
x-amz-cf-id
JTioJcesiS6PRbGti9mD_tqOIf06SSudUW9rEdEnDiiH18g8WjK2xg==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 56EC 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
13907
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 13:26:12 GMT
etag
48472445140208031
expires
Sun, 03 Apr 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B414 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c02ca0f1753e4c68ab8a16c9269561ab75790aab55506299c5867c3d3a78fe98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/18373632269202048398/ Frame B8BD 		1 KB
620 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18373632269202048398/index.html?e=69&leftOffset=0&topOffset=0&c=RU0O2hr8RI&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a88c0234ddc2f151a1bdf3566202b5ba41e28bc5e8fac05c2108aa162d50199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
592
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 17:17:59 GMT
expires
Sun, 02 Apr 2023 17:17:59 GMT
last-modified
Thu, 20 Jan 2022 09:06:45 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B414 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssScRtEib4r7nfzeyq6FuwAbvskQ5lCoZpj8biO41d28Q29fzBgqbwaAmfT0AO2fgLkdOG79BnymiAN3X0vnLISxrHorha4KmV_1FzoPTy2RT1KnSEYdZ9kVfH8LDiNplXSxT1fWmDRN8dUlz4a9zsHrei05PqEFfwaovU8zGORwEmUovucpXIPpx2IKCI9ynLdOjtEwzmfAeDoNa2DkDxX-ukZsq64Lp3wfdvOP2MsmZ9R8zarEOU7QCKtHg-9_zJTUe73kCrbtcc-HmRZcUkAmO_eZqWfkZdzJWE5nPQJS1dd7gKJxhK9iyyj6cmQSCJBDqSWQB2j7iUWXKrGhnmFF-9NatGCO9UHirk_2KkowNziSjFxZTUSJ8tV6TewErVYhUSvK2y92fyf5Oebe9JGDyDxJPoGwHTVR64-Rss_DC3xP6nn1b1c0ZyYbrbu5Uya8YkNufvqeBPzVnNHl9R_0neBvOIcWCmvXNLU75EK-xRtC9QKTXgPMUXH9NlJDObNryxxAvYLEzPFwBdzDTUEHh3GSUlSbEVZqysSLC79Hl23qW1cuLus2htlYwJtpXtJzTF4cCArAvRllZ4Q5BzuiR6Q39p9fOxpT41Bp-f-y0rdlg0oU7IoVuUGnu9iE5YTjyAktWDU6wYUfNryJ9jBONrXNAIchQfYJ45wU3EIVlmMt6mhTSkHMgAAEYGe7WnK-b__33KP3urXFS4pPszpQ0mneppCc1RZ7MXL5iPQuAuKih-OWSX1hVuwtVk-BSGLMNlJ4wTliwNi4MrKUunWSgJRGo5caZ3uEay-1Ev3U754K0fh2ezWEEuTa3lHBBLNyomjYQbZVSvSNvmZvtIzzahuByzR4Dw0ljEVBUWAbr8SI57NQZthZxwiZoPqbL-YvxlPPf6fzjE2xZl4Pr5lcFslOTjqKKKAKqpc9l60KLu3CxZp2Z73eftltT3Yzthg8eFkUmsRlc7qh7dbCKi0Azqh5FXncXobfy3YF5g4-SLxUW5ByEfK7SrhlINYmqCnuzAtes7Dg_ICOgLYl5NX_ojyvuNqkQhEZ5AqE3DqgXdBYqlN17GPafvHJB6Pw43BtABs0G-Lpzt-lMqYiz88Z2wZpSD0KnK9AzV3UKKJ9FnG0dtkOidkiv1UsUK8XRoZNv4FW9aaH2dzilu-iRRdSUZRKP3Y40yUYHHqpL6Fbse-oCEok2U-_A4pZfvnmLPVhKINUTwO0W4EsRlXFpGb4c3z_3cek93VE-aKsQULV4fiOdo_bbrEgdPjoouANMaGx2-WZDDprzqVSFM5fw&sai=AMfl-YR9bDdwGTuYdeWk92v6WL7lcNqSYzJ1EN8ta_FJKkQhMY-qSxTEc34ebxrw6YkJo03cWdvxDXKP8ohrHwsglqE9qYtd_UYnE9eI6ZX9gK5eiohgZxMy9XSeUng-qovSvf8a_ge-_rn_ptJDfNhDI99Q4GGIMY0H5bAIh8zsPYSsCQZnDrShwNdRLoMSxI5te-Bf3maQQzQUNGQMA_mFpQBD&sig=Cg0ArKJSzPKX3cSHMzGeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=67&cbvp=1&cstd=62&cisv=r20220330.63985&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 02 Apr 2022 17:17:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ai.aspx
m.exactag.com/ Frame B414 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26964075&extCr=163178460&extPm=322783161&gdpr_consent=&gdpr=
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.9 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
Sa, 02 Apr 2022 05:17:59 GMT
Server
Microsoft-IIS/8.5
Date
Sat, 02 Apr 2022 17:17:59 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1119
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 76B5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
210311
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 06:52:48 GMT
expires
Fri, 31 Mar 2023 06:52:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enabler_01_247.js
s0.2mdn.net/879366/ Frame B8BD 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18373632269202048398/index.html?e=69&leftOffset=0&topOffset=0&c=RU0O2hr8RI&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18373632269202048398/index.html?e=69&leftOffset=0&topOffset=0&c=RU0O2hr8RI&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 08:58:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29945
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 03 Apr 2022 08:58:54 GMT
preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B8BD 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18373632269202048398/index.html?e=69&leftOffset=0&topOffset=0&c=RU0O2hr8RI&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18373632269202048398/index.html?e=69&leftOffset=0&topOffset=0&c=RU0O2hr8RI&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16579
x-xss-protection
0
last-modified
Mon, 12 Feb 2018 18:09:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Apr 2022 17:17:59 GMT
tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B8BD 		112 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18373632269202048398/index.html?e=69&leftOffset=0&topOffset=0&c=RU0O2hr8RI&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18373632269202048398/index.html?e=69&leftOffset=0&topOffset=0&c=RU0O2hr8RI&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38407
x-xss-protection
0
last-modified
Wed, 04 Oct 2017 18:33:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Apr 2022 17:17:59 GMT
de_DE_polite.js
s0.2mdn.net/creatives/assets/2377528/ Frame B8BD 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18373632269202048398/index.html?e=69&leftOffset=0&topOffset=0&c=RU0O2hr8RI&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df82103964af79600d60bc2deec44a4910a3435e07325b82f9ce86d6d0489361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18373632269202048398/index.html?e=69&leftOffset=0&topOffset=0&c=RU0O2hr8RI&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27518
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 13:34:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Apr 2022 17:29:42 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 56EC 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHa3VUKuTC_QwwRFWmbQqwM&google_cver=1&google_push=AYg5qPLcEGe7RACB8UgSBj1hAJj0TB0t2AE1PcoCH2vx0RENTxJwG871XSEaIkAXDSPpz5BNEaGMnUOXaMJRiQlm5ASNYkzf6Vs
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 56EC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDIhqDTOc-7AcSyyNhDej3M&google_push=AYg5qPKiPclo0E6O4s8JfMAE1lXr8e5-9LCTSqiUlSB0VH2GtMWf8C9aoz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDIhqDTOc-7AcSyyNhDej3M&google_push=AYg5qPKiPclo0E6O4s8JfMAE1lXr8e5-9LCTSqiUlSB0VH2GtMWf8C9aozqzX_3Bnm5tRFqStJfDIw-JJm9NZJ0hKUdmEYAwDAc
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1648919880.728060,VS0,VE81
x-served-by
cache-cdg20741-CDG
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDIhqDTOc-7AcSyyNhDej3M&google_push=AYg5qPKiPclo0E6O4s8JfMAE1lXr8e5-9LCTSqiUlSB0VH2GtMWf8C9aozqzX_3Bnm5tRFqStJfDIw-JJm9NZJ0hKUdmEYAwDAc
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 56EC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDXbd0nnV66rhcMDtvubGKs&google_cver=1&google_push=AYg5qPLloIyyMLneibnW-mmP4WOMKg4pfEnB7LT8XM2vjTtNQxK6IFw0U7dShd1idFtuis3NhPPvJ0eR...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDXbd0nnV66rhcMDtvubGKs&google_cver=1&google_push=AYg5qPLloIyyMLneibnW-mmP4WOMKg4pfEnB7LT8XM2vjTtNQxK6IFw0U7dShd1idFtuis3NhPP...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTYwMDM5NDEzMTc3NzY5MTI2OQ&google_push=AYg5qPLloIyyMLneibnW-mmP4WOMKg4pfEnB7LT8XM2vjTtNQxK6IFw0U7dShd1idFtuis3NhPPvJ0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTYwMDM5NDEzMTc3NzY5MTI2OQ&google_push=AYg5qPLloIyyMLneibnW-mmP4WOMKg4pfEnB7LT8XM2vjTtNQxK6IFw0U7dShd1idFtuis3NhPPvJ0eRjN4E0XgkturXBcN6Gks
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTYwMDM5NDEzMTc3NzY5MTI2OQ&google_push=AYg5qPLloIyyMLneibnW-mmP4WOMKg4pfEnB7LT8XM2vjTtNQxK6IFw0U7dShd1idFtuis3NhPPvJ0eRjN4E0XgkturXBcN6Gks
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 56EC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFop7N24A2raGQsJVX6V2G0&google_cver=1&google_push=AYg5qPL2Wa7TfV2YK-1R2OxR3yZwWcFchgpeyMmmWieCwspQi6_vVaNZYuw6CO5t2B_NAh7ER80...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFJNEJMWTAtMU0tSDRZMA==&google_push=AYg5qPL2Wa7TfV2YK-1R2OxR3yZwWcFchgpeyMmmWieCwspQi6_vVaNZYuw6CO5t2B_NAh7ER80ykyE6hsgxbnPLd__819jZKR4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFJNEJMWTAtMU0tSDRZMA==&google_push=AYg5qPL2Wa7TfV2YK-1R2OxR3yZwWcFchgpeyMmmWieCwspQi6_vVaNZYuw6CO5t2B_NAh7ER80ykyE6hsgxbnPLd__819jZKR4
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFJNEJMWTAtMU0tSDRZMA==&google_push=AYg5qPL2Wa7TfV2YK-1R2OxR3yZwWcFchgpeyMmmWieCwspQi6_vVaNZYuw6CO5t2B_NAh7ER80ykyE6hsgxbnPLd__819jZKR4
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame 56EC
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEPjvL5716R-62drWrEebQD8&google_cver=1&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMba...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEPjvL5716R-62drWrEebQD8&google_cver=1&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1...
0
0
sync
ssbsync.smartadserver.com/api/ Frame 56EC 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOtSIWlFFYjqmEXtPwmdSpg&google_cver=1&google_push=AYg5qPJE0HG-au7csgP3YAAe0qc_esdgw3m9B9p70ynVnixhgZMtbPY-lTTRMbr5rUxIrj62DECFn596z_qAJRX2GXTEITaXTQ
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
content-length
0
0.gif
id5-sync.com/i/495/ Frame 56EC
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEB58FgWt1l8iGki_OO84ajE&google_cver=1&google_push=AYg5qPI0mxo9o1JbPpWQ6VQbwWvmnz8M72wMnouNqilHWsN0aQ8UA6JlknHHY3_5YMm9DWa8sWdRNzLT4EjbOTxpuZPr7rqNjnlg
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAYg5qPI0mxo9o1JbPpWQ6VQbwWvmnz8M72wMnouNqilHWsN0aQ8UA6JlknHHY3_5YMm9...
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAYg5qPI0mxo9o1JbPpWQ6VQbwWvmnz8M72wMnouNqilHWsN0aQ8UA6JlknHHY3_5YMm9DWa8sWdRNzLT4EjbOTxpuZPr7rqNjnlg&gdpr_consent=&gdpr=
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
141.95.3.10 , France, ASN16276 (OVH, FR),
Reverse DNS
p31.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Sat, 02 Apr 2022 17:17:59 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Date
Sat, 02 Apr 2022 17:17:59 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
271
X-XSS-Protection
0
Referrer-Policy
no-referrer
X-Frame-Options
SAMEORIGIN
Expect-CT
max-age=0
Vary
Accept
X-Download-Options
noopen
Content-Type
text/plain; charset=utf-8
Location
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAYg5qPI0mxo9o1JbPpWQ6VQbwWvmnz8M72wMnouNqilHWsN0aQ8UA6JlknHHY3_5YMm9DWa8sWdRNzLT4EjbOTxpuZPr7rqNjnlg&gdpr_consent=&gdpr=
Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
attr
cm.g.doubleclick.net/pixel/ Frame 56EC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KHk6pEHaT7AGf0ccxrfqeN8oVPvHDS1TUr2VnnEZIP_KZxBiDZzpRYTT9CTVoPhTkDF0k6iw
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
29avbfd1vdzq
hal9000.redintelligence.net/zone/ Frame 6DFF 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/29avbfd1vdzq?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=6272188572178132329&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6272188572178132329%26mt_id%3D6622392%26mt_adid%3D216536%26redirect%3D
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ff86e17449bada3966a5cbf3645d9ca50e921be755a5b3fb91f64791b9a33970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Sat, 02 Apr 2022 17:17:59 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2800
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 6DFF
Redirect Chain
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTlRReU5qUXlPR0V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNzIxODg1NzIxNzgxMzIzMjkvNjYyMjM5Mi80NTYyMzEyLzEzL1BlbX...
  • https://tags.mathtag.com/ck-confirm?bid_id=6272188572178132329&node_id=1929&exch_id=13
49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=6272188572178132329&node_id=1929&exch_id=13
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
HTTP/1.1
Server
103.229.206.240 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.305.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Sat, 02 Apr 2022 17:18:01 GMT
Server
MMBD/3.305.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
hkg-router-x51, iad-bidder-x23
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 02 Apr 2022 17:18:00 GMT

Redirect headers

Date
Sat, 02 Apr 2022 17:18:00 GMT
x-mm-bid-request-time
1648919878
Last-Modified
Sat, 02 Apr 2022 17:17:58 GMT
Server
MMBD/3.305.0
x-mm-latency
423 (1)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://tags.mathtag.com/ck-confirm?bid_id=6272188572178132329&node_id=1929&exch_id=13
x-mm-dbg
Invalid
Cache-Control
no-cache
x-mm-host
hkg-router-x53, iad-bidder-x23
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Keep-Alive
timeout=360
Content-Length
86
Expires
Sat, 02 Apr 2022 17:17:59 GMT
img
pixel.mathtag.com/event/ Frame 6DFF 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=6272188572178132329&v3=651871&v4=4562312&v5=6622392&mt_nsync=1&no_attr=1
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.eokultv.com%2F&e=wqT_3QKmGPBMJgwAAAMA1gAFAQjGiqKSBhDG07aH8NiRvX8Y1uedpIXpgb0_KjYJ203wTdNnuz8Rr6QmC6nstT8ZAAAAYLge8T8hr6QmC6nstT8p200JJNAxAAAA4FG4nj8wnvrSCTi_W0AdSAhQpeOohgFYy7aOAWAAaPqnpwF4racFgAEBigEDVVNEkgUG8PWYAXigAdgEqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEA2AIA4AIA6gIYaHR0cHM6Ly93d3cuZW9rdWx0di5jb20v8gIaChNbQklEX0FUVFIuZXhjaGFuZ2VdEgNhcG7yAiYKD1tSQU5ET01fTlVNQkVSXRITNjI3MjE4ODU3MjE3ODEzMjMyOfICywEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEqwBaHR0cHM6Ly9waXhlbC5tYXRodGFnLmNvbS9jbGljay9pbWc_ZXhjaF9haWQ9OTMyNTY5MTU3NDU5MzcxMzEmbXRfYWlkPTYyNzI6fAA0Jm10X2lkPTY2MjIzOTIBDihhZGlkPTIxNjUzNgEPJHNpZD00NTYyMzEFHhhleGlkPTEzARoYaW5hcHA9MAELQG9zPSZyZWRpcmVjdD3yAhcKPRVEZ2Rwcl9zdHJdEgDyAhkKFFtCMS8FGkBmbGFnXRIBMPICHgoUW0FEXyVKMGFkdmVydGlzZXJdEgYJjRDyAh0KEhUhLGNyZWF0aXZlXRIHNgm8EPICKAoRGV0gYmlkX2lkXRITUnEB2PwJChJbTk9USUZJQ0FUSU9OX1VSSV0S5Qk8aW1nIHNyYz1odHRwczovL3RhZ3MubWF0aHRhZy4h9FRub3RpZnkvaW1nP2V4Y2g9YXBuJnNfFQvQaWQ9NWFXOTVxMmpMekl6THlBdlRsUlJlVTVxVVhsUFIwVjBUVVJCZDAxRE1IZE5SRUYzVEYFEBBFUVhSTgUQAFUREAkgLEx6WXlOekl4T0RnMQEI8J9Oemd4TXpJek1qa3ZOall5TWpNNU1pODBOVFl5TXpFeUx6RXpMMUJsYlhwUlFXRlNNMEkxZFZKR1JFRnVZak5LVUhkTVh6QnRZM2h4TjFwalRqUjZWRVU0YTBvMFgwVXZNUzh4TXk4d0x6QXZPVFUyT0RBekx6QXZNakUyTlRNMkx6WTFNVGczTVM4eEx6QXZNQzlOUkVGM1RVUkJkMDFFGcgMTXdkMAHYDGRNVkUNIABFBRA66AAMY3ZNQwlwCQhm8AAMYVdGawF08E9PVEUzTHpnd0x6azVPUzh6TWpJdk1qQXdNVHBoWXpnNk1qQTZNekF3T2pvdk1DNHdNREF2TVRZME9Ea3hPVGczT0M4eE5qUTRPVE15TkRjNCU08El6RXhOekV4THcvaUtrVGxkeE5TbXh1eHNTcDJTa201c1UwYUg0Jm5vZGVpZD0xOTI5Jmdyb3VwPWlhZCZhdWN0aW9uaWQ9NjI3Mj5mAyBzaGFyZGtleT1KjgIEJnN9YwRjaXmN8GlicD1hX2JhaGFmZCZuZnlfYWN0PUxENXdldyZiZmlwPTEwLjEyOC41Mi45MiZ0eXBlPWltcCZjbGllbnQ9YzJzIHdpZHRoPTEgaGVpZ2h0PTE-XHgzQ2RpdiB3aWR0aD0nMScgaGVpZ2h0BQuwc3R5bGU9J2Rpc3BsYXk6bm9uZTsgb3ZlcmZsb3c6aGlkZGVuJz5ceDNDaW1nES40bGVmdDotMTBweDt0b3ANChAgcG9zaSEOKDphYnNvbHV0ZScgYVQAJ7FICHBpeDrHBBBldmVudGVViZEYMTM2ODg3NYFdkZEsNzY0JnYxPTEzJnYyUkgBLHYzPTY1MTg3MSZ2NJW0BHY1Lt0ERG5zeW5jPTEmbm9fYXR0cj0xJ1YMAQAvVugAADkR5wEJguYAAHQ-OwQZ5SWuLG1tSW1wVHJhY2smZZFKAGJBAE5BAgB0FdIkdGltZT1bSU1QX6UrAQ8AXS6VAnLTAIAvZGl2PoADAIgDAZADAJgDFKADAaoDoAYK1wVodHRwOi9GtgAAbv7xBP7xBO7xBInxdERKaWVFaGlMV2xuWlZocmRrSkZiSFJIVjI5WVdqUf7xBP7xBP7xBP7xBIHxaFdwNC0tU3pFMGZ4V2dMVGhncDZfR2d6eWx4US5cAv7xBInxLHByaWNlPSR7QVVDVOF8FFBSSUNFfTLkBAhmM1VK5QReKgWBXQxhcGkmZVcMYnVybLEGCHMyc1ICCKAaEzkxODU3MzIyMTA1MDM1NTk2MjIiCTI4MTY4NjQzNyoGMTAxOTM2Oh5eCPBhwAOsAsgDANgDAOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFTIwMDE6YWM4OjIwOjMwMTo6MjAxZagEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8AQSswoM-gQSCQ7sChBtDUlAEQ7aCvBMTUIhQIgFAZgFAKAF662Kv7uV1KUBqgUkNmU3ZjVhMTQtZmE5YS00MDZjLThkODAtYmZjYzZkODNhOTk1wAUAyQUAAAAAAADwP9IFCQkJDHgAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBvmrAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwGqBwapfQi6Bw8BUg3qLL0GQADIB62nBdIHDQHaBQEBQQjaBwYJJ0TgBwDqBwIIAPAHh-MCiggCEAA.&s=280de7b66d8f62e39a51f091b698481632ba1104&pp=0.085642
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4320 2f2dfe5 master zrh-pixel-x28 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Sat, 02 Apr 2022 17:17:59 GMT
Server
MT3 4320 2f2dfe5 master zrh-pixel-x28 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 02 Apr 2022 17:17:58 GMT
img
tags.mathtag.com/event/ Frame 6DFF 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=6272188572178132329&st=4562312&time=[IMP_ATTR.time]&nodeid=1929
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.eokultv.com%2F&e=wqT_3QKmGPBMJgwAAAMA1gAFAQjGiqKSBhDG07aH8NiRvX8Y1uedpIXpgb0_KjYJ203wTdNnuz8Rr6QmC6nstT8ZAAAAYLge8T8hr6QmC6nstT8p200JJNAxAAAA4FG4nj8wnvrSCTi_W0AdSAhQpeOohgFYy7aOAWAAaPqnpwF4racFgAEBigEDVVNEkgUG8PWYAXigAdgEqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEA2AIA4AIA6gIYaHR0cHM6Ly93d3cuZW9rdWx0di5jb20v8gIaChNbQklEX0FUVFIuZXhjaGFuZ2VdEgNhcG7yAiYKD1tSQU5ET01fTlVNQkVSXRITNjI3MjE4ODU3MjE3ODEzMjMyOfICywEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEqwBaHR0cHM6Ly9waXhlbC5tYXRodGFnLmNvbS9jbGljay9pbWc_ZXhjaF9haWQ9OTMyNTY5MTU3NDU5MzcxMzEmbXRfYWlkPTYyNzI6fAA0Jm10X2lkPTY2MjIzOTIBDihhZGlkPTIxNjUzNgEPJHNpZD00NTYyMzEFHhhleGlkPTEzARoYaW5hcHA9MAELQG9zPSZyZWRpcmVjdD3yAhcKPRVEZ2Rwcl9zdHJdEgDyAhkKFFtCMS8FGkBmbGFnXRIBMPICHgoUW0FEXyVKMGFkdmVydGlzZXJdEgYJjRDyAh0KEhUhLGNyZWF0aXZlXRIHNgm8EPICKAoRGV0gYmlkX2lkXRITUnEB2PwJChJbTk9USUZJQ0FUSU9OX1VSSV0S5Qk8aW1nIHNyYz1odHRwczovL3RhZ3MubWF0aHRhZy4h9FRub3RpZnkvaW1nP2V4Y2g9YXBuJnNfFQvQaWQ9NWFXOTVxMmpMekl6THlBdlRsUlJlVTVxVVhsUFIwVjBUVVJCZDAxRE1IZE5SRUYzVEYFEBBFUVhSTgUQAFUREAkgLEx6WXlOekl4T0RnMQEI8J9Oemd4TXpJek1qa3ZOall5TWpNNU1pODBOVFl5TXpFeUx6RXpMMUJsYlhwUlFXRlNNMEkxZFZKR1JFRnVZak5LVUhkTVh6QnRZM2h4TjFwalRqUjZWRVU0YTBvMFgwVXZNUzh4TXk4d0x6QXZPVFUyT0RBekx6QXZNakUyTlRNMkx6WTFNVGczTVM4eEx6QXZNQzlOUkVGM1RVUkJkMDFFGcgMTXdkMAHYDGRNVkUNIABFBRA66AAMY3ZNQwlwCQhm8AAMYVdGawF08E9PVEUzTHpnd0x6azVPUzh6TWpJdk1qQXdNVHBoWXpnNk1qQTZNekF3T2pvdk1DNHdNREF2TVRZME9Ea3hPVGczT0M4eE5qUTRPVE15TkRjNCU08El6RXhOekV4THcvaUtrVGxkeE5TbXh1eHNTcDJTa201c1UwYUg0Jm5vZGVpZD0xOTI5Jmdyb3VwPWlhZCZhdWN0aW9uaWQ9NjI3Mj5mAyBzaGFyZGtleT1KjgIEJnN9YwRjaXmN8GlicD1hX2JhaGFmZCZuZnlfYWN0PUxENXdldyZiZmlwPTEwLjEyOC41Mi45MiZ0eXBlPWltcCZjbGllbnQ9YzJzIHdpZHRoPTEgaGVpZ2h0PTE-XHgzQ2RpdiB3aWR0aD0nMScgaGVpZ2h0BQuwc3R5bGU9J2Rpc3BsYXk6bm9uZTsgb3ZlcmZsb3c6aGlkZGVuJz5ceDNDaW1nES40bGVmdDotMTBweDt0b3ANChAgcG9zaSEOKDphYnNvbHV0ZScgYVQAJ7FICHBpeDrHBBBldmVudGVViZEYMTM2ODg3NYFdkZEsNzY0JnYxPTEzJnYyUkgBLHYzPTY1MTg3MSZ2NJW0BHY1Lt0ERG5zeW5jPTEmbm9fYXR0cj0xJ1YMAQAvVugAADkR5wEJguYAAHQ-OwQZ5SWuLG1tSW1wVHJhY2smZZFKAGJBAE5BAgB0FdIkdGltZT1bSU1QX6UrAQ8AXS6VAnLTAIAvZGl2PoADAIgDAZADAJgDFKADAaoDoAYK1wVodHRwOi9GtgAAbv7xBP7xBO7xBInxdERKaWVFaGlMV2xuWlZocmRrSkZiSFJIVjI5WVdqUf7xBP7xBP7xBP7xBIHxaFdwNC0tU3pFMGZ4V2dMVGhncDZfR2d6eWx4US5cAv7xBInxLHByaWNlPSR7QVVDVOF8FFBSSUNFfTLkBAhmM1VK5QReKgWBXQxhcGkmZVcMYnVybLEGCHMyc1ICCKAaEzkxODU3MzIyMTA1MDM1NTk2MjIiCTI4MTY4NjQzNyoGMTAxOTM2Oh5eCPBhwAOsAsgDANgDAOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFTIwMDE6YWM4OjIwOjMwMTo6MjAxZagEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8AQSswoM-gQSCQ7sChBtDUlAEQ7aCvBMTUIhQIgFAZgFAKAF662Kv7uV1KUBqgUkNmU3ZjVhMTQtZmE5YS00MDZjLThkODAtYmZjYzZkODNhOTk1wAUAyQUAAAAAAADwP9IFCQkJDHgAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBvmrAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwGqBwapfQi6Bw8BUg3qLL0GQADIB62nBdIHDQHaBQEBQQjaBwYJJ0TgBwDqBwIIAPAHh-MCiggCEAA.&s=280de7b66d8f62e39a51f091b698481632ba1104&pp=0.085642
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.206.240 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.305.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Sat, 02 Apr 2022 17:18:00 GMT
Server
MMBD/3.305.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
hkg-router-x77, iad-bidder-x23
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 02 Apr 2022 17:17:59 GMT
rd_log
nym1-ib.adnxs.com/ Frame 6DFF 		0
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.eokultv.com%2F&e=wqT_3QKDEvSBAQMJAAADANYABQEIxoqikgYQxtO2h_DYkb1_GNbnnaSF6YG9Pyo2CYB9dOrKZ7s_EQD-KVWi7LU_GQAAAGC4HvE_Ia-kJgup7LU_KdtN8E3TZ7s_MQAAAOBRuJ4_MJ760gk4v1tAHUgIUKXjqIYBWMu2jgFgAGj6p6cBeK2nBYABAYoBA1VTRJIBA1VTRJgBeKAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAgDqAhhodHRwczovL3d3dy5lb2t1bHR2LmNvbS_yAhoKE1tCSURfQVRUUi5leGNoYW5nZV0SA2FwbvICJgoPW1JBTkRPTV9OVU1CRVJdEhM2MjcyMTg4NTcyMTc4MTMyMzI58gLLAQoaW1VORU5DT0RFRF9DTElDS19SRURJUkVDVF0SrAFodHRwczovL3BpeGVsLm1hdGh0YWcuY29tL2NsaWNrL2ltZz9leGNoX2FpZD05MzI1NjkxNTc0NTkzNzEzMSZtdF9haWQ9NjI3PnwANCZtdF9pZD02NjIyMzkyAQ4oYWRpZD0yMTY1MzYBDyRzaWQ9NDU2MjMxBR4YZXhpZD0xMwEaGGluYXBwPTABC7Bvcz0mcmVkaXJlY3Q98gIXChNbQklEX0FUVFIuZ2Rwcl9zdHJdEgDyAhkKFFs2GgA4ZmxhZ10SATDyAh4KFFtBDTUwYWR2ZXJ0aXNlcl0SBgmNEPICHQoSFSEsY3JlYXRpdmVdEgc2CbwQ8gIoChEZdyxiaWRfaWRdEhM2Mjc-9QDI8gL8CQoSW05PVElGSUNBVElPTl9VUkldEuUJPGltZyBzcmM9aHR0cHM6Ly90YWdzLm1hOXEobm90aWZ5L2ltZz8h8Bg9YXBuJnNfFQvQaWQ9NWFXOTVxMmpMekl6THlBdlRsUlJlVTVxVVhsUFIwVjBUVVJCZDAxRE1IZE5SRUYzVEYFEBBFUVhSTgUQAFUREAkgLEx6WXlOekl4T0RnMQEI8J9Oemd4TXpJek1qa3ZOall5TWpNNU1pODBOVFl5TXpFeUx6RXpMMUJsYlhwUlFXRlNNMEkxZFZKR1JFRnVZak5LVUhkTVh6QnRZM2h4TjFwalRqUjZWRVU0YTBvMFgwVXZNUzh4TXk4d0x6QXZPVFUyT0RBekx6QXZNakUyTlRNMkx6WTFNVGczTVM4eEx6QXZNQzlOUkVGM1RVUkJkMDFFGcgMTXdkMAHYDGRNVkUNIABFBRA66AAMY3ZNQwlwCQhm8AAMYVdGawF08E9PVEUzTHpnd0x6azVPUzh6TWpJdk1qQXdNVHBoWXpnNk1qQTZNekF3T2pvdk1DNHdNREF2TVRZME9Ea3hPVGczT0M4eE5qUTRPVE15TkRjNCU08EZ6RXhOekV4THcvaUtrVGxkeE5TbXh1eHNTcDJTa201c1UwYUg0Jm5vZGVpZD0xOTI5Jmdyb3VwPWlhZCZhdWN0aW9uaWQ9NkZxAiQmc2hhcmRrZXk9So4CBCZzfWMEY2l5jfBpYnA9YV9iYWhhZmQmbmZ5X2FjdD1MRDV3ZXcmYmZpcD0xMC4xMjguNTIuOTImdHlwZT1pbXAmY2xpZW50PWMycyB3aWR0aD0xIGhlaWdodD0xPlx4M0NkaXYgd2lkdGg9JzEnIGhlaWdodAULsHN0eWxlPSdkaXNwbGF5Om5vbmU7IG92ZXJmbG93OmhpZGRlbic-XHgzQ2ltZxEuNGxlZnQ6LTEwcHg7dG9wDQoQIHBvc2khDig6YWJzb2x1dGUnIGFUBCdobVUUcGl4ZWwuLlYDEGV2ZW50ZVWJkRgxMzY4ODc1gV2RkSw3NjQmdjE9MTMmdjJSSAEsdjM9NjUxODcxJnY0lbQEdjUu3QREbnN5bmM9MSZub19hdHRyPTEnVgwBAC9W6AAAORHnAQmC5gAAdD47BBnlJa40bW1JbXBUcmFjayZleGOJSgBiQQBOQQIAdBXSJHRpbWU9W0lNUF-lYAEPAF0ulQJy0wDweS9kaXY-gAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFTIwMDE6YWM4OjIwOjMwMTo6MjAxZagEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANoEAggB4AQA8ASl4ZIM-gQSCeHL8FVtDUlAEQAAAOBNQiFAiAUBmAUAoAXrrYq_u5XUpQGqBSQ2ZTdmNWExNC1mYTlhLTQwNmMtOGQ4MC1iZmNjNmQ4M2E5OTXABQDJBQAAAAAAAPA_0gUJCQkMeAAA2AUB4AUB8AX5yyH6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AG-asB2gYWChAJEhkBAcdM4AYB8gYCCACABwGIBwCgBwGqBwZJXAi6Bw8BUgAYCeosvQZAAMgHracF0gcNAdoFAQFBCNoHBgknPOAHAOoHAggA8AcAiggCEAA.&s=bf1112a94684c1cf83627888b338e6ffe2b9e81d&bdref=https%3A%2F%2Fwww.eokultv.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.eokultv.com%2F,https%3A%2F%2Fwww.eokultv.com%2F&
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.eokultv.com%2F&e=wqT_3QKmGPBMJgwAAAMA1gAFAQjGiqKSBhDG07aH8NiRvX8Y1uedpIXpgb0_KjYJ203wTdNnuz8Rr6QmC6nstT8ZAAAAYLge8T8hr6QmC6nstT8p200JJNAxAAAA4FG4nj8wnvrSCTi_W0AdSAhQpeOohgFYy7aOAWAAaPqnpwF4racFgAEBigEDVVNEkgUG8PWYAXigAdgEqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEA2AIA4AIA6gIYaHR0cHM6Ly93d3cuZW9rdWx0di5jb20v8gIaChNbQklEX0FUVFIuZXhjaGFuZ2VdEgNhcG7yAiYKD1tSQU5ET01fTlVNQkVSXRITNjI3MjE4ODU3MjE3ODEzMjMyOfICywEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEqwBaHR0cHM6Ly9waXhlbC5tYXRodGFnLmNvbS9jbGljay9pbWc_ZXhjaF9haWQ9OTMyNTY5MTU3NDU5MzcxMzEmbXRfYWlkPTYyNzI6fAA0Jm10X2lkPTY2MjIzOTIBDihhZGlkPTIxNjUzNgEPJHNpZD00NTYyMzEFHhhleGlkPTEzARoYaW5hcHA9MAELQG9zPSZyZWRpcmVjdD3yAhcKPRVEZ2Rwcl9zdHJdEgDyAhkKFFtCMS8FGkBmbGFnXRIBMPICHgoUW0FEXyVKMGFkdmVydGlzZXJdEgYJjRDyAh0KEhUhLGNyZWF0aXZlXRIHNgm8EPICKAoRGV0gYmlkX2lkXRITUnEB2PwJChJbTk9USUZJQ0FUSU9OX1VSSV0S5Qk8aW1nIHNyYz1odHRwczovL3RhZ3MubWF0aHRhZy4h9FRub3RpZnkvaW1nP2V4Y2g9YXBuJnNfFQvQaWQ9NWFXOTVxMmpMekl6THlBdlRsUlJlVTVxVVhsUFIwVjBUVVJCZDAxRE1IZE5SRUYzVEYFEBBFUVhSTgUQAFUREAkgLEx6WXlOekl4T0RnMQEI8J9Oemd4TXpJek1qa3ZOall5TWpNNU1pODBOVFl5TXpFeUx6RXpMMUJsYlhwUlFXRlNNMEkxZFZKR1JFRnVZak5LVUhkTVh6QnRZM2h4TjFwalRqUjZWRVU0YTBvMFgwVXZNUzh4TXk4d0x6QXZPVFUyT0RBekx6QXZNakUyTlRNMkx6WTFNVGczTVM4eEx6QXZNQzlOUkVGM1RVUkJkMDFFGcgMTXdkMAHYDGRNVkUNIABFBRA66AAMY3ZNQwlwCQhm8AAMYVdGawF08E9PVEUzTHpnd0x6azVPUzh6TWpJdk1qQXdNVHBoWXpnNk1qQTZNekF3T2pvdk1DNHdNREF2TVRZME9Ea3hPVGczT0M4eE5qUTRPVE15TkRjNCU08El6RXhOekV4THcvaUtrVGxkeE5TbXh1eHNTcDJTa201c1UwYUg0Jm5vZGVpZD0xOTI5Jmdyb3VwPWlhZCZhdWN0aW9uaWQ9NjI3Mj5mAyBzaGFyZGtleT1KjgIEJnN9YwRjaXmN8GlicD1hX2JhaGFmZCZuZnlfYWN0PUxENXdldyZiZmlwPTEwLjEyOC41Mi45MiZ0eXBlPWltcCZjbGllbnQ9YzJzIHdpZHRoPTEgaGVpZ2h0PTE-XHgzQ2RpdiB3aWR0aD0nMScgaGVpZ2h0BQuwc3R5bGU9J2Rpc3BsYXk6bm9uZTsgb3ZlcmZsb3c6aGlkZGVuJz5ceDNDaW1nES40bGVmdDotMTBweDt0b3ANChAgcG9zaSEOKDphYnNvbHV0ZScgYVQAJ7FICHBpeDrHBBBldmVudGVViZEYMTM2ODg3NYFdkZEsNzY0JnYxPTEzJnYyUkgBLHYzPTY1MTg3MSZ2NJW0BHY1Lt0ERG5zeW5jPTEmbm9fYXR0cj0xJ1YMAQAvVugAADkR5wEJguYAAHQ-OwQZ5SWuLG1tSW1wVHJhY2smZZFKAGJBAE5BAgB0FdIkdGltZT1bSU1QX6UrAQ8AXS6VAnLTAIAvZGl2PoADAIgDAZADAJgDFKADAaoDoAYK1wVodHRwOi9GtgAAbv7xBP7xBO7xBInxdERKaWVFaGlMV2xuWlZocmRrSkZiSFJIVjI5WVdqUf7xBP7xBP7xBP7xBIHxaFdwNC0tU3pFMGZ4V2dMVGhncDZfR2d6eWx4US5cAv7xBInxLHByaWNlPSR7QVVDVOF8FFBSSUNFfTLkBAhmM1VK5QReKgWBXQxhcGkmZVcMYnVybLEGCHMyc1ICCKAaEzkxODU3MzIyMTA1MDM1NTk2MjIiCTI4MTY4NjQzNyoGMTAxOTM2Oh5eCPBhwAOsAsgDANgDAOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFTIwMDE6YWM4OjIwOjMwMTo6MjAxZagEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8AQSswoM-gQSCQ7sChBtDUlAEQ7aCvBMTUIhQIgFAZgFAKAF662Kv7uV1KUBqgUkNmU3ZjVhMTQtZmE5YS00MDZjLThkODAtYmZjYzZkODNhOTk1wAUAyQUAAAAAAADwP9IFCQkJDHgAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBvmrAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwGqBwapfQi6Bw8BUg3qLL0GQADIB62nBdIHDQHaBQEBQQjaBwYJJ0TgBwDqBwIIAPAHh-MCiggCEAA.&s=280de7b66d8f62e39a51f091b698481632ba1104&pp=0.085642
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.87 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
520aca3e-57c1-4fa9-b962-7cea793b968a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
it
nym1-ib.adnxs.com/ Frame 6DFF 		0
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.eokultv.com%2F&e=wqT_3QLtCvQ2Am0FAAADANYABQEIxoqikgYQxtO2h_DYkb1_GNbnnaSF6YG9Pyo2CYB9dOrKZ7s_EQD-KVWi7LU_GQAAAGC4HvE_Ia-kJgup7LU_KdtN8E3TZ7s_MQAAAOBRuJ4_MJ760gk4v1tAHUgIUKXjqIYBWMu2jgFgAGj6p6cBeK2nBYABAYoBA1VTRJIBA1VTRJgBeKAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAgDqAhhodHRwczovL3d3dy5lb2t1bHR2LmNvbS-AAwCIAwGQAwCYAxSgAwGqA6AGCtcFaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZUbFJSZVU1cVVYbFBSMFYwVFVSQmQwMURNSGROUkVGM1RGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpZeU56SXhPRGcxTnpJeE56Z3hNekl6TWprdk5qWXlNak01TWk4ME5UWXlNekV5THpFekwxQmxiWHBSUVdGU00wSTFkVkpHUkVGdVlqTktVREppZUVoaUxXbG5aVmhyZGtKRmJIUkhWMjlZV2pRdk1TOHhNeTh3THpBdk9UVTJPREF6THpBdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWFJOUkVGM1RVTXdkMDFFUVhkTVZFRgnYEEUxRVFYCdgMVFVSQgn4IGN2TUM4d0x6QQ0IDFl5TnpW8AAMYVdGawEo8LxPVEUzTHpnd0x6azVPUzh6TWpJdk1qQXdNVHBoWXpnNk1qQTZNekF3T2pvdk1DNHdNREF2TVRZME9Ea3hPVGczT0M4eE5qUTRPVE15TkRjNEx6RXpMekV4TnpFeEx3L1dwNC0tU3pFMGZ4V2dMVGhncDZfR2d6eWx4USZub2RlaWQ9MTkyOSZncm91cD1pYWQmYXVjdGlvbmlkPTYyNzIxODg1NzIxNzgxMzIzMjkmc2hhcmRrZXk9NjI3MjE6HQD0HAJwcmljZT0ke0FVQ1RJT05fUFJJQ0V9Jm5meV9hY3Q9TEQ1d2YzVSZiZmlwPTEwLjEyOC41Mi45MiZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjM5MiZzcmM9YXBpJnR5cGU9YnVybCZjbGllbnQ9czJzEhM2MjcyMTg4NTcyMTc4MTMyMzI5GhM5MTg1NzMyMjEwNTAzNTU5NjIyIgkyODE2ODY0MzcqBjEwMTkzNjoHNjYyMjM5MsADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBBUyMDAxOmFjODoyMDozMDE6OjIwMWWoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEpeOohgH6BBIJAAAAYG0NSUARAAAA4E1CIUCIBQGYBQCgBeutir-7ldSlAaoFJDZlN2Y1YTE0LWZhOWEtNDA2Yy04ZDgwLWJmY2M2ZDgzYTk5NcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfnLIfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Ab5qwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzG6Bw8IABAAGAAgADAAOL0GQADIB62nBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHAIoIAhAA&s=ef4bbcf84f0b862ae8cff6967ddbc8852a4298d3
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.eokultv.com%2F&e=wqT_3QKmGPBMJgwAAAMA1gAFAQjGiqKSBhDG07aH8NiRvX8Y1uedpIXpgb0_KjYJ203wTdNnuz8Rr6QmC6nstT8ZAAAAYLge8T8hr6QmC6nstT8p200JJNAxAAAA4FG4nj8wnvrSCTi_W0AdSAhQpeOohgFYy7aOAWAAaPqnpwF4racFgAEBigEDVVNEkgUG8PWYAXigAdgEqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEA2AIA4AIA6gIYaHR0cHM6Ly93d3cuZW9rdWx0di5jb20v8gIaChNbQklEX0FUVFIuZXhjaGFuZ2VdEgNhcG7yAiYKD1tSQU5ET01fTlVNQkVSXRITNjI3MjE4ODU3MjE3ODEzMjMyOfICywEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEqwBaHR0cHM6Ly9waXhlbC5tYXRodGFnLmNvbS9jbGljay9pbWc_ZXhjaF9haWQ9OTMyNTY5MTU3NDU5MzcxMzEmbXRfYWlkPTYyNzI6fAA0Jm10X2lkPTY2MjIzOTIBDihhZGlkPTIxNjUzNgEPJHNpZD00NTYyMzEFHhhleGlkPTEzARoYaW5hcHA9MAELQG9zPSZyZWRpcmVjdD3yAhcKPRVEZ2Rwcl9zdHJdEgDyAhkKFFtCMS8FGkBmbGFnXRIBMPICHgoUW0FEXyVKMGFkdmVydGlzZXJdEgYJjRDyAh0KEhUhLGNyZWF0aXZlXRIHNgm8EPICKAoRGV0gYmlkX2lkXRITUnEB2PwJChJbTk9USUZJQ0FUSU9OX1VSSV0S5Qk8aW1nIHNyYz1odHRwczovL3RhZ3MubWF0aHRhZy4h9FRub3RpZnkvaW1nP2V4Y2g9YXBuJnNfFQvQaWQ9NWFXOTVxMmpMekl6THlBdlRsUlJlVTVxVVhsUFIwVjBUVVJCZDAxRE1IZE5SRUYzVEYFEBBFUVhSTgUQAFUREAkgLEx6WXlOekl4T0RnMQEI8J9Oemd4TXpJek1qa3ZOall5TWpNNU1pODBOVFl5TXpFeUx6RXpMMUJsYlhwUlFXRlNNMEkxZFZKR1JFRnVZak5LVUhkTVh6QnRZM2h4TjFwalRqUjZWRVU0YTBvMFgwVXZNUzh4TXk4d0x6QXZPVFUyT0RBekx6QXZNakUyTlRNMkx6WTFNVGczTVM4eEx6QXZNQzlOUkVGM1RVUkJkMDFFGcgMTXdkMAHYDGRNVkUNIABFBRA66AAMY3ZNQwlwCQhm8AAMYVdGawF08E9PVEUzTHpnd0x6azVPUzh6TWpJdk1qQXdNVHBoWXpnNk1qQTZNekF3T2pvdk1DNHdNREF2TVRZME9Ea3hPVGczT0M4eE5qUTRPVE15TkRjNCU08El6RXhOekV4THcvaUtrVGxkeE5TbXh1eHNTcDJTa201c1UwYUg0Jm5vZGVpZD0xOTI5Jmdyb3VwPWlhZCZhdWN0aW9uaWQ9NjI3Mj5mAyBzaGFyZGtleT1KjgIEJnN9YwRjaXmN8GlicD1hX2JhaGFmZCZuZnlfYWN0PUxENXdldyZiZmlwPTEwLjEyOC41Mi45MiZ0eXBlPWltcCZjbGllbnQ9YzJzIHdpZHRoPTEgaGVpZ2h0PTE-XHgzQ2RpdiB3aWR0aD0nMScgaGVpZ2h0BQuwc3R5bGU9J2Rpc3BsYXk6bm9uZTsgb3ZlcmZsb3c6aGlkZGVuJz5ceDNDaW1nES40bGVmdDotMTBweDt0b3ANChAgcG9zaSEOKDphYnNvbHV0ZScgYVQAJ7FICHBpeDrHBBBldmVudGVViZEYMTM2ODg3NYFdkZEsNzY0JnYxPTEzJnYyUkgBLHYzPTY1MTg3MSZ2NJW0BHY1Lt0ERG5zeW5jPTEmbm9fYXR0cj0xJ1YMAQAvVugAADkR5wEJguYAAHQ-OwQZ5SWuLG1tSW1wVHJhY2smZZFKAGJBAE5BAgB0FdIkdGltZT1bSU1QX6UrAQ8AXS6VAnLTAIAvZGl2PoADAIgDAZADAJgDFKADAaoDoAYK1wVodHRwOi9GtgAAbv7xBP7xBO7xBInxdERKaWVFaGlMV2xuWlZocmRrSkZiSFJIVjI5WVdqUf7xBP7xBP7xBP7xBIHxaFdwNC0tU3pFMGZ4V2dMVGhncDZfR2d6eWx4US5cAv7xBInxLHByaWNlPSR7QVVDVOF8FFBSSUNFfTLkBAhmM1VK5QReKgWBXQxhcGkmZVcMYnVybLEGCHMyc1ICCKAaEzkxODU3MzIyMTA1MDM1NTk2MjIiCTI4MTY4NjQzNyoGMTAxOTM2Oh5eCPBhwAOsAsgDANgDAOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFTIwMDE6YWM4OjIwOjMwMTo6MjAxZagEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8AQSswoM-gQSCQ7sChBtDUlAEQ7aCvBMTUIhQIgFAZgFAKAF662Kv7uV1KUBqgUkNmU3ZjVhMTQtZmE5YS00MDZjLThkODAtYmZjYzZkODNhOTk1wAUAyQUAAAAAAADwP9IFCQkJDHgAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBvmrAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwGqBwapfQi6Bw8BUg3qLL0GQADIB62nBdIHDQHaBQEBQQjaBwYJJ0TgBwDqBwIIAPAHh-MCiggCEAA.&s=280de7b66d8f62e39a51f091b698481632ba1104&pp=0.085642
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.87 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b16598d2-0b5c-4e64-bcdd-3237d6749407
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 6DFF 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: nym1-ib.adnxs.com
URL: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.eokultv.com%2F&e=wqT_3QKmGPBMJgwAAAMA1gAFAQjGiqKSBhDG07aH8NiRvX8Y1uedpIXpgb0_KjYJ203wTdNnuz8Rr6QmC6nstT8ZAAAAYLge8T8hr6QmC6nstT8p200JJNAxAAAA4FG4nj8wnvrSCTi_W0AdSAhQpeOohgFYy7aOAWAAaPqnpwF4racFgAEBigEDVVNEkgUG8PWYAXigAdgEqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEA2AIA4AIA6gIYaHR0cHM6Ly93d3cuZW9rdWx0di5jb20v8gIaChNbQklEX0FUVFIuZXhjaGFuZ2VdEgNhcG7yAiYKD1tSQU5ET01fTlVNQkVSXRITNjI3MjE4ODU3MjE3ODEzMjMyOfICywEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEqwBaHR0cHM6Ly9waXhlbC5tYXRodGFnLmNvbS9jbGljay9pbWc_ZXhjaF9haWQ9OTMyNTY5MTU3NDU5MzcxMzEmbXRfYWlkPTYyNzI6fAA0Jm10X2lkPTY2MjIzOTIBDihhZGlkPTIxNjUzNgEPJHNpZD00NTYyMzEFHhhleGlkPTEzARoYaW5hcHA9MAELQG9zPSZyZWRpcmVjdD3yAhcKPRVEZ2Rwcl9zdHJdEgDyAhkKFFtCMS8FGkBmbGFnXRIBMPICHgoUW0FEXyVKMGFkdmVydGlzZXJdEgYJjRDyAh0KEhUhLGNyZWF0aXZlXRIHNgm8EPICKAoRGV0gYmlkX2lkXRITUnEB2PwJChJbTk9USUZJQ0FUSU9OX1VSSV0S5Qk8aW1nIHNyYz1odHRwczovL3RhZ3MubWF0aHRhZy4h9FRub3RpZnkvaW1nP2V4Y2g9YXBuJnNfFQvQaWQ9NWFXOTVxMmpMekl6THlBdlRsUlJlVTVxVVhsUFIwVjBUVVJCZDAxRE1IZE5SRUYzVEYFEBBFUVhSTgUQAFUREAkgLEx6WXlOekl4T0RnMQEI8J9Oemd4TXpJek1qa3ZOall5TWpNNU1pODBOVFl5TXpFeUx6RXpMMUJsYlhwUlFXRlNNMEkxZFZKR1JFRnVZak5LVUhkTVh6QnRZM2h4TjFwalRqUjZWRVU0YTBvMFgwVXZNUzh4TXk4d0x6QXZPVFUyT0RBekx6QXZNakUyTlRNMkx6WTFNVGczTVM4eEx6QXZNQzlOUkVGM1RVUkJkMDFFGcgMTXdkMAHYDGRNVkUNIABFBRA66AAMY3ZNQwlwCQhm8AAMYVdGawF08E9PVEUzTHpnd0x6azVPUzh6TWpJdk1qQXdNVHBoWXpnNk1qQTZNekF3T2pvdk1DNHdNREF2TVRZME9Ea3hPVGczT0M4eE5qUTRPVE15TkRjNCU08El6RXhOekV4THcvaUtrVGxkeE5TbXh1eHNTcDJTa201c1UwYUg0Jm5vZGVpZD0xOTI5Jmdyb3VwPWlhZCZhdWN0aW9uaWQ9NjI3Mj5mAyBzaGFyZGtleT1KjgIEJnN9YwRjaXmN8GlicD1hX2JhaGFmZCZuZnlfYWN0PUxENXdldyZiZmlwPTEwLjEyOC41Mi45MiZ0eXBlPWltcCZjbGllbnQ9YzJzIHdpZHRoPTEgaGVpZ2h0PTE-XHgzQ2RpdiB3aWR0aD0nMScgaGVpZ2h0BQuwc3R5bGU9J2Rpc3BsYXk6bm9uZTsgb3ZlcmZsb3c6aGlkZGVuJz5ceDNDaW1nES40bGVmdDotMTBweDt0b3ANChAgcG9zaSEOKDphYnNvbHV0ZScgYVQAJ7FICHBpeDrHBBBldmVudGVViZEYMTM2ODg3NYFdkZEsNzY0JnYxPTEzJnYyUkgBLHYzPTY1MTg3MSZ2NJW0BHY1Lt0ERG5zeW5jPTEmbm9fYXR0cj0xJ1YMAQAvVugAADkR5wEJguYAAHQ-OwQZ5SWuLG1tSW1wVHJhY2smZZFKAGJBAE5BAgB0FdIkdGltZT1bSU1QX6UrAQ8AXS6VAnLTAIAvZGl2PoADAIgDAZADAJgDFKADAaoDoAYK1wVodHRwOi9GtgAAbv7xBP7xBO7xBInxdERKaWVFaGlMV2xuWlZocmRrSkZiSFJIVjI5WVdqUf7xBP7xBP7xBP7xBIHxaFdwNC0tU3pFMGZ4V2dMVGhncDZfR2d6eWx4US5cAv7xBInxLHByaWNlPSR7QVVDVOF8FFBSSUNFfTLkBAhmM1VK5QReKgWBXQxhcGkmZVcMYnVybLEGCHMyc1ICCKAaEzkxODU3MzIyMTA1MDM1NTk2MjIiCTI4MTY4NjQzNyoGMTAxOTM2Oh5eCPBhwAOsAsgDANgDAOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFTIwMDE6YWM4OjIwOjMwMTo6MjAxZagEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8AQSswoM-gQSCQ7sChBtDUlAEQ7aCvBMTUIhQIgFAZgFAKAF662Kv7uV1KUBqgUkNmU3ZjVhMTQtZmE5YS00MDZjLThkODAtYmZjYzZkODNhOTk1wAUAyQUAAAAAAADwP9IFCQkJDHgAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBvmrAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwGqBwapfQi6Bw8BUg3qLL0GQADIB62nBdIHDQHaBQEBQQjaBwYJJ0TgBwDqBwIIAPAHh-MCiggCEAA.&s=280de7b66d8f62e39a51f091b698481632ba1104&pp=0.085642
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-186.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Sat, 02 Apr 2022 17:17:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Sun, 02 Apr 2023 17:17:59 GMT
3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
pagead2.googlesyndication.com/bg/ Frame 76B5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 08:21:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
32171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 02 Apr 2023 08:21:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 063B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNGUSRoVIYtD9McXq3wOK8LdIAAAAADgB4AQC&bg=!ysmlyY3NAAZku-1yRLs7ACkAdvg8Wk_31nZCnjh13UUGVgpfelKX4fPBiaXqX0n3phlL4LK29om3sQIAAADGUgAAAAJoAQcKAHudNcKGwLMyEHDjshknzQJEI4Q5oHhWIMUA1dhtPAAMAjo9JfhdCoJeSvrtttZJddsBDzyOO6526hwN21sJrwg4ZRACuIaL42vft85iM1VvbC1Dfto_BDk8Q4rXZnU_jYVHkFI5tdUTR0iWNMrKuRFpaxJgoXf8jlCF3Q6ZAxgQU1BNeBSv2khP2H4CfArPU0doHafeopHQjD1q8pEIkVIB8IQnktIfDwc3x6f_8oHK6Wzzk6gU7ijKezkSylMZsNzxfkQ5ZIT5Sltxk8EMxoDXeiouzB-XtiIGlfPRxuYBb6OWp7vclFdzvq09q5zfkokgDbTtkuIDvg6qfiswzN5tsStH8rk61N7Fi-GYKYJN923b6ZiEzPjV9MFZOnOuXVKepJqPvJYlKt5Qp-J8W5mfP5bE9YdJ6a5X8urNaPu0OXhzGk8muOlztPIIigtmLEiNpwgMFqT9tAmqVrQM2vmRnjjy1EVRF8xE7mPux19eZm_D9_XjQ0mLJtw9DZw9Y9zEHh4U869aPyzOxPo1CBewsoGLi4XD0zZto1BwkVWglRaseyKk1zytNfix44VJffCFes2Jhe8C0GPT9kKk1jCSX90zQ_HbrjSL_UQtYM0VZzIeT2DGqIspepSpukjaMDednhY-X1xT99yebQeOtT7AEG0NS-t2vIv_5PfXmewgbH-M1FVNhuRWOw0dP5i15DuZikg5hcIuFMuegZbElXvZqjrcKhscQpNZWGsV0YujN3fejegF93yCgBNolW3cJjeAvcxAvcerw3yA6WoRptt8xMAieI5mANkOJoeLIi63WREwgZWZNZRZzr1LxafUKWvbxn1JV_D9JOjPJmXNBQj7AES_DJXqcjMIlPyAzSmx28LOYzFKeyamDWuS3NrrJiJ_o09L7sPW1OpsxhM5VzaRrLBMCrAADqpA6M9xWY0wQCs3OIi2dvXhvu5jkkLxr5nDiy9hrBLsPjXDHzaiyH_3_H-z3gbk2wcoTOagZSL3FDqJb79_r2Rvmg71FfwIFNXBmZ-HfOvs1Lfjvh9qEfHwYf2CITFoFpXQ8aGjHuQFaFoxk0M9II3zlb0_kWc7EF-Jc2PPijjJ_1g5W8MhgXWlfttcVoB1mntzM2xz3jvfyMBC9VjhLiWqQcW8tuaMnJ87s91f0fYnlLw3EERBDbiv14pD3eFcku4GiYHlzwE_A_8abLrGo2NeZea18lYs5zv_IBEKhJA
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sca.17.5.12.js
static.adsafeprotected.com/ Frame 7242 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:4a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 15:56:46 GMT
content-encoding
gzip
age
5793674
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
content-type
application/javascript
x-amz-cf-id
9xNzswXnYWf0Pp4w2OV_XUnqsqXLbzW3Y1qZ-suaeUz01HXVw0sZoA==
mon
pixel.adsafeprotected.com/ Frame B414 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=925113&advId=818595827&campId=15481227570&pubId=1&placementId=396796654&adsafe_par&bundleId=&dealId=&bidurl=https://www.eokultv.com/&adsafe_url=https%3A%2F%2Fwww.eokultv.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d49822a5-b6e9-4225-cad9-403c2da074ec,c:8Ej9bR,sl:na,em:true,fr:false,thd:1,mn:app10ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:127,fm:t1RVLVJ+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.925113%7C181%7C182%7C183%7C1841%7C19%7C1a1,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:141,oid:d8489d6b-b2a8-11ec-8cbd-0266f0feef8b,v:19.8.299,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.144.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-144-205.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame B414 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=d49822a5-b6e9-4225-cad9-403c2da074ec&tv=%7Bc:8Ej9bS,pingTime:-8,time:141,type:l,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:142,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:140,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B13~1%5D,as:%5B13~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:t1RVLVJ+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.925113%7C181%7C182%7C183%7C1841%7C19%7C1a1,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
X-Server-Name
dt46.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame B414 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=d49822a5-b6e9-4225-cad9-403c2da074ec&tv=%7Bc:8Ej9cM,pingTime:-3,time:197,type:v,im:%7BpBlk:154%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:140%7D,%7Bpiv:0,vs:o,r:l,t:196%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:197,n:196,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:140,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B67~1,1~0%5D,as:%5B68~970.250%5D%7D%7D,%7Bsl:o,t:196,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t1RVLVJ+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.925113%7C181%7C182%7C183%7C1841%7C19%7C1a1,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
X-Server-Name
dt52.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame B414 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=d49822a5-b6e9-4225-cad9-403c2da074ec&tv=%7Bc:8Ej9cN,pingTime:-6,time:198,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:198,n:196,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:140,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B67~1,1~0%5D,as:%5B68~970.250%5D%7D%7D,%7Bsl:o,t:196,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t1RVLVJ+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.925113%7C181%7C182%7C183%7C1841%7C19%7C1a1,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:www.eokultv.com*&br=c
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
X-Server-Name
dt51.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
count
logger.virgul.com/ 		0
116 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://logger.virgul.com/count?m=infoLoad&g=m&r=npm_eokultv:60::10522896&o=0-100&iv=&wVID=&info=10522896@31484473@31484473@60:31@@&os=windows&dt=desktop
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=4/2/2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 17:17:59 GMT
server
openresty/1.15.8.3
content-length
0
access-control-allow-methods
GET, POST
content-type
image/jpeg
view
googleads4.g.doubleclick.net/pcs/ Frame B414 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssScRtEib4r7nfzeyq6FuwAbvskQ5lCoZpj8biO41d28Q29fzBgqbwaAmfT0AO2fgLkdOG79BnymiAN3X0vnLISxrHorha4KmV_1FzoPTy2RT1KnSEYdZ9kVfH8LDiNplXSxT1fWmDRN8dUlz4a9zsHrei05PqEFfwaovU8zGORwEmUovucpXIPpx2IKCI9ynLdOjtEwzmfAeDoNa2DkDxX-ukZsq64Lp3wfdvOP2MsmZ9R8zarEOU7QCKtHg-9_zJTUe73kCrbtcc-HmRZcUkAmO_eZqWfkZdzJWE5nPQJS1dd7gKJxhK9iyyj6cmQSCJBDqSWQB2j7iUWXKrGhnmFF-9NatGCO9UHirk_2KkowNziSjFxZTUSJ8tV6TewErVYhUSvK2y92fyf5Oebe9JGDyDxJPoGwHTVR64-Rss_DC3xP6nn1b1c0ZyYbrbu5Uya8YkNufvqeBPzVnNHl9R_0neBvOIcWCmvXNLU75EK-xRtC9QKTXgPMUXH9NlJDObNryxxAvYLEzPFwBdzDTUEHh3GSUlSbEVZqysSLC79Hl23qW1cuLus2htlYwJtpXtJzTF4cCArAvRllZ4Q5BzuiR6Q39p9fOxpT41Bp-f-y0rdlg0oU7IoVuUGnu9iE5YTjyAktWDU6wYUfNryJ9jBONrXNAIchQfYJ45wU3EIVlmMt6mhTSkHMgAAEYGe7WnK-b__33KP3urXFS4pPszpQ0mneppCc1RZ7MXL5iPQuAuKih-OWSX1hVuwtVk-BSGLMNlJ4wTliwNi4MrKUunWSgJRGo5caZ3uEay-1Ev3U754K0fh2ezWEEuTa3lHBBLNyomjYQbZVSvSNvmZvtIzzahuByzR4Dw0ljEVBUWAbr8SI57NQZthZxwiZoPqbL-YvxlPPf6fzjE2xZl4Pr5lcFslOTjqKKKAKqpc9l60KLu3CxZp2Z73eftltT3Yzthg8eFkUmsRlc7qh7dbCKi0Azqh5FXncXobfy3YF5g4-SLxUW5ByEfK7SrhlINYmqCnuzAtes7Dg_ICOgLYl5NX_ojyvuNqkQhEZ5AqE3DqgXdBYqlN17GPafvHJB6Pw43BtABs0G-Lpzt-lMqYiz88Z2wZpSD0KnK9AzV3UKKJ9FnG0dtkOidkiv1UsUK8XRoZNv4FW9aaH2dzilu-iRRdSUZRKP3Y40yUYHHqpL6Fbse-oCEok2U-_A4pZfvnmLPVhKINUTwO0W4EsRlXFpGb4c3z_3cek93VE-aKsQULV4fiOdo_bbrEgdPjoouANMaGx2-WZDDprzqVSFM5fw&sai=AMfl-YR9bDdwGTuYdeWk92v6WL7lcNqSYzJ1EN8ta_FJKkQhMY-qSxTEc34ebxrw6YkJo03cWdvxDXKP8ohrHwsglqE9qYtd_UYnE9eI6ZX9gK5eiohgZxMy9XSeUng-qovSvf8a_ge-_rn_ptJDfNhDI99Q4GGIMY0H5bAIh8zsPYSsCQZnDrShwNdRLoMSxI5te-Bf3maQQzQUNGQMA_mFpQBD&sig=Cg0ArKJSzPKX3cSHMzGeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=236&vt=11&dtpt=169&dett=3&cstd=62&cisv=r20220330.63985&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Apr 2022 17:17:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
request.php
hal900026.redintelligence.net/ Frame 6DFF
Redirect Chain
  • https://hal900026.redintelligence.net/request.php?zone=29avbfd1vdzq&nw=20&renderingType=javascript&namespace=eec858300f&subid=&uid=5167180dfb3fc3d8&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900026.redintelligence.net/request.php?zone=29avbfd1vdzq&nw=20&renderingType=javascript&namespace=eec858300f&subid=&uid=5167180dfb3fc3d8&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/request.php?zone=29avbfd1vdzq&nw=20&renderingType=javascript&namespace=eec858300f&subid=&uid=5167180dfb3fc3d8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6272188572178132329%26mt_id%3D6622392%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.eokultv.com%2F&ancestorOrigins=https%3A%2F%2Fwww.eokultv.com&random=7232040054237&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
HTTP/1.1
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f404b28b3258d03c2c1e3bb671b308eb2739a9fc7447b9756fb27b9bde024c69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
71568300167186400951423011917026
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
895
Expires
Sat, 02 Apr 2022 18:17:59 +0200

Redirect headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=29avbfd1vdzq&nw=20&renderingType=javascript&namespace=eec858300f&subid=&uid=5167180dfb3fc3d8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6272188572178132329%26mt_id%3D6622392%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.eokultv.com%2F&ancestorOrigins=https%3A%2F%2Fwww.eokultv.com&random=7232040054237&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sat, 02 Apr 2022 18:17:59 +0200
dt
dt.adsafeprotected.com/ Frame B414 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=d49822a5-b6e9-4225-cad9-403c2da074ec&tv=%7Bc:8Ej9d0,pingTime:0,time:211,type:pf,im:%7Bsf:0%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:140%7D,%7Bpiv:0,vs:o,r:l,t:196%7D,%7Bpiv:100,vs:i,r:,t:210%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:210,n:196,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:140,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B67~1,1~0%5D,as:%5B68~970.250%5D%7D%7D,%7Bsl:o,t:196,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B13~0%5D,as:%5B13~970.250%5D%7D%7D,%7Bsl:i,t:210,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:t1RVLVJ+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.925113%7C181%7C182%7C183%7C1841%7C19%7C1a1,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
X-Server-Name
dt55.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame B414 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=d49822a5-b6e9-4225-cad9-403c2da074ec&tv=%7Bc:8Ej9d1,pingTime:-2,time:212,type:a,im:%7Bpom:1,prf:%7BbeA:266,beZ:267,mfA:392,cmA:394,inA:394,inZ:397,prA:397,prZ:401,si:407,poA:408,bl:420,poZ:420,cmZ:420,mfZ:420,loA:464,loZ:466,ltA:477,ltZ:477,idA:420,idZ:458%7D%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:140%7D,%7Bpiv:0,vs:o,r:l,t:196%7D,%7Bpiv:100,vs:i,r:,t:210%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2,o:210,n:196,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:140,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B67~1,1~0%5D,as:%5B68~970.250%5D%7D%7D,%7Bsl:o,t:196,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B13~0%5D,as:%5B13~970.250%5D%7D%7D,%7Bsl:i,t:210,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:t1RVLVJ+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.925113%7C181%7C182%7C183%7C1841%7C19%7C1a1,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:69,readyFired:true%7D&br=c
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:18:00 GMT
X-Server-Name
dt46.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
sodar
pagead2.googlesyndication.com/getconfig/ Frame B8BD 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
931ef505d68690757e8198477488806c7486ddc5c042916115e7c1b395b00b62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5525
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B8BD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 02 Apr 2022 17:17:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 76B5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWjQ4R4VIYtzPFf2NjuwPuMek-AQAAAAAOAHgBAI&bg=!OjmlOX3NAAZku-1yRLs7ACkAdvg8Wl5_3ywGoKyTSDPmMqYgtBGGqtKPejEGeFN-arNjApEXH-y9_gIAAACaUgAAAAFoAQeZAyAilapKc3rWjrPidSY8reQ8aY1GsHI4s1kuVD1caSzJWDaaqzkUmfBDqW4_UcGaQWEUiua1Z5K1j2I0ZEys_UxOZaO1QkGvrpy4OfyEF7NTwLd1cX0ThjbnT3fCq7A0fBHTgaUEJrx-CtcL2X9T3bVQW6gOGT1fSwQ8veDyGtCmLKx9NsgCbDwAVr8nIpcMhj0HK-hGlX4Xd8c4vs2Drw_LYTXJmSmrCqRt_2SJhLA6hQYgmKwTU7C4Q5EjzPe7do90ZD9ZChyub4R05n3FPjs2XDfXPVpxKZWvKlB1pVCzVke0kQjzmQVIFwMEMvCW74c7mG1hQuvzz9f2IQNRyU9Nsa-oiLFaMeLqVyHqUnapH7GBVUfyXp0UJ7iEebsPJ1x2287mIRQ5v_1IRtZW-HawfS1l5Fac9cUFiQa1pABV--t4mD-QHZozjYW3eGEr-T_DBZFo71K2J3j_3ZgJNv7VV-IASHq48_gCJ2Rdjkifv6Q58SKgOGO-TXGmAr8HSUHQ-MQr9SIUNKu9d7raJZFtZ96109JlEv1Yh4duXpr0YOgcW1YfHtblz2fWaGGrm2FKtVAZ_MX1LSzYeR76NtPtaz-WO_IiDDhbx0RDXvgp-QNsGGlUJRtDLzY5S_R5HR2F20Aj_ZG2BRkyR3dpQryT00yeOm137MCAM46zLCI2yXF9JszMLgaMI-4J0xrMTVa2PU7JuuNgS8uDRgpMGHOuxmsFPIGcCXfF2q6oW-jQn0OX5nwkXfZvXCd2Fakya2Qd56JSDOZ1qysaf6IlFWk4vCrZir1y0gyoEqwJwzekHnUJdDabE_TJxb3ZO2a5R8ATfXYn9FhxNXpPUCAloGoe9LRSwTVhvkPABtZAv-XVnLpoReV4_14Fd2g7AvpxzMyDRydxbzl8ThBfpjufJeM9fj82rYczymtFPE2xXTK3Gsztei7Y3CuxmWaUXIX0vYZodzNn6I3vbRD9Y_ekGRq8nx3tE4zdEb_63BmKh7LKzAFjkbPKwSiPPKMeYfrR4Q9fXpCEDZQ3X3m97tuuLrzmxSO4zygX4p4bZRSMAyyCFA
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame B414 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=d49822a5-b6e9-4225-cad9-403c2da074ec&tv=%7Bc:8Ej9et,time:302,type:e,im:%7BpWait:12%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:92,o:210,n:196,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:140,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B67~1,1~0%5D,as:%5B68~970.250%5D%7D%7D,%7Bsl:o,t:196,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B13~0%5D,as:%5B13~970.250%5D%7D%7D,%7Bsl:i,t:210,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B92~100%5D,as:%5B92~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:t1RVLVJ+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.925113%7C181%7C182%7C183%7C1841%7C19%7C1a1,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:18:00 GMT
X-Server-Name
dt52.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
count
logger.virgul.com/ 		0
116 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://logger.virgul.com/count?m=adDataLoad&g=m&r=npm_eokultv:preroll:100&o=&iv=&wVID=&info=10522896@31484473@31484473@60:31@@&os=windows&dt=desktop
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=4/2/2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 17:17:59 GMT
server
openresty/1.15.8.3
content-length
0
access-control-allow-methods
GET, POST
content-type
image/jpeg
eokultv-tanitim-videosu_10522896-00_640x360.jpg
i1.imgiz.com/rshots/10522/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.imgiz.com/rshots/10522/eokultv-tanitim-videosu_10522896-00_640x360.jpg
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
aedabdf47d26b70f62e92e3a2491a0caa1bd7570324903c5f42fda5af662df8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:18:00 GMT
last-modified
Wed, 23 Dec 2020 06:33:01 GMT
server
openresty/1.15.8.3
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1187
expires
Sat, 09 Apr 2022 17:18:00 GMT
truncated
/ 		1016 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6823cdc5c5bc297bd4ac06187687fecb2a5c110658ebd5efba820132571fe6a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
zoneview
ng.virgul.com/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1648919879823&v=https%3A%2F%2Fwww.eokultv.com%2F&r=153624:eokultv&userId=vnetd2851632-a4dc-4b8c-9979-10d20ae100eb&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,ez153628&info=&ref=&rdmt=0.9039286244210523
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://www.eokultv.com
date
Sat, 02 Apr 2022 17:17:59 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
10522896-360_2-135k.mp4
istr-n23.nktcdn.com/data/videos/10522/
Redirect Chain
  • https://istr.izlesene.com/data/videos/10522/10522896-360_2-135k.mp4?token=KrpHzNxuwmfaTajsHD63tQ&ts=1649009879&playername=npm_eokultv
  • https://istr-n23.nktcdn.com/data/videos/10522/10522896-360_2-135k.mp4?playername=npm_eokultv&token=GiBnQ06xo3jywaowHX7Jfg&ts=1649006280
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://istr-n23.nktcdn.com/data/videos/10522/10522896-360_2-135k.mp4?playername=npm_eokultv&token=GiBnQ06xo3jywaowHX7Jfg&ts=1649006280
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
5d14a8e3e0c5a5102fb8c29cb36ce3714f5223fd0166689c5d02ba968b213bee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 17:18:00 GMT
Content-Range
bytes 0-1393355/1393356
last-modified
Wed, 23 Dec 2020 06:33:07 GMT
server
openresty/1.15.8.3
Content-Length
1393356
content-type
video/mp4

Redirect headers

date
Sat, 02 Apr 2022 17:18:00 GMT
server
openresty/1.15.8.3
location
https://istr-n23.nktcdn.com/data/videos/10522/10522896-360_2-135k.mp4?playername=npm_eokultv&token=GiBnQ06xo3jywaowHX7Jfg&ts=1649006280
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=0
content-length
151
expires
Sat, 02 Apr 2022 17:18:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5A08 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-pA_3RhvUGMK8DA87Lw-NONgdmn0uj_rKYSYVt9bXahsUipyVv8MZA0STnB3hodIM_QGzsP8O-QRt98hkY9t_&sig=Cg0ArKJSzMWW_RhDY0aaEAE&id=lidar2&mcvt=1000&p=0,0,280,640&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=630483377&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648919878296&rpt=557&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:17:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CIK71J3x9fYCFSZDHQkdQDMJaQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=291758397655.0353
5994599.fls.doubleclick.net/ Frame 2D40
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=291758397655.0353?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CIK71J3x9fYCFSZDHQkdQDMJaQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=291758397655.0353?
391 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIK71J3x9fYCFSZDHQkdQDMJaQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=291758397655.0353?
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
bfe9c9e10ce5a0931f827c602f32fe7f6c97ed9894a55824e126bd7cae94ace6
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
324
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 17:18:00 GMT
expires
Sat, 02 Apr 2022 17:18:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 17:17:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIK71J3x9fYCFSZDHQkdQDMJaQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=291758397655.0353?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900026.redintelligence.net/ Frame E6AF 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/request_content.php?s=71568300167186400951423011917026&a=5a583894
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=29avbfd1vdzq&nw=20&renderingType=javascript&namespace=eec858300f&subid=&uid=5167180dfb3fc3d8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6272188572178132329%26mt_id%3D6622392%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.eokultv.com%2F&ancestorOrigins=https%3A%2F%2Fwww.eokultv.com&random=7232040054237&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0478a4ecc23664996f02e29703ca39bde9aa1236053aed1d3118fe91b0facb8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1503
Content-Type
text/html; charset=utf-8
Date
Sat, 02 Apr 2022 17:17:59 GMT
Expires
Sat, 02 Apr 2022 18:17:59 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 59EE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11711&pub_id=1863631
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-186.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 02 Apr 2022 17:17:59 GMT
ETag
"623de86a-cf34"
Expires
Sun, 03 Apr 2022 17:18:01 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 6DFF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-PH0R2povGy4fsU9pnTyuViAjeMYEwsNNCNN8pEL-op41yzyyrB5Onz7V6eXurpidY89EXpcrJqBHsmggG7m-1vENBwPWfLKZGLfs8G2YUbNKc61Ju2SlZXkFdJVf4pyQUz02OlLol0OAfZuV0KilD3wdYtJ3KX_49GUBv3DkPciTQjrxHjebSfuqYeRD1GHrGfK0gjyY0zqeADDhProDwSEdZI3gchSNMqZdq7BrZcYdgLS20Qbiu50okk0SWfFMubq6eTY9yXhCsGXnqsYP3Ebo9vPmHkxzgKGgcVlSX_TXRVK7WimKm4y9MglASCxo3L_CzXGbd3Y&sig=Cg0ArKJSzHIR6efwnUMXEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Apr 2022 17:17:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 02 Apr 2022 17:17:59 GMT
truncated
/ Frame 6DFF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1912bc9c2aa2bfbffe90015b9811eab172f66b110fff5e93ebde327e1c79f05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
vevent
nym1-ib.adnxs.com/ Frame 6DFF 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.eokultv.com%2F&e=wqT_3QLtCvQ2Am0FAAADANYABQEIxoqikgYQxtO2h_DYkb1_GNbnnaSF6YG9Pyo2CYB9dOrKZ7s_EQD-KVWi7LU_GQAAAGC4HvE_Ia-kJgup7LU_KdtN8E3TZ7s_MQAAAOBRuJ4_MJ760gk4v1tAHUgIUKXjqIYBWMu2jgFgAGj6p6cBeK2nBYABAYoBA1VTRJIBA1VTRJgBeKAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAgDqAhhodHRwczovL3d3dy5lb2t1bHR2LmNvbS-AAwCIAwGQAwCYAxSgAwGqA6AGCtcFaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZUbFJSZVU1cVVYbFBSMFYwVFVSQmQwMURNSGROUkVGM1RGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpZeU56SXhPRGcxTnpJeE56Z3hNekl6TWprdk5qWXlNak01TWk4ME5UWXlNekV5THpFekwxQmxiWHBSUVdGU00wSTFkVkpHUkVGdVlqTktVREppZUVoaUxXbG5aVmhyZGtKRmJIUkhWMjlZV2pRdk1TOHhNeTh3THpBdk9UVTJPREF6THpBdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWFJOUkVGM1RVTXdkMDFFUVhkTVZFRgnYEEUxRVFYCdgMVFVSQgn4IGN2TUM4d0x6QQ0IDFl5TnpW8AAMYVdGawEo8LxPVEUzTHpnd0x6azVPUzh6TWpJdk1qQXdNVHBoWXpnNk1qQTZNekF3T2pvdk1DNHdNREF2TVRZME9Ea3hPVGczT0M4eE5qUTRPVE15TkRjNEx6RXpMekV4TnpFeEx3L1dwNC0tU3pFMGZ4V2dMVGhncDZfR2d6eWx4USZub2RlaWQ9MTkyOSZncm91cD1pYWQmYXVjdGlvbmlkPTYyNzIxODg1NzIxNzgxMzIzMjkmc2hhcmRrZXk9NjI3MjE6HQD0HAJwcmljZT0ke0FVQ1RJT05fUFJJQ0V9Jm5meV9hY3Q9TEQ1d2YzVSZiZmlwPTEwLjEyOC41Mi45MiZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjM5MiZzcmM9YXBpJnR5cGU9YnVybCZjbGllbnQ9czJzEhM2MjcyMTg4NTcyMTc4MTMyMzI5GhM5MTg1NzMyMjEwNTAzNTU5NjIyIgkyODE2ODY0MzcqBjEwMTkzNjoHNjYyMjM5MsADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBBUyMDAxOmFjODoyMDozMDE6OjIwMWWoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEpeOohgH6BBIJAAAAYG0NSUARAAAA4E1CIUCIBQGYBQCgBeutir-7ldSlAaoFJDZlN2Y1YTE0LWZhOWEtNDA2Yy04ZDgwLWJmY2M2ZDgzYTk5NcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfnLIfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Ab5qwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzG6Bw8IABAAGAAgADAAOL0GQADIB62nBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHAIoIAhAA&s=ef4bbcf84f0b862ae8cff6967ddbc8852a4298d3&type=nv&nvt=5&jm=1003&px=10&py=80&bw=120&bh=600&sid=2358462131660515199&vd=ct~0|rr~0&sv=224&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=20233502&sw=1600&sh=1200&pw=1600&ph=2082&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.87 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
3bb37531-9b39-49f1-b7c6-ed0842fbd62a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.eokultv.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
S-120x600.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame E6AF 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-120x600.gif
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=71568300167186400951423011917026&a=5a583894
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.234 Rheinfelden, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv21038.dus4.fastwebserver.de
Software
nginx /
Resource Hash
e5b7f02b23fdfaa750168663e07aa8da6df9b31692b4e470097c1122b3fe2678

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Sat, 02 Apr 2022 17:17:59 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:52 GMT
Server
nginx
ETag
"5b55f218-8530"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
34096
3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
pagead2.googlesyndication.com/bg/ Frame AEBE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 08:21:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
32171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 02 Apr 2023 08:21:48 GMT
viewability
hal900026.redintelligence.net/ Frame E6AF 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/viewability?s=71568300167186400951423011917026&a=c186f089&vb=m
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=71568300167186400951423011917026&a=5a583894
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/request_content.php?s=71568300167186400951423011917026&a=5a583894
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Sat, 02 Apr 2022 17:17:59 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame E6AF 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/24i/tools/js/ Frame E6AF 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=71568300167186400951423011917026&a=5a583894
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.234 Rheinfelden, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv21038.dus4.fastwebserver.de
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Sat, 02 Apr 2022 17:17:59 GMT
Last-Modified
Tue, 03 May 2016 20:54:50 GMT
Server
nginx
ETag
"5729101a-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
async_usersync
ib.adnxs.com/ Frame 59EE 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11711&pub_id=1863631&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11711&pub_id=1863631
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:17:59 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a9b7133e-45b3-421c-b443-12c9d70ae00f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ Frame B414 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=d49822a5-b6e9-4225-cad9-403c2da074ec&tv=%7Bc:8Ej9hU,pingTime:-10,time:515,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2LjYwIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1648919880033%7C%7C7cae39f6c766caec471a6a39368a3175%7C%7Cf1304fc6c30821c0c7c03569db70f592%7C%7C904634be97c5deebc8f320c3af5628e1%7C%7C1b1c88e0e94d23c854674845dec7a4dd%7C%7C478b6b57279247236e6c477516fc156c%7C%7C8bd61997e8036f14428defcbe52d2e7b%7C%7C3213ae69d617e26c39b1d85d3390e3d8%7C%7C1629390669%7D
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:18:00 GMT
X-Server-Name
dt55.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dc_pre=CIK71J3x9fYCFSZDHQkdQDMJaQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=291758397655.0353
adservice.google.com/ddm/fls/z/ Frame 2D40 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIK71J3x9fYCFSZDHQkdQDMJaQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=291758397655.0353
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIK71J3x9fYCFSZDHQkdQDMJaQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=291758397655.0353?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame DA40 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=lAuLBVYaZzbnZf77nr3Vk9kjkks4qNbWGfF-IgKvTJL_0TfIF2N0o2i6nkmryIrptA5ZjeynAmbb9Tq70EjP_aKS4pVZA4aNVC8tgEHzDism-T92Kfy21SR_G8QWGMijgg0OS9jgNXxrDBBW3z-JPlmfDoGpN0IXTMmM7p-DJRZWBOqoxfboStrAFWt0VadMjd-KlKs44yJ117zCKceHCBJya_cdfmt-AAeZdSdRB4kGAts3EFEhm54gN1_mKatklOEQOA&sds=2&rev=80956&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 17:17:59 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
970x250_D_AP_Statue.jpg
s0.2mdn.net/creatives/assets/2373736/ Frame B8BD 		36 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/2373736/970x250_D_AP_Statue.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329c4d3d31b8b4094d12c4a059a74e8fe8468625bd65ea44864c92139357e85d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/18373632269202048398/index.html?e=69&leftOffset=0&topOffset=0&c=RU0O2hr8RI&t=1&renderingType=2
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:10:49 GMT
x-content-type-options
nosniff
age
431
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37152
x-xss-protection
0
last-modified
Wed, 11 Sep 2019 07:45:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Apr 2022 17:25:49 GMT
43169952-c1c9-4373-ae17-b450a2a2b640
https://s0.2mdn.net/ Frame B8BD 		36 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://s0.2mdn.net/43169952-c1c9-4373-ae17-b450a2a2b640
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
329c4d3d31b8b4094d12c4a059a74e8fe8468625bd65ea44864c92139357e85d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length
37152
Content-Type
image/jpeg
de_DE_imageanimation_D_AP_Statue_970x250.js
s0.2mdn.net/creatives/assets/2987685/ Frame B8BD 		41 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/2987685/de_DE_imageanimation_D_AP_Statue_970x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8c94d61c05ea587cf704c4fe2213c0f390e114a5895afd003b8e75827fc0f21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/18373632269202048398/index.html?e=69&leftOffset=0&topOffset=0&c=RU0O2hr8RI&t=1&renderingType=2
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23716
x-xss-protection
0
last-modified
Thu, 30 Sep 2021 12:22:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Apr 2022 17:19:59 GMT
dt
dt.adsafeprotected.com/ Frame B414 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=d49822a5-b6e9-4225-cad9-403c2da074ec&tv=%7Bc:8Ej9kI,time:689,type:e,im:%7BpLoad:614%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:479,o:210,n:196,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:140,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B67~1,1~0%5D,as:%5B68~970.250%5D%7D%7D,%7Bsl:o,t:196,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B13~0%5D,as:%5B13~970.250%5D%7D%7D,%7Bsl:i,t:210,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B479~100%5D,as:%5B479~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:98,fm:t1RVLVJ+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.925113%7C181%7C182%7C183%7C1841%7C19%7C1a1,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:18:00 GMT
X-Server-Name
dt55.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
5fe2f0cde4b0b8eb9e6627b3
ng2.virgul.com/tck/imp/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5fe2f0cde4b0b8eb9e6627b3?scm=240000&g=1&t=google_banner&sdr=https&tp=&r=153632@site_geneli@eokultv:site_geneli&l=&info=&os=&mt=1648919878081&userId=vnetd2851632-a4dc-4b8c-9979-10d20ae100eb
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://www.eokultv.com
date
Sat, 02 Apr 2022 17:18:00 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
js-animation_de_DE_imageanimation.js
s0.2mdn.net/creatives/assets/3389262/ Frame B8BD 		66 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3389262/js-animation_de_DE_imageanimation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e56d4cfa517f5ea7e3dfe08628a062bee69ff18b96dedeadb0b6c130bf305107
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/18373632269202048398/index.html?e=69&leftOffset=0&topOffset=0&c=RU0O2hr8RI&t=1&renderingType=2
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18063
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 17:53:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Apr 2022 17:32:41 GMT
truncated
/ Frame B8BD 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289

Request headers

Referer
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
D_AP_Statue;strtype=2
ade.googlesyndication.com/ddm/activity/dc_oe=ChMInI-wnfH19gIV_YaDBx24IwlPEAAYACDcz-dNQhMIkNyOnfH19gIVi7l3Ch2qbQNL;stragg=1;&timestamp=1648919880255;str=LH/NULL/642/amadeusBestPrice/ Frame B414 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInI-wnfH19gIV_YaDBx24IwlPEAAYACDcz-dNQhMIkNyOnfH19gIVi7l3Ch2qbQNL;stragg=1;&timestamp=1648919880255;str=LH/NULL/642/amadeusBestPrice/D_AP_Statue;strtype=2
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F2BD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgCZs-v9zgNift56fOudMEFmrvIuCY54rRhJ6Qp8a0JspZND3LKQ_0AFjGRTj3M1-VXd_ZFmnJZtt0wwjCHeSmLeBXWObi3qgFdTPX9DNT69v96efLJg&sai=AMfl-YRMft_hkFiyolx6eJF5YYSZyUxIS04mx3Za5_nZXNSKs9J0vXJzadMn4UmX6jokeQVT0fsmffHitMwhJy6mwRQh9PkBAMQV9mBTfVmJYJzHbDoTZtY-1TG9BTk1&sig=Cg0ArKJSzI3MARozfwZNEAE&cid=CAASJeRorf2b7eNijYGCeueHDSP7D77UaqjAsEkosH-CwY5b_rRc74g&id=lidar2&mcvt=1002&p=80,1430,680,1590&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1438585451&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648919879165&rpt=157&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B414 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIKPDcVWnQmab_-WfT72n8GuIAEbpm_GHelUSKHeUZmNe0KrPAkeXJNmZUtc53NBZlikTagQNaz_dg7UuEJHDJwMB296igW01kEflNJdx8dj_QWiPdbQ&sai=AMfl-YTAwLDUuJk41uXK3yTnlc4JVZra5VH2_Adq94J222LeVeBN_9YEp0efFipTGyZdGDB31KZJnM0ctIJ2u9zLIn-IojEqOYPT_19zgQTOlNjsLiipWnLqF32E1lZn&sig=Cg0ArKJSzF7ZOaYO190rEAE&cid=CAASJeRoeXuGOJgwoy1frc9zKpkUXntBYCJESjhPTNwMIXoX7Yh7_DY&id=lidar2&mcvt=1004&p=164,315,414,1285&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1871473940&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648919879253&rpt=276&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
count
logger.virgul.com/ 		0
116 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://logger.virgul.com/count?m=initBufferFull&g=h&r=npm_eokultv:n:10522896&o=&iv=&wVID=&info=10522896@31484473@31484473@60:31@@&os=windows&dt=desktop
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=4/2/2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 17:18:00 GMT
server
openresty/1.15.8.3
content-length
0
access-control-allow-methods
GET, POST
content-type
image/jpeg
count
logger.virgul.com/ 		0
116 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://logger.virgul.com/count?m=start&g=m&r=npm_eokultv:n:60::10522896&o=vnetd2851632-a4dc-4b8c-9979-10d20ae100eb:16:700-800::&iv=&wVID=&info=10522896@31484473@31484473@60:31@@&os=windows&dt=desktop
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=4/2/2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 17:18:00 GMT
server
openresty/1.15.8.3
content-length
0
access-control-allow-methods
GET, POST
content-type
image/jpeg
count
logger.virgul.com/ 		0
116 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://logger.virgul.com/count?m=adRequest&g=m&r=npm_eokultv:preroll&o=&iv=&wVID=&info=10522896@31484473@31484473@60:31@@&os=windows&dt=desktop
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=4/2/2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 17:18:00 GMT
server
openresty/1.15.8.3
content-length
0
access-control-allow-methods
GET, POST
content-type
image/jpeg
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.eokultv.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Apr 2022 17:18:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.eokultv.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Apr 2022 17:18:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
truncated
/ 		985 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6efe7e4964448fbdd5349e5116703648d6692fc191736eb19b62515e21a7a3d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
ads
pubads.g.doubleclick.net/gampad/ Frame 3B81 		93 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21728129623%2C22455267735%2Fweb_eokultv_preroll&description_url=http%3A%2F%2Fwww.eokultv.com&env=vp&correlator=343845432788249&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x360&unviewed_position_start=1&max_ad_duration=120000&cust_params=site%3Deokultv%26env%3Dweb%26mt%3D1648919878081%26r%3D153624%40site_geneli%40eokultv%3Asite_geneli%26info%3D%26targetCtr%3D0%26viewable%3D2%26site%3Deokultv%26pid%3Dvnetd2851632-a4dc-4b8c-9979-10d20ae100eb%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&sdkv=h.3.508.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=102879565&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.508.0&sid=53C29F26-420D-46F9-8E01-1F9E74AB2B76&nel=0&eid=44758348%2C44760640&url=https%3A%2F%2Fwww.eokultv.com%2F&dlt=1648919877637&idt=1826&dt=1648919880603&cookie=ID%3Dce5b4ffd910be3b5%3AT%3D1648919878%3AS%3DALNI_MZTCreuA-ql7upU5ewonnEr7JOgPQ&scor=1129262174187276&ged=ve4_td3_tt2_pd3_la3000_er683.975.836.1275_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.508.0_tr.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
588fa793835560d86cd3cb2ec716ebe031e331f48f40f757db9027b15d2ac498
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:18:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18446
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame B414 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=d49822a5-b6e9-4225-cad9-403c2da074ec&tv=%7Bc:8Ej9tb,pingTime:1,time:1214,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:140%7D,%7Bpiv:0,vs:o,r:l,t:196%7D,%7Bpiv:100,vs:i,r:,t:210%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1004,o:210,n:196,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:140,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B67~1,1~0%5D,as:%5B68~970.250%5D%7D%7D,%7Bsl:o,t:196,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B13~0%5D,as:%5B13~970.250%5D%7D%7D,%7Bsl:i,t:210,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:96,fm:t1RVLVJ+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.925113%7C181%7C182%7C183%7C1841%7C19%7C1a1,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:18:00 GMT
X-Server-Name
dt55.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame B414 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=d49822a5-b6e9-4225-cad9-403c2da074ec&tv=%7Bc:8Ej9td,pingTime:1,time:1216,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:140%7D,%7Bpiv:0,vs:o,r:l,t:196%7D,%7Bpiv:100,vs:i,r:,t:210%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1006,o:210,n:196,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:140,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B67~1,1~0%5D,as:%5B68~970.250%5D%7D%7D,%7Bsl:o,t:196,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B13~0%5D,as:%5B13~970.250%5D%7D%7D,%7Bsl:i,t:210,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:96,fm:t1RVLVJ+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.925113%7C181%7C182%7C183%7C1841%7C19%7C1a1,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:18:00 GMT
X-Server-Name
dt52.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame B414 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=d49822a5-b6e9-4225-cad9-403c2da074ec&tv=%7Bc:8Ej9td,pingTime:1,time:1216,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:140%7D,%7Bpiv:0,vs:o,r:l,t:196%7D,%7Bpiv:100,vs:i,r:,t:210%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1006,o:210,n:196,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:140,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B67~1,1~0%5D,as:%5B68~970.250%5D%7D%7D,%7Bsl:o,t:196,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B13~0%5D,as:%5B13~970.250%5D%7D%7D,%7Bsl:i,t:210,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1007~100%5D,as:%5B1007~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:96,fm:t1RVLVJ+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.925113%7C181%7C182%7C183%7C1841%7C19%7C1a1,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:18:00 GMT
X-Server-Name
dt46.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 6DFF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyu4OroblboeHPvo_Zg00ve_cNPvF7vuiR7lpWjXQjHsj3KhzveyWU6n28jfaCvzdbNbzxtmazBMVUUK8h6yp_opUlfDMK82gYN8RF58a9ZdwcJEcA&sig=Cg0ArKJSzJHpbfBBpsyHEAE&id=lidar2&mcvt=1001&p=80,10,680,170&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220330&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2149371335&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648919879094&rpt=809&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame 6DFF 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.eokultv.com%2F&e=wqT_3QLtCvQ2Am0FAAADANYABQEIxoqikgYQxtO2h_DYkb1_GNbnnaSF6YG9Pyo2CYB9dOrKZ7s_EQD-KVWi7LU_GQAAAGC4HvE_Ia-kJgup7LU_KdtN8E3TZ7s_MQAAAOBRuJ4_MJ760gk4v1tAHUgIUKXjqIYBWMu2jgFgAGj6p6cBeK2nBYABAYoBA1VTRJIBA1VTRJgBeKAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAgDqAhhodHRwczovL3d3dy5lb2t1bHR2LmNvbS-AAwCIAwGQAwCYAxSgAwGqA6AGCtcFaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZUbFJSZVU1cVVYbFBSMFYwVFVSQmQwMURNSGROUkVGM1RGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpZeU56SXhPRGcxTnpJeE56Z3hNekl6TWprdk5qWXlNak01TWk4ME5UWXlNekV5THpFekwxQmxiWHBSUVdGU00wSTFkVkpHUkVGdVlqTktVREppZUVoaUxXbG5aVmhyZGtKRmJIUkhWMjlZV2pRdk1TOHhNeTh3THpBdk9UVTJPREF6THpBdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWFJOUkVGM1RVTXdkMDFFUVhkTVZFRgnYEEUxRVFYCdgMVFVSQgn4IGN2TUM4d0x6QQ0IDFl5TnpW8AAMYVdGawEo8LxPVEUzTHpnd0x6azVPUzh6TWpJdk1qQXdNVHBoWXpnNk1qQTZNekF3T2pvdk1DNHdNREF2TVRZME9Ea3hPVGczT0M4eE5qUTRPVE15TkRjNEx6RXpMekV4TnpFeEx3L1dwNC0tU3pFMGZ4V2dMVGhncDZfR2d6eWx4USZub2RlaWQ9MTkyOSZncm91cD1pYWQmYXVjdGlvbmlkPTYyNzIxODg1NzIxNzgxMzIzMjkmc2hhcmRrZXk9NjI3MjE6HQD0HAJwcmljZT0ke0FVQ1RJT05fUFJJQ0V9Jm5meV9hY3Q9TEQ1d2YzVSZiZmlwPTEwLjEyOC41Mi45MiZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjM5MiZzcmM9YXBpJnR5cGU9YnVybCZjbGllbnQ9czJzEhM2MjcyMTg4NTcyMTc4MTMyMzI5GhM5MTg1NzMyMjEwNTAzNTU5NjIyIgkyODE2ODY0MzcqBjEwMTkzNjoHNjYyMjM5MsADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBBUyMDAxOmFjODoyMDozMDE6OjIwMWWoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEpeOohgH6BBIJAAAAYG0NSUARAAAA4E1CIUCIBQGYBQCgBeutir-7ldSlAaoFJDZlN2Y1YTE0LWZhOWEtNDA2Yy04ZDgwLWJmY2M2ZDgzYTk5NcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfnLIfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Ab5qwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzG6Bw8IABAAGAAgADAAOL0GQADIB62nBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHAIoIAhAA&s=ef4bbcf84f0b862ae8cff6967ddbc8852a4298d3&type=pv&jm=1003&px=10&py=80&bw=120&bh=600&sf=1&sid=2358462131660515199&vd=ct~0|rr~5&sv=224&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=20233502&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.87 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:18:00 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5c9a5f09-76a7-4bf5-af53-14d2434e74ad
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.eokultv.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csi
csi.gstatic.com/ Frame 3B81 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l1i4blsm&c=2447291369905&slotId=1223645684952.5&qqid=CPCg_53x9fYCFR3JuwgdD-QMqQ&gqid=SIVIYr_FJbys9u8P2qCtoA4&fb=ima_html5-lima&sdkv=h.3.508.0&mrd=10&aab=1&itv=1&eee=missing-element&bi=missing-id&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44758348%2C44760640&met.4=ghmsh_s.l1i4bmxx~ghmsh_s.l1i4bmxy&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=Dx5lBcoMaQkvUtat
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.508.0_tr.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4006:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 3B81 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-6593523210010154
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.508.0_tr.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:09:59 GMT
x-content-type-options
nosniff
age
481
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 17:59:59 GMT
AKedOLRCuhB9bqF7Rtq0fYd2C62SxjsWWbQMdLBMCfjj9w=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 3B81 		835 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLRCuhB9bqF7Rtq0fYd2C62SxjsWWbQMdLBMCfjj9w=s48-c-k-c0x00ffffff-no-rj
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ca360458366b03d30f27de12508e73013e7b41ef8279e6df7b1d45917c072598
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 15:00:28 GMT
x-content-type-options
nosniff
age
8252
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
835
x-xss-protection
0
server
fife
etag
"v192"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 18 Nov 2021 16:21:12 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 3B81 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C6DNpSIVIYvDcJ52S7_UPj8izyAr4haO4aZ7k2O6-D4OdjO6qCRABIOa0gmtglYKAgJQHyAEFqQLY4aKjCImyPuACAKgDAZgEAKoEkwJP0LKIgS6uIXUUzJBY-8NsA6eMf-PxIwcpXE9nWzrnKW8XonQebCZNKGEiTYDCQfATdz_1ukfudzXt4AuTz4w3-hKQzD8dYQhdAorsDRK7zzMg0w8N9Vj0vHqAm-lKJe5-CT_MTggufOYDAMAT0B1QsLSCPljR8pqrhzJia4xgcOQ46DUgt2zpcytrObtxqUQALvpaGskwYLEXJTYxpRxLxRyXBWQiBH49GfwL6y5IjqtNDEtFz3g7GCbqqjI0teekAXyBFtRWaol-Yy9n7xl5Glu_OJOenh6Mmez6PXh5wkV0hW5Bk2qXEsftgcmtwf6NpPLCcHziC_hGgMruflt5opncg1KavUb9W1HGKZt0xTuXjcAEpLqvu5QE4AQBoAZUgAepyNq8AagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xODQ1OTc2ODYzNzkyMDEzmgl_aHR0cHM6Ly93d3cuY29jYS1jb2xhLWRldXRzY2hsYW5kLmRlL3ZlcmFudHdvcnR1bmcvdmVycGFja3VuZ2VuL2Rlci1kZWNrZWwtYmxlaWJ0LWRyYW4tZmxhc2NoZW4tbWl0LWZlc3QtdmVyYnVuZGVuZW0tdmVyc2NobHVzc7EJsbKzKuNo24WACgPICwHQCw_gCwGwE6XkyQ7YExPYFAHQFQGoFgH4FgGAFwE&sigh=vghBGMscfU8&label=show_ad&acvw=&sdkv=h.3.508.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUzMjI3MTIxNTEzNDIMNTg3Mzc4OTcxMDkzQMACUh0QDyUAABhCKAE6B3Vua25vd25CB3Vua25vd25QABgB
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 3B81 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=C1z4_SIVIYvDcJ52S7_UPj8izyAr4haO4aZ7k2O6-D4OdjO6qCRABIOa0gmtglYKAgJQHyAEFqQLY4aKjCImyPuACAKgDAZgEAKoEkAJP0LKIgS6uIXUUzJBY-8NsA6eMf-PxIwcpXE9nWzrnKW8XonQebCZNKGEiTYDCQfATdz_1ukfudzXt4AuTz4w3-hKQzD8dYQhdAorsDRK7zzMg0w8N9Vj0vHqAm-lKJe5-CT_MTggufOYDAMAT0B1QsLSCPljR8pqrhzJia4xgcOQ46DUgt2zpcytrObtxqUQALvpaGskwYLEXJTYxpRxLxRyXBWQiBH49GfwL6y5IjqtNDEtFz3g7GCbqqjI0teekAXyBFtRWaol-Yy9n7xl5Glu_OJPGn-ykkoZYDOrPOMEfWeoHdaKY_w-UUR3xEQK6u_hGeVX6kgiWjycE6E1XunYWTw5KS_Xrd0ly5gcfGcAEpLqvu5QE4AQBkgUICBsQAhgBUAGSBQ0IIhACGAFIr7i0AVABoAZUgAepyNq8AagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQntSQAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTg0NTk3Njg2Mzc5MjAxM4AKA8gLAbATpeTJDsgTv8_U3wPYExPYFAHQFQGoFgGAFwGyFx4KHAgAEhRwdWItNzk4MzY1MTI1NzgzODI4MhjqwW0&sigh=k4XsSqI_tH4&cmd=Ch1jYS12aWRlby1wdWItNzk4MzY1MTI1NzgzODI4MhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&vt=10&sdkv=h.3.508.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUzMjI3MTIxNTEzNDIMNTg3Mzc4OTcxMDkzQMACUh0QDyUAABhCKAE6B3Vua25vd25CB3Vua25vd25QABgB
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
viewability
hal900026.redintelligence.net/ Frame E6AF 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/viewability?s=71568300167186400951423011917026&a=c186f089&vb=v
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=71568300167186400951423011917026&a=5a583894
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/request_content.php?s=71568300167186400951423011917026&a=5a583894
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Sat, 02 Apr 2022 17:18:01 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
csi
csi.gstatic.com/ 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~l1i4bldw&c=2447291369905&slotId=1223645684952.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4006:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 59EE 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11711&pub_id=1863631&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11711&pub_id=1863631
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:18:00 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
018c36cd-e9fc-4653-9089-b27ec912ba75
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
videoplayback
rr3---sn-4g5lznek.googlevideo.com/
Redirect Chain
  • https://rr3---sn-4g5lznek.googlevideo.com/videoplayback?expire=1648948680&ei=SIVIYsCINbqO6dsP8o-KqA4&ip=193.27.14.10&id=e804c2edd0197e60&itag=22&source=youtube&requiressl=yes&mh=xh&mm=31&mn=sn-4g5l...
  • https://rr3---sn-4g5lznek.googlevideo.com/videoplayback?expire=1648948680&ei=SIVIYsCINbqO6dsP8o-KqA4&ip=193.27.14.10&id=e804c2edd0197e60&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctie...
0
0
5fe2ed34e4b0b8eb9e66279d
ng2.virgul.com/tck/imp/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5fe2ed34e4b0b8eb9e66279d?scm=240000&g=1&t=google_banner&sdr=https&tp=&r=153626@site_geneli@eokultv:site_geneli&l=&info=&os=&mt=1648919878081&userId=vnetd2851632-a4dc-4b8c-9979-10d20ae100eb
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://www.eokultv.com
date
Sat, 02 Apr 2022 17:18:01 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.eokultv.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Apr 2022 17:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.eokultv.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Apr 2022 17:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		123 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2854345458056617&correlator=1455116976255988&eid=31064685&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=21728129623%3A22455267735%2Cm_eokultv_page_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=6&adks=3261361557&sfv=1-0-38&ecs=20220402&ists=1&fas=8&fsapi=false&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26viewable%3D2%26site%3Deokultv%26mt%3D1648919878081%26pager%3D1%2540site_geneli%2540eokultv%253Asite_geneli%26host%3Dwww.eokultv.com%26url%3Dhttps%253A%252F%252Fwww.eokultv.com%252F%26targetCtr%3D0%26pid%3Dvnetd2851632-a4dc-4b8c-9979-10d20ae100eb%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&ppid=vnetd2851632a4dc4b8c997910d20ae100eb&sc=1&cookie=ID%3Dce5b4ffd910be3b5%3AT%3D1648919878%3AS%3DALNI_MZTCreuA-ql7upU5ewonnEr7JOgPQ&abxe=1&dt=1648919881402&lmt=1648919881&dlt=1648919877637&idt=575&biw=1600&bih=1200&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.eokultv.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AGkb-H--PMbwtVpY68tFbdIF6kpJAVcGZCh8bexJPzyEGIxLUYEbQ_n3VEspFQq_vnC6_FeaPG22mMx-YhWEzE4A7w&ga_vid=1853782577.1648919878&ga_sid=1648919878&ga_hid=1348238626&ga_fc=true&btvi=-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e54647fb1653c8840eae87437b4d40e593309b6d69c7b56394f333839c696665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:18:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34189
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.eokultv.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads_2022032106.js
securepubads.g.doubleclick.net/gpt/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022032106.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
17c36e9523e8b97999649b89a0f8480d574d7a1fe1dd4f3d8fe841e5649cd0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 12:43:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16474
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13258
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 20:13:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Apr 2023 12:43:27 GMT
5fe2f0a3e4b0b8eb9e6627b1
ng.virgul.com/tck/i_vb2/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5fe2f0a3e4b0b8eb9e6627b1?l=&r=153631@site_geneli@eokultv:site_geneli&cs=1648919881420&userId=vnetd2851632-a4dc-4b8c-9979-10d20ae100eb
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://www.eokultv.com
date
Sat, 02 Apr 2022 17:18:01 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5fe2f0cde4b0b8eb9e6627b3
ng.virgul.com/tck/i_vb2/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5fe2f0cde4b0b8eb9e6627b3?l=&r=153632@site_geneli@eokultv:site_geneli&cs=1648919881421&userId=vnetd2851632-a4dc-4b8c-9979-10d20ae100eb
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://www.eokultv.com
date
Sat, 02 Apr 2022 17:18:01 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5fe2ed34e4b0b8eb9e66279d
ng.virgul.com/tck/i_vb2/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5fe2ed34e4b0b8eb9e66279d?l=&r=153626@site_geneli@eokultv:site_geneli&cs=1648919881421&userId=vnetd2851632-a4dc-4b8c-9979-10d20ae100eb
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://www.eokultv.com
date
Sat, 02 Apr 2022 17:18:01 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5fe3c131e4b01518183f95af
ng.virgul.com/tck/i_vb2/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5fe3c131e4b01518183f95af?l=&r=153628@site_geneli@eokultv:site_geneli&cs=1648919881421&userId=vnetd2851632-a4dc-4b8c-9979-10d20ae100eb
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://www.eokultv.com
date
Sat, 02 Apr 2022 17:18:01 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
rid
match.adsrvr.org/track/ 		109 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
143cb4160e036ecc16045cc318be510f72f4dc272ab25828411b5acdad5dbeb6

Request headers

Referer
https://www.eokultv.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Apr 2022 17:18:01 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.eokultv.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Mon, 02 May 2022 17:18:01 GMT
apacdex
sync.quantumdex.io/usersync/ Frame 38E9 		3 KB
1000 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
847295807ca7df9358b839dff07e7f68ea37ac6dc28011a3ac64f750d2d831a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
6f5b38ace85ccc46-ZRH
content-encoding
gzip
content-type
text/html
date
Sat, 02 Apr 2022 17:18:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
async_usersync.html
acdn.adnxs.com/dmp/ Frame 318A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-186.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 02 Apr 2022 17:18:01 GMT
ETag
"623de86a-cf34"
Expires
Sun, 03 Apr 2022 17:18:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 318A 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:18:01 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
476602cd-d9ec-4991-80a4-f615cb119228
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 38E9
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=fcca19f4-df06-4786-9726-4f5af91e6267
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=fcca19f4-df06-4786-9726-4f5af91e6267
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:18:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f5b38ae3a25cc46-ZRH
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=fcca19f4-df06-4786-9726-4f5af91e6267
date
Sat, 02 Apr 2022 17:18:01 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 38E9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7349463757661715035
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7349463757661715035
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:18:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f5b38ae2a0bcc46-ZRH
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:18:01 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
73c5ce58-96c6-4686-a74d-e686555264eb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7349463757661715035
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 38E9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-75Iy8lRE2uHpRAex.UBmfZpsOjZ9ZnQoeYNqWfM-~A
43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-75Iy8lRE2uHpRAex.UBmfZpsOjZ9ZnQoeYNqWfM-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:18:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f5b38ae1a08cc46-ZRH
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-75Iy8lRE2uHpRAex.UBmfZpsOjZ9ZnQoeYNqWfM-~A
date
Sat, 02 Apr 2022 17:18:01 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
ap.lijit.com/ Frame 38E9 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 02 Apr 2022 17:18:01 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
setuid
sync.quantumdex.io/ Frame 38E9
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=1b9c11a1-b25f-f3b2-943e-ee3a0566a6b2
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=1b9c11a1-b25f-f3b2-943e-ee3a0566a6b2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:18:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f5b38b16e2ecc46-ZRH
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=1b9c11a1-b25f-f3b2-943e-ee3a0566a6b2
pragma
no-cache
date
Sat, 02 Apr 2022 17:18:02 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 38E9
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=fbbc8923-f5c5-515c-9455-4d70f61dc83a
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=fbbc8923-f5c5-515c-9455-4d70f61dc83a
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:18:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f5b38af2b5bcc46-ZRH
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=fbbc8923-f5c5-515c-9455-4d70f61dc83a
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
/
s.ad.smaato.net/c/ Frame 38E9 		0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:e600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:18:01 GMT
via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
je8lqp1YGankqE0LnjqU3UNCDQjMD_MKhpRFXcwXV91Y5IGdTUhM0g==
x-cache
FunctionGeneratedResponse from cloudfront
0.gif
id5-sync.com/i/495/ Frame 38E9 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.3.10 , France, ASN16276 (OVH, FR),
Reverse DNS
p31.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Sat, 02 Apr 2022 17:18:01 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
usermatch
ssum-sec.casalemedia.com/ Frame 7292 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-245.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
db3e1f945168f8f00f23bf0a068aabd2f47ca733d930ab5180105d9effc31e1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1572
Content-Type
text/html
Date
Sat, 02 Apr 2022 17:18:01 GMT
Dropped-Udsids
230|241|39|46|41|4|195|64
Expires
Sat, 02 Apr 2022 17:18:01 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
pbsync
usermatch.targeting.unrulymedia.com/ Frame 45E7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 Utrecht, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:18:01 GMT
server
Tengine
/
onetag-sys.com/usync/ Frame 119A 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D01F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.212.214 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-212-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=48530
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 02 Apr 2022 17:18:02 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 03 Apr 2022 06:46:52 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame 7292 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YkiFRzp8vi1ZJDnFZ9B05QAABL0AAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 7292
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkiFRzp8vi1ZJDnFZ9B05QAABL0AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkiFRzp8vi1ZJDnFZ9B05QAABL0AAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkiFRzp8vi1ZJDnFZ9B05QAABL0AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:18:02 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MB5Y0X4P4WRKS2XV6HXE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:18:02 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2WZNE0F87Q9W9TFBZ4BA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkiFRzp8vi1ZJDnFZ9B05QAABL0AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 7292 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
secure.adnxs.com/ Frame 7292 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
bridge
cm.adgrx.com/ Frame 7292 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:18:02 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-1
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame 7292
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3050631399762268434
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3050631399762268434
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-245.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:18:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 02 Apr 2022 17:18:02 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3050631399762268434
pragma
no-cache
date
Sat, 02 Apr 2022 17:18:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 7292
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-8bb696fd-3178-43e4-9120-fc766414e0ae
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-8bb696fd-3178-43e4-9120-fc766414e0ae
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-245.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:18:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 02 Apr 2022 17:18:02 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-8bb696fd-3178-43e4-9120-fc766414e0ae
date
Sat, 02 Apr 2022 17:18:02 GMT
server
Apache-Coyote/1.1
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7292 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:01 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
setuid
sync.quantumdex.io/ Frame 7292 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YkiFRzp8vi1ZJDnFZ9B05QAABL0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:18:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f5b38ae9aa2cc46-ZRH
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
5fe3c131e4b01518183f95af
ng.virgul.com/tck/imp/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/imp/5fe3c131e4b01518183f95af?scm=https&g=1&t=cpc_annotation&sdr=240000&tp=&r=153628@site_geneli@eokultv:site_geneli&l=&info=&os=&mt=1648919878081&userId=vnetd2851632-a4dc-4b8c-9979-10d20ae100eb
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://www.eokultv.com
date
Sat, 02 Apr 2022 17:18:02 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
PugMaster
image6.pubmatic.com/AdServer/ Frame D01F 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97234135&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:18:00 GMT
content-length
0
container.html
7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8272 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 17:17:58 GMT
expires
Sun, 02 Apr 2023 17:17:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 8272 		4 KB
707 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 02 Apr 2022 16:03:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 02 Apr 2022 17:18:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Apr 2022 17:18:02 GMT
css
fonts.googleapis.com/ Frame 0C1B 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 02 Apr 2022 15:36:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 02 Apr 2022 17:18:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Apr 2022 17:18:02 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 0C1B 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:59:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1098
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Apr 2022 16:59:44 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 0C1B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
354
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Apr 2022 17:12:08 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 0C1B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:11:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Apr 2022 17:11:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0C1B 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 02 Apr 2022 17:18:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 0C1B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Apr 2022 17:17:31 GMT
63f6484ee989c3eda25e621c99817b87.js
www.gstatic.com/mysidia/ Frame 0C1B 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/63f6484ee989c3eda25e621c99817b87.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 08:30:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290872
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11974
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 08:22:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 28 Jun 2022 08:30:10 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/ Frame 8272 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e11dced993be3d8dc0b83a9532f0423d64ef189d577b91a7f9794b653ba435bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1394
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8226
x-xss-protection
0
server
cafe
etag
11792478805792993122
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Apr 2022 16:54:48 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8272 		205 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:46:14 GMT
x-content-type-options
nosniff
age
1908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 02 Apr 2023 16:46:14 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8272 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 16:59:47 GMT
x-content-type-options
nosniff
age
1095
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 02 Apr 2023 16:59:47 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A8C0 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
749
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sat, 02 Apr 2022 17:05:33 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame ECA4 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
13910
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 13:26:12 GMT
etag
48472445140208031
expires
Sun, 03 Apr 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame ECA4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHKlHH0ktRG8J0n4u_F_3V0&google_cver=1&google_push=AYg5qPK0lkwN59SfGKQLGn6hEtZKaAvrnYxuu1CuTKwmHESOiO9yDFGq1gLg_dUO5qxninX8kKo_57j71NIs9HmC...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=P4NiSIVIQwGzuPuJ0Jg9jw&google_push=AYg5qPK0lkwN59SfGKQLGn6hEtZKaAvrnYxuu1CuTKwmHESOiO9yDFGq1gLg_dUO5qxninX8kKo_57j71NIs9HmCMXHVtBFh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=P4NiSIVIQwGzuPuJ0Jg9jw&google_push=AYg5qPK0lkwN59SfGKQLGn6hEtZKaAvrnYxuu1CuTKwmHESOiO9yDFGq1gLg_dUO5qxninX8kKo_57j71NIs9HmCMXHVtBFhvjYR
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 02 Apr 2022 17:18:02 GMT
Server
MT3 4320 2f2dfe5 master hkg-pixel-x21 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=P4NiSIVIQwGzuPuJ0Jg9jw&google_push=AYg5qPK0lkwN59SfGKQLGn6hEtZKaAvrnYxuu1CuTKwmHESOiO9yDFGq1gLg_dUO5qxninX8kKo_57j71NIs9HmCMXHVtBFhvjYR
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 02 Apr 2022 17:18:01 GMT
pixel
cm.g.doubleclick.net/ Frame ECA4
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESENSBsj6hzdnm36KaCXdto-o&google_cver=1&google_push=AYg5qPLHFoJHiVA68nrlSw17Cap_XnJ6rdHHZo4C32GAY7E4rfgoRPNW-1NSCTrKwQWlKOvAO1MLh2buhUyK6A27saPBtsYZBySM
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E091AEA1DD4D4C56A8296EC52DF39C32&google_push=AYg5qPLHFoJHiVA68nrlSw17Cap_XnJ6rdHHZo4C32GAY7E4rfgoRPNW-1NSCTrKwQWlKOvAO1MLh2buhUyK6A2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E091AEA1DD4D4C56A8296EC52DF39C32&google_push=AYg5qPLHFoJHiVA68nrlSw17Cap_XnJ6rdHHZo4C32GAY7E4rfgoRPNW-1NSCTrKwQWlKOvAO1MLh2buhUyK6A27saPBtsYZBySM
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 02 Apr 2022 17:18:02 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E091AEA1DD4D4C56A8296EC52DF39C32&google_push=AYg5qPLHFoJHiVA68nrlSw17Cap_XnJ6rdHHZo4C32GAY7E4rfgoRPNW-1NSCTrKwQWlKOvAO1MLh2buhUyK6A27saPBtsYZBySM
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 01 Apr 2022 17:18:02 GMT
pixel
cm.g.doubleclick.net/ Frame ECA4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIjIBsajZTNkz0iFeOGX3kE&google_cver=1&google_push=AYg5qPKNzSM-RYM9LHxzyCe4Nzbfx27DETzfZFHaavXu1H8fvKvGz_7NhYVCsXn055FQYPxsVmljWQxGHeI_EP...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA4MjA1Njk2NjkyMTg0NDg4Mg%3D%3D&google_push=AYg5qPKNzSM-RYM9LHxzyCe4Nzbfx27DETzfZFHaavXu1H8fvKvGz_7NhYVCsXn055FQYPxsVmljWQxGHeI_EPk_un...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA4MjA1Njk2NjkyMTg0NDg4Mg%3D%3D&google_push=AYg5qPKNzSM-RYM9LHxzyCe4Nzbfx27DETzfZFHaavXu1H8fvKvGz_7NhYVCsXn055FQYPxsVmljWQxGHeI_EPk_un7KWuEWTwPi
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA4MjA1Njk2NjkyMTg0NDg4Mg%3D%3D&google_push=AYg5qPKNzSM-RYM9LHxzyCe4Nzbfx27DETzfZFHaavXu1H8fvKvGz_7NhYVCsXn055FQYPxsVmljWQxGHeI_EPk_un7KWuEWTwPi
Date
Sat, 02 Apr 2022 17:18:02 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
dot.gif
s0.2mdn.net/ Frame ECA4 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEM5mMWNySHaa7S6nVCWWRuQ&google_cver=1&google_push=AYg5qPIywdjK7zoAiTvACphgAXun3XCSR6Dy836FY-j-pPDtxgXmStAQvltcOBelRPK9kjC6zpfFS3Ca25Ocvku630qH9jp6_ffY
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:18:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 03 Apr 2022 17:18:02 GMT
pixel
cm.g.doubleclick.net/ Frame ECA4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDXbd0nnV66rhcMDtvubGKs&google_cver=1&google_push=AYg5qPIgbSM0MRO-Y5GOJ11WKBsteVj5pEoxWauODuCd5OypHZAwRy0CzADD0tnw6olZOfd6bMUuk21k...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTYwMDM5NDEzMTc3NzY5MTI2OQ&google_push=AYg5qPIgbSM0MRO-Y5GOJ11WKBsteVj5pEoxWauODuCd5OypHZAwRy0CzADD0tnw6olZOfd6bMUuk2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTYwMDM5NDEzMTc3NzY5MTI2OQ&google_push=AYg5qPIgbSM0MRO-Y5GOJ11WKBsteVj5pEoxWauODuCd5OypHZAwRy0CzADD0tnw6olZOfd6bMUuk21kO07GazeOsfDOJdEUS3-s
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:02 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTYwMDM5NDEzMTc3NzY5MTI2OQ&google_push=AYg5qPIgbSM0MRO-Y5GOJ11WKBsteVj5pEoxWauODuCd5OypHZAwRy0CzADD0tnw6olZOfd6bMUuk21kO07GazeOsfDOJdEUS3-s
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame ECA4
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bY4PdLL2TMmXM7bCTa3c1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bY4PdLL2TMmXM7bCTa3c1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIbjx2jLVRODm1zU1bjGB1i1F5xHYgDls9LltLNG9uR84ezCq2qGQhcgO_U0pbYc-6gqLvx_671uABeUAdIbtzHZScABx4
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bY4PdLL2TMmXM7bCTa3c1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIbjx2jLVRODm1zU1bjGB1i1F5xHYgDls9LltLNG9uR84ezCq2qGQhcgO_U0pbYc-6gqLvx_671uABeUAdIbtzHZScABx4
date
Sat, 02 Apr 2022 17:18:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame ECA4
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPJsN7bt-r-yyAe-7b2tlvYwvgmmhUhJE9Ih8X9p3OSX0bv4aLKkmJSEEXJUxu12UJ45Ba3mfu8uReZG6Bh-fm8l4Av04LM&redir=https%3A%2F%2Fcm.g.double...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJsN7bt-r-yyAe-7b2tlvYwvgmmhUhJE9Ih8X9p3OSX0bv4aLKkmJSEEXJUxu12UJ45Ba3mfu8uReZG6Bh-fm8l4Av04LM&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJsN7bt-r-yyAe-7b2tlvYwvgmmhUhJE9Ih8X9p3OSX0bv4aLKkmJSEEXJUxu12UJ45Ba3mfu8uReZG6Bh-fm8l4Av04LM&google_hm=
Requested by
Host: www.eokultv.com
URL: https://www.eokultv.com/
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:02 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJsN7bt-r-yyAe-7b2tlvYwvgmmhUhJE9Ih8X9p3OSX0bv4aLKkmJSEEXJUxu12UJ45Ba3mfu8uReZG6Bh-fm8l4Av04LM&google_hm=
cache-control
no-store, no-cache, must-revalidate
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame ECA4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KFm1ROsv5kW39TNv_kdWPDtgUUom7L2V0RU5NIiVcwWEMNTcjdCDG5ywtFhSl4gMcnHEHk
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:18:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame A8C0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
URL: https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 02 Apr 2022 17:18:02 GMT
expires
Sat, 02 Apr 2022 17:18:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 02 Apr 2022 17:18:02 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame 318A 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:18:02 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
bb998f1f-7424-409c-b25d-cdc570cadefe
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
css
fonts.googleapis.com/ 		5 KB
614 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f30dd590395286337ce5b7b31925de09159c5b6028764afbad58e2f8cc829ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 02 Apr 2022 16:02:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 02 Apr 2022 17:18:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Apr 2022 17:18:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220330&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6593523210010154&plah=www.eokultv.com&bust=31065922
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f048363752fb76be24533a847b5d921c19a09ebcd568ed32125ee841b0b51d08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Apr 2022 17:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10590
x-xss-protection
0
eokultv.jpg
www.eokultv.com/wp-content/themes/netegitim/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.eokultv.com/wp-content/themes/netegitim/eokultv.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.182.80.100 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
hosted-by.specialservers
Software
LiteSpeed /
Resource Hash
1416c65215956aa7e5f3c7139cdb5a9aaa21dacc198fd929f4c65daadf662fa6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:17:58 GMT
last-modified
Fri, 17 Sep 2021 21:46:03 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=9557600
accept-ranges
bytes
content-length
8743
expires
Fri, 22 Jul 2022 08:11:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6593523210010154&plah=www.eokultv.com&bust=31065922
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 02 Apr 2022 17:18:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2753 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1894
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 16:46:30 GMT
expires
Sun, 02 Apr 2023 16:46:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D122 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9629108232f7c60af8e8ca8495fb424a0e178eb668f51f3bd4cb3b15e87920b7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-h49dYnSuA2a0QB7lX3Z8XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-h49dYnSuA2a0QB7lX3Z8XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 17:18:04 GMT
expires
Sat, 02 Apr 2022 17:18:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
pagead2.googlesyndication.com/bg/ Frame 2753 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 08:21:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
32176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 02 Apr 2023 08:21:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D122 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220330&jk=2854345458056617&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 2753 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?I7ZOrw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 17:18:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
dt
dt.adsafeprotected.com/ Frame B414 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=d49822a5-b6e9-4225-cad9-403c2da074ec&tv=%7Bc:8EjavF,pingTime:5,time:5212,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:140%7D,%7Bpiv:0,vs:o,r:l,t:196%7D,%7Bpiv:100,vs:i,r:,t:210%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5002,o:210,n:196,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:140,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B67~1,1~0%5D,as:%5B68~970.250%5D%7D%7D,%7Bsl:o,t:196,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B13~0%5D,as:%5B13~970.250%5D%7D%7D,%7Bsl:i,t:210,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:100,fm:t1RVLVJ+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.925113%7C181%7C182%7C183%7C1841%7C19%7C1a1,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Apr 2022 17:18:04 GMT
X-Server-Name
dt55.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220330&jk=2854345458056617&bg=!Pj2lPXnNAAZku-1yRLs7ACkAdvg8WjvVacmLMKMhskClmYzXPGcj5fjxan3zPt56fLJoDv4SBYOGJAIAAABtUgAAAANoAQcKALg493B0AjSnQMNNGVgJx3uSKmIVA25DocytBLcMg-tbke60S-rzUTCwz4NPXH41cBoGpVHsZOLu93OqhQ1S8b80kKytxBn2GSSEIwc_VRgXZQpk6atL84SWL_J_e_I3jervjfdUZyfWaCwIDRuisavFioUx-ZSlGt0UF2niMrsHwJQH8rt9I0ReCT2Q5shI8wZW3_lguChNgfvFPp96yEdv4UmdTTPR91N1EQ8MZM1kSenv2IvNGZ59mQLYMQmn1gw-jIM7pSpkItQ1YWC_WmHwWVqXWI_gSDCl-xYyss6qaHj-JV0Mk2QNpdY8LpzQ3zpq4-LlBZwlYhlkLo1mmXoQkZ9Wb7Qzf4d3QzxLJ2qUtxC-diqQpt-lez9n9UiiJ5mpUY4-FVmlcumCMXuiPBQAsFhgBmQPXwEPeOxEd2ANwxddDJTXXEvCvQpg7ftNgRTKv8taEq03aVAvcIT86ikoO5WyByYDrcvjRq9dJzqI8NwuxxK-1vs_ZPu8ZjU3Y1U1nBAnQ47YyEqjRz9NmQC-4LIepPZyUsuTTtskD8MtrC2E2IpoM0yFXOniAT9Ct5fHtf7IB2eJhvIg3OU38Bu5L-RzLhLYU96h2Zttx30PuGhSdy7Z49mTXGPF-k2tWWpldQ75mxRkBfak5S0ZBhg1iuTZx6tFv4RPfxlwAXVPfMKfU6A3Xhqy12CZ9LD1r7_XQuMwBew3OeBaxC7Uyyz1hSoY8ZVFMrACNPjumq8G08o9jLl0ko-MJkN8LOLLeelJ3mndnoikcEM6-myrObyd1F8XurvdLsjrTsJo-9YFPGV-Cn8Bbc0LwqNl09TKCUFDb8PPVGIsCCAzIiOTDcC86ahi2Fcg3Gd4BmVXJeiCNv0KhVsRWbMJse9KNNzCHXY-ZYRAOG5ujMheCwJL6gH26QoRJUZ7iRLwW-ToiOmj2T61F4CA4RwH3M-GGZcTrGThJg7bey53AxwkitUpgejLN2zVIGQtXtS-BU9f7S-tOSy9WMjFIu0Dl6F9B0VMl5lOMSQQw4p0tbANPwhSLUZ0B1dzW6LHptwADld8E6-Fnu5bZlxCs0hiJujVMdhncseMsYKkLTHrIPwgWEmahXPV9UXXkDUXdZNr844r2-2_IaWmXCd1yxZB6E3gb49kGmyglTas1HC2EK2qOQH0tW29YlOFKrbQB6HmfcA_mtPO6h5r8vpW46hAfuRahVGcw9zQhEY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~l1i4bmz1&c=2447291369905&slotId=1223645684952.5&met.4=hvd_lc.l1i4bmz0~hvd_ad.l1i4bmz0~hvd_mad.l1i4bmz0~hvd_admu.l1i4bmz0~hvd_src.l1i4bmz0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4006:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame DA40 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=lAuLBVYaZzbnZf77nr3Vk9kjkks4qNbWGfF-IgKvTJL_0TfIF2N0o2i6nkmryIrptA5ZjeynAmbb9Tq70EjP_aKS4pVZA4aNVC8tgEHzDism-T92Kfy21SR_G8QWGMijgg0OS9jgNXxrDBBW3z-JPlmfDoGpN0IXTMmM7p-DJRZWBOqoxfboStrAFWt0VadMjd-KlKs44yJ117zCKceHCBJya_cdfmt-AAeZdSdRB4kGAts3EFEhm54gN1_mKatklOEQOA&sds=2&rev=80956&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkiFRgAFJjEKGODRAAYH4g5JLQ3PrDaaLb_VDg&u=%7C03S3Upx7oXNzX4XUlZoFULnBylLwLcjcnJAh7ARQaBM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy3Exatn4zX6t0ckFcGkX4bLcns_KpBPGVvtqRElID1ZppzGxuEpJfPeJK7ekeGy4c1bw_6weIzPHbsJSYMd2cMavzP9wh6oIdicPELL6gUVLZbIzwcSSqWzZfv-05jfFYFDaq0DyoPoiBH2gqIIhjsGaPMm0tSqsw8dgHq7z06bXd2FrKmbzSn6dQfHQ51ApgSz4Q6jq-BisZgqdqAR2XjFj6C9hbSVWA9PzKdgTFpbRx6zq1RNNGpF-eYQVKgfFP8EdN6BGQ0XD7X-YPD5JwuNrGlwxbL77hkt-qtN9eAVOfTB2JRM9aUy8mKyxvnavU7vB2vHmDAzVBtJjrfA9PYf26o59tOChRysS4J92-4llxc1-dd05VQiHWH-HvFXDay4sgRmyVNaQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnWB-RoVIYrHMFNHBY-KPmKgPyZ7SsVy96ZX3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03MDAxMzYzMDcyNjU2NTk0oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBMcBT9BTCMkaCy1eqtfXhnBOytjpoQ0d23GAdRt8ACC8Jy5GHpZK4w1Xqyozbfoxr6cVMw9k38hu_yhj_z2TXKpYy3iUTxxUk0qEkLE-9AmpZtKKm_hNl3W_jhtmu22N_uFtwGe-qvFF2J-QROrJ5lzi24FcP3A-BJoSw5Jg6oZLsaqJlU9FXzZTKVZHCsa94vjfZNT10ZDQfGfqL58Mxgwt5uznbEnyVB40k5vwllrZwKP0Hij16EZgVdVtUoTnmte4bfVn1xXtYYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zmy9MmHsFsikz2iI2d5omfL-lyw%26client%3Dca-pub-7001363072656594%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 17:18:05 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
count
logger.virgul.com/ 		0
116 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://logger.virgul.com/count?m=adError&g=m&r=npm_eokultv:preroll:adStartTimeout:AdSense&o=&iv=&wVID=&info=10522896@31484473@31484473@60:31@@&os=windows&dt=desktop
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=4/2/2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.eokultv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 02 Apr 2022 17:18:06 GMT
server
openresty/1.15.8.3
content-length
0
access-control-allow-methods
GET, POST
content-type
image/jpeg
dc_oe=ChMInI-wnfH19gIV_YaDBx24IwlPEAAYACDcz-dNQhMIkNyOnfH19gIVi7l3Ch2qbQNL;met=1;&timestamp=1648919889751;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame B414 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInI-wnfH19gIV_YaDBx24IwlPEAAYACDcz-dNQhMIkNyOnfH19gIVi7l3Ch2qbQNL;met=1;&timestamp=1648919889751;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Apr 2022 17:18:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sdki.truepush.com
URL
https://sdki.truepush.com/sdk/version.json
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4
Domain
rr3---sn-4g5lznek.googlevideo.com
URL
https://rr3---sn-4g5lznek.googlevideo.com/videoplayback?expire=1648948680&ei=SIVIYsCINbqO6dsP8o-KqA4&ip=193.27.14.10&id=e804c2edd0197e60&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=38.986&lmt=1647357437585532&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAM9-6RT5YpgeYk42ToIxxyQORovnFzycEX6S4R8Z-hCqAiAA5yNgYalQf6abTRsKlI-pEEKppyVkUOdGJ6uD4ekGEA==&cpn=Dx5lBcoMaQkvUtat&redirect_counter=1&rm=sn-4g5ekk7s&req_id=2e25eaa457a836e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=xh&mip=2001:ac8:20:301::201e&mm=31&mn=sn-4g5lznek&ms=au&mt=1648919578&mv=m&mvi=3&pl=54&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgA5vWEGY8puEHmslhvbqg6cdAwu1VQCIe4frcHEPj9UcCIQC6KRiW0Zor3YhP2saFiJPIlfjNs3_kImCzMNuEhdL-5w%3D%3D

Verdicts & Comments Add Verdict or Comment

259 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery function| gtag object| dataLayer object| adsbygoogle boolean| lazyadsense function| LazyLoad object| noktaScript object| truepush object| noktaad function| ym object| jQuery17106750012907887168 function| multiTg function| resizeFix object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| truepushVersionInfo string| r object| HTTP object| gaplugins object| gaGlobal object| gaData undefined| key object| browserData undefined| subscription undefined| permissionAllowed undefined| iFrameReference undefined| skipSubscriberReport undefined| subscriberIdCallback boolean| isSubscribed string| optinStatus string| host string| cdnUrl string| imgUrl string| subDomainsHost boolean| fromSubDomain string| EnableHTTPLocalTest string| version string| defaultKey boolean| fromIframe boolean| fromWordpress boolean| fromshopifyDomain boolean| forShopifyCall object| xhttp object| desktopAllowedVersions object| mobileAllowedVersions function| isNotifAllowed function| CheckBrowserCampatability function| isPrivateMode function| truepushSDK function| loadAppJs object| google_optimize object| Ya object| yaCounter24313435 string| hdn boolean| useIntersectionObserver object| disabledRefreshZones boolean| showingPage string| virgulRedirect boolean| userTookAction string| virgulRefreshFunc boolean| pageHasAdBlock boolean| chSiFfoLoaded object| betterAds boolean| fullscreenAdStarted boolean| adProtectionLoaded object| virgulStopperTimer object| virgulInactiveTimer number| virgulReqInter object| adVis object| adMVis object| obsrvArr undefined| scrpts undefined| x undefined| srct undefined| getParameterByName undefined| prm function| showPageChk function| scrChange function| stopVirgulRefresh function| callInactiveAds object| firstTLDs object| secondTLDs boolean| usePrebidUser function| removeSubdomain object| noktaGSlts object| noktaGBckSlts object| noktaDfpSlots object| noktaCuSlts object| noktaDisabledGids object| nogrt boolean| ngcr boolean| hasCrite object| checkDomainsForCriteo object| noktaHeaderBidding object| virgulGoogleDisplayed object| googletag object| gads object| node object| newstyle string| noktaLogMode object| abdf string| nst function| makeNoktaInitialRequest function| addPrebidJs function| noktaFallbackAds function| isElVisible function| getElVisibility function| elVisibilityCheck function| loadPlayerAds function| requestPlayerZoneviews function| virgulUserClicked function| showVirgulSplash function| showVirgulFullscreen function| removePageskin function| displayPageskin function| checkAndSendViewabilityReq function| visibilityCheck function| adblockCheck function| skipAd function| closeRoadBlock function| addBuster function| loadVirgulBusterEvents string| eventMethod function| pageFallbackResponse object| empowerad function| checkEmpowerConsent function| refreshGoogle function| needVirgulRefresh function| displayGoogleAd object| pbjs object| PWT boolean| initAfterLoad number| noktaInitDelay undefined| noktaAutoCheckZones string| virgulNamespace string| noktaSite string| noktaDataCls function| setUpAgknTag object| apstag string| csr number| bchck boolean| apstagLOADED object| comingAds object| ggeac object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint boolean| empowerConsentLoaded function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| pbjsChunk object| _pbjsGlobals object| ADAGIO string| nobidVersion object| nobid object| virgulAdIntervals object| virgulPageAds function| setPgCode boolean| empowerEnableNovatiq object| noktaHeaderBiddingSettings boolean| virgulEnableSingleRequest object| noktaInterstitialSlot function| getPPID boolean| sendGoogleRefreshStarted boolean| dfpCodePushed boolean| noktaScriptLoaded boolean| noktaPlayerLoaded object| noktaPlayer function| noktaPlayerApiLoadHandler function| noktaPlayerReadyHandler function| closeeokultvVideo function| playNextVideo boolean| playerPlayed number| wg number| wh string| mm function| mobilePlayer function| noktaScroll function| initializeNoktaAd function| initCheckNokta number| extraTowerHight number| towerLeftMargin number| towerRightMargin boolean| videoClosed function| Tapad function| busterEvent function| getCookie object| sas object| apntag object| _ADAGIO function| playerAdEvent function| playerAdImpression object| noktaPlayerCollection function| parseNoktaPlayerContainer object| NoktaNpmPlayerApi object| _google_rum_ns_ function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| Hls function| NoktaPlayer function| EmpowerPlayer object| closure_lm_960916 object| closure_lm_572994 number| lnt_z object| promise object| GoogleGcLKhOms object| google_image_requests

62 Cookies

Domain/Path Name / Value
.eokultv.com/ Name: _ga
Value: GA1.2.1853782577.1648919878
.eokultv.com/ Name: _gid
Value: GA1.2.796002613.1648919878
.eokultv.com/ Name: _gat_gtag_UA_77747364_1
Value: 1
.eokultv.com/ Name: _ym_uid
Value: 1648919878788021874
.eokultv.com/ Name: _ym_d
Value: 1648919878
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 98691038fake
.eokultv.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2381897803fake
.yandex.com/ Name: yandexuid
Value: 1137100991648919878
.yandex.com/ Name: yuidss
Value: 1137100991648919878
mc.yandex.com/ Name: yabs-sid
Value: 892553731648919878
.yandex.com/ Name: i
Value: MA6r5q7Sw7MDr6BdcGEG9o62DXZc48K9rFBPrxHb45EhCr6QOmBUEJ7k0i2eRwTutltctpP26E5CQEWcrutgR2Ippj4=
.yandex.com/ Name: ymex
Value: 1680455878.yrts.1648919878#1680455878.yrtsi.1648919878
www.eokultv.com/ Name: pId
Value: vnetd2851632-a4dc-4b8c-9979-10d20ae100eb
www.eokultv.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.eokultv.com/ Name: _pubcid
Value: d2576c4f-1a57-49e1-b557-eb11ff6da1fd
.adnxs.com/ Name: icu
Value: ChgIp6t2EAoYASABKAEwxoqikgY4AUABSAEQxoqikgYYAA..
.adnxs.com/ Name: uuid2
Value: 7349463757661715035
.quantumdex.io/ Name: uid
Value: 69d39ed1-013b-47b3-9b62-4b1f9a148935
.eokultv.com/ Name: __gads
Value: ID=ce5b4ffd910be3b5:T=1648919878:S=ALNI_MZTCreuA-ql7upU5ewonnEr7JOgPQ
.doubleclick.net/ Name: IDE
Value: AHWqTUmbCOTuSr9SLMFxw46hiIfAAPh-PHcxNvcoShfD2DNBdth-mS9dU8A7Z86Pm5k
www.eokultv.com/ Name: watchID
Value: 77e73190-d72e-4022-85f8-a1fe888d8ef8
www.eokultv.com/ Name: userID
Value: 1bac16c0-1960-4fda-8c75-94168999a623
.casalemedia.com/ Name: CMID
Value: YkiFRzp8vi1ZJDnFZ9B05QAA
.casalemedia.com/ Name: CMPS
Value: 3219
.casalemedia.com/ Name: CMPRO
Value: 1213
.yahoo.com/ Name: A3
Value: d=AQABBEeFSGICEKX-x6dFTmnwzH4TsY1W46IFEgEBAQHWSWJSYgAAAAAA_eMAAA&S=AQAAArIBtQUeOKy39Ul3Na8cuX0
.simpli.fi/ Name: suid
Value: E091AEA1DD4D4C56A8296EC52DF39C32
.turn.com/ Name: uid
Value: 3050631399762268434
.de17a.com/ Name: guid2
Value: 1.702478850109717699
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2H`itzMfj!@wnf-Te9(>wL5L!!'(Y$QtJa
.adform.net/ Name: C
Value: 1
m.exactag.com/ Name: exactag_new_gk
Value: e628d032aaaf44c48f14200feba70d8f%7c01.06.2022+17%3a17%3a59
m.exactag.com/ Name: exactag_new_uk
Value: d235e81b20054d0ab314faf81573d75b%7c
m.exactag.com/ Name: session_session
Value: fa78ce10f8d24d93a903d3a7
.360yield.com/ Name: tuuid
Value: 061c7ced-13c3-45b7-97e5-0afe4f8bbb12
.360yield.com/ Name: tuuid_lu
Value: 1648919879
.adform.net/ Name: uid
Value: 5600394131777691269
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: e3625e18ed9a6ed6
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YkiFRwARzXBGDQBH
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 6D8E0F74-B2F6-4CC9-9733-B6C24DADDCD6
.mathtag.com/ Name: uuid
Value: 3f836248-8548-4301-b3b8-fb89d0983d8f
.adsrvr.org/ Name: TDID
Value: 06c16be9-a931-4b3c-94b8-e5c41dcc6682
www.eokultv.com/ Name: -unifiedid
Value: %7B%22TDID%22%3A%2206c16be9-a931-4b3c-94b8-e5c41dcc6682%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-04-02T17%3A18%3A01%22%7D
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~243t:192w~243t"
.sharethrough.com/ Name: stx_user_id
Value: fcca19f4-df06-4786-9726-4f5af91e6267
.betweendigital.com/ Name: dc
Value: mow1
.betweendigital.com/ Name: tuuid
Value: fbbc8923-f5c5-515c-9455-4d70f61dc83a
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: YkiFSgABLMgLANvaeRTfDkj0jqxh_-c1Liie1g==
.casalemedia.com/ Name: CMST
Value: YkiFR2JIhUoA
.adfarm1.adition.com/ Name: UserID1
Value: 7082056966921844882
.casalemedia.com/ Name: CMRUM3
Value: e6624885492760&c36248854a2760av-8bb696fd-3178-43e4-9120-fc766414e0ae&2d624885472760CAESELmQ3PG-yEY67XdthEvKkoo&406248854905a0&296248854905a0&2e6248854905a0&046248854a27603050631399762268434&f16248854905a0&27624885490b40
.doubleclick.net/ Name: DSID
Value: NO_DATA
.disqus.com/ Name: zeta-ssp-user-id
Value: 1b9c11a1-b25f-f3b2-943e-ee3a0566a6b2
.mathtag.com/ Name: mt_mop
Value: 4:1648919883

5 Console Messages

Source Level URL
Text
javascript error URL: https://www.eokultv.com/
Message:
Access to XMLHttpRequest at 'https://sdki.truepush.com/sdk/version.json' from origin 'https://www.eokultv.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://sdki.truepush.com/sdk/version.json
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9596.0Yz08ESKxNOi5B9yZzE4L6-YGQMP6rPlpvzAmlUJAoI7HuZYvhoaCiWZHaiB32pwUVM-bnhuPv5-uCnRjJCvWQ%2C%2C.LVC9imt9aS7f0mcrEVdiTL-Os3w%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Bhx87RPDRbeX5Qr-T4u7Eg&google_push=AYg5qPLnjR4BWQEVwhSxaabwi0_vGqiHhOSQ3ocUYdpqzAQ4txyfs3u2tFrMpfwsb5zZeVK-sEuMgQNOo3R1Ot1-xhdMbaDuMF4
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
7a2db4d764515bc58707438d7128537c.safeframe.googlesyndication.com
acdn.adnxs.com
ad.turn.com
ade.googlesyndication.com
ads.betweendigital.com
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
ap.lijit.com
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
cat.fr.eu.criteo.com
cdn.adnxs.com
cdn.contentspread.net
cdn.jsdelivr.net
cm.adgrx.com
cm.g.doubleclick.net
csi.gstatic.com
csm.eu.criteo.net
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900026.redintelligence.net
i1.imgiz.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
istr-n23.nktcdn.com
istr.izlesene.com
logger.virgul.com
m.exactag.com
match.adsrvr.org
match.sharethrough.com
mc.yandex.com
mc.yandex.ru
nep.advangelists.com
ng.virgul.com
ng2.virgul.com
nym1-ib.adnxs.com
onetag-sys.com
pagead2.googlesyndication.com
pandg.tapad.com
panel.izlesene.com
partner.googleadservices.com
pghub.io
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.mathtag.com
pixel.rubiconproject.com
prg.smartadserver.com
pubads.g.doubleclick.net
quantumsyndication.com
r.turn.com
rr3---sn-4g5lznek.googlevideo.com
rtb.fr.eu.criteo.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
sdk.truepush.com
sdki.truepush.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
spadsync.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.virgul.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.inmobi.com
sync.mathtag.com
sync.quantumdex.io
tags.mathtag.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
www.eokultv.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
yt3.ggpht.com
cm.g.doubleclick.net
rr3---sn-4g5lznek.googlevideo.com
sdki.truepush.com
103.229.206.240
104.244.36.20
108.156.255.177
137.59.203.101
138.201.84.244
138.201.84.245
141.95.3.10
142.250.184.226
142.250.185.230
142.250.186.98
151.101.66.49
159.122.14.34
172.217.18.98
172.217.23.98
173.231.180.197
178.250.0.160
178.250.0.162
178.250.2.135
18.156.0.31
18.168.166.39
18.194.74.100
18.200.144.205
184.87.212.214
185.33.220.240
185.33.221.91
185.7.176.221
185.7.176.222
185.7.176.223
185.7.176.4
185.86.138.121
185.86.139.104
188.42.29.167
192.82.242.209
2.18.233.201
20.72.149.136
2001:678:cb4:bbbb::11
209.54.180.3
213.155.156.169
213.19.147.45
213.202.235.9
2600:9000:21a1:a800:1e:a43d:b640:93a1
2600:9000:224a:4a00:8:48e:53c0:93a1
2600:9000:224a:7a00:7:6b7b:1000:93a1
2600:9000:224a:e600:1b:5138:8a40:93a1
2606:4700:10::ac43:2ac9
2606:4700:20::681a:8a9
2606:4700:3033::6815:3f0d
2606:4700::6810:5714
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
2a00:1450:4006:80e::2003
2a00:1450:400c:c1b::9d
2a00:1450:4014:80e::200a
2a02:2638:1::3
2a02:2638::2
2a02:2638::b
2a02:6b8::1:119
2a02:fa8:8806:13::1370
34.102.243.38
34.203.157.179
35.241.45.217
37.157.2.237
37.157.4.25
51.89.9.251
52.223.40.198
52.44.238.197
62.182.80.100
66.155.71.149
68.67.179.87
69.173.144.165
69.192.160.186
69.192.160.245
72.251.249.14
85.114.131.234
85.114.159.93
009b3ba6fd5dad87408bf0fb1304c5e7b4e7d7e0c1e2d8bdab346916e2d96302
0478a4ecc23664996f02e29703ca39bde9aa1236053aed1d3118fe91b0facb8c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0ea2711155c00911dfa5f84af9477489f3908147d28fb328cf856593ff390822
0ff85b135c1caa96468ba1b0e602adc17191a39890f496cdf509da5c609a3f71
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1416c65215956aa7e5f3c7139cdb5a9aaa21dacc198fd929f4c65daadf662fa6
143cb4160e036ecc16045cc318be510f72f4dc272ab25828411b5acdad5dbeb6
17c36e9523e8b97999649b89a0f8480d574d7a1fe1dd4f3d8fe841e5649cd0c5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cc2680f54743e359387f47ff8d53689c70c21ca7098868125b4ef537e7a7552
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
247facfe10aae5497ef8f4978c5cf2f2b69b6a67347e1f64895164e59e5ea62b
2575b7c2b79bca0eaa751f015afc373f287176a33ad660618abe00e439d9a312
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a88c0234ddc2f151a1bdf3566202b5ba41e28bc5e8fac05c2108aa162d50199
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2edda79ec7bef8c267843d95507b5dd9a8911ce905978f4ddc4ed8d3cb05b0
329c4d3d31b8b4094d12c4a059a74e8fe8468625bd65ea44864c92139357e85d
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e32b4cd6f6148ac9c1dbfd4c746ef1107fee05b66228fd5f4948ccdc0fc9279
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
3f30dd590395286337ce5b7b31925de09159c5b6028764afbad58e2f8cc829ec
46828483ec079cc92c83b884b3877eeb436873054e8b06ca40fb16ad7ea7ef9b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49306f1f48fefb2da93306f95ee2275cb8d4f98787bf2e78b72f6c01b2b4c32e
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4a1d57a67541aa08804071d11cc74a7e17b13bb667eb2527700efa39f1c36ed4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53a3a08555e0daf18e67df918913a3828ee211b516ed33c7c6f88532ce593210
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54aca18f5e54f1055c43b6cc4627b13315a1ca5982fe9b9787f98786be996b26
54d89920a31847bf7393f723940bc6493074014a1ac18b5c6530611feebc9b5a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568224b4dd6a136ac82ac53a7549d9cd8f0d2bb81c386e29c171b2350d1ebbfa
56ccade3930ecd2a0b5182954c44bcf42987ffe664c95678ae78a2f0d1a8ba6f
5745f58ab27f5f42808731ded9f55eb3fd715acc2fe9c295fe0144c25193736a
588fa793835560d86cd3cb2ec716ebe031e331f48f40f757db9027b15d2ac498
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d14a8e3e0c5a5102fb8c29cb36ce3714f5223fd0166689c5d02ba968b213bee
5f3fb15f561ea7342c0ea5169ea76b2c4b438968daa6f63bddd17ce77540cdf3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
643d6f2ff70d3e19c32e392bf11475635d6d896d7f3847c964c2250c3c46f7b5
659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6823cdc5c5bc297bd4ac06187687fecb2a5c110658ebd5efba820132571fe6a2
6e11dae2495cb8616b96cdd17e029cc781634e1550685294455ce4a4eb45657e
6e5a773f5eea1665c2804522cde67d16805a923e952eb18c4949b5c041e4a97d
6efe7e4964448fbdd5349e5116703648d6692fc191736eb19b62515e21a7a3d2
70965b5c853d94a20a4c5a0a2f543701961a4619d0fe65ad0719d2beb08995a1
721bdd797741ea7cb427d6505f34769a0255f4c0d920b0dd7548d67edf942413
74821631c68fbe9d012f95961b6c91b584a1a58f052e15467d7e6b0903c61eee
762f3b25e10189e11f8957f80938333f1b0fd1390a23ee1da8ce3c5fb62953f1
7a1471ca7e22e8d7fbd213278b0ae7fb0aceb5315df9342f27b5c935f572a873
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
800720ad6518b86999da920fa6467c9325d0e2e924f90ab5580ed5584d7ae41c
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
847295807ca7df9358b839dff07e7f68ea37ac6dc28011a3ac64f750d2d831a9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a
86f5c1a1fd17a49959e0d63f54b2ffd451129cecf2cad72ff08016e9af90afe2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
931ef505d68690757e8198477488806c7486ddc5c042916115e7c1b395b00b62
944a55aa3921673c00bb33ef32fc71a0f66e5c3638c2e6251a032ff5fc1e2747
9629108232f7c60af8e8ca8495fb424a0e178eb668f51f3bd4cb3b15e87920b7
993ab74e4e6ba0446a3a736205e969d4adbbb0c48b8396e81dfc8bb9227400d0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376
9eb7f6271088b0cca8df60382ad3db6bbc55143451782958f6842b1c50ef45d3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0e63867db72023b81e6f2122b25a0ba0add50da648838b78a85e605d0f15425
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2eae8b4270202a89a44b619007379c9379c11724a93158d78575d5b5f2a0f46
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a85cee3f38466b5cbaba873e4c49cfd70b20a438078b2c2aa5ae08618af729d1
a9977af821a8c8d6640369b9e8849bf4b5bcb619b9f1ce787f9f7e62c4a85d50
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
aedabdf47d26b70f62e92e3a2491a0caa1bd7570324903c5f42fda5af662df8c
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cc04d30b78872a0815e82220a1bc5dec12305fe32b51cc3b7cf8d32928cc26
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b8e352006cc3bc3c7c2206316ef5ecc3a319959d6b6a3b4da9702afd1dff10de
bd48cfc51f425d9fabba14bd5552f923a5e7f80ece114a845c53af97ac2fce94
be207a72668ba574ad76932e76f3c64f2e8eaf1733e3979a5ad3d3b3ff3f2898
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
bfe9c9e10ce5a0931f827c602f32fe7f6c97ed9894a55824e126bd7cae94ace6
c02ca0f1753e4c68ab8a16c9269561ab75790aab55506299c5867c3d3a78fe98
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3458782b500965714387d3b769dd3d3c0dddc4e62b93abb00a149a897b92440
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c600adb1e3d6281621818ba058f98a8fa9ba43bd31a97c2cf98901400ba6f461
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c67c8370b4c9145a91ace4a1fed1acf774e604658e225425f6b52f06328504e7
c82a58123e9f042fb6f68695578cff668b16b22915e0a8cb8acca14741df2bac
ca360458366b03d30f27de12508e73013e7b41ef8279e6df7b1d45917c072598
ce915dd9b4f4a174862895ae9c8f35fb9115c065b7ec2ce01ddecc3cb1b2ce0f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d025af7dcbd821e505ec92bb6c4baa654503ca9a5ae3c1c1e28080e1e49ca39c
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d253e4f9d04b851c04581ee99537a1b6d746808a6e1ce76cbf3921c5dcd45b3c
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
d8c94d61c05ea587cf704c4fe2213c0f390e114a5895afd003b8e75827fc0f21
d8f169f581e9e8d07c8e5a0cec347ca2a1e05452725c9bbc3063808a0a720c55
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
db3e1f945168f8f00f23bf0a068aabd2f47ca733d930ab5180105d9effc31e1a
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df82103964af79600d60bc2deec44a4910a3435e07325b82f9ce86d6d0489361
e11dced993be3d8dc0b83a9532f0423d64ef189d577b91a7f9794b653ba435bd
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30d4fb893ea492cc8ac135f3d526254e3bda79496c11915aaaa1aac3308382e
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e54647fb1653c8840eae87437b4d40e593309b6d69c7b56394f333839c696665
e56d4cfa517f5ea7e3dfe08628a062bee69ff18b96dedeadb0b6c130bf305107
e5b7f02b23fdfaa750168663e07aa8da6df9b31692b4e470097c1122b3fe2678
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e81d1310e350f816dfbfb5d8808c8f0e1fb882697995a397fd07546aa5baa617
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb08598849aeb07ab4cf9eb083f665672a690700791647e48c11828486696823
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ecf0b855aed06cdba6fcbdfa58950ead633b7c0cdd9b380b4141acc964f8558d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f048363752fb76be24533a847b5d921c19a09ebcd568ed32125ee841b0b51d08
f1912bc9c2aa2bfbffe90015b9811eab172f66b110fff5e93ebde327e1c79f05
f404b28b3258d03c2c1e3bb671b308eb2739a9fc7447b9756fb27b9bde024c69
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fc48e3dbf8fb70585f1d3792ec75b12fc440b8ef7396ca069e06ecd9e83f63cb
fe3299538ac2fd9918bb082f6e60411811c958bc1bd59a0dda68231e9836bf3f
ff86e17449bada3966a5cbf3645d9ca50e921be755a5b3fb91f64791b9a33970