urlscan.io logo urlscan.io
SecurityTrails logo

ekopaykasa.blogsport.eu Open in urlscan Pro
138.201.141.81  Public Scan

Go To Rescan Add Verdict Report
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Submission: On March 07 via manual from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 12 domains to perform 61 HTTP transactions. The main IP is 138.201.141.81, located in Germany and belongs to HETZNER-AS, DE. The main domain is ekopaykasa.blogsport.eu.
This is the only time ekopaykasa.blogsport.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 138.201.141.81 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 67.202.94.94 32748 (STEADFAST)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 216.58.212.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638::18 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a02:2638::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
1 178.250.0.162 44788 (ASN-CRITE...)
4 2a00:1450:400... 15169 (GOOGLE)
61 19
20    138.201.141.81 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: blogsport.de
ekopaykasa.blogsport.eu
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    67.202.94.94 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
1    2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.amung.us
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
6    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
7    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
1    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
4    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
Apex Domain
Subdomains		 Transfer
20 blogsport.eu
ekopaykasa.blogsport.eu
311 KB
12 googlesyndication.com
908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
57 KB
8 criteo.net
static.criteo.net — Cisco Umbrella Rank: 600
csm.eu.criteo.net — Cisco Umbrella Rank: 7422
48 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
133 KB
4 gstatic.com
fonts.gstatic.com
154 KB
3 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12341
ads.eu.criteo.com — Cisco Umbrella Rank: 7435
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9702
18 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
66 KB
2 amung.us
whos.amung.us — Cisco Umbrella Rank: 14954
widgets.amung.us — Cisco Umbrella Rank: 15378
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
792 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
61 12
Domain Requested by
20 ekopaykasa.blogsport.eu ekopaykasa.blogsport.eu
7 static.criteo.net ads.eu.criteo.com
6 tpc.googlesyndication.com 908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
ekopaykasa.blogsport.eu
4 fonts.gstatic.com fonts.googleapis.com
2 www.google.com 908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com
tpc.googlesyndication.com
2 908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.googletagservices.com ekopaykasa.blogsport.eu
908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com
2 www.google-analytics.com ekopaykasa.blogsport.eu
www.google-analytics.com
1 csm.eu.criteo.net ads.eu.criteo.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com 908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com
1 rtb.fr.eu.criteo.com ekopaykasa.blogsport.eu
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 widgets.amung.us ekopaykasa.blogsport.eu
1 whos.amung.us 1 redirects
1 fonts.googleapis.com ekopaykasa.blogsport.eu
61 19

This site contains links to these domains. Also see Links.

Domain
whos.amung.us
www.google.com
wordpress.org
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-04		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-03 -
2022-05-02		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Frame ID: F5EA41A5BA5962554D8C505CCA604780
Requests: 37 HTTP requests in this frame

Frame: https://908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2DB7753EE7B4DBA6FE59F21C62CC8982
Requests: 1 HTTP requests in this frame

Frame: https://908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8AC60AF80EED25EDEE3D36FFA8EA62DC
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiZ0OwAFfakK4DOTAAgWhl4BZiTkfk071sYfcg&u=%7CQ3Fq1SjdFKjhe%2FOqsh3qQOJnxWt7srW91%2FmkPTO45Zk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNmq7DdMTwGd4hZdJNVCZvky2eOS3j8EZOXsAarjR3r0V69cyvp3H1XSiLVdIIdlCJjs-zcrPNoXNku2stXStclRITwegXAe1_0HjDluv284ydJIcEPIPVEbL-OUGRc-ho_V5HJM3njCz0Gg-Ki3dB9sSkLrF64UgAnkgwl0UAMj0XJX56oHchCRV0_mW_dT8kDFSGYq3eI9gbURDm-mMemmlWqbCZwDMEBOqhpNIa1sZMl45egTJwI8AsAIacROFRls1dKkc57eyOZQNR9GgVhlWiS7fnOj9NFh_WNjOiwjz8zB_fR0kxKG4oA3D6784nEjY7ojNoXjlHhlTTwYdSHsaAtwYGLC2tpJI8Yy1ZN_OhUKxNeH1hN8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk37iO3QmYqn7FZPngAeGraCICcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzIxMzM2MzkwNDE3ODY2MaAB1bbS6gPIAQmpAg2p9GjZRbI-4AIAqAMBqgS_Ak_QY0FxF3lnFmBoQkLVaVdnH3W5Up6MGIIRA6xcv60Ig9wM8MrIESWebNZDsZBm3W7im79acEg2MsunP0TV4j43229nS7hcKmUxnaaBj5Jhvab4U5KL9JIlKXhL1jzmV6U2PAT3vNXec6rvofueSSTGY8yPtT9ClvlWITBq_bns-gTQcpdqBXjA3dwCpNoBZ7mWCyDW3DYTgBcfZzQUo9Xh06SRbVkCV14frF_oLp_WOe8Ub97E1sVx2dbDNQe2rhfCtiyV3a5ZT07NzAPSM8n6bgH5S4VlxLxNBcbs955MTwrz6gjRTR_aq2EIYPzHLeDRPQoQveHvLPyFM3OxEb0PtI3bk6iqKwiL_JYI9YTjqOlTzNh8PZXXOZOQ1qZSQFsUhb0HgW7Cdu0W7_F2sZq8hHje31z3E6paxFYz1VTgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0sJsVynqWciugKeNyfUYHMDO2ajA%26client%3Dca-pub-3213363904178661%26adurl%3D
Frame ID: CD09A83587E0FE8B2B82EB2DD1CE6603
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 39C0FB10EC906A79C6FB56328FADF48A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 02D30CE9474FCE765496C7013A7F9B5A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Galatasaray Beşiktaş izle şifresiz bein sports kesintisiz canlı yayın » Canlı Maç izle

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <!-- All in One SEO Pack ([\d.]+)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

61
Requests

64 %
HTTPS

74 %
IPv6

12
Domains

19
Subdomains

19
IPs

3
Countries

814 kB
Transfer

1593 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://whos.amung.us/widget/79ekopay23su.png HTTP 307
  • http://widgets.amung.us/classic/00/17.png

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/ 		29 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
c1d92bf928acb0c9b0d2980a4b09da19f18bae4c34771c654f149f7eb7ca3928

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.11.1
Date
Mon, 07 Mar 2022 21:08:09 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
7993
Connection
keep-alive
X-Pingback
http://ekopaykasa.blogsport.eu/xmlrpc.php
Link
<http://ekopaykasa.blogsport.eu/wp-json/>; rel="https://api.w.org/" <http://ekopaykasa.blogsport.eu/?p=243>; rel=shortlink
Vary
Accept-Encoding
Content-Encoding
gzip
X-Cacheable
YES
Accept-Ranges
bytes
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5597
date
Mon, 07 Mar 2022 19:34:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 07 Mar 2022 21:34:53 GMT
buddypress.min.css
ekopaykasa.blogsport.eu/wp-content/plugins/buddypress/bp-templates/bp-legacy/css/ 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ekopaykasa.blogsport.eu/wp-content/plugins/buddypress/bp-templates/bp-legacy/css/buddypress.min.css?ver=3.1.0
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
4e5d1dea03e9f94ad510d3c0656327820229ad0ea22a8a61fd9544c3357f13cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:09 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 May 2018 00:19:19 GMT
Server
nginx/1.11.1
X-Cacheable
YES
ETag
"929c-56cfcb80d6fc0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6900
twentytwelve.min.css
ekopaykasa.blogsport.eu/wp-content/plugins/buddypress/bp-templates/bp-legacy/css/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ekopaykasa.blogsport.eu/wp-content/plugins/buddypress/bp-templates/bp-legacy/css/twentytwelve.min.css?ver=3.1.0
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
2a855a87cfb0ded5ad1ebd11b607549d14dd5e54cef2a1d5b1ac1b4fca952abe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:09 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 May 2018 00:19:19 GMT
Server
nginx/1.11.1
X-Cacheable
YES
ETag
"8dd8-56cfcb80d6fc0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5329
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
336b9e18c04ab729a2f86ee62eecd62674f1103e060b9fc91544dc8fe748c3d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 20:25:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 07 Mar 2022 21:08:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Mar 2022 21:08:10 GMT
style.css
ekopaykasa.blogsport.eu/wp-content/themes/twentytwelve/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ekopaykasa.blogsport.eu/wp-content/themes/twentytwelve/style.css?ver=4.9.18
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
c7c9a7a9a8d46adb08dd06c5183a0a8d92b1de516f7261ed7f6cab98ea1f89db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:09 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 May 2018 00:19:22 GMT
Server
nginx/1.11.1
X-Cacheable
YES
ETag
"92ce-56cfcb83b3680-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8157
jquery.js
ekopaykasa.blogsport.eu/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ekopaykasa.blogsport.eu/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:09 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 May 2020 04:49:17 GMT
Server
nginx/1.11.1
X-Cacheable
YES
ETag
"17a6a-5a48ee75c9599-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33776
jquery-migrate.min.js
ekopaykasa.blogsport.eu/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ekopaykasa.blogsport.eu/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:09 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 May 2017 21:17:46 GMT
Server
nginx/1.11.1
X-Cacheable
YES
ETag
"2748-54f09c53d9280-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4014
confirm.min.js
ekopaykasa.blogsport.eu/wp-content/plugins/buddypress/bp-core/js/ 		135 B
453 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ekopaykasa.blogsport.eu/wp-content/plugins/buddypress/bp-core/js/confirm.min.js?ver=3.1.0
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
41f0d0efedd81ee93f7e39d944e84c9d0901a768b023e075f6d73e9cfe714746

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:09 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 May 2018 00:19:19 GMT
Server
nginx/1.11.1
X-Cacheable
YES
ETag
"87-56cfcb80d6fc0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128
widget-members.min.js
ekopaykasa.blogsport.eu/wp-content/plugins/buddypress/bp-core/js/ 		1 KB
826 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ekopaykasa.blogsport.eu/wp-content/plugins/buddypress/bp-core/js/widget-members.min.js?ver=3.1.0
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
535df7aecbed2bae12e73a5588988e0a33cb30f7ffce1535fcdf055700e67f26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2017 20:01:47 GMT
Server
nginx/1.11.1
X-Cacheable
YES
ETag
"4be-5589eee2480c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
500
jquery-query.min.js
ekopaykasa.blogsport.eu/wp-content/plugins/buddypress/bp-core/js/ 		119 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ekopaykasa.blogsport.eu/wp-content/plugins/buddypress/bp-core/js/jquery-query.min.js?ver=3.1.0
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
046b1a95c139aeaef8f2e3c321041ba7d00e80e4fb96da4e783ff519bd06070a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2017 20:01:47 GMT
Server
nginx/1.11.1
X-Cacheable
YES
ETag
"77-5589eee2480c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
130
jquery-cookie.min.js
ekopaykasa.blogsport.eu/wp-content/plugins/buddypress/bp-core/js/vendor/ 		1 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ekopaykasa.blogsport.eu/wp-content/plugins/buddypress/bp-core/js/vendor/jquery-cookie.min.js?ver=3.1.0
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
62f2f3e642ef54a52909525af5a51cec84a1543d3899bee8d169095c2bc73287

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2017 20:01:47 GMT
Server
nginx/1.11.1
X-Cacheable
YES
ETag
"4ec-5589eee2480c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
666
jquery-scroll-to.min.js
ekopaykasa.blogsport.eu/wp-content/plugins/buddypress/bp-core/js/vendor/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ekopaykasa.blogsport.eu/wp-content/plugins/buddypress/bp-core/js/vendor/jquery-scroll-to.min.js?ver=3.1.0
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
83db688184c9fbb0bc4cfd4a7228745ecfee70452f3357168ea3e3840a2f3524

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2017 20:01:47 GMT
Server
nginx/1.11.1
X-Cacheable
YES
ETag
"88d-5589eee2480c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1120
buddypress.min.js
ekopaykasa.blogsport.eu/wp-content/plugins/buddypress/bp-templates/bp-legacy/js/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ekopaykasa.blogsport.eu/wp-content/plugins/buddypress/bp-templates/bp-legacy/js/buddypress.min.js?ver=3.1.0
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
99ae0b1f33737741caedeed975a8d9555fc49a41dd5875505ad03dad0c3f11ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 May 2018 00:19:19 GMT
Server
nginx/1.11.1
X-Cacheable
YES
ETag
"81e6-56cfcb80d6fc0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7994
cropped-logo.jpg
ekopaykasa.blogsport.eu/files/2021/10/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ekopaykasa.blogsport.eu/files/2021/10/cropped-logo.jpg
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
1a81b218ff8e72d1a230b73395b0d16798aa5bb37f1d75044306004dd1dbd2a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:10 GMT
Last-Modified
Tue, 19 Oct 2021 22:10:23 GMT
Server
nginx/1.11.1
X-Cacheable
YES
ETag
"490e8b16d01686741ad09b36eaa651ea"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26222
Expires
Thu, 08 May 2025 06:51:13 GMT
gs-bjk.jpg
ekopaykasa.blogsport.eu/files/2022/03/ 		177 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ekopaykasa.blogsport.eu/files/2022/03/gs-bjk.jpg
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
95001d7f54c0ebb83c751a0bb812c0af52b3c0827ee9cc1cbcc1b9dab1e61f05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:10 GMT
Last-Modified
Mon, 07 Mar 2022 12:38:37 GMT
Server
nginx/1.11.1
X-Cacheable
YES
ETag
"95d9e8175dc2415085fb647286b5d726"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
181552
Expires
Thu, 08 May 2025 06:51:15 GMT
17.png
widgets.amung.us/classic/00/
Redirect Chain
  • http://whos.amung.us/widget/79ekopay23su.png
  • http://widgets.amung.us/classic/00/17.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://widgets.amung.us/classic/00/17.png
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3af1365fe3cfde4e5ef8e73c8d8b37a3eb52ce7488a74fd55fb9bf145ab365a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:10 GMT
CF-Cache-Status
HIT
last-modified
Sun, 13 Jun 2010 09:03:09 GMT
Server
cloudflare
Age
55756
etag
"4c149ecd-5a8"
Vary
Accept-Encoding
Content-Type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6e864e0ced0591db-FRA
Content-Length
1448
expires
Tue, 08 Mar 2022 05:38:54 GMT

Redirect headers

location
http://widgets.amung.us/classic/00/17.png
date
Mon, 07 Mar 2022 21:08:10 GMT
cache-control
no-cache, no-store, must-revalidate
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
comment-reply.min.js
ekopaykasa.blogsport.eu/wp-includes/js/ 		1 KB
906 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ekopaykasa.blogsport.eu/wp-includes/js/comment-reply.min.js?ver=4.9.18
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:10 GMT
Content-Encoding
gzip
Last-Modified
Sat, 19 Jun 2021 13:45:22 GMT
Server
nginx/1.11.1
X-Cacheable
YES
ETag
"434-5c51ea6d8b810-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
580
navigation.js
ekopaykasa.blogsport.eu/wp-content/themes/twentytwelve/js/ 		2 KB
982 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ekopaykasa.blogsport.eu/wp-content/themes/twentytwelve/js/navigation.js?ver=20140711
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
ee2142d2d84e169a6f92e80040206a8ec7e7cd466fa0f131aee972c4ff512a78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 May 2017 21:17:45 GMT
Server
nginx/1.11.1
X-Cacheable
YES
ETag
"610-54f09c52e5040-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
656
wp-embed.min.js
ekopaykasa.blogsport.eu/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ekopaykasa.blogsport.eu/wp-includes/js/wp-embed.min.js?ver=4.9.18
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:10 GMT
Content-Encoding
gzip
Last-Modified
Sat, 19 Jun 2021 13:45:26 GMT
Server
nginx/1.11.1
X-Cacheable
YES
ETag
"56f-5c51ea7158266-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
739
wp-emoji-release.min.js
ekopaykasa.blogsport.eu/wp-includes/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ekopaykasa.blogsport.eu/wp-includes/js/wp-emoji-release.min.js?ver=4.9.18
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:10 GMT
Content-Encoding
gzip
Last-Modified
Sat, 19 Jun 2021 13:45:22 GMT
Server
nginx/1.11.1
X-Cacheable
YES
ETag
"2ea7-5c51ea6d750b0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4347
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90cfd0e47fe744f5350f5fd73bef28360cbe6880c74cfe754b458255cc7d7972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1153 / 295 of 1000 / last-modified: 1646414445"
Vary
Accept-Encoding
Report-To
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
27990
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="ads-gpt-scs"
Expires
Mon, 07 Mar 2022 21:08:10 GMT
piwik.php
ekopaykasa.blogsport.eu/wp-content/plugins/wp-piwik/proxy/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ekopaykasa.blogsport.eu/wp-content/plugins/wp-piwik/proxy/piwik.php
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
8fbe1031e8234fab32983f4e5afbc30831720db278418b5a4a48e50ad7611d15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Mar 2022 21:05:22 GMT
Server
nginx/1.11.1
X-Cacheable
YES
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21649
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://ekopaykasa.blogsport.eu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 22:45:30 GMT
x-content-type-options
nosniff
age
512560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Mar 2023 22:45:30 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v28/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://ekopaykasa.blogsport.eu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 22:46:00 GMT
x-content-type-options
nosniff
age
512530
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47836
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:01:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Mar 2023 22:46:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v28/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://ekopaykasa.blogsport.eu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 22:48:24 GMT
x-content-type-options
nosniff
age
512386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31272
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:00:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Mar 2023 22:48:24 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWt06F15M.woff2
fonts.gstatic.com/s/opensans/v28/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWt06F15M.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5143e5a54af25d8eb82df87225bbc20307ab3bc91859b2a46f0f86e15001f4e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://ekopaykasa.blogsport.eu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 23:07:31 GMT
x-content-type-options
nosniff
age
511239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33332
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:09:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Mar 2023 23:07:31 GMT
collect
www.google-analytics.com/j/ 		2 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=385128459&t=pageview&_s=1&dl=http%3A%2F%2Fekopaykasa.blogsport.eu%2Fgalatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin%2F&ul=en-us&de=UTF-8&dt=Galatasaray%20Be%C5%9Fikta%C5%9F%20izle%20%C5%9Fifresiz%20bein%20sports%20kesintisiz%20canl%C4%B1%20yay%C4%B1n%20%C2%BB%20Canl%C4%B1%20Ma%C3%A7%20izle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1938000905&gjid=941723322&cid=1923488997.1646687290&tid=UA-G-HJFM3CRQSF&_gid=1629959133.1646687290&_r=1&_slc=1&z=325617423
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://ekopaykasa.blogsport.eu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 21:08:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://ekopaykasa.blogsport.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022030301.js
securepubads.g.doubleclick.net/gpt/ 		364 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065514
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 16:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124636
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 07 Mar 2023 16:09:10 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		78 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ekopaykasa.blogsport.eu
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
5e96b92fe0baac7dccb7dcf1a947e3d6deed9e5d9b53d0890ca375fd27e8a087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 21:08:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79
x-xss-protection
0
expires
Mon, 07 Mar 2022 21:08:11 GMT
piwik.php
ekopaykasa.blogsport.eu/wp-content/plugins/wp-piwik/proxy/ 		43 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ekopaykasa.blogsport.eu/wp-content/plugins/wp-piwik/proxy/piwik.php?action_name=Galatasaray%20Be%C5%9Fikta%C5%9F%20izle%20%C5%9Fifresiz%20bein%20sports%20kesintisiz%20canl%C4%B1%20yay%C4%B1n%20%C2%BB%20Canl%C4%B1%20Ma%C3%A7%20izle&idsite=4959&rec=1&r=652013&h=21&m=8&s=10&url=http%3A%2F%2Fekopaykasa.blogsport.eu%2Fgalatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin%2F&_id=dea7a6217739e6f6&_idts=1646687291&_idvc=1&_idn=0&_refts=0&_viewts=1646687291&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=16&pv_id=3ed6OL
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
HTTP/1.1
Server
138.201.141.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
blogsport.de
Software
nginx/1.11.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 07 Mar 2022 21:08:11 GMT
X-Cacheable
YES
Server
nginx/1.11.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Content-Type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ekopaykasa.blogsport.eu
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 21:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ekopaykasa.blogsport.eu
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 21:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1899116138749694&correlator=1303207152180221&eid=31065436%2C31065485%2C31065501%2C31065514&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=0&sfv=1-0-38&ecs=20220307&iu_parts=1035384%2C468x60_default&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&fsapi=false&cookie_enabled=1&abxe=1&dt=1646687291257&lmt=1646687291&dlt=1646687289928&idt=1278&biw=1600&bih=1200&oid=2&adxs=320&adys=1212&ucis=1&adks=3240451191&ifi=1&color_text=%23444444&color_link=%2321759b&color_bg=%23ffffff&color_border=%23ffffff&color_url=%2321759b&channel=8619723033&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&bc=23&url=http%3A%2F%2Fekopaykasa.blogsport.eu%2Fgalatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=624x40&msz=624x0&ga_vid=1923488997.1646687290&ga_sid=1646687291&ga_hid=385128459&ga_fc=true&fws=4&ohw=1040&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
10c91a7638e88b4c908086d11f76ca84235f70dca562cf980e3082fa471ee8fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 21:08:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9798
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://ekopaykasa.blogsport.eu
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2DB7 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 07 Mar 2022 21:08:12 GMT
expires
Tue, 07 Mar 2023 21:08:12 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8AC6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 07 Mar 2022 21:08:12 GMT
expires
Tue, 07 Mar 2023 21:08:12 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 8AC6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CatBYO3QmYqn7FZPngAeGraCICcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzIxMzM2MzkwNDE3ODY2MaAB1bbS6gPIAQmpAg2p9GjZRbI-4AIAqAMBqgS8Ak_QY0FxF3lnFmBoQkLVaVdnH3W5Up6MGIIRA6xcv60Ig9wM8MrIESWebNZDsZBm3W7im79acEg2MsunP0TV4j43229nS7hcKmUxnaaBj5Jhvab4U5KL9JIlKXhL1jzmV6U2PAT3vNXec6rvofueSSTGY8yPtT9ClvlWITBq_bns-gTQcpdqBXjA3dwCpNoBZ7mWCyDW3DYTgBcfZzQUo9Xh06SRbVkCV14frF_oLp_WOe8Ub97E1sVx2dbDNQe2rhfCtiyV3a5ZT07NzAPSM8n6bgH5S4VlxLxNBcbs955MTwrz6gjRTR_aq2EIYPzHLeDRPQoQveHvLPyFM3OxEb0PtI3bk6iqKwiL_JYI9YTjqOlTzNh8f5f2qxQfSrXt3E-3VYCheWfWfFscwen0BVKBIophwXDvlgDe1-ngBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAYAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zMjEzMzYzOTA0MTc4NjYxGMjTBw&sigh=VCsXDjsZ0eQ&uach_m=[UACH]&cid=CAQSPwCNIrLMKNlotx3ZOOmutiUKf34LQnJ6_PFuGDL8XDKG0ReN0Zuy6GGrUobYt1S-P8M4ripyClzy-FVcgWpD_BgB
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 8AC6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UP2jEomvMNQDPJ2DYgICAAAAbiF7VgyDjIAQO3QmYs-o7y_5zGylkFHQABI&wp=YiZ0OwAFfakK4DOTAAgWhl4BZiTkfk071sYfcg
Requested by
Host: ekopaykasa.blogsport.eu
URL: http://ekopaykasa.blogsport.eu/galatasaray-besiktas-izle-sifresiz-bein-sports-kesintisiz-canli-yayin/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 21:08:12 GMT
server
Kestrel
server-processing-duration-in-ticks
317620
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame CD09 		46 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YiZ0OwAFfakK4DOTAAgWhl4BZiTkfk071sYfcg&u=%7CQ3Fq1SjdFKjhe%2FOqsh3qQOJnxWt7srW91%2FmkPTO45Zk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNmq7DdMTwGd4hZdJNVCZvky2eOS3j8EZOXsAarjR3r0V69cyvp3H1XSiLVdIIdlCJjs-zcrPNoXNku2stXStclRITwegXAe1_0HjDluv284ydJIcEPIPVEbL-OUGRc-ho_V5HJM3njCz0Gg-Ki3dB9sSkLrF64UgAnkgwl0UAMj0XJX56oHchCRV0_mW_dT8kDFSGYq3eI9gbURDm-mMemmlWqbCZwDMEBOqhpNIa1sZMl45egTJwI8AsAIacROFRls1dKkc57eyOZQNR9GgVhlWiS7fnOj9NFh_WNjOiwjz8zB_fR0kxKG4oA3D6784nEjY7ojNoXjlHhlTTwYdSHsaAtwYGLC2tpJI8Yy1ZN_OhUKxNeH1hN8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk37iO3QmYqn7FZPngAeGraCICcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzIxMzM2MzkwNDE3ODY2MaAB1bbS6gPIAQmpAg2p9GjZRbI-4AIAqAMBqgS_Ak_QY0FxF3lnFmBoQkLVaVdnH3W5Up6MGIIRA6xcv60Ig9wM8MrIESWebNZDsZBm3W7im79acEg2MsunP0TV4j43229nS7hcKmUxnaaBj5Jhvab4U5KL9JIlKXhL1jzmV6U2PAT3vNXec6rvofueSSTGY8yPtT9ClvlWITBq_bns-gTQcpdqBXjA3dwCpNoBZ7mWCyDW3DYTgBcfZzQUo9Xh06SRbVkCV14frF_oLp_WOe8Ub97E1sVx2dbDNQe2rhfCtiyV3a5ZT07NzAPSM8n6bgH5S4VlxLxNBcbs955MTwrz6gjRTR_aq2EIYPzHLeDRPQoQveHvLPyFM3OxEb0PtI3bk6iqKwiL_JYI9YTjqOlTzNh8PZXXOZOQ1qZSQFsUhb0HgW7Cdu0W7_F2sZq8hHje31z3E6paxFYz1VTgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0sJsVynqWciugKeNyfUYHMDO2ajA%26client%3Dca-pub-3213363904178661%26adurl%3D
Requested by
Host: 908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com
URL: https://908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
93f607ef409d9581fced853c226ff58f8c5d83d5aeff3643bca9e10f4dc54bd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/

Response headers

date
Mon, 07 Mar 2022 21:08:11 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=y6bx6cNtNDv5o7ANCzb4SEXx8LuZxWplxr5rG-suLhszYTpNWQHY4gC_96Uwz9ERVhFDGHThkBOMNQnxsG_INudDdtvFZf8cmiZZ20Q67IOAK5PHgRibhyo9mgwKwQ9NwyC-AT9dXOfpRbiCUHpgP6cfZNNU-qdwbB7L_oQ43ixCigO4dUiGDAG9ojHmHSAcshYhMI0NM2vOx7pm-8d_hiXirgdgT_rCecad-KRudcknkCX7lRBZ78ZX7GIgyBisDh1lrg"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
7746162
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/ Frame 8AC6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/window_focus_fy2019.js
Requested by
Host: 908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com
URL: https://908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 21:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 21:00:43 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/ Frame 8AC6 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com
URL: https://908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 20:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
746
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6417
x-xss-protection
0
server
cafe
etag
10598556267281433416
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Mar 2022 20:55:46 GMT
l
www.google.com/ads/measurement/ Frame 8AC6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTazg3bgoyd4hhfU-w-SHzk6-m7B-UZbQwhA0aiAl3TCF4P6KX2jCVI0kfQQHDVfhlZYt8aStrtgs_Bf1-71Osz-ISXLA
Requested by
Host: 908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com
URL: https://908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8AC6 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com
URL: https://908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 09:00:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
562051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 01 Mar 2023 09:00:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8AC6 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com
URL: https://908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 21:08:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38860
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646224922100600"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 21:08:12 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame CD09 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiZ0OwAFfakK4DOTAAgWhl4BZiTkfk071sYfcg&u=%7CQ3Fq1SjdFKjhe%2FOqsh3qQOJnxWt7srW91%2FmkPTO45Zk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNmq7DdMTwGd4hZdJNVCZvky2eOS3j8EZOXsAarjR3r0V69cyvp3H1XSiLVdIIdlCJjs-zcrPNoXNku2stXStclRITwegXAe1_0HjDluv284ydJIcEPIPVEbL-OUGRc-ho_V5HJM3njCz0Gg-Ki3dB9sSkLrF64UgAnkgwl0UAMj0XJX56oHchCRV0_mW_dT8kDFSGYq3eI9gbURDm-mMemmlWqbCZwDMEBOqhpNIa1sZMl45egTJwI8AsAIacROFRls1dKkc57eyOZQNR9GgVhlWiS7fnOj9NFh_WNjOiwjz8zB_fR0kxKG4oA3D6784nEjY7ojNoXjlHhlTTwYdSHsaAtwYGLC2tpJI8Yy1ZN_OhUKxNeH1hN8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk37iO3QmYqn7FZPngAeGraCICcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzIxMzM2MzkwNDE3ODY2MaAB1bbS6gPIAQmpAg2p9GjZRbI-4AIAqAMBqgS_Ak_QY0FxF3lnFmBoQkLVaVdnH3W5Up6MGIIRA6xcv60Ig9wM8MrIESWebNZDsZBm3W7im79acEg2MsunP0TV4j43229nS7hcKmUxnaaBj5Jhvab4U5KL9JIlKXhL1jzmV6U2PAT3vNXec6rvofueSSTGY8yPtT9ClvlWITBq_bns-gTQcpdqBXjA3dwCpNoBZ7mWCyDW3DYTgBcfZzQUo9Xh06SRbVkCV14frF_oLp_WOe8Ub97E1sVx2dbDNQe2rhfCtiyV3a5ZT07NzAPSM8n6bgH5S4VlxLxNBcbs955MTwrz6gjRTR_aq2EIYPzHLeDRPQoQveHvLPyFM3OxEb0PtI3bk6iqKwiL_JYI9YTjqOlTzNh8PZXXOZOQ1qZSQFsUhb0HgW7Cdu0W7_F2sZq8hHje31z3E6paxFYz1VTgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0sJsVynqWciugKeNyfUYHMDO2ajA%26client%3Dca-pub-3213363904178661%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 21:08:12 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Mar 2023 21:08:12 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame CD09 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiZ0OwAFfakK4DOTAAgWhl4BZiTkfk071sYfcg&u=%7CQ3Fq1SjdFKjhe%2FOqsh3qQOJnxWt7srW91%2FmkPTO45Zk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNmq7DdMTwGd4hZdJNVCZvky2eOS3j8EZOXsAarjR3r0V69cyvp3H1XSiLVdIIdlCJjs-zcrPNoXNku2stXStclRITwegXAe1_0HjDluv284ydJIcEPIPVEbL-OUGRc-ho_V5HJM3njCz0Gg-Ki3dB9sSkLrF64UgAnkgwl0UAMj0XJX56oHchCRV0_mW_dT8kDFSGYq3eI9gbURDm-mMemmlWqbCZwDMEBOqhpNIa1sZMl45egTJwI8AsAIacROFRls1dKkc57eyOZQNR9GgVhlWiS7fnOj9NFh_WNjOiwjz8zB_fR0kxKG4oA3D6784nEjY7ojNoXjlHhlTTwYdSHsaAtwYGLC2tpJI8Yy1ZN_OhUKxNeH1hN8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk37iO3QmYqn7FZPngAeGraCICcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzIxMzM2MzkwNDE3ODY2MaAB1bbS6gPIAQmpAg2p9GjZRbI-4AIAqAMBqgS_Ak_QY0FxF3lnFmBoQkLVaVdnH3W5Up6MGIIRA6xcv60Ig9wM8MrIESWebNZDsZBm3W7im79acEg2MsunP0TV4j43229nS7hcKmUxnaaBj5Jhvab4U5KL9JIlKXhL1jzmV6U2PAT3vNXec6rvofueSSTGY8yPtT9ClvlWITBq_bns-gTQcpdqBXjA3dwCpNoBZ7mWCyDW3DYTgBcfZzQUo9Xh06SRbVkCV14frF_oLp_WOe8Ub97E1sVx2dbDNQe2rhfCtiyV3a5ZT07NzAPSM8n6bgH5S4VlxLxNBcbs955MTwrz6gjRTR_aq2EIYPzHLeDRPQoQveHvLPyFM3OxEb0PtI3bk6iqKwiL_JYI9YTjqOlTzNh8PZXXOZOQ1qZSQFsUhb0HgW7Cdu0W7_F2sZq8hHje31z3E6paxFYz1VTgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0sJsVynqWciugKeNyfUYHMDO2ajA%26client%3Dca-pub-3213363904178661%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 21:08:12 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Mar 2023 21:08:12 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame CD09 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiZ0OwAFfakK4DOTAAgWhl4BZiTkfk071sYfcg&u=%7CQ3Fq1SjdFKjhe%2FOqsh3qQOJnxWt7srW91%2FmkPTO45Zk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNmq7DdMTwGd4hZdJNVCZvky2eOS3j8EZOXsAarjR3r0V69cyvp3H1XSiLVdIIdlCJjs-zcrPNoXNku2stXStclRITwegXAe1_0HjDluv284ydJIcEPIPVEbL-OUGRc-ho_V5HJM3njCz0Gg-Ki3dB9sSkLrF64UgAnkgwl0UAMj0XJX56oHchCRV0_mW_dT8kDFSGYq3eI9gbURDm-mMemmlWqbCZwDMEBOqhpNIa1sZMl45egTJwI8AsAIacROFRls1dKkc57eyOZQNR9GgVhlWiS7fnOj9NFh_WNjOiwjz8zB_fR0kxKG4oA3D6784nEjY7ojNoXjlHhlTTwYdSHsaAtwYGLC2tpJI8Yy1ZN_OhUKxNeH1hN8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk37iO3QmYqn7FZPngAeGraCICcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzIxMzM2MzkwNDE3ODY2MaAB1bbS6gPIAQmpAg2p9GjZRbI-4AIAqAMBqgS_Ak_QY0FxF3lnFmBoQkLVaVdnH3W5Up6MGIIRA6xcv60Ig9wM8MrIESWebNZDsZBm3W7im79acEg2MsunP0TV4j43229nS7hcKmUxnaaBj5Jhvab4U5KL9JIlKXhL1jzmV6U2PAT3vNXec6rvofueSSTGY8yPtT9ClvlWITBq_bns-gTQcpdqBXjA3dwCpNoBZ7mWCyDW3DYTgBcfZzQUo9Xh06SRbVkCV14frF_oLp_WOe8Ub97E1sVx2dbDNQe2rhfCtiyV3a5ZT07NzAPSM8n6bgH5S4VlxLxNBcbs955MTwrz6gjRTR_aq2EIYPzHLeDRPQoQveHvLPyFM3OxEb0PtI3bk6iqKwiL_JYI9YTjqOlTzNh8PZXXOZOQ1qZSQFsUhb0HgW7Cdu0W7_F2sZq8hHje31z3E6paxFYz1VTgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0sJsVynqWciugKeNyfUYHMDO2ajA%26client%3Dca-pub-3213363904178661%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 21:08:12 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 02 Mar 2023 21:08:12 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame CD09 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiZ0OwAFfakK4DOTAAgWhl4BZiTkfk071sYfcg&u=%7CQ3Fq1SjdFKjhe%2FOqsh3qQOJnxWt7srW91%2FmkPTO45Zk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNmq7DdMTwGd4hZdJNVCZvky2eOS3j8EZOXsAarjR3r0V69cyvp3H1XSiLVdIIdlCJjs-zcrPNoXNku2stXStclRITwegXAe1_0HjDluv284ydJIcEPIPVEbL-OUGRc-ho_V5HJM3njCz0Gg-Ki3dB9sSkLrF64UgAnkgwl0UAMj0XJX56oHchCRV0_mW_dT8kDFSGYq3eI9gbURDm-mMemmlWqbCZwDMEBOqhpNIa1sZMl45egTJwI8AsAIacROFRls1dKkc57eyOZQNR9GgVhlWiS7fnOj9NFh_WNjOiwjz8zB_fR0kxKG4oA3D6784nEjY7ojNoXjlHhlTTwYdSHsaAtwYGLC2tpJI8Yy1ZN_OhUKxNeH1hN8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk37iO3QmYqn7FZPngAeGraCICcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzIxMzM2MzkwNDE3ODY2MaAB1bbS6gPIAQmpAg2p9GjZRbI-4AIAqAMBqgS_Ak_QY0FxF3lnFmBoQkLVaVdnH3W5Up6MGIIRA6xcv60Ig9wM8MrIESWebNZDsZBm3W7im79acEg2MsunP0TV4j43229nS7hcKmUxnaaBj5Jhvab4U5KL9JIlKXhL1jzmV6U2PAT3vNXec6rvofueSSTGY8yPtT9ClvlWITBq_bns-gTQcpdqBXjA3dwCpNoBZ7mWCyDW3DYTgBcfZzQUo9Xh06SRbVkCV14frF_oLp_WOe8Ub97E1sVx2dbDNQe2rhfCtiyV3a5ZT07NzAPSM8n6bgH5S4VlxLxNBcbs955MTwrz6gjRTR_aq2EIYPzHLeDRPQoQveHvLPyFM3OxEb0PtI3bk6iqKwiL_JYI9YTjqOlTzNh8PZXXOZOQ1qZSQFsUhb0HgW7Cdu0W7_F2sZq8hHje31z3E6paxFYz1VTgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0sJsVynqWciugKeNyfUYHMDO2ajA%26client%3Dca-pub-3213363904178661%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 21:08:12 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Thu, 02 Mar 2023 21:08:12 GMT
lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame CD09 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=eyPBN6hfVhDdEqSa09jaML_h-8SD4Ikj5Zd02aF3bDaV8WcSLPaM-FdyOWRDOBFKtvEyi91FayC2geA6s8Fr02qzRhuGgkSo3toHZoDnPYH79a5VB44FZpFsMg2maDbdEH3n9zHJEuDE_jcJuls4aYvereiKYDBJkTkk27___NWQaSqjE3YZzUGiy2faCgvQ7mxsEvinYX35KT82w7U4rZlal0oI0KKIQxzxrJZ4gzL3F8O9JBz6u_l6cneAigqj6O4n-dO0Q6jgnR82WH8SQhngKGPEtfjFCfRnZqnWrWNH51yO2dpd4NeJzZaXMkyDmA8nvdQBJQmDS9XlWf5jheH2qn86yUcO1hzFJfapkYaZlSsO2faFW8zdlCWGip7HMc4rmMBpqGR_PmOp6w281omV-xS-wvGNQX2ivM686sNASZff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiZ0OwAFfakK4DOTAAgWhl4BZiTkfk071sYfcg&u=%7CQ3Fq1SjdFKjhe%2FOqsh3qQOJnxWt7srW91%2FmkPTO45Zk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNmq7DdMTwGd4hZdJNVCZvky2eOS3j8EZOXsAarjR3r0V69cyvp3H1XSiLVdIIdlCJjs-zcrPNoXNku2stXStclRITwegXAe1_0HjDluv284ydJIcEPIPVEbL-OUGRc-ho_V5HJM3njCz0Gg-Ki3dB9sSkLrF64UgAnkgwl0UAMj0XJX56oHchCRV0_mW_dT8kDFSGYq3eI9gbURDm-mMemmlWqbCZwDMEBOqhpNIa1sZMl45egTJwI8AsAIacROFRls1dKkc57eyOZQNR9GgVhlWiS7fnOj9NFh_WNjOiwjz8zB_fR0kxKG4oA3D6784nEjY7ojNoXjlHhlTTwYdSHsaAtwYGLC2tpJI8Yy1ZN_OhUKxNeH1hN8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk37iO3QmYqn7FZPngAeGraCICcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzIxMzM2MzkwNDE3ODY2MaAB1bbS6gPIAQmpAg2p9GjZRbI-4AIAqAMBqgS_Ak_QY0FxF3lnFmBoQkLVaVdnH3W5Up6MGIIRA6xcv60Ig9wM8MrIESWebNZDsZBm3W7im79acEg2MsunP0TV4j43229nS7hcKmUxnaaBj5Jhvab4U5KL9JIlKXhL1jzmV6U2PAT3vNXec6rvofueSSTGY8yPtT9ClvlWITBq_bns-gTQcpdqBXjA3dwCpNoBZ7mWCyDW3DYTgBcfZzQUo9Xh06SRbVkCV14frF_oLp_WOe8Ub97E1sVx2dbDNQe2rhfCtiyV3a5ZT07NzAPSM8n6bgH5S4VlxLxNBcbs955MTwrz6gjRTR_aq2EIYPzHLeDRPQoQveHvLPyFM3OxEb0PtI3bk6iqKwiL_JYI9YTjqOlTzNh8PZXXOZOQ1qZSQFsUhb0HgW7Cdu0W7_F2sZq8hHje31z3E6paxFYz1VTgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0sJsVynqWciugKeNyfUYHMDO2ajA%26client%3Dca-pub-3213363904178661%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 21:08:12 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2976963
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
6995753986fc476fa00b2daebbbb4db7_image_ad_468x60.jpeg
static.criteo.net/design/dt/90764/220105/ Frame CD09 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/90764/220105/6995753986fc476fa00b2daebbbb4db7_image_ad_468x60.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiZ0OwAFfakK4DOTAAgWhl4BZiTkfk071sYfcg&u=%7CQ3Fq1SjdFKjhe%2FOqsh3qQOJnxWt7srW91%2FmkPTO45Zk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNmq7DdMTwGd4hZdJNVCZvky2eOS3j8EZOXsAarjR3r0V69cyvp3H1XSiLVdIIdlCJjs-zcrPNoXNku2stXStclRITwegXAe1_0HjDluv284ydJIcEPIPVEbL-OUGRc-ho_V5HJM3njCz0Gg-Ki3dB9sSkLrF64UgAnkgwl0UAMj0XJX56oHchCRV0_mW_dT8kDFSGYq3eI9gbURDm-mMemmlWqbCZwDMEBOqhpNIa1sZMl45egTJwI8AsAIacROFRls1dKkc57eyOZQNR9GgVhlWiS7fnOj9NFh_WNjOiwjz8zB_fR0kxKG4oA3D6784nEjY7ojNoXjlHhlTTwYdSHsaAtwYGLC2tpJI8Yy1ZN_OhUKxNeH1hN8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk37iO3QmYqn7FZPngAeGraCICcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzIxMzM2MzkwNDE3ODY2MaAB1bbS6gPIAQmpAg2p9GjZRbI-4AIAqAMBqgS_Ak_QY0FxF3lnFmBoQkLVaVdnH3W5Up6MGIIRA6xcv60Ig9wM8MrIESWebNZDsZBm3W7im79acEg2MsunP0TV4j43229nS7hcKmUxnaaBj5Jhvab4U5KL9JIlKXhL1jzmV6U2PAT3vNXec6rvofueSSTGY8yPtT9ClvlWITBq_bns-gTQcpdqBXjA3dwCpNoBZ7mWCyDW3DYTgBcfZzQUo9Xh06SRbVkCV14frF_oLp_WOe8Ub97E1sVx2dbDNQe2rhfCtiyV3a5ZT07NzAPSM8n6bgH5S4VlxLxNBcbs955MTwrz6gjRTR_aq2EIYPzHLeDRPQoQveHvLPyFM3OxEb0PtI3bk6iqKwiL_JYI9YTjqOlTzNh8PZXXOZOQ1qZSQFsUhb0HgW7Cdu0W7_F2sZq8hHje31z3E6paxFYz1VTgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0sJsVynqWciugKeNyfUYHMDO2ajA%26client%3Dca-pub-3213363904178661%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d69c46b54e0628ec4ab88209e0a13ecfd8dc8373cad309dea807a0f2784cfd0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 21:08:12 GMT
last-modified
Wed, 05 Jan 2022 18:27:39 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"61d5e31b-a450"
strict-transport-security
max-age=31536000; preload;
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
42064
expires
Thu, 02 Mar 2023 21:08:12 GMT
all
csm.eu.criteo.net/ Frame CD09 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=y6bx6cNtNDv5o7ANCzb4SEXx8LuZxWplxr5rG-suLhszYTpNWQHY4gC_96Uwz9ERVhFDGHThkBOMNQnxsG_INudDdtvFZf8cmiZZ20Q67IOAK5PHgRibhyo9mgwKwQ9NwyC-AT9dXOfpRbiCUHpgP6cfZNNU-qdwbB7L_oQ43ixCigO4dUiGDAG9ojHmHSAcshYhMI0NM2vOx7pm-8d_hiXirgdgT_rCecad-KRudcknkCX7lRBZ78ZX7GIgyBisDh1lrg&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiZ0OwAFfakK4DOTAAgWhl4BZiTkfk071sYfcg&u=%7CQ3Fq1SjdFKjhe%2FOqsh3qQOJnxWt7srW91%2FmkPTO45Zk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNmq7DdMTwGd4hZdJNVCZvky2eOS3j8EZOXsAarjR3r0V69cyvp3H1XSiLVdIIdlCJjs-zcrPNoXNku2stXStclRITwegXAe1_0HjDluv284ydJIcEPIPVEbL-OUGRc-ho_V5HJM3njCz0Gg-Ki3dB9sSkLrF64UgAnkgwl0UAMj0XJX56oHchCRV0_mW_dT8kDFSGYq3eI9gbURDm-mMemmlWqbCZwDMEBOqhpNIa1sZMl45egTJwI8AsAIacROFRls1dKkc57eyOZQNR9GgVhlWiS7fnOj9NFh_WNjOiwjz8zB_fR0kxKG4oA3D6784nEjY7ojNoXjlHhlTTwYdSHsaAtwYGLC2tpJI8Yy1ZN_OhUKxNeH1hN8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk37iO3QmYqn7FZPngAeGraCICcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzIxMzM2MzkwNDE3ODY2MaAB1bbS6gPIAQmpAg2p9GjZRbI-4AIAqAMBqgS_Ak_QY0FxF3lnFmBoQkLVaVdnH3W5Up6MGIIRA6xcv60Ig9wM8MrIESWebNZDsZBm3W7im79acEg2MsunP0TV4j43229nS7hcKmUxnaaBj5Jhvab4U5KL9JIlKXhL1jzmV6U2PAT3vNXec6rvofueSSTGY8yPtT9ClvlWITBq_bns-gTQcpdqBXjA3dwCpNoBZ7mWCyDW3DYTgBcfZzQUo9Xh06SRbVkCV14frF_oLp_WOe8Ub97E1sVx2dbDNQe2rhfCtiyV3a5ZT07NzAPSM8n6bgH5S4VlxLxNBcbs955MTwrz6gjRTR_aq2EIYPzHLeDRPQoQveHvLPyFM3OxEb0PtI3bk6iqKwiL_JYI9YTjqOlTzNh8PZXXOZOQ1qZSQFsUhb0HgW7Cdu0W7_F2sZq8hHje31z3E6paxFYz1VTgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0sJsVynqWciugKeNyfUYHMDO2ajA%26client%3Dca-pub-3213363904178661%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 07 Mar 2022 21:08:12 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CD09 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiZ0OwAFfakK4DOTAAgWhl4BZiTkfk071sYfcg&u=%7CQ3Fq1SjdFKjhe%2FOqsh3qQOJnxWt7srW91%2FmkPTO45Zk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNmq7DdMTwGd4hZdJNVCZvky2eOS3j8EZOXsAarjR3r0V69cyvp3H1XSiLVdIIdlCJjs-zcrPNoXNku2stXStclRITwegXAe1_0HjDluv284ydJIcEPIPVEbL-OUGRc-ho_V5HJM3njCz0Gg-Ki3dB9sSkLrF64UgAnkgwl0UAMj0XJX56oHchCRV0_mW_dT8kDFSGYq3eI9gbURDm-mMemmlWqbCZwDMEBOqhpNIa1sZMl45egTJwI8AsAIacROFRls1dKkc57eyOZQNR9GgVhlWiS7fnOj9NFh_WNjOiwjz8zB_fR0kxKG4oA3D6784nEjY7ojNoXjlHhlTTwYdSHsaAtwYGLC2tpJI8Yy1ZN_OhUKxNeH1hN8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk37iO3QmYqn7FZPngAeGraCICcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzIxMzM2MzkwNDE3ODY2MaAB1bbS6gPIAQmpAg2p9GjZRbI-4AIAqAMBqgS_Ak_QY0FxF3lnFmBoQkLVaVdnH3W5Up6MGIIRA6xcv60Ig9wM8MrIESWebNZDsZBm3W7im79acEg2MsunP0TV4j43229nS7hcKmUxnaaBj5Jhvab4U5KL9JIlKXhL1jzmV6U2PAT3vNXec6rvofueSSTGY8yPtT9ClvlWITBq_bns-gTQcpdqBXjA3dwCpNoBZ7mWCyDW3DYTgBcfZzQUo9Xh06SRbVkCV14frF_oLp_WOe8Ub97E1sVx2dbDNQe2rhfCtiyV3a5ZT07NzAPSM8n6bgH5S4VlxLxNBcbs955MTwrz6gjRTR_aq2EIYPzHLeDRPQoQveHvLPyFM3OxEb0PtI3bk6iqKwiL_JYI9YTjqOlTzNh8PZXXOZOQ1qZSQFsUhb0HgW7Cdu0W7_F2sZq8hHje31z3E6paxFYz1VTgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0sJsVynqWciugKeNyfUYHMDO2ajA%26client%3Dca-pub-3213363904178661%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 21:08:12 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Mar 2023 21:08:12 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame CD09 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiZ0OwAFfakK4DOTAAgWhl4BZiTkfk071sYfcg&u=%7CQ3Fq1SjdFKjhe%2FOqsh3qQOJnxWt7srW91%2FmkPTO45Zk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNmq7DdMTwGd4hZdJNVCZvky2eOS3j8EZOXsAarjR3r0V69cyvp3H1XSiLVdIIdlCJjs-zcrPNoXNku2stXStclRITwegXAe1_0HjDluv284ydJIcEPIPVEbL-OUGRc-ho_V5HJM3njCz0Gg-Ki3dB9sSkLrF64UgAnkgwl0UAMj0XJX56oHchCRV0_mW_dT8kDFSGYq3eI9gbURDm-mMemmlWqbCZwDMEBOqhpNIa1sZMl45egTJwI8AsAIacROFRls1dKkc57eyOZQNR9GgVhlWiS7fnOj9NFh_WNjOiwjz8zB_fR0kxKG4oA3D6784nEjY7ojNoXjlHhlTTwYdSHsaAtwYGLC2tpJI8Yy1ZN_OhUKxNeH1hN8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk37iO3QmYqn7FZPngAeGraCICcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzIxMzM2MzkwNDE3ODY2MaAB1bbS6gPIAQmpAg2p9GjZRbI-4AIAqAMBqgS_Ak_QY0FxF3lnFmBoQkLVaVdnH3W5Up6MGIIRA6xcv60Ig9wM8MrIESWebNZDsZBm3W7im79acEg2MsunP0TV4j43229nS7hcKmUxnaaBj5Jhvab4U5KL9JIlKXhL1jzmV6U2PAT3vNXec6rvofueSSTGY8yPtT9ClvlWITBq_bns-gTQcpdqBXjA3dwCpNoBZ7mWCyDW3DYTgBcfZzQUo9Xh06SRbVkCV14frF_oLp_WOe8Ub97E1sVx2dbDNQe2rhfCtiyV3a5ZT07NzAPSM8n6bgH5S4VlxLxNBcbs955MTwrz6gjRTR_aq2EIYPzHLeDRPQoQveHvLPyFM3OxEb0PtI3bk6iqKwiL_JYI9YTjqOlTzNh8PZXXOZOQ1qZSQFsUhb0HgW7Cdu0W7_F2sZq8hHje31z3E6paxFYz1VTgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0sJsVynqWciugKeNyfUYHMDO2ajA%26client%3Dca-pub-3213363904178661%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 21:08:12 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Mar 2023 21:08:12 GMT
truncated
/ Frame 8AC6 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
910ae7578ed4bbe4c381b046032dbe6798c3a3ecd76e27d52b371b070ea1f32d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a487df643777a4b9e6f574535b4ef504887baa06af7e5d96686e9e96601e67aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Mar 2022 21:08:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10628
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 21:08:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 21:08:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 39C0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 07 Mar 2022 20:10:15 GMT
expires
Tue, 07 Mar 2023 20:10:15 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
3478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 02D3 		783 B
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ffd99380cdc92667ce6737a516e0c6192775cd46088606db9a7f78c3b9c5ca77
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4aFgww9rJnQ4Ud+2I7/jjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 07 Mar 2022 21:08:14 GMT
date
Mon, 07 Mar 2022 21:08:14 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-4aFgww9rJnQ4Ud+2I7/jjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 39C0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 06:23:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
139504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 Mar 2023 06:23:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 02D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030301&jk=1899116138749694&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 39C0 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gnSeXw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 21:08:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030301&jk=1899116138749694&bg=!u7iluPzNAAb7UztL-1M7ACkAdvg8Wp9iugx_cehVNElurBGCH_pePXXQcRbrVNVYRt6xihpoyW0iRAIAAABuUgAAAAJoAQeZAuIP6o_zTnEWa8rT3gg4gGruBZfhlentmpMWakl7fnQ_Go0txDMbKE1AyhC5ZFUW0pVyWjWN-FPLVu__Nt5z2YtL_5wvCUI6xiK2btLt_uArUwTn6ggNlDMjbrRUE8AcFNUrzP9QRmBhrZhw9TN_vhRCXqZzPdwUHuDIx2Cw1NqlTiGcntZ-gpG6PtchBrvzJ7iQ4-R_NkZiLAJ23e1THdj4az704gEQeksbVU208Tb1mVcScwvuR_1ROX3XP6mj-nLSqlN2F-Fur68A9-9lfdGuzfPd7oUCJJp-Mp5bKzgvnDYTMjGUSsMkH7Qx6U_EWQcZccKL4foUkvH2a_RxfRYzrIXuh3pWZwcco1zWNoT0SjYuaPK7sZbteCzRMTqsPbb_cdm5c0yRNoFKvYOlNGSXAe1w-1Gt1gw7wnJ_6RNN8u6il9nprMzhTsDAt6AqhU0XKj7rWLRbmvWuYZoF3an3R54zsK5qT8NlCNW-j1ITMVzonI__KbQ9vIPtgXJCxQ1KQ54ydt1bV7b15Q3-aiAovCzs0Zywpw8jd4WQlpHwbJKtLJzDXKB6w3S8Eq2zImKvnv7vSP44e70FnEd7Dm8pfVSGdHof-4k8xQqgST8P65N6F_w40qYCr_OvKk6U1kWmmTY_Y8frnbYE9UO1mmVRy0ahH8stHSxTphCQjUDG5E2p_ocsFwVY248niyCKqVmN5648HF9LhY9OqEalF33UAV1QnZ1VLPABeksvk9EFH5fsLmhYmWEq03ZKqnaRWHJCeLCEcwWAmFCjV1QZYs6c0_43THXiKlZxtrKSMy_upqzyHRLYdpcDb2PYDFE0lThOEsDFHmKIzj_3ohmQx2xs1qQPfwVpod_7bBT35Tin0xw0XVfQ--mZu2Dz5ki8m8MgPwppxJkoWZFXBSh8cpJrerUhoCt6E9hUdF9sbMCody74bClI57b4YjeshiB3pJHtNO6lFJNsmWv7A2mo5AxcOMk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ekopaykasa.blogsport.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Mar 2022 21:08:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| oncontextlost object| oncontextrestored function| ga object| _wpemojiSettings undefined| $ function| jQuery function| member_widget_click_handler function| member_widget_response function| bp_get_querystring object| BP_DTheme function| bp_init_activity function| bp_init_objects function| bp_filter_request function| bp_activity_request function| bp_legacy_theme_hide_comments function| checkAll function| clear function| bp_get_cookies function| bp_get_query_var function| jq object| bp_ajax_request string| newest_activities number| activity_last_recorded string| ajaxurl boolean| mobile object| googletag object| scndprg object| _paq object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| addComment object| wp function| starAction object| twemoji object| ggeac object| google_js_reporting_queue object| JSON_PIWIK object| Piwik object| AnalyticsTracker function| piwik_log undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
.blogsport.eu/ Name: _ga
Value: GA1.2.1923488997.1646687290
.blogsport.eu/ Name: _gid
Value: GA1.2.1629959133.1646687290
.blogsport.eu/ Name: _gat
Value: 1
ekopaykasa.blogsport.eu/ Name: _pk_id.4959.9285
Value: dea7a6217739e6f6.1646687291.1.1646687291.1646687291.
ekopaykasa.blogsport.eu/ Name: _pk_ses.4959.9285
Value: *
.blogsport.eu/ Name: __gads
Value: ID=f89427c05fa7c7a0-22fb5d4f57cd00f3:T=1646687291:S=ALNI_MYZCnTR1lbEnLzH0fwUJbTUbCm1Pw
.doubleclick.net/ Name: IDE
Value: AHWqTUnqmqSi6wUiSrFtOy9EBUIHWIhMhrtHrgJ0IJ5fwPWBhwLm4N22BrcAWzVQFlM

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

908b0696545b5a1c31d2c0bf2836bb2b.safeframe.googlesyndication.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr.eu.criteo.com
csm.eu.criteo.net
ekopaykasa.blogsport.eu
fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
rtb.fr.eu.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
tpc.googlesyndication.com
whos.amung.us
widgets.amung.us
www.google-analytics.com
www.google.com
www.googletagservices.com
138.201.141.81
178.250.0.160
178.250.0.162
216.58.212.162
2606:4700:10::6816:4aab
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:811::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
2a02:2638::18
2a02:2638::2
2a02:2638::3
67.202.94.94
046b1a95c139aeaef8f2e3c321041ba7d00e80e4fb96da4e783ff519bd06070a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
10c91a7638e88b4c908086d11f76ca84235f70dca562cf980e3082fa471ee8fe
1a81b218ff8e72d1a230b73395b0d16798aa5bb37f1d75044306004dd1dbd2a2
2a855a87cfb0ded5ad1ebd11b607549d14dd5e54cef2a1d5b1ac1b4fca952abe
336b9e18c04ab729a2f86ee62eecd62674f1103e060b9fc91544dc8fe748c3d0
41f0d0efedd81ee93f7e39d944e84c9d0901a768b023e075f6d73e9cfe714746
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5d1dea03e9f94ad510d3c0656327820229ad0ea22a8a61fd9544c3357f13cc
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
5143e5a54af25d8eb82df87225bbc20307ab3bc91859b2a46f0f86e15001f4e3
535df7aecbed2bae12e73a5588988e0a33cb30f7ffce1535fcdf055700e67f26
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5e96b92fe0baac7dccb7dcf1a947e3d6deed9e5d9b53d0890ca375fd27e8a087
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f2f3e642ef54a52909525af5a51cec84a1543d3899bee8d169095c2bc73287
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
83db688184c9fbb0bc4cfd4a7228745ecfee70452f3357168ea3e3840a2f3524
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
8fbe1031e8234fab32983f4e5afbc30831720db278418b5a4a48e50ad7611d15
90cfd0e47fe744f5350f5fd73bef28360cbe6880c74cfe754b458255cc7d7972
910ae7578ed4bbe4c381b046032dbe6798c3a3ecd76e27d52b371b070ea1f32d
93f607ef409d9581fced853c226ff58f8c5d83d5aeff3643bca9e10f4dc54bd0
95001d7f54c0ebb83c751a0bb812c0af52b3c0827ee9cc1cbcc1b9dab1e61f05
99ae0b1f33737741caedeed975a8d9555fc49a41dd5875505ad03dad0c3f11ee
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3af1365fe3cfde4e5ef8e73c8d8b37a3eb52ce7488a74fd55fb9bf145ab365a
a487df643777a4b9e6f574535b4ef504887baa06af7e5d96686e9e96601e67aa
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
c1d92bf928acb0c9b0d2980a4b09da19f18bae4c34771c654f149f7eb7ca3928
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
c7c9a7a9a8d46adb08dd06c5183a0a8d92b1de516f7261ed7f6cab98ea1f89db
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494
d69c46b54e0628ec4ab88209e0a13ecfd8dc8373cad309dea807a0f2784cfd0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea
ee2142d2d84e169a6f92e80040206a8ec7e7cd466fa0f131aee972c4ff512a78
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
ffd99380cdc92667ce6737a516e0c6192775cd46088606db9a7f78c3b9c5ca77