www.eokultv.com Open in urlscan Pro
194.54.82.174 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.eokultv.com/
Submission: On October 31 via api (October 31st 2023, 7:52:00 pm UTC) from US — Scanned from DE

Summary HTTP 447 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 59 IPs in 12 countries across 55 domains to perform 447 HTTP transactions. The main IP is 194.54.82.174, located in Ukraine and belongs to SERVER server.ua, UA. The main domain is www.eokultv.com.

This is the only time www.eokultv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	194.54.82.174 194.54.82.174	3236 (SERVER se...) (SERVER server.ua)
7	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:249... 2600:9000:2491:1200:7:6b7b:1000:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
31	185.7.176.223 185.7.176.223	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
4 8	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
21	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	103.231.212.226 103.231.212.226	18229 (CTRLS-AS-...) (CTRLS-AS-IN CtrlS)
9	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
81	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 4	13.224.225.68 13.224.225.68	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.162.38.44 3.162.38.44	16509 (AMAZON-02) (AMAZON-02)
1	18.244.135.24 18.244.135.24	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
48	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
22 52	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 2	18.159.56.100 18.159.56.100	16509 (AMAZON-02) (AMAZON-02)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2	18.196.85.191 18.196.85.191	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 6	2.19.245.101 2.19.245.101	16625 (AKAMAI-AS) (AKAMAI-AS)
15 25	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9 14	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
5 10	54.170.148.223 54.170.148.223	16509 (AMAZON-02) (AMAZON-02)
10	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
3	142.250.13.156 142.250.13.156	15169 (GOOGLE) (GOOGLE)
7	2600:9000:223... 2600:9000:223f:6600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
39	2600:1f13:800... 2600:1f13:800:7782:4735:3296:e5d6:987f	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	185.7.176.202 185.7.176.202	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
3 3	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:9417:d03:489f:5a05	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.212.188.233 52.212.188.233	16509 (AMAZON-02) (AMAZON-02)
1 1	2.18.160.23 2.18.160.23	16625 (AKAMAI-AS) (AKAMAI-AS)
3 5	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
5 5	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	159.203.145.121 159.203.145.121	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:236... 2600:9000:2362:3e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	185.86.139.103 185.86.139.103	201081 (SMARTADSE...) (SMARTADSERVER)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c00::78	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:1c::9	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	193.108.153.6 193.108.153.6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
447	59

10 194.54.82.174 (Ukraine)

ASN3236 (SERVER server.ua, UA)
PTR: server.1ua.photos

www.eokultv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2491:1200:7:6b7b:1000:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdki.truepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng2.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logger.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Ulyanovsk, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.231.212.226 (India)

ASN18229 (CTRLS-AS-IN CtrlS, IN)
PTR: static-103-231-212-226.ctrls.in

sdk.truepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

81 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.225.68 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-225-68.lhr61.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.38.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-38-44.cdg52.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.135.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-135-24.lhr50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 142.250.186.66 (United States) 22 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.56.100 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-56-100.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.85.191 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-85-191.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.237 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.19.245.101 (Düsseldorf, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-245-101.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 172.64.151.101 (United States) 15 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 37.252.171.21 (Frankfurt am Main, Germany) 9 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.170.148.223 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-148-223.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.13.156 (United States)

ASN15169 (GOOGLE, US)
PTR: we-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:223f:6600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2600:1f13:800:7782:4735:3296:e5d6:987f (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.7.176.202 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

istr-n2.nktcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.0.66 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:9417:d03:489f:5a05 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.188.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-188-233.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.160.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.75.86.98 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.228.174.117 (United Kingdom) 5 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cs.chocolateplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2362:3e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::78 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:1c::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr4---sn-4g5lznl7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.6 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-6.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
118	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	884 KB
99	doubleclick.net 22 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439 bid.g.doubleclick.net — Cisco Umbrella Rank: 802 pubads.g.doubleclick.net — Cisco Umbrella Rank: 401	529 KB
56	adsafeprotected.com 5 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 898 static.adsafeprotected.com — Cisco Umbrella Rank: 587 dt.adsafeprotected.com — Cisco Umbrella Rank: 570	525 KB
48	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	1 MB
29	virgul.com static.virgul.com — Cisco Umbrella Rank: 75759 ng.virgul.com — Cisco Umbrella Rank: 70861 ng2.virgul.com — Cisco Umbrella Rank: 76749 logger.virgul.com — Cisco Umbrella Rank: 96461	233 KB
25	casalemedia.com 15 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	17 KB
14	adnxs.com 9 redirects ib.adnxs.com — Cisco Umbrella Rank: 246 secure.adnxs.com — Cisco Umbrella Rank: 495	11 KB
10	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	1 KB
10	eokultv.com www.eokultv.com	73 KB
8	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364 imasdk.googleapis.com — Cisco Umbrella Rank: 447 fonts.googleapis.com — Cisco Umbrella Rank: 31	465 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	497 KB
6	gstatic.com fonts.gstatic.com csi.gstatic.com	32 KB
6	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	1 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	357 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394	70 KB
5	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 746	1 KB
5	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8755	3 KB
5	truepush.com sdki.truepush.com — Cisco Umbrella Rank: 84147 sdk.truepush.com — Cisco Umbrella Rank: 109569	22 KB
4	openx.net rtb.openx.net — Cisco Umbrella Rank: 695 us-u.openx.net — Cisco Umbrella Rank: 522	748 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 567	2 KB
3	criteo.com dis.criteo.com — Cisco Umbrella Rank: 597	1 KB
3	travelaudience.com 3 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	893 B
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	445 B
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	32 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6862	669 B
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4034	70 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 823	1 KB
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 774	89 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 417	959 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4905	645 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	291 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 912	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 851 r.turn.com — Cisco Umbrella Rank: 4121	869 B
2	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 135259	131 KB
2	pghub.io pghub.io — Cisco Umbrella Rank: 1822 feed.pghub.io — Cisco Umbrella Rank: 2092	6 KB
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2858	1018 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1562	710 B
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 68
1	googlevideo.com rr4---sn-4g5lznl7.googlevideo.com — Cisco Umbrella Rank: 62719
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 716	237 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	463 B
1	chocolateplatform.com cs.chocolateplatform.com — Cisco Umbrella Rank: 4555	134 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1513	880 B
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 2249	199 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 376	463 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	711 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1824	173 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	541 B
1	nktcdn.com istr-n2.nktcdn.com — Cisco Umbrella Rank: 545089
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928	274 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 6637	669 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	33 KB
447	55

	Domain	Requested by
81	pagead2.googlesyndication.com	static.virgul.com pagead2.googlesyndication.com www.eokultv.com googleads.g.doubleclick.net 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com tpc.googlesyndication.com imasdk.googleapis.com fw.adsafeprotected.com www.googletagservices.com s0.2mdn.net
52	cm.g.doubleclick.net	22 redirects googleads.g.doubleclick.net 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
48	s0.2mdn.net	www.eokultv.com s0.2mdn.net imasdk.googleapis.com googleads.g.doubleclick.net 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
39	dt.adsafeprotected.com	89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com www.eokultv.com
31	tpc.googlesyndication.com	www.eokultv.com googleads.g.doubleclick.net 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net imasdk.googleapis.com pagead2.googlesyndication.com
25	dsum-sec.casalemedia.com	15 redirects googleads.g.doubleclick.net
21	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com googleads.g.doubleclick.net 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com www.eokultv.com
12	ib.adnxs.com	7 redirects googleads.g.doubleclick.net
10	googleads4.g.doubleclick.net	www.eokultv.com
10	fw.adsafeprotected.com	5 redirects 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com www.eokultv.com
10	www.eokultv.com	www.eokultv.com
9	logger.virgul.com	c1.imgiz.com
9	ng.virgul.com	static.virgul.com www.eokultv.com
9	www.google.com	www.eokultv.com googleads.g.doubleclick.net 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com tpc.googlesyndication.com
8	securepubads.g.doubleclick.net	static.virgul.com securepubads.g.doubleclick.net
7	static.adsafeprotected.com	89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
7	static.virgul.com	www.eokultv.com static.virgul.com
7	www.googletagmanager.com	www.eokultv.com www.googletagmanager.com
6	sync.teads.tv	2 redirects googleads.g.doubleclick.net 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
6	www.googletagservices.com	googleads.g.doubleclick.net 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com www.eokultv.com
6	89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	onetag-sys.com	3 redirects 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
5	mc.yandex.com	3 redirects www.eokultv.com
4	csi.gstatic.com	imasdk.googleapis.com
4	fonts.googleapis.com	s0.2mdn.net client 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
4	ng2.virgul.com	www.eokultv.com
4	c.amazon-adsystem.com	1 redirects www.eokultv.com c.amazon-adsystem.com
3	pubads.g.doubleclick.net	imasdk.googleapis.com www.eokultv.com
3	sync.1rx.io	3 redirects
3	dis.criteo.com	89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
3	ads.travelaudience.com	3 redirects
3	bid.g.doubleclick.net	89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
3	match.adsrvr.org	googleads.g.doubleclick.net 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
3	imasdk.googleapis.com	c1.imgiz.com imasdk.googleapis.com www.eokultv.com
3	www.google.de	www.eokultv.com
3	mc.yandex.ru	1 redirects www.eokultv.com
3	sdki.truepush.com	www.eokultv.com sdki.truepush.com
2	image6.pubmatic.com	2 redirects
2	us-u.openx.net	googleads.g.doubleclick.net
2	ssbsync.smartadserver.com	89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
2	eb2.3lift.com	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	secure.adnxs.com	2 redirects
2	rtb.openx.net	89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
2	d5p.de17a.com	2 redirects
2	id5-sync.com	cdn.id5-sync.com www.eokultv.com
2	fonts.gstatic.com	fonts.googleapis.com
2	c1.adform.net	2 redirects
2	x.bidswitch.net	googleads.g.doubleclick.net 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
2	pm.w55c.net	2 redirects
2	c1.imgiz.com	static.virgul.com c1.imgiz.com
2	sdk.truepush.com	sdki.truepush.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	analytics.pangle-ads.com	1 redirects
1	sync.inmobi.com	1 redirects
1	www.youtube.com	www.eokultv.com
1	rr4---sn-4g5lznl7.googlevideo.com	www.eokultv.com
1	s.ad.smaato.net	89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
1	cms.quantserve.com	89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
1	cs.chocolateplatform.com	89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
1	cs.media.net	1 redirects
1	match.360yield.com	89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	tr.blismedia.com	89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	istr-n2.nktcdn.com	www.eokultv.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	ius.ctnsnet.com	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	cdn.id5-sync.com	www.eokultv.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	feed.pghub.io	pghub.io
1	pghub.io	static.virgul.com
1	region1.analytics.google.com	www.googletagmanager.com
1	code.jquery.com	www.eokultv.com
1	ajax.googleapis.com	www.eokultv.com
447	81

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
webdisk.eokultv.com R3	`2023-10-06` - `2024-01-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sdki.truepush.com Amazon RSA 2048 M01	`2023-07-26` - `2024-08-23`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-20` - `2024-10-20`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.truepush.com R3	`2023-09-14` - `2023-12-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-24` - `2024-09-23`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.nktcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-30` - `2024-11-29`	a year	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.chocolateplatform.com ZeroSSL RSA Domain Secure Site CA	`2023-04-03` - `2024-04-02`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-10-17` - `2023-12-26`	2 months	crt.sh
teads.tv R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh

This page contains 49 frames:

Primary Page: http://www.eokultv.com/
Frame ID: C3B50CB6E38B0356B65690B5E8D3F044
Requests: 106 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 44A5AFE574A7EF6942BA975007CA9968
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html
Frame ID: 11CA21F2F083679F7D7847A678032847
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=&page_url=http%3A%2F%2Fwww.eokultv.com%2F&owner=P%26G&bp_id=noktacommedya&ch=&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: DF0B254E8FFA2A073FC41F4C0C86024C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3025194257&lmt=1698778309&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C260x945_r&format=0x0&url=http%3A%2F%2Fwww.eokultv.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1698781908723&bpp=5&bdt=850&idt=391&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7057876090133&frm=20&pv=2&ga_vid=496794985.1698781908&ga_sid=1698781909&ga_hid=695587219&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078238%2C31079192%2C31079232%2C31079307%2C44795922%2C44805931%2C44806498%2C44807048%2C31078297%2C31079248&oid=2&pvsid=2929549923447421&tmod=1731016079&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=431
Frame ID: 08707C0FEE8DE8923D2AF655A3149EC2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7001363072656594&output=html&h=280&slotname=9259565938&adk=630483377&adf=1964865421&pi=t.ma~as.9259565938&w=640&fwrn=4&fwrnh=100&lmt=1698778309&rafmt=1&format=640x280&url=http%3A%2F%2Fwww.eokultv.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1698781908728&bpp=2&bdt=854&idt=462&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7057876090133&frm=20&pv=2&ga_vid=496794985.1698781908&ga_sid=1698781909&ga_hid=695587219&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078238%2C31079192%2C31079232%2C31079307%2C44795922%2C44805931%2C44806498%2C44807048%2C31078297%2C31079248&oid=2&pvsid=2929549923447421&tmod=1731016079&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=JmKc7GgWSC&p=http%3A//www.eokultv.com&dtd=468
Frame ID: 8976C1C5E90EFBBEAE3F9F5F5ABE3D61
Requests: 1 HTTP requests in this frame

Frame: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8564014724B693FAA14D9666FE069AD0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYvbig5QEwAQ&v=APEucNXkxIUmE--JUnq-k9mYeC0yyhnhE2LflWIpoxb4Lwg3uHTILMqsYnjlBHkQX6sCNnOEGWAXbi-EYinO2epegj7g_KW9KxSfU2DuF09ZzrrrMuvHDW9syW9LNHmAD7rUXaFtJ2yrX9sWglVh50TX2qanf21O-8JQ86vWT_NIyRkkIvQjaC8
Frame ID: E6AA2794E16330D043CE6BA31615D997
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: A3ED292E48001EF565EE0C5C5DD93FD4
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A35777E2B2EC8EE8A1329DD734DE10A0
Requests: 9 HTTP requests in this frame

Frame: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F51022E2DF1060AC0BBB7546D405A168
Requests: 32 HTTP requests in this frame

Frame: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E74A0068A4CBED2EACB55E517B5217F0
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNUodONKdnaFHd45ywiCjW1XUd4-qZxNxi26vLwxi4zAuvPRsn9Pydc4luAarD88wrjQN1RNpzSOlOI52YlkLvfk1b9iNKsfnblfIZH5Hrjqc4ftJKom8373ZTAN-04mijtArHwU4v78zHwp7ZDZ0euSFw2bnIEurgM0faJK5XZDLPFokotWkM9VyZ4rD4uz5nJjFuMi
Frame ID: 26EF73C41246F55800B11600C3855491
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 747F051BC92E5A1E153111BA88EBE909
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6539183625060334138/index.html?ev=01_250
Frame ID: D100FD0D0723690FC6C1BB109A6C5BBD
Requests: 11 HTTP requests in this frame

Frame: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4B832D93CA1788FA60ABF51C880D33CF
Requests: 30 HTTP requests in this frame

Frame: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BF165BD8A843CAADD869B4C5452B4646
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNXPVrV0DBt9CYdLP0Rq8eSxpV1RZmFbHTMLZn8CdgxhgUNgdmGH1VUoqDgvK1EOB3wqbhFM7wTRk0s4ntBZDcrAolJS37iCAUdeVAw3gQ8KrKg8u3kzOByDnO7NK6iROaMg-FDo06fNUPC9O8SzGF_M_LN6yp9cdyDArDBZ25d_pebxuuFy-ssu9OABrMXwDaXWRWvG
Frame ID: D582DC8E7EB81EDF3CF5F69DBAB08394
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNXEpmMFjSWBwh3r2-r201i1zSXsoODvmhxc9Dh_M_7qMXa7odsffg_pvs-nBt2ciRi-iMkQj4nTx2viur_0og1WFQJIJwtGCjLmrgiOzOeXzEr4DYk6A9CH2kmKM4KXHNILXj6yvBoi1hO-croFDthHSjMe7b3uebgtduFLbDq5JdxM9qbxQsRdQ20UUBpMcoPq2KhC
Frame ID: 00401F484E69FCBFF02E61F53D1EDA71
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIL_ofABMAE&v=APEucNUDGYN9VbSAaPu-0TksqOD-tF6Ik1wHc709PB15x1L3E0AVRjG_XZSMMJ1YqmVxHMNM7F6Spf6lHCJPpntSJtoJyXyn1MCjf2evUYPq5MWmESq5Z40Mt8vf8f1SN_o0QIcN-Hx6bnSStPv5W3-MoUcaRxls48efZGQErzR1oDlYZB1LIYtJfOFVEeDRnPLt7mfZ7Gpr
Frame ID: 05B24DB5964410F2A46AEBF511B112D2
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 045958B2E1158197A10D6C3AA42AB06B
Requests: 1 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Frame ID: 973245C7609003CEE1E37DF413333F20
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0980E9E28484F9ADF598E938A1CB429C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E6548F339C432D81DF576EFAE5B8FC71
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E5EF29BAAA039214D9159C4D65F8861F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3527D60584816430D0EF113A04BB0242
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 499B36907169CCEBB2232C49DBBF4C8B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 285CD016182C346B4FB273F07498CCE9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0F59F950EF6D6F2BF6773EAA0734EB86
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9EEC8D0473129F9BD01C89ACFB00C7D5
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
Frame ID: 8D535A53A3158F6D6C4960CBE0D7BA7C
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 634627B7D550F4BC47C49E85429C8B8A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11526246211769912184/DE-DEU_XA-07_0_300x250_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/index.html?ev=01_250
Frame ID: E4C31533DE02CE1780EF16F61415831B
Requests: 6 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F22982D690B66EA57B001331EAEA57C1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 317441D4686B24AF4665B28849DD74F1
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9956634213443940069/index.html?e=69&leftOffset=0&topOffset=0&c=jpkzb9NwPn&t=1&renderingType=2&ev=01_250
Frame ID: BEAC6EFBB10EB7E0FBCD76BB0E64EF32
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AD236ACD2EA1682AB5D13053337085EC
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7908765322425119429/DE-DEU_XA-07_0_160x600_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/index.html?ev=01_250
Frame ID: 4016FEA0D78AC62B766291AA42695268
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Frame ID: CFBE21A2B8F4C481DB8E762188D67130
Requests: 1 HTTP requests in this frame

Frame: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D23AE991B5BE4656A9FE097E0AD88421
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNU46z_HVVlHea1X842uxfB7Low4H8-iYqBT6JjejO0OujED5H7QXlCflPfTwB2IewRqE7SmcvtsKRpoSZBGbn-kSQBZ3cjzxJXC9b_sUwV5IljmXLcVKwAjXDOwCqmG_TK2O374BKKRrchym08hqNr8lOHLzyThPzpCio5suxMvkuBVldz2UK4QJsiCz-KmFRMHBr1v
Frame ID: F8642F080790F833AD2F856D7E176973
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: C552554E23D04F1C3794BB27B808494D
Requests: 21 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 91AA014EC1A176751CE41FD45EBE156B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4E21D8ABC9DB7F578E769EB231B588FE
Requests: 3 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 6D804DD871E856C166B0E92585507AB8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2EB8AD8CC3BD111A8618C2DB82B6ECDE
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15626680059600941049/DE-DEU_XA-07_0__300x250_BAN-A_HTML5_TOFU-no-B2P-RAeBookV2-ALL_0_105/index.html?ev=01_250
Frame ID: 7DB71E20BD866D569A8C779A684F8ACC
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 147499D8A9E7D75501FEB40C173F17E5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A27769562147C86C4A01EEB13385BE0E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Konu anlatımları, Ders Notları ve Test Soruları Çözümleri

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

447
Requests

84 %
HTTPS

43 %
IPv6

55
Domains

81
Subdomains

59
IPs

12
Countries

5848 kB
Transfer

21041 kB
Size

56
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/eokultv/

Search URL Search Domain Scan URL

URL: https://twitter.com/eokultv

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Eokultvcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/eokultv/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10172.VFnJlsCZ3a5YwI0RKyFGfhNeIgpi1U-CICxfJLhDTm_mX5NFvDxX4GQqIgcpPTWa.L-yXhBjk-y9-JZhD1gB1c58wUH8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10172.LyJ9p4fHEvJ3NIxQ9vancJVQSOz7OCQN24ELK7WhO9yx88V0IJSeALH-23lhcbUdR0Jj8bGXihZYgPIdCXrKwR9bitJ79RgV4QyRB65L1-ZsbKetioHwW7kTlNvzCKd1Alts_ID6rDVxJfJApzN8gCcOqPLJ6tADZCEKBOngQLG8Zt-eQVRJ0Gmosx3TGUNghtL2eNQHzSMU3jd_51jxqZn7Jn4S8BxIHKX915EK-eM%2C.SXx8RVTJQK_XwuQ_UNfte9MaTFA%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10172.Sb_GUiGCoTKidg4PQkJ3CiccdXlRmctSuD02Tqy-FCnqlL97XteUFzeyc_hGP4_x2_lfHrDALJyd2erylLVR3b78A7c5ncptZuXR89qjanApMcwo5ZWgL5enkq_IHluQBlc0W-UiXFC2KTQD0UJDVqyQ4s1fimS0kxZQDpzof1RAoxsp--H9oJvTTTmEbDHe0Qh1LhPi8KA38WkQE4isRg%2C%2C.DrdNboRczEMfcqV50RdAJFhqS78%2C

Request Chain 48

http://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://c.amazon-adsystem.com/aax2/apstag.js

Request Chain 54

https://mc.yandex.com/watch/24313435?wmode=7&page-url=http%3A%2F%2Fwww.eokultv.com%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A404%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1142%3Acn%3A1%3Adp%3A0%3Als%3A110422456836%3Ahid%3A480405425%3Az%3A60%3Ai%3A20231031205148%3Aet%3A1698781908%3Ac%3A1%3Arn%3A732940774%3Arqn%3A1%3Au%3A1698781908857450292%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A29%2C39%2C40%2C40%2C0%2C0%2C%2C246%2C32%2C%2C%2C%2C395%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1698781907762%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1698781909%3At%3AKonu%20anlat%C4%B1mlar%C4%B1%2C%20Ders%20Notlar%C4%B1%20ve%20Test%20Sorular%C4%B1%20%C3%87%C3%B6z%C3%BCmleri&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/24313435/1?wmode=7&page-url=http%3A%2F%2Fwww.eokultv.com%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A404%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1142%3Acn%3A1%3Adp%3A0%3Als%3A110422456836%3Ahid%3A480405425%3Az%3A60%3Ai%3A20231031205148%3Aet%3A1698781908%3Ac%3A1%3Arn%3A732940774%3Arqn%3A1%3Au%3A1698781908857450292%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A29%2C39%2C40%2C40%2C0%2C0%2C%2C246%2C32%2C%2C%2C%2C395%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1698781907762%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1698781909%3At%3AKonu%20anlat%C4%B1mlar%C4%B1%2C%20Ders%20Notlar%C4%B1%20ve%20Test%20Sorular%C4%B1%20%C3%87%C3%B6z%C3%BCmleri&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 68

http://cdn.id5-sync.com/api/1.0/id5-api.js HTTP 307
https://cdn.id5-sync.com/api/1.0/id5-api.js

Request Chain 88

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI9emr-cYVRlCdyzxXKsJuk&google_cver=1&google_push=AXcoOmRYab_ZrI6wID4pozovGVkd_MimmcrSPK9dkS7aYLyxYEUTGCaVTmfeH7B-pQcPm7h-ni4j2FIsvjziXQm5DAidWil8Fdi4x99XHFqdQIJtq6MyANDF9hGU1OodDTmIRCYzNRRZiYs5GZipFvBCJJOpA6w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODk5MzQ0MTU2ODI2NTg1OTMwMw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKjRJLNJfdfyIE7lexqsev8&google_cver=1

Request Chain 89

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMHD-o6tvTcOqxo4Oc-IIpg&google_cver=1&google_push=AXcoOmTC-KNTP8SG_4H_FFPKbzxcaZOtNDEWgpUOp3G4PsbQwUhaffz5zGSodCBxeVXklqP1C52g5tybv2eKK7dYQzVmD3C0y6Skr3FBnr4SIuL6O63RbIXlrX_jAXEvIM7xhurLbhtEGVrgSMaqBE0gLa8pPPs HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMHD-o6tvTcOqxo4Oc-IIpg&google_cver=1&google_push=AXcoOmTC-KNTP8SG_4H_FFPKbzxcaZOtNDEWgpUOp3G4PsbQwUhaffz5zGSodCBxeVXklqP1C52g5tybv2eKK7dYQzVmD3C0y6Skr3FBnr4SIuL6O63RbIXlrX_jAXEvIM7xhurLbhtEGVrgSMaqBE0gLa8pPPs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TmFqaVNtbHAxUVhVTWQ1&google_gid=CAESEMHD-o6tvTcOqxo4Oc-IIpg&google_cver=1&google_push=AXcoOmTC-KNTP8SG_4H_FFPKbzxcaZOtNDEWgpUOp3G4PsbQwUhaffz5zGSodCBxeVXklqP1C52g5tybv2eKK7dYQzVmD3C0y6Skr3FBnr4SIuL6O63RbIXlrX_jAXEvIM7xhurLbhtEGVrgSMaqBE0gLa8pPPs

Request Chain 92

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFprYBl71VAft5CzhGntCVw&google_cver=1&google_push=AXcoOmT4-FK3Qh5xJ7XDXhWA_UrdFL_nM9MxhK8tzxEUq3xASzNhuGqKKdQB0fDYijZqFKk1vuYwd1lIu7_OWnKn_FPEfn9ddA5_68SpAddRmBv-bLRN3OPno_Kz5oryu_82It-70W78Vaa_6wdXpRt0JNTkYkU HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFprYBl71VAft5CzhGntCVw&google_cver=1&google_push=AXcoOmT4-FK3Qh5xJ7XDXhWA_UrdFL_nM9MxhK8tzxEUq3xASzNhuGqKKdQB0fDYijZqFKk1vuYwd1lIu7_OWnKn_FPEfn9ddA5_68SpAddRmBv-bLRN3OPno_Kz5oryu_82It-70W78Vaa_6wdXpRt0JNTkYkU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE1ODMwMDQ0NzgwNDAzMDYxMA&google_push=AXcoOmT4-FK3Qh5xJ7XDXhWA_UrdFL_nM9MxhK8tzxEUq3xASzNhuGqKKdQB0fDYijZqFKk1vuYwd1lIu7_OWnKn_FPEfn9ddA5_68SpAddRmBv-bLRN3OPno_Kz5oryu_82It-70W78Vaa_6wdXpRt0JNTkYkU

Request Chain 93

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEHBHYu051hAN58j3JTpfWIw&google_cver=1&google_push=AXcoOmSt1kC8pW2pmD950bf9RKLGQVKgFA1ljn84yQYfNV4kSIS68eKCyowTCc_Y9eajvjtuGerKPMpDE52MDMA3bkGFXpqbggKXhs8qoDi0yrff-uhkDENPsWNZvmZIsqMhmyhEite5ZxEQlEy2SOCuVPSKxgaq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSt1kC8pW2pmD950bf9RKLGQVKgFA1ljn84yQYfNV4kSIS68eKCyowTCc_Y9eajvjtuGerKPMpDE52MDMA3bkGFXpqbggKXhs8qoDi0yrff-uhkDENPsWNZvmZIsqMhmyhEite5ZxEQlEy2SOCuVPSKxgaq&google_hm=PLLz_zU3TFqm44rGe7qDkU0

Request Chain 94

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEI-0XznoaKA2CUXkX88gxqk&google_cver=1&google_push=AXcoOmS1Ckb4DgeN9239VlRFjWa_ZxpeUskSplOJYhBguiVwnqto5majcSxkcxryczwAPOd_nT9kfsngL4CSvq2MjYcpkbXWpuvvM_1QNmKOkT9PNVfHfDLnC-4Ek0693oTtHg6yHG8KmeHA8m6Ul5huG_0DBKI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS1Ckb4DgeN9239VlRFjWa_ZxpeUskSplOJYhBguiVwnqto5majcSxkcxryczwAPOd_nT9kfsngL4CSvq2MjYcpkbXWpuvvM_1QNmKOkT9PNVfHfDLnC-4Ek0693oTtHg6yHG8KmeHA8m6Ul5huG_0DBKI HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELNXIYPcmujuSRs2XFo0zVI&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELNXIYPcmujuSRs2XFo0zVI&google_cver=1&C=1

Request Chain 97

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUFa2Ap.pp0qfeuTJJMLIgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&google_hm=2

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIxRvseW3yzm-OsFcD8G8AY&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIxRvseW3yzm-OsFcD8G8AY%26google_cver%3D1

Request Chain 99

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&C=1

Request Chain 126

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUFa2FpXkycoI6WRkN.ciQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&google_hm=2

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH3RCBqN5_WgbNXsZyvxkYc&google_cver=1

Request Chain 128

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&C=1

Request Chain 151

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUFa2QJnME7sALFiiQ6VEwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH3RCBqN5_WgbNXsZyvxkYc&google_cver=1

Request Chain 153

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D

Request Chain 159

https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-C2MCOInJDTG4OPF_PtaTYuOecPWq41g0ilS9_W0wjFQUxFAgbIhr4N9eW6li8ZRj7WOrUOpPd9gqOwxmrzDcVb4tFRUPPHt2XTgAY0-oVc4ROrcaiJXE4PtbbtWiSU1IK6mIWlKBnWgxF2ato_N2z_tT52FDZXIYwiaJIfTW2x0qp2h_0SmRcAoCZ_4Ps8_kb0hZ31Zw33kpIVFaBpFtPi1yjYwHqoL5HJngAvvNh5lMOstYtkNTWvMnKh8Xrgv8Nn0_TnF4ClIcjAjVs4KGXaqAKgs9fmsBc-Ht4oEpaxjySu3DZoDfERzyKcffFqaxiuYg8hFOKnM9eWlT2CzEKOzV_1Zn2CxU0WhlUe3UEgEEPGkrwLPO3apBCp9QhPTWQiJDmH5FpUWgRZSJFLhAX2C1qAnjmSmF6KZncaOGKTV1JZFz5L_gp0r9oiOO7nXGYQ_Zo6WDRijYwbjHArT6DiGUery_e0mydzTHO24MFjrdIlTaikO9tT9K3s5Nc0b2bFJbfX0ABFxBcD5mvr7Dvu58izw72T2qLow6NH9dfaygMFT3qPLnxzkM4aaRZFQbFourtNfJIGYIquTDTXWDhmVwyU1JOejoyr3m4uL2yTlOm-jw45DzRvbtPjBTbWobUOHYNxV3HpuBPtvnGO-JzxCf0qQRjl8WOFUnXeMsebU0G3RJSo32ocwgwEyoPh61fGdKevNWdwzOW2jCUuTzyEggfRVh_iPmZHKFGBGdo6Oav_Dw78-KTM-8fsXURLGTPVhGI29dIgM4D55sFgJaJRdzomI7tjaVnt6X4HgF0dJLuuuetdELqEj3fJRCIBrRXbe228n-AdpQrY1I26v1UbldH-UMP4AFx_notaWQ_5IbbvRMAZzrp7vx4HB9c0Qg40-zgVPXQz7UQw5JUhytHIwO7tZzydGHxQvw-qjC5_TNOAmEnDwD77p0RzGP4us4FF_dHtAaiO8-l5ltDcvoxRKs_bApMmCHpUawLnTkzebcqOF9WAHs2LEVKZRuiRTRKiBeSarcJMWRoW_ayk7TUfzcW0ZhBRYhK2xI_1uvL8giis49O1tydL4HA3s3szY95_oAaaiEJ0l_f4j89ZgbzrwuOzUXwdHtmeVQddMW0iPO4R7f290Btl_wiOeaFvDdks4V_DHJY2yYrcfmEo-GIDNRcg5F-Z0Mo1aSdw7dvUMVpOQHOc17AHXc39Uni8hnj41db6JMaBPPJIorw0JJCk3UsctKU2YPMZXH7VSdiwAW7dhvjehyAuNBPN9Io1viISjWItaKXSmYLWnp6HNjjsO0D7eui5klP7TTiNPymj9r8i31-ucACqaJVbPPsh-5pGTIXy9AdJ6V8FTdBjhhtPVKomx4Knmkaz5JcT7UYa7Tg9GrkrfSRWWErSHaNnxc4QVj4YeV8j2em9gBIAWVSqN-0oVH9ry9kJSdsa5IpE7r7USK7SPMsOIi4qGVzytBanEJ5CFT8i3-xmwx4o9WK7WeU4GvD9j0jh6QAiy4Ls8rIeBRIQftEJvZfci5SKSPlYKXDRzA1qzSd1aO95ZeuICUL6Hz2aQPCQPQVfYdXLNOpDAQkKseTg7ciWXLLiH5oqPW0N38EUzgxN3_d_qyM4GLWC-rW-UZkIGkjhH9M2D6TNnxQyuC6HizBqihar5wvpcASnWtpQgL7Dgu0bAIOMIiCwH3RU3OnECKB8Ardp71C2XmmsRMxKgiko4OCVMOgbCXYeBKSQgCDcOCopLdVO2azqeZnVRE_ELwFzv-ZRxffWkcXwljwdDCkK_OVJnhZX4eRu47q16qGvKE2FCC2XKHCcdgsRqdfczqLkUUdnJr3lqNzFoyuJ_cGuiT4IkvAt1X9SVXVQX-1Om9V-mJu0k2ypdP1V4O2YJeGU_fqcKwUGwW0akE6r40epJ8jEGkJHv9ueUuNt6cwt_62nxnzEVgGcdeyk8YbRuppYhKndHZ4M2O1khBkqwY8ge5H6131o1LUF0VNszkB8zxjW_TXtUHC4I5tlk6wIDt1vwjInNksJ6hwV--EUvVD6ce_5fjzMOfDpui3Tx_i163KZk2BrZAgJN9M4l4W2MAqQ16mn13c_JIcXcXgi9as_Y4BnXSeeHSpydXYCNcTIUlQgBx7GXRJF8o_vGTFLLU6VQJjKD1ZhAFyIr0wAfM9EhWl-nIPvvoxOZ9oewRiAtW9WAKUJOdK_pICl2Pp0iaAU_S-yjkHg11JlE98KBkdyteDywy1CUyWceYW5exosHGX9VgcNOdWw2XwEjbIJECTQ4RgMPEdeV8VsrZMR5SgNA6alCJfU-PBJ9J_vXqQaf9xoRJhHtb4Pw-Hqfb9ftzgzlQwG1N449YwnluYa4pvWV9WWFt3DTry2Hz8uLaKngxaQ8Z3u3noALmyrWA9STAu6Kohxtb-tKRFy-NHOsRC5lx9KAVBFdr5RWlarJw__omr1BFa8X8MlSYAbWWSH8YKX4czbErEyvYdFkxUIoTpJvY0Px7YWRW02KeGF_c2b2t5pHjrdIEFoveWiiPQJn4mgxWXyGKnHGTrx30NjL5bedntXiRG_JEbq1znu4G-XPEjyrlGmyoCpNHlgqVc-fasFDW7C_W9sAAN1c_8mqcNsiwOOQ3P4KpGNSR4FffBWoyDnQPlrik4C840RFWwaokA7D-ISSvP3THZ1HL5iZpetuppqftl1vBTjn9inZLkJK6ZWXlSMgznvpESgFlVKxu86czoCH3gWamvI5ZARM4Up6aUAmX2FWeTpzFSTWIrtXsv19J0sXlODFUoYBbI7-hi5NqZXFYK3Xw9ilmh1ZYTM8qftFI4UQyuCCC6_WyAfMLN9YwYII1kbrJSkJIFnCS_m6MWDmixpOfU-r-XISPcqyO4MbfUrPGcRdgc7qSiPjZ_uBGWr1q9ILeQ-LwH4vypnBhWWF1fHwPUVACrEj2vwhkliJjmSuxZC8OBChiCWmpg9txfV5HX4CnNaU7iCSpQY54iVInQP3Gsael1MLDKsUlyKN1B429RQiWZ7i_-WrN64M1zEOK4Y8Cx7SrS0O5cFhXK7Cfwj9g3jqnYTVr8SYylfbGesf3dF3ZJyM2vt5vAYT-cwFTSdm_q7QxlB9Ktu-CYiA-hB24FKo2_pgf7RV8XwDI4N_suVaITd30vZdCVLf3_Irj6DUwW3pvhEmczbSeGcUsGfO_Nmv2mH0tZFcbil4utF0yCRYv0z4zmlb0p8oIBxRapEO8-D7WEZKYQcM4bd8rYxvep3q8ZBn08IynRq3DpNNDS7IlzEcdPCXUV4DLG11vBR1c0bribIUD45PK9BD9WYFlbk8gFR5NqSiAD2lUWwY-ZZCXj4w_SbUvA2EFLkbY7aEzMOGTB3x7rPcSHDM9dXph_LioV2c7Jkxpqez4Bkbrdr-0YAJVoV1hm16RfEO9AWscGKzHA39vGzThX61oYqZIhJF_ULtbm5WSFEBdLzVxxixrCfJDn9ST3gHqQm5CbF99beZvTovlm25mKVO5nC46yUCc8Rto8_dn6kaFPk75dSn_KYBC0hGb7BLOK9dBU0swISntdymOHX1niwYY7Yzyyg7V7JpHJU2pyoop-RRtBf41PWydE8V9PFi_zfeMbVn1xD3118eYKccNC_mcs3jQmkfTS7jFxJq19HkUuNkldYAv7eqT46olZD9rhfS8V-LSDjS3-ZzoGPt6r8teV_LUClrhsIwS35LCFMy5etPF1u8zLP-CUuTv1XR065LQuqrX3hWapfV-P_vt2r2-b8PM-ecthi22IeUDdWX-OZPQxZ_A2yByJsQyOYKgV881_kaoKUH6yVoNt-VjGDFubb_KJFSLiILD-CQMLJvuEKbdwd8iUl_gAlVG6eOzxEwVEYRZAWwZurmRWmxtyJV1yLP8yO699iAAdowOPHRU9pMYK7TZCjx_aCatfvnUTFwLYKsqPEZxbnecynU5B0snvMDq2P_63blrQulE3lC8RHuhw-CmuQGRlwIz9UILrQFAFFN5zRJfZ5DnyH6FeTGsO7uTohtb8qK5GrFV629rE1auRuIDS0CPsb_WUEyLzu8fPxq6VyJPdvcqfwRalr2ps5BdT_IVZI2UdHopxFNya5Kgz9jBsAuUGDs4Oz_4MLIS32MOhxO0zgb4Tkr1gSRhpTCAQSTQDICaaNZ1_LAu5_j1OlE3AtyXt8ccC7Sg0kQookZtN4PcUyMWI_QP00FUfm1olmTfmluzuBMOAR2cuq7seq3ehThpTW0Rg0CekFrceQGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=20409787662&bidurl=http://www.eokultv.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0ht-ixWnC2v7QKWsrkBFOz7&adsafe_url=http%3A%2F%2Fwww.eokultv.com&adsafe_type=y&adsafe_url=http%3A%2F%2Fwww.eokultv.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:60b9e6e3-faa3-dc15-fec4-813062a01490,c:sEMps8,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-554d68d5bf-mcsgw,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C17*.1520146-76103085%7C171%7C181%7C191%7C1a1,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:24,oid:ee8a10f8-7826-11ee-a487-d2ea9a43dc12,v:19.8.458,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-C2MCOInJDTG4OPF_PtaTYuOecPWq41g0ilS9_W0wjFQUxFAgbIhr4N9eW6li8ZRj7WOrUOpPd9gqOwxmrzDcVb4tFRUPPHt2XTgAY0-oVc4ROrcaiJXE4PtbbtWiSU1IK6mIWlKBnWgxF2ato_N2z_tT52FDZXIYwiaJIfTW2x0qp2h_0SmRcAoCZ_4Ps8_kb0hZ31Zw33kpIVFaBpFtPi1yjYwHqoL5HJngAvvNh5lMOstYtkNTWvMnKh8Xrgv8Nn0_TnF4ClIcjAjVs4KGXaqAKgs9fmsBc-Ht4oEpaxjySu3DZoDfERzyKcffFqaxiuYg8hFOKnM9eWlT2CzEKOzV_1Zn2CxU0WhlUe3UEgEEPGkrwLPO3apBCp9QhPTWQiJDmH5FpUWgRZSJFLhAX2C1qAnjmSmF6KZncaOGKTV1JZFz5L_gp0r9oiOO7nXGYQ_Zo6WDRijYwbjHArT6DiGUery_e0mydzTHO24MFjrdIlTaikO9tT9K3s5Nc0b2bFJbfX0ABFxBcD5mvr7Dvu58izw72T2qLow6NH9dfaygMFT3qPLnxzkM4aaRZFQbFourtNfJIGYIquTDTXWDhmVwyU1JOejoyr3m4uL2yTlOm-jw45DzRvbtPjBTbWobUOHYNxV3HpuBPtvnGO-JzxCf0qQRjl8WOFUnXeMsebU0G3RJSo32ocwgwEyoPh61fGdKevNWdwzOW2jCUuTzyEggfRVh_iPmZHKFGBGdo6Oav_Dw78-KTM-8fsXURLGTPVhGI29dIgM4D55sFgJaJRdzomI7tjaVnt6X4HgF0dJLuuuetdELqEj3fJRCIBrRXbe228n-AdpQrY1I26v1UbldH-UMP4AFx_notaWQ_5IbbvRMAZzrp7vx4HB9c0Qg40-zgVPXQz7UQw5JUhytHIwO7tZzydGHxQvw-qjC5_TNOAmEnDwD77p0RzGP4us4FF_dHtAaiO8-l5ltDcvoxRKs_bApMmCHpUawLnTkzebcqOF9WAHs2LEVKZRuiRTRKiBeSarcJMWRoW_ayk7TUfzcW0ZhBRYhK2xI_1uvL8giis49O1tydL4HA3s3szY95_oAaaiEJ0l_f4j89ZgbzrwuOzUXwdHtmeVQddMW0iPO4R7f290Btl_wiOeaFvDdks4V_DHJY2yYrcfmEo-GIDNRcg5F-Z0Mo1aSdw7dvUMVpOQHOc17AHXc39Uni8hnj41db6JMaBPPJIorw0JJCk3UsctKU2YPMZXH7VSdiwAW7dhvjehyAuNBPN9Io1viISjWItaKXSmYLWnp6HNjjsO0D7eui5klP7TTiNPymj9r8i31-ucACqaJVbPPsh-5pGTIXy9AdJ6V8FTdBjhhtPVKomx4Knmkaz5JcT7UYa7Tg9GrkrfSRWWErSHaNnxc4QVj4YeV8j2em9gBIAWVSqN-0oVH9ry9kJSdsa5IpE7r7USK7SPMsOIi4qGVzytBanEJ5CFT8i3-xmwx4o9WK7WeU4GvD9j0jh6QAiy4Ls8rIeBRIQftEJvZfci5SKSPlYKXDRzA1qzSd1aO95ZeuICUL6Hz2aQPCQPQVfYdXLNOpDAQkKseTg7ciWXLLiH5oqPW0N38EUzgxN3_d_qyM4GLWC-rW-UZkIGkjhH9M2D6TNnxQyuC6HizBqihar5wvpcASnWtpQgL7Dgu0bAIOMIiCwH3RU3OnECKB8Ardp71C2XmmsRMxKgiko4OCVMOgbCXYeBKSQgCDcOCopLdVO2azqeZnVRE_ELwFzv-ZRxffWkcXwljwdDCkK_OVJnhZX4eRu47q16qGvKE2FCC2XKHCcdgsRqdfczqLkUUdnJr3lqNzFoyuJ_cGuiT4IkvAt1X9SVXVQX-1Om9V-mJu0k2ypdP1V4O2YJeGU_fqcKwUGwW0akE6r40epJ8jEGkJHv9ueUuNt6cwt_62nxnzEVgGcdeyk8YbRuppYhKndHZ4M2O1khBkqwY8ge5H6131o1LUF0VNszkB8zxjW_TXtUHC4I5tlk6wIDt1vwjInNksJ6hwV--EUvVD6ce_5fjzMOfDpui3Tx_i163KZk2BrZAgJN9M4l4W2MAqQ16mn13c_JIcXcXgi9as_Y4BnXSeeHSpydXYCNcTIUlQgBx7GXRJF8o_vGTFLLU6VQJjKD1ZhAFyIr0wAfM9EhWl-nIPvvoxOZ9oewRiAtW9WAKUJOdK_pICl2Pp0iaAU_S-yjkHg11JlE98KBkdyteDywy1CUyWceYW5exosHGX9VgcNOdWw2XwEjbIJECTQ4RgMPEdeV8VsrZMR5SgNA6alCJfU-PBJ9J_vXqQaf9xoRJhHtb4Pw-Hqfb9ftzgzlQwG1N449YwnluYa4pvWV9WWFt3DTry2Hz8uLaKngxaQ8Z3u3noALmyrWA9STAu6Kohxtb-tKRFy-NHOsRC5lx9KAVBFdr5RWlarJw__omr1BFa8X8MlSYAbWWSH8YKX4czbErEyvYdFkxUIoTpJvY0Px7YWRW02KeGF_c2b2t5pHjrdIEFoveWiiPQJn4mgxWXyGKnHGTrx30NjL5bedntXiRG_JEbq1znu4G-XPEjyrlGmyoCpNHlgqVc-fasFDW7C_W9sAAN1c_8mqcNsiwOOQ3P4KpGNSR4FffBWoyDnQPlrik4C840RFWwaokA7D-ISSvP3THZ1HL5iZpetuppqftl1vBTjn9inZLkJK6ZWXlSMgznvpESgFlVKxu86czoCH3gWamvI5ZARM4Up6aUAmX2FWeTpzFSTWIrtXsv19J0sXlODFUoYBbI7-hi5NqZXFYK3Xw9ilmh1ZYTM8qftFI4UQyuCCC6_WyAfMLN9YwYII1kbrJSkJIFnCS_m6MWDmixpOfU-r-XISPcqyO4MbfUrPGcRdgc7qSiPjZ_uBGWr1q9ILeQ-LwH4vypnBhWWF1fHwPUVACrEj2vwhkliJjmSuxZC8OBChiCWmpg9txfV5HX4CnNaU7iCSpQY54iVInQP3Gsael1MLDKsUlyKN1B429RQiWZ7i_-WrN64M1zEOK4Y8Cx7SrS0O5cFhXK7Cfwj9g3jqnYTVr8SYylfbGesf3dF3ZJyM2vt5vAYT-cwFTSdm_q7QxlB9Ktu-CYiA-hB24FKo2_pgf7RV8XwDI4N_suVaITd30vZdCVLf3_Irj6DUwW3pvhEmczbSeGcUsGfO_Nmv2mH0tZFcbil4utF0yCRYv0z4zmlb0p8oIBxRapEO8-D7WEZKYQcM4bd8rYxvep3q8ZBn08IynRq3DpNNDS7IlzEcdPCXUV4DLG11vBR1c0bribIUD45PK9BD9WYFlbk8gFR5NqSiAD2lUWwY-ZZCXj4w_SbUvA2EFLkbY7aEzMOGTB3x7rPcSHDM9dXph_LioV2c7Jkxpqez4Bkbrdr-0YAJVoV1hm16RfEO9AWscGKzHA39vGzThX61oYqZIhJF_ULtbm5WSFEBdLzVxxixrCfJDn9ST3gHqQm5CbF99beZvTovlm25mKVO5nC46yUCc8Rto8_dn6kaFPk75dSn_KYBC0hGb7BLOK9dBU0swISntdymOHX1niwYY7Yzyyg7V7JpHJU2pyoop-RRtBf41PWydE8V9PFi_zfeMbVn1xD3118eYKccNC_mcs3jQmkfTS7jFxJq19HkUuNkldYAv7eqT46olZD9rhfS8V-LSDjS3-ZzoGPt6r8teV_LUClrhsIwS35LCFMy5etPF1u8zLP-CUuTv1XR065LQuqrX3hWapfV-P_vt2r2-b8PM-ecthi22IeUDdWX-OZPQxZ_A2yByJsQyOYKgV881_kaoKUH6yVoNt-VjGDFubb_KJFSLiILD-CQMLJvuEKbdwd8iUl_gAlVG6eOzxEwVEYRZAWwZurmRWmxtyJV1yLP8yO699iAAdowOPHRU9pMYK7TZCjx_aCatfvnUTFwLYKsqPEZxbnecynU5B0snvMDq2P_63blrQulE3lC8RHuhw-CmuQGRlwIz9UILrQFAFFN5zRJfZ5DnyH6FeTGsO7uTohtb8qK5GrFV629rE1auRuIDS0CPsb_WUEyLzu8fPxq6VyJPdvcqfwRalr2ps5BdT_IVZI2UdHopxFNya5Kgz9jBsAuUGDs4Oz_4MLIS32MOhxO0zgb4Tkr1gSRhpTCAQSTQDICaaNZ1_LAu5_j1OlE3AtyXt8ccC7Sg0kQookZtN4PcUyMWI_QP00FUfm1olmTfmluzuBMOAR2cuq7seq3ehThpTW0Rg0CekFrceQGAFgAQ&bundleId=&ias_xappb=

Request Chain 173

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&C=1

Request Chain 174

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUFa2Xbyc.w1FwSJqj8zrwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&google_hm=2

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH3RCBqN5_WgbNXsZyvxkYc&google_cver=1

Request Chain 176

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&C=1

Request Chain 178

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUFa2Xbyc.w1FwSJqj8zrwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&google_hm=2

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH3RCBqN5_WgbNXsZyvxkYc&google_cver=1

Request Chain 180

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D

Request Chain 219

https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-Afi-2NB4dQzoLQn06BhQRcz9Y8861yssZ24S9AqglX_qhEFD8OF4QWsoy0LVS7urqprYumM6nwHvfIHjEMyaKik1YuhtgVIHvRmSoLakppBmclKxHzuAUqLV-DcczWP6ZitdtO-a9TnXG37nhf_LF_Y-uVs1_2o8RZ58x24l5BPBtq5DQS2RYAoCZ_4MHdRExkkCmGXwRrBMcCy802Xtqh-kmzTBA6yNRtXX1ov0gu-C8kim9cEb3EiKfluSrvsnj8BYHaCXvPjirFl1aXSrEQXA3bPIdA-8_Bvow8VbLmPrNY7EWGcXKzZhl48dPnlqbs7fHCWjJ3tPNVu4bi5107n3EaG1r5Dm7kZSsT-q1vnFm_9GB7kgQyVBa37Y-f7Tip3AhCm36pLLPy1dkfCQuimeNASjji4citfYwmw0hLD6ZXe361e1sA8bwHNFzhYHSo3jOurPwxo2833QZpOiV3_4QHFs48b7XSU1_Pq5O6OAXsDWuwwoTuq2bZjkrpNuhH8_Hn51qfQR5quljykjIbs1q0XWvyAWbyPI-GhffoiwcYlFj8LCkFUzW5-Q8PIzcHIakQxtKhP8XkCEQ01Z0SebHEHJPvJQwrJuamBGwC6owkiru6YfSmuCJDOY1v06NrMFqbHS1bl6U6RK4nno9rbD8f3bUTXQr026nVaKmtBOm6kmVDWbHvKUxz1IjHqSO9smSjNrycKCtrkunZ0803bFmN2SnoSisB4XtEwcJ0fmEbkMlIJXnis0PKPs8hvfIGd2agu9BVSUlClwpK8Wb8_61k85dFYGHC5eTeu9cv5b0t-S2AmqyRoyckas30OikCJJaFevH0FViN-7N0J7Tzq59OXW1kPXp1APsde9HZSnFIwiMrKQib8Rt7UsVPSv429H3_oX9xtzTIpGnATlsCZhIIjHN_RowaJEvt-Tg4lEBmntVE79ER4H-oMKsIu0eUsdZABIKJR3LZEylfH6sR1gd52Rpn_B03qWLvghRjaTygwczrIQYn5AFN-IVuOxNKnhWGYEc32V2k6X95jZhf1yW4unfgkEWQhycaNhOmpfblULF7O065-I2c0CYOafEvx1PaaM87FtCZ7rR-moo9v2roObc5zyzm8Aeu3k7_iT_qE3qHqxnFBxgXbpL-JnyupFinnFt4m8K8MA1r79Fnc0Zu7aNUGbt6YTjbQtIOvBb1aYINgiv3MRInEhfC5F_ZS5hHvUkIS06CnItLoSQ7ZSGpDUcXoL7eJ9aJnAGiAJ82MNW_rOPBwC5Me7Hrv8iCJcpXKKWstN07PbXkBP7_5bNAT_k1mckvejbBh4zQ1xAUy0K8HmD6K1CFE-uWYOoOePuew_haopi9OY24sHtXrX_J7rq1pqPcJWtWSlB0zqP9RnTTUf-a5MQ2geRCE_QtYhGnlgM9Q2xIb_gkXPPIknSHG2jid6qc0YK2kNBUpUgJ70ubH2phWepERZ2U52G-Zhw3rptCGL-poc5Qd5uZzJpSualHGA4N1VAu3eroHRlBdJ8yl7o_xJAixVMV6JSL8XVRllm1h3qB_kIN2Oas1ffImgoYlpiaNqiMHwjvOLt3J2LPR5Sp8PttmviCaYnc3ICVYq0QhxYhoxcgp6CU8OGwAnu-DRNTwulHjwyoBsWka-kkoyyuPoR8xaA-ojPzzjXjvetrhXZt9SjZujFANLl8AgS6nHEtj-F7cutDRWUmceKA1xMGsBYVcqXA_KofemMGbQfzRwvVECoFwubOW-LGSCUOWa7JRItcwsEKsYgKXEfgEvx1m0tMMeX_co3YfRF1UoHZdGrL4Qy33H6qev-oi0PXA0xeDAzJDJkLFZjErATINcZmfENymADN-qkq3xNe-zAauxzN_1tnbDE0ZjQ8BfgnMBzV5XMCCrmgmnNnoIkG8pVqVsCqqs_3JeaM6cXrAe9dBm5-pul6dWCKCnt03mCAS6g41zpUb0s58OnwV6TyC1gl1QjtNTWeug5peLXCs4hDFPgzENgzf7HrWKmw43mu9wgukCcw1Z22IWVaOxSvZELHplgDbJlXYCgVOW49EnXKM6k_7ixgGxme93VM6JF2TRqgrZUbuzfzoX-h-AtrftOJVa1WtHNyL7dLXhraE3S6P_23K47Og_aDlUvHL6oPyAwQOzjCRI8sTTBogbPFpD4kph8fpwomxMN6zr4CjP80X3WY3FITXbT5goUsYSalY3pE1EWolwHJfF4poKSyGRIjziJJB-P8tx2dQDBnFGQqzHoZoZ351z8DfEh5Qku8v3slIPGyDqR84DLBcSM_7sYN67EryNlThw6-PgypfCSU7tnhjCBKqv9mXTVc4Kd6nNZBevrCvQ6ZC8o6OR3AOduLdvsT_misSmmO_NYJaWzAKBlh0S01JiXV1Zxx5YGbvq_R_wDo7YeR0TbZZncjNmwtR1MknGQM5jYm9i9BzJBpC3auHcM4zsEZwNWjJTwQdfkC4D_t38-8podim6WmjG-N_Cp3lb-vFQVHASZJ4TTMfIYeeln1YUrohFa1ON_4z5H1lfLlfPM3CsJu0I6JLLkhvuUydVS9hMisHrfEA594RZYV9rKgXRzjZ4DDYYoVsX244O-1fxXdFcMugpxvbPi7qmLaKkepXdUH__BIvrFMloZoRl5O_Q7bAetDcpH_DAk-CZrQ_fX-DObjRciKT7trPW30Rc72rU7TtvYCKf-6coNpxfzFT9lobpb3PyHdA_AxYu4WCDe-a3xTbrIeN4jCSKzjPX-eqR2bC5aJw2uBhCy6PQIoMu7Q1FBWaNA7TZJzpTYoWjzylpTAgQJqZT4j0XBCbgsS1pa1TbgZ1JBBDy2CEjDo8McwmjuCr4HJj_TlTlKckXr3941Yi9UEvsKMQf3hYSuYiGkTKiuN9fXefeRx-l7c2sPA0q5yRBXM5ZXZc5i199jvxh7JlYWyjZxEAkcRZZFRdUERLP5I0BwgBggRIKdmf5UNOWwNfHynaXKWavu2KKY4nUdIaLnTi2OhUQvkUwiVHqzIL7SYAqViYahXyM1o3CFxsh0YtCQT2we8047ASwle2FA3pvflb3rNAzeALxKGwsJKL0d_Eqk2fbKXJuhRJUvBikLU0wVi_iGmnZjbyWfDVVnwQXHHkRG-PeYIjO2F_4TaM7odf_EAkifgNLxZBaEqSKWt_Gx5Jm5Orw2mnvKCGqVS3ffO7B1hPN4NwiUNjyQTaz0MITYxjoal9dRWB8FT44fzM98s1mqj4NFwdWPqtwVef7j9Ia4E3fFo3fQoz-F3sfrmaEoJEO_FhdIFuqJ1K-p4tOVulWIB4Gum0O2RmyNqSjbPUk0Zz6v5WF7AAGTNZC2LKVtfnF6Wxh2kebTaa-6Y71KOkmAmkn4oQ8-2dYCEe3kc9EjBlHW4uj6AXJpqYYekLCBPlZXTUrcgkJjStjAGoIKbvapG5lvnSnJh1lODBImkPCSfFev9uav3g9UzJIWHD60-SK6Nkb7Y-FenIednBvyDVEsr4_BuGwscLtSt5GISOA4G_-M41b4003Gb0UHMetZQvOAZMnSLGKksalHA2NocACtifStL1BCE8vDgkvwC5Iw_5YSR1YjbzIWqU5QyPgYDVeDdADrRwefumSF3tZYM3gx0BxrOwr4Kzi38PfUVfvWiGsRhFKcFJfF-1ge91c7yVqlo6o3r1VYxRaCvc1KUXV0oyQeQMw_ZPDEBf0gyu1e-qewoWGHL8Tyv7IBXwOv89elzrgY9z3dst-kT9X9CSjLr-4IMmD5apJ9RY8SuA5IVx98uvGtmJ8KelpuJWm0z-SLWi4gvRqbOZF1wlhPSWsutOraJMsjy2Vp30Q6-IeXUZHMvQoekxQ85LL6qhdGvhhws_3_RyGTzUMXnk7LfThVS-s1TreUvXQpAUtMriNVsTvzAKjB6D3zlxSxoMYvTGh9XbvtS1-3rMbFDZ2nAbmoo3GLJ_C2wxRz9F0UphBgwu5JkCFq7j1QlX2wh1bwedQrzQK5_avE92RypLsxSdQ5wOjqP5B6RAKdna21O9pR_NRqurY033KUngI1_hnrPaUlYLkh6Py5UGlQIBBJOAMgJpo2EgWJWT6au1r6vUJCcN1yXKSIXp8zq0nlJVx4D8YEqvCzTihUE8bbf6xrFPd4QTlpVu6Bv_5TGXlSJhsVFEGwo_yOnTrZD5F-IGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=20409787662&bidurl=http://www.eokultv.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jtiqvQdlQbdhcAvQFx7R-U&adsafe_url=http%3A%2F%2Fwww.eokultv.com&adsafe_type=y&adsafe_url=http%3A%2F%2Fwww.eokultv.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:1204cfb3-e3e4-0821-b4d9-15e857b84420,c:sEMpCy,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-554d68d5bf-sr9v9,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tUinM4P+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C171%7C172%7C173%7C181%7C182%7C19*.1520146-76103085%7C191%7C1a1%7C1a2%7C1b%7C1c1%7C1c2,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:40,oid:ee9d7190-7826-11ee-8f98-226de2a7262d,v:19.8.458,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-Afi-2NB4dQzoLQn06BhQRcz9Y8861yssZ24S9AqglX_qhEFD8OF4QWsoy0LVS7urqprYumM6nwHvfIHjEMyaKik1YuhtgVIHvRmSoLakppBmclKxHzuAUqLV-DcczWP6ZitdtO-a9TnXG37nhf_LF_Y-uVs1_2o8RZ58x24l5BPBtq5DQS2RYAoCZ_4MHdRExkkCmGXwRrBMcCy802Xtqh-kmzTBA6yNRtXX1ov0gu-C8kim9cEb3EiKfluSrvsnj8BYHaCXvPjirFl1aXSrEQXA3bPIdA-8_Bvow8VbLmPrNY7EWGcXKzZhl48dPnlqbs7fHCWjJ3tPNVu4bi5107n3EaG1r5Dm7kZSsT-q1vnFm_9GB7kgQyVBa37Y-f7Tip3AhCm36pLLPy1dkfCQuimeNASjji4citfYwmw0hLD6ZXe361e1sA8bwHNFzhYHSo3jOurPwxo2833QZpOiV3_4QHFs48b7XSU1_Pq5O6OAXsDWuwwoTuq2bZjkrpNuhH8_Hn51qfQR5quljykjIbs1q0XWvyAWbyPI-GhffoiwcYlFj8LCkFUzW5-Q8PIzcHIakQxtKhP8XkCEQ01Z0SebHEHJPvJQwrJuamBGwC6owkiru6YfSmuCJDOY1v06NrMFqbHS1bl6U6RK4nno9rbD8f3bUTXQr026nVaKmtBOm6kmVDWbHvKUxz1IjHqSO9smSjNrycKCtrkunZ0803bFmN2SnoSisB4XtEwcJ0fmEbkMlIJXnis0PKPs8hvfIGd2agu9BVSUlClwpK8Wb8_61k85dFYGHC5eTeu9cv5b0t-S2AmqyRoyckas30OikCJJaFevH0FViN-7N0J7Tzq59OXW1kPXp1APsde9HZSnFIwiMrKQib8Rt7UsVPSv429H3_oX9xtzTIpGnATlsCZhIIjHN_RowaJEvt-Tg4lEBmntVE79ER4H-oMKsIu0eUsdZABIKJR3LZEylfH6sR1gd52Rpn_B03qWLvghRjaTygwczrIQYn5AFN-IVuOxNKnhWGYEc32V2k6X95jZhf1yW4unfgkEWQhycaNhOmpfblULF7O065-I2c0CYOafEvx1PaaM87FtCZ7rR-moo9v2roObc5zyzm8Aeu3k7_iT_qE3qHqxnFBxgXbpL-JnyupFinnFt4m8K8MA1r79Fnc0Zu7aNUGbt6YTjbQtIOvBb1aYINgiv3MRInEhfC5F_ZS5hHvUkIS06CnItLoSQ7ZSGpDUcXoL7eJ9aJnAGiAJ82MNW_rOPBwC5Me7Hrv8iCJcpXKKWstN07PbXkBP7_5bNAT_k1mckvejbBh4zQ1xAUy0K8HmD6K1CFE-uWYOoOePuew_haopi9OY24sHtXrX_J7rq1pqPcJWtWSlB0zqP9RnTTUf-a5MQ2geRCE_QtYhGnlgM9Q2xIb_gkXPPIknSHG2jid6qc0YK2kNBUpUgJ70ubH2phWepERZ2U52G-Zhw3rptCGL-poc5Qd5uZzJpSualHGA4N1VAu3eroHRlBdJ8yl7o_xJAixVMV6JSL8XVRllm1h3qB_kIN2Oas1ffImgoYlpiaNqiMHwjvOLt3J2LPR5Sp8PttmviCaYnc3ICVYq0QhxYhoxcgp6CU8OGwAnu-DRNTwulHjwyoBsWka-kkoyyuPoR8xaA-ojPzzjXjvetrhXZt9SjZujFANLl8AgS6nHEtj-F7cutDRWUmceKA1xMGsBYVcqXA_KofemMGbQfzRwvVECoFwubOW-LGSCUOWa7JRItcwsEKsYgKXEfgEvx1m0tMMeX_co3YfRF1UoHZdGrL4Qy33H6qev-oi0PXA0xeDAzJDJkLFZjErATINcZmfENymADN-qkq3xNe-zAauxzN_1tnbDE0ZjQ8BfgnMBzV5XMCCrmgmnNnoIkG8pVqVsCqqs_3JeaM6cXrAe9dBm5-pul6dWCKCnt03mCAS6g41zpUb0s58OnwV6TyC1gl1QjtNTWeug5peLXCs4hDFPgzENgzf7HrWKmw43mu9wgukCcw1Z22IWVaOxSvZELHplgDbJlXYCgVOW49EnXKM6k_7ixgGxme93VM6JF2TRqgrZUbuzfzoX-h-AtrftOJVa1WtHNyL7dLXhraE3S6P_23K47Og_aDlUvHL6oPyAwQOzjCRI8sTTBogbPFpD4kph8fpwomxMN6zr4CjP80X3WY3FITXbT5goUsYSalY3pE1EWolwHJfF4poKSyGRIjziJJB-P8tx2dQDBnFGQqzHoZoZ351z8DfEh5Qku8v3slIPGyDqR84DLBcSM_7sYN67EryNlThw6-PgypfCSU7tnhjCBKqv9mXTVc4Kd6nNZBevrCvQ6ZC8o6OR3AOduLdvsT_misSmmO_NYJaWzAKBlh0S01JiXV1Zxx5YGbvq_R_wDo7YeR0TbZZncjNmwtR1MknGQM5jYm9i9BzJBpC3auHcM4zsEZwNWjJTwQdfkC4D_t38-8podim6WmjG-N_Cp3lb-vFQVHASZJ4TTMfIYeeln1YUrohFa1ON_4z5H1lfLlfPM3CsJu0I6JLLkhvuUydVS9hMisHrfEA594RZYV9rKgXRzjZ4DDYYoVsX244O-1fxXdFcMugpxvbPi7qmLaKkepXdUH__BIvrFMloZoRl5O_Q7bAetDcpH_DAk-CZrQ_fX-DObjRciKT7trPW30Rc72rU7TtvYCKf-6coNpxfzFT9lobpb3PyHdA_AxYu4WCDe-a3xTbrIeN4jCSKzjPX-eqR2bC5aJw2uBhCy6PQIoMu7Q1FBWaNA7TZJzpTYoWjzylpTAgQJqZT4j0XBCbgsS1pa1TbgZ1JBBDy2CEjDo8McwmjuCr4HJj_TlTlKckXr3941Yi9UEvsKMQf3hYSuYiGkTKiuN9fXefeRx-l7c2sPA0q5yRBXM5ZXZc5i199jvxh7JlYWyjZxEAkcRZZFRdUERLP5I0BwgBggRIKdmf5UNOWwNfHynaXKWavu2KKY4nUdIaLnTi2OhUQvkUwiVHqzIL7SYAqViYahXyM1o3CFxsh0YtCQT2we8047ASwle2FA3pvflb3rNAzeALxKGwsJKL0d_Eqk2fbKXJuhRJUvBikLU0wVi_iGmnZjbyWfDVVnwQXHHkRG-PeYIjO2F_4TaM7odf_EAkifgNLxZBaEqSKWt_Gx5Jm5Orw2mnvKCGqVS3ffO7B1hPN4NwiUNjyQTaz0MITYxjoal9dRWB8FT44fzM98s1mqj4NFwdWPqtwVef7j9Ia4E3fFo3fQoz-F3sfrmaEoJEO_FhdIFuqJ1K-p4tOVulWIB4Gum0O2RmyNqSjbPUk0Zz6v5WF7AAGTNZC2LKVtfnF6Wxh2kebTaa-6Y71KOkmAmkn4oQ8-2dYCEe3kc9EjBlHW4uj6AXJpqYYekLCBPlZXTUrcgkJjStjAGoIKbvapG5lvnSnJh1lODBImkPCSfFev9uav3g9UzJIWHD60-SK6Nkb7Y-FenIednBvyDVEsr4_BuGwscLtSt5GISOA4G_-M41b4003Gb0UHMetZQvOAZMnSLGKksalHA2NocACtifStL1BCE8vDgkvwC5Iw_5YSR1YjbzIWqU5QyPgYDVeDdADrRwefumSF3tZYM3gx0BxrOwr4Kzi38PfUVfvWiGsRhFKcFJfF-1ge91c7yVqlo6o3r1VYxRaCvc1KUXV0oyQeQMw_ZPDEBf0gyu1e-qewoWGHL8Tyv7IBXwOv89elzrgY9z3dst-kT9X9CSjLr-4IMmD5apJ9RY8SuA5IVx98uvGtmJ8KelpuJWm0z-SLWi4gvRqbOZF1wlhPSWsutOraJMsjy2Vp30Q6-IeXUZHMvQoekxQ85LL6qhdGvhhws_3_RyGTzUMXnk7LfThVS-s1TreUvXQpAUtMriNVsTvzAKjB6D3zlxSxoMYvTGh9XbvtS1-3rMbFDZ2nAbmoo3GLJ_C2wxRz9F0UphBgwu5JkCFq7j1QlX2wh1bwedQrzQK5_avE92RypLsxSdQ5wOjqP5B6RAKdna21O9pR_NRqurY033KUngI1_hnrPaUlYLkh6Py5UGlQIBBJOAMgJpo2EgWJWT6au1r6vUJCcN1yXKSIXp8zq0nlJVx4D8YEqvCzTihUE8bbf6xrFPd4QTlpVu6Bv_5TGXlSJhsVFEGwo_yOnTrZD5F-IGAFgAQ&bundleId=&ias_xappb=

Request Chain 221

https://fw.adsafeprotected.com/rfw/st/990511/61634098/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=20343398390&bidurl=http://www.eokultv.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g16MuGp_Acvq4YGgD5-Yvd&adContainerId=brand_safety_1lpBZaW_E5jpx_APjKOXyA0&cbFunctionName=goog_wrapCb_1lpBZaW_E5jpx_APjKOXyA0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fwww.eokultv.com&adsafe_type=y&adsafe_url=http%3A%2F%2Fwww.eokultv.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c97984bf-7c15-b59b-386e-948576e3fb58,c:sEMpDu,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-554d68d5bf-bjqnk,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tUinM64+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C171%7C172%7C173%7C18*.990511-61634098%7C181%7C182%7C191%7C192%7C1a1%7C1a2%7C1b%7C1c1%7C1c2,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:21,oid:eecda91e-7826-11ee-b0f7-0e5a9375bf9e,v:19.8.458,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_1lpBZaW_E5jpx_APjKOXyA0&cbFunctionName=goog_wrapCb_1lpBZaW_E5jpx_APjKOXyA0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js

Request Chain 225

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGdF8OTEmSUtEkjM528e2qk&google_cver=1&google_push=AXcoOmS_AgRmJLuMm0ThBMYQb10hLJ_fZRAeEHWcLvLXbQSbHVhFkV1niPPqxjbGU_SzlI6CJXigD0dFibEk6hrudpFGzRRp2jc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGdF8OTEmSUtEkjM528e2qk&google_push=AXcoOmS_AgRmJLuMm0ThBMYQb10hLJ_fZRAeEHWcLvLXbQSbHVhFkV1niPPqxjbGU_SzlI6CJXigD0dFibEk6hrudpFGzRRp2jc

Request Chain 227

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPFRWm1KkvU_ao0ijZxu9Cg&google_cver=1&google_push=AXcoOmQ7SJ-RLFhiOwYETkTZ9Xfh7xYFnbGbAl9Zr6f3TShquoSc0QXC5Hj6YmamNAnMHH7WKmv1Ho--hQzePYMTV5XBSLu6DV1Q HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1UdD1XGRSGAfz0uGjw7jCw&google_push=AXcoOmQ7SJ-RLFhiOwYETkTZ9Xfh7xYFnbGbAl9Zr6f3TShquoSc0QXC5Hj6YmamNAnMHH7WKmv1Ho--hQzePYMTV5XBSLu6DV1Q

Request Chain 228

https://d5p.de17a.com/cookies/google?google_gid=CAESEJHiMX_ruHHHJ_l6QKe0qr8&google_cver=1&google_push=AXcoOmRn1J166wkxQqRWg1CcuBFP7do2VQbOWrCx7M3iyBrnbN5R61GxFCg4vGbZkLrrQon4MBXyqKO4wiInSFcL_oo2FmonlbM HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJHiMX_ruHHHJ_l6QKe0qr8&google_cver=1&google_push=AXcoOmRn1J166wkxQqRWg1CcuBFP7do2VQbOWrCx7M3iyBrnbN5R61GxFCg4vGbZkLrrQon4MBXyqKO4wiInSFcL_oo2FmonlbM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRn1J166wkxQqRWg1CcuBFP7do2VQbOWrCx7M3iyBrnbN5R61GxFCg4vGbZkLrrQon4MBXyqKO4wiInSFcL_oo2FmonlbM

Request Chain 231

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEB2Dlm3VbrUwulAOCK5oz4w&google_cver=1&google_push=AXcoOmTfH4e4fvpYU6wa1H5SKOtdm8RksZFHjTkvYrZ8uSBrp1_BK7lX-Equp9m46xon77ktM4aQxKSPMbt_dwF64PPu9oUCJqwa7Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D&google_gid=CAESEB2Dlm3VbrUwulAOCK5oz4w&google_cver=1&google_push=AXcoOmTfH4e4fvpYU6wa1H5SKOtdm8RksZFHjTkvYrZ8uSBrp1_BK7lX-Equp9m46xon77ktM4aQxKSPMbt_dwF64PPu9oUCJqwa7Q

Request Chain 247

https://fw.adsafeprotected.com/rfw/st/1549653/72555946/4.js?adContainerId=brand_safety_1lpBZfOSIY2q3gP-vaH4Bg&cbFunctionName=goog_wrapCb_1lpBZfOSIY2q3gP-vaH4Bg&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fwww.eokultv.com&adsafe_type=y&adsafe_url=http%3A%2F%2Fwww.eokultv.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:a39e18a9-5080-8a1c-4a18-e46e7486b4da,c:sEMpIq,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-554d68d5bf-w62bb,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:5,mot:0,app:0,maw:0,fm:tUinMaE+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C171%7C172%7C173%7C174%7C175%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C1a*.1549653-72555946%7C1a1%7C1a2%7C1b%7C1c1%7C1c2,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:43,oid:eef889fc-7826-11ee-8bd6-5ac80b9bc2a3,v:19.8.458,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_1lpBZfOSIY2q3gP-vaH4Bg&cbFunctionName=goog_wrapCb_1lpBZfOSIY2q3gP-vaH4Bg&true_pb=

Request Chain 251

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMi-FMCdDy5HQRj8HsjlrFk&google_cver=1&google_push=AXcoOmRT4YqCTTr91lcZFYsdBCkYYfu9m9eaZSw-CWc7NPQ23l19XP_0z6NeJsHtOYsCrdapwkJvMNAuBvPMQiCl6dcA-oYRDNKn9A HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1UdD1XGRSGAfz0uGjw7jCw&google_push=AXcoOmRT4YqCTTr91lcZFYsdBCkYYfu9m9eaZSw-CWc7NPQ23l19XP_0z6NeJsHtOYsCrdapwkJvMNAuBvPMQiCl6dcA-oYRDNKn9A

Request Chain 252

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFxha2nGWkBLHLAkB6xPFs0&google_cver=1&google_push=AXcoOmTw-ii21oPJPNXJSDO3u13RJpIdWu3vFUhgu5hcOt4VdEiGRqzBFUrBS2lu4phjGk2G9q2LaWceDlU1LbS__6Va3OMF8wYh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTw-ii21oPJPNXJSDO3u13RJpIdWu3vFUhgu5hcOt4VdEiGRqzBFUrBS2lu4phjGk2G9q2LaWceDlU1LbS__6Va3OMF8wYh&google_hm=eS1UeUdZSHQ5RTJwRjc5MGc4dmVCVVBZcFZXOGE3M1Q2an5B

Request Chain 253

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHQVm97VJkkJzaKqZd3eBT8&google_cver=1&google_push=AXcoOmTkfK-BNRdpdtOCsJXhZPU_yPbx4Gqotp8jrwsdOwSx6v_iN6GjI3w8iefxxF3Ay8VSCI4KgdFt4ukFYfy4ZMlzqyo967t2Gw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9FUVZaWDAtMjYtRllORA==&google_push=AXcoOmTkfK-BNRdpdtOCsJXhZPU_yPbx4Gqotp8jrwsdOwSx6v_iN6GjI3w8iefxxF3Ay8VSCI4KgdFt4ukFYfy4ZMlzqyo967t2Gw

Request Chain 255

https://cs.media.net/cksync?type=g&google_gid=CAESEHZQ8j4aeIUhWmixBQDJirQ&google_cver=1&google_push=AXcoOmTWyDe0vQO5NqTcYCXT1iA55wZr1utEn2RIaEHhyrkSkIuMTl2X6or-X8l8psGHZE47u5EP-iVMauM2Dbw--kFxmyfRLrKteQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQxNzgzNTExNTQyODUwMDAwMFYxMA%3d%3d&mn_hm=MzQxNzgzNTExNTQyODUwMDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTWyDe0vQO5NqTcYCXT1iA55wZr1utEn2RIaEHhyrkSkIuMTl2X6or-X8l8psGHZE47u5EP-iVMauM2Dbw--kFxmyfRLrKteQ&gdpr=&gdpr_consent=

Request Chain 260

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO_XXvSWcz3M_kSQsPqsBkc&google_cver=1&google_push=AXcoOmTSVbDRqA3WWCA9oYq9Zs8LGZT6IiJ0v069cNHClOtNElkl6XsDaT0gqGsUFpX5frJGOXp0H1EkqOMdzsuerKSj5KrxnbYO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTSVbDRqA3WWCA9oYq9Zs8LGZT6IiJ0v069cNHClOtNElkl6XsDaT0gqGsUFpX5frJGOXp0H1EkqOMdzsuerKSj5KrxnbYO

Request Chain 261

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELR1YHeYH6myY0EOoNfv9pU&google_cver=1&google_push=AXcoOmRxe_o7ggJSqau0_5xry1i27yugBBus1Ux64-33cr5ebtr2UD6-Bl_wkq0gTBOwb0qVkJu2CZ3iufFObXVPkJ0Ef88qqmc3oA HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRxe_o7ggJSqau0_5xry1i27yugBBus1Ux64-33cr5ebtr2UD6-Bl_wkq0gTBOwb0qVkJu2CZ3iufFObXVPkJ0Ef88qqmc3oA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1698781911454 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-764ba516-3b47-480d-85d7-fcba14a96992-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRxe_o7ggJSqau0_5xry1i27yugBBus1Ux64-33cr5ebtr2UD6-Bl_wkq0gTBOwb0qVkJu2CZ3iufFObXVPkJ0Ef88qqmc3oA%26google_hm%3DA3ZLpRY7R0gNhdf8uhSpaZI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRxe_o7ggJSqau0_5xry1i27yugBBus1Ux64-33cr5ebtr2UD6-Bl_wkq0gTBOwb0qVkJu2CZ3iufFObXVPkJ0Ef88qqmc3oA&google_hm=A3ZLpRY7R0gNhdf8uhSpaZI

Request Chain 263

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEO_XXvSWcz3M_kSQsPqsBkc&google_cver=1&google_push=AXcoOmQbK6YfJenZIFAM-D_a1LVJpkuI8HYGWoDp-OiHZHShYw51EB4PRcS6-LC9iHb9IS4qvB7RtrhE9IgvzSk_i_fW-j3VWEamdQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQbK6YfJenZIFAM-D_a1LVJpkuI8HYGWoDp-OiHZHShYw51EB4PRcS6-LC9iHb9IS4qvB7RtrhE9IgvzSk_i_fW-j3VWEamdQ HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 264

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEPGS2KtK70uAHkOntK1-6Cc&google_cver=1&google_push=AXcoOmRo_mj_LjzfsICpeERjBp0Q5HFg3F7GmZJGNkOGH1ui6IrqmK4n7SZB3Kk1pvr6rsSFvMQ7ZSqNTlMtKVr7tCUQ4T6IfgaEZEM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D&google_gid=CAESEPGS2KtK70uAHkOntK1-6Cc&google_cver=1&google_push=AXcoOmRo_mj_LjzfsICpeERjBp0Q5HFg3F7GmZJGNkOGH1ui6IrqmK4n7SZB3Kk1pvr6rsSFvMQ7ZSqNTlMtKVr7tCUQ4T6IfgaEZEM

Request Chain 299

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKFiCmKATFqKNi1u6Vxxd_w&google_cver=1&google_push=AXcoOmSjmznqDyU9ejddKw04NE7VQVvErKScZ7jj1RC8T5meCrZWg4wMA1QmE7qco-tOyFjPYyu-gHIMIXGO1BoSBg5FN1HgwC7s4g HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-764ba516-3b47-480d-85d7-fcba14a96992-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSjmznqDyU9ejddKw04NE7VQVvErKScZ7jj1RC8T5meCrZWg4wMA1QmE7qco-tOyFjPYyu-gHIMIXGO1BoSBg5FN1HgwC7s4g%26google_hm%3DA3ZLpRY7R0gNhdf8uhSpaZI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSjmznqDyU9ejddKw04NE7VQVvErKScZ7jj1RC8T5meCrZWg4wMA1QmE7qco-tOyFjPYyu-gHIMIXGO1BoSBg5FN1HgwC7s4g&google_hm=A3ZLpRY7R0gNhdf8uhSpaZI

Request Chain 300

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPZ8jONaJMR5KOFoSCnvq6k&google_cver=1&google_push=AXcoOmTitWtD5ay0UicSGK1NHVOv9VSoLvuExB4dY13P7gpIhZfZWlsuYUWWC7SOlEDgOeoq_XqH7Sh13PMCE4qsiPzqTgu_FSZ44g HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTitWtD5ay0UicSGK1NHVOv9VSoLvuExB4dY13P7gpIhZfZWlsuYUWWC7SOlEDgOeoq_XqH7Sh13PMCE4qsiPzqTgu_FSZ44g&google_gid=CAESEPZ8jONaJMR5KOFoSCnvq6k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1MzU1NDI5MjA2MjU0Nzg2NTIyOA%3D%3D&google_push=AXcoOmTitWtD5ay0UicSGK1NHVOv9VSoLvuExB4dY13P7gpIhZfZWlsuYUWWC7SOlEDgOeoq_XqH7Sh13PMCE4qsiPzqTgu_FSZ44g

Request Chain 302

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELeSDR91i6lu9ke-vgVMER4&google_cver=1&google_push=AXcoOmSMOXmhZUkqYiSvjWrSOVZDZQcUFU8UJPB52zomYRRR97j7Ebpq6T0f0zVTSIPWaDFq716zQCLQ9rFHdWi0IgiGeyIv_SJIIVw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSMOXmhZUkqYiSvjWrSOVZDZQcUFU8UJPB52zomYRRR97j7Ebpq6T0f0zVTSIPWaDFq716zQCLQ9rFHdWi0IgiGeyIv_SJIIVw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 388

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOF5MvQ1wQKCgVFGZ0qo0ic&google_cver=1

Request Chain 390

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESENgoKBbOdADZVyKz22bQGPw&google_cver=1

Request Chain 396

https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-DHvG3x2Rb_kSP3zaaF4RG3ONdZ0wmENVY6yinUVCCyQIG2j11vc5oIVCyeXNj57OjiwXmXdgZK2WJcrl3IT4yp0xbPJoee_6N1nTPzQMoq97Hd0ZB0lA6XQCEOWJJu8iiH2Yv85KwpqTezU4z2Uam_NTBWUk25-HLs1MFv8MnHyUn59JESmRcAoCZ_4Kip8Pw_sx7SO6xOPFQ7xmNpgN0teMdQmYeRS0GTHYj7LQvJPyewSJ6KlmVke7MmBv22WAaoq_9SbQBUVpT_0eucnB8JwO2Cv-0NuJpeTIAnXGF6307zcypDIA_V39wU1HyW1oNkcH4lP4OA3BRcl97fzKM2n5_PbyONVmx-O9IxbmMmKvu9ZZlTO8c13sgJeWN5082pbAIYfuAIBirlfqC3UxePsQApE8Slvyin7gfp3WCxJ_oWj_y8UAMNpvnyLZcPcE-sYaNpYCQN9Wl_tUWO27YR9U6u5cHpNGLnR86xn0EDi-qBG2-yie8-EB2-hrnPPfKPRMtp9Te2-26IKV4zgRH2LBMVNq_E4rE9Wyyi2bYR7X0i04BtCZNbL3BQ0IOq0-2-sTVqfhtxEQ955Ezd5XvxoSztSO3tkN8T8xUNYR_FIpvtyFqwe5rEU_iWXm8IvyUxJmkx65jUP9IXe-eBa7aLfsXzZyTcAp0MK9LTqhB32ecEp3OEzrkYfP-wu7K0yKokKI0cto6k2TQIehg5GIQn7s1F7GF3PJ8lN_lhLKHJWV_g4qsMfAMUoVbYNToihAhHNunfIq3xu7NVjf-od5tP83ufUf0FEMFxOnFZ5Nm48IkNWVLA-TNeEDQE520lHa2sM4cdWdP8A64LMG1ou4q3KkJm9Bz8_n-YmmmfUke5fX7y9Xy6qNhzZH1zzZCorvTeoNi8ebIEGgGCkaZmOiX2vXVDz2o9vPneaIH-kvKJAvjiRldx8k8MsIvvPtTWXihngvKU6_6HmJx6GM90tiwWgHq6ZTX-e_bbPyabGZXS_BLVW-hq9vzzMeVDIBcKqHfO5jCehrc_-pYSujeJJ7Kwz17PeF8I4vg02p-dJquMB-FkIyiUMcO2QFg8vzlJOLMQ58vLZYGOCjc5ZqOiOIwmHguC_N40k-vXcO5t88qGzEB5c8e4QWrjB1iJRDv6muaK0SDRuyT0UGgqulhhmutnNWrTtYyNaMjz__balQZBhtbIbd-nT8ErW4qkYnVTL-SK41H8lq_2QLuxgeg6Axw_dUZeVG80_aGvIygdsVoK-DWBLispa-JwzKjAC5-KbVgJLmdwHA3ofuMw-yO054KH8RiqYSmafpPfxdoPwqB0q7K3mbFTQkrkymIz4uSTBur8jYnNoAfvfe3NZJQftq1vGjDWwU22fPJDpIpeTOW0Uilf-22T23BhTnMtZXAB6KTB0ZXIlKFviTF7uenGbE942m7h1opGJrWY3QTaQc4jbd8vGQBZvFh1bbamxn-4oYs2d-BJcqH1mhhENwt5arJn-SH5l8iJyuf0kJYazLpuR1t4BeI_hmLuBPkbfisgo2E1DIugbwEPYE96U2olX3DZ3AUFbMJ2cbH30JkEG_wyGHf7lKA0NDd9GXF6UTOLMI_GYrJkm76QnZYMvDbwAPC_qtVtgWEOwFp99J0_Xh-o0kWEZSTwnSRZSgIF3Y9PLCRL0-4nGig6XTZQ_5MbgxIqOBrEXymAIsweaPd4aRSjfXh4YdWiEzBat5-tiN2BT9DPkVEZcLJ1QJt678Hr7SVROqves6vybLgh7au7Yzj1nT8FAOZTEy9-4wHAjNgokrnpzDg-j3k00qow1yGEuM1G4izpAenuonHeAKsZGxRsm1iKyJOTsApa9pn2ngrSw33NI3HImHGGGgjoayGRr_JGV8SToIfauEDJSyxD0h9hLelJej-XTzvU1_pzUoTP_U54aEvPmUVX5eQBWavrw3knZ3OScchgg-R6hTUH1t0uiib_5lSvx0PbnL_OCXJFjjdbFwnTO_YfvNOgNGr7iVP4C7lwSzT9Hb0r1A7wod_YDQuIKGgfbz2IFfPxGLT-2g8qbvaBg6tJcPJfhJc0gWatuMlyA_SYmVQ391llE32nCY9Y9cQ6AQgLMCjPvoJkPTrpBvObMYjst2BKOa_NXchzrwJSrpwUTFJMp-N4CrdpgmEU742IqTIWglYixWYyGCY70rP0HLVc696PLqPP-t8Kj69clWGO4v2cspbGMtJyee17hlwoq3_G1Vm3kgymByFya71iDTehVHPwlnmMlsRmlUBvgnc7Q8vB7IzYfXbJ14K5cX8Pq-sTqlEQhySrF37FuXlCfFzIXvtJrodYMJzc84i5OXLBWNZUXA18eC3Asotc6yk1WkZa20sLAFAP9T_WVatbAxCVIo-l6ZpWfQu-mReI9EGTwi0nEU83rh9dslSIyofbaalM5JmSWHwyC1y536Klck1J_YnLXNNVatr6w5yXR8G8CJQ4n3kVCyIurh2ZfRqvZcVgfWg8mhgSgt6ZuqCqeIsHpwkYq_nAVdbW-mkAULR-_UJ34QX_gd99OuN3o0lUYgMnaDZ-1lu_W_jwRf9G0-sOyLRUw_VLJTLl4y_QcU3bNkvfIH18Uz5n1iyvms4MnrGZCVyN0r7nmpOJQy6Nk7e46vQHyfj8Z8lVlKO6uh_vCMG9_LS-UNi4XSSKfzSHwSoMAlvfKtKQ01O1HuqR5zTzUB4l27NuQ6EPCvG8pvBil8GJbJuC8X30lTa66DFWqlNZ9yrNyA0npnlB0i48N0WR4jCkVePbtjCOoD2uNydoeiyMMhjJlg7S7-J55HREHIbfR8H0tEoydmTJ8Lr-XGU-xZ_lCUbnICBNtCrz0zCrcJAFmnlfPTXv9R4aWR5xKXZRwWNTM3FsOW5GTXeszobeYiUEpwJ3K6LtCYRa6noDp86F0ary6lIN6eTm5bAdSu7zN2ITIBdhhyc1zMFesLZPOpJ3DTa1p0RWLNawRqWAL58MWYgvP41FulIASBvxq5jvb-PCnyokSRP0m0yRMFxMqpKzixFBZH_lG5EDe4hWyeTdmCXAQADdzAOCxYqLIgsW7C5SV8UXcWMedBLF5j5GGV3jmj_Q8qjvXAVzvSS3-r79X9M3BIyw6E4-LDzmRQ-XCs4HFx2jJSkbrhA3nfL9xeDDqQMuhXbQ86Ocfj6suS9UEQas8pXW0feyicVpBhRomzFpI0TyDrU6Ghx-35DG7egEi7Kpar1-_P_Rr0F93hzS-Qb32MXqlJ7q9XgAQIBX_kVUk1-u20uMZrNu9pIg-k5LNDienQ0Z-u_YY2wdvf-BmK-6CZ87bxKqnwlZ4he_xYzn7m5Sl7dLAnnsOMM6eZ2isJc1qj_D2mE_wL8WIcP_GISUiowgKTZOqtSVQE5Qs3FoQK6BuasD-xqsTNYlcygvJBs6Qw8AcgCb865sdEgQem4X5SyolC1PgDiu229GMKEkzflA1juJHmJ3yMGryIJ6hyNOpR1ypqU_m6nUKEZKtbB-9B9l7XfKg0jQyIYQJskGO0B8OkiU3cTrWcuaIdAYKfJ3Ob6xXvv4WNIA4xOPo7RNKnJckfWA_ii1oqYV5toEXq4r5hpoR9vRBVDofVlOAy7k7gkDcw8QpmqIFbjg2KMu-MUQb957Ux6EICOfiaSqar2VhwSjJsk6x7VNEyKOqeWZwV9g-T-FL58A2DHKwdOaJXzv4D-bOrvoMNRZNGrPAZFfWueRqQjv2Rrxlsn0gwzjaSq2aCq8J0gWaBDewhEy7kxTgZ2WTackKgu2zJyRPHbYjIoVWiUE8roiynRv3WvLM3KzK18TbCLFF5UajLSVWTLtx1wHbHn4APhx4V1PIuy3NwccGV3S6uH1HskrH4A0IHH_sFW-HG7ABHxgCF0UkhLa-Nwbfr6hR8gHCo3gMBMRdtQWkddeRbFQjP6pACuv0GqVmh0kghBq-y-6YfHUN9dh_UVFEgY97yQ7z1-ISn8QoBr6rPMuEmkKQSl-GHc5aF6NpBV5Qg3g-Zqgr4ZCnz17Mf2H0AW5QDBKd8U1Z0E0ZTLaYTTYc-t5KElvXxCYUjYtwBhJ3xrKM5xNUpIMzwGgvZLzxGujY4F_5qaGRL-cCI-Dtz0DkD5cgg60Pw-Zo9jMg5RyGeQr1VuikfNcUrsH0xpUCAQSTgDICaaNI8b6NZiT4qZw9yo03nMCnMvY1Cc2imrne8DTX5aWGlEUuTBcQRIZgh9LGbHMVwJhKHOVoxsQ94nw9-bVNLP0J1HLIjU9jRQg5RgBYAE&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=20409787662&bidurl=http://www.eokultv.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hzNCtrl9fH_Un6NFj34GYS&adsafe_url=http%3A%2F%2Fwww.eokultv.com&adsafe_type=g&adsafe_url=http%3A%2F%2Fwww.eokultv.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:da7bee6a-2384-63f3-dbaf-3e26d15f30df,c:sEMqeV,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-554d68d5bf-p5wlp,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,fm:tUinMHm+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C171%7C172%7C173%7C174%7C175%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C194%7C195%7C1a1%7C1a2%7C1a3%7C1a4%7C1a51%7C1b%7C1c1%7C1c2%7C1d1*.1520146-76103085%7C1d11,idMap:1d1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:29,oid:f0527463-7826-11ee-9848-46bfbfad7997,v:19.8.458,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-DHvG3x2Rb_kSP3zaaF4RG3ONdZ0wmENVY6yinUVCCyQIG2j11vc5oIVCyeXNj57OjiwXmXdgZK2WJcrl3IT4yp0xbPJoee_6N1nTPzQMoq97Hd0ZB0lA6XQCEOWJJu8iiH2Yv85KwpqTezU4z2Uam_NTBWUk25-HLs1MFv8MnHyUn59JESmRcAoCZ_4Kip8Pw_sx7SO6xOPFQ7xmNpgN0teMdQmYeRS0GTHYj7LQvJPyewSJ6KlmVke7MmBv22WAaoq_9SbQBUVpT_0eucnB8JwO2Cv-0NuJpeTIAnXGF6307zcypDIA_V39wU1HyW1oNkcH4lP4OA3BRcl97fzKM2n5_PbyONVmx-O9IxbmMmKvu9ZZlTO8c13sgJeWN5082pbAIYfuAIBirlfqC3UxePsQApE8Slvyin7gfp3WCxJ_oWj_y8UAMNpvnyLZcPcE-sYaNpYCQN9Wl_tUWO27YR9U6u5cHpNGLnR86xn0EDi-qBG2-yie8-EB2-hrnPPfKPRMtp9Te2-26IKV4zgRH2LBMVNq_E4rE9Wyyi2bYR7X0i04BtCZNbL3BQ0IOq0-2-sTVqfhtxEQ955Ezd5XvxoSztSO3tkN8T8xUNYR_FIpvtyFqwe5rEU_iWXm8IvyUxJmkx65jUP9IXe-eBa7aLfsXzZyTcAp0MK9LTqhB32ecEp3OEzrkYfP-wu7K0yKokKI0cto6k2TQIehg5GIQn7s1F7GF3PJ8lN_lhLKHJWV_g4qsMfAMUoVbYNToihAhHNunfIq3xu7NVjf-od5tP83ufUf0FEMFxOnFZ5Nm48IkNWVLA-TNeEDQE520lHa2sM4cdWdP8A64LMG1ou4q3KkJm9Bz8_n-YmmmfUke5fX7y9Xy6qNhzZH1zzZCorvTeoNi8ebIEGgGCkaZmOiX2vXVDz2o9vPneaIH-kvKJAvjiRldx8k8MsIvvPtTWXihngvKU6_6HmJx6GM90tiwWgHq6ZTX-e_bbPyabGZXS_BLVW-hq9vzzMeVDIBcKqHfO5jCehrc_-pYSujeJJ7Kwz17PeF8I4vg02p-dJquMB-FkIyiUMcO2QFg8vzlJOLMQ58vLZYGOCjc5ZqOiOIwmHguC_N40k-vXcO5t88qGzEB5c8e4QWrjB1iJRDv6muaK0SDRuyT0UGgqulhhmutnNWrTtYyNaMjz__balQZBhtbIbd-nT8ErW4qkYnVTL-SK41H8lq_2QLuxgeg6Axw_dUZeVG80_aGvIygdsVoK-DWBLispa-JwzKjAC5-KbVgJLmdwHA3ofuMw-yO054KH8RiqYSmafpPfxdoPwqB0q7K3mbFTQkrkymIz4uSTBur8jYnNoAfvfe3NZJQftq1vGjDWwU22fPJDpIpeTOW0Uilf-22T23BhTnMtZXAB6KTB0ZXIlKFviTF7uenGbE942m7h1opGJrWY3QTaQc4jbd8vGQBZvFh1bbamxn-4oYs2d-BJcqH1mhhENwt5arJn-SH5l8iJyuf0kJYazLpuR1t4BeI_hmLuBPkbfisgo2E1DIugbwEPYE96U2olX3DZ3AUFbMJ2cbH30JkEG_wyGHf7lKA0NDd9GXF6UTOLMI_GYrJkm76QnZYMvDbwAPC_qtVtgWEOwFp99J0_Xh-o0kWEZSTwnSRZSgIF3Y9PLCRL0-4nGig6XTZQ_5MbgxIqOBrEXymAIsweaPd4aRSjfXh4YdWiEzBat5-tiN2BT9DPkVEZcLJ1QJt678Hr7SVROqves6vybLgh7au7Yzj1nT8FAOZTEy9-4wHAjNgokrnpzDg-j3k00qow1yGEuM1G4izpAenuonHeAKsZGxRsm1iKyJOTsApa9pn2ngrSw33NI3HImHGGGgjoayGRr_JGV8SToIfauEDJSyxD0h9hLelJej-XTzvU1_pzUoTP_U54aEvPmUVX5eQBWavrw3knZ3OScchgg-R6hTUH1t0uiib_5lSvx0PbnL_OCXJFjjdbFwnTO_YfvNOgNGr7iVP4C7lwSzT9Hb0r1A7wod_YDQuIKGgfbz2IFfPxGLT-2g8qbvaBg6tJcPJfhJc0gWatuMlyA_SYmVQ391llE32nCY9Y9cQ6AQgLMCjPvoJkPTrpBvObMYjst2BKOa_NXchzrwJSrpwUTFJMp-N4CrdpgmEU742IqTIWglYixWYyGCY70rP0HLVc696PLqPP-t8Kj69clWGO4v2cspbGMtJyee17hlwoq3_G1Vm3kgymByFya71iDTehVHPwlnmMlsRmlUBvgnc7Q8vB7IzYfXbJ14K5cX8Pq-sTqlEQhySrF37FuXlCfFzIXvtJrodYMJzc84i5OXLBWNZUXA18eC3Asotc6yk1WkZa20sLAFAP9T_WVatbAxCVIo-l6ZpWfQu-mReI9EGTwi0nEU83rh9dslSIyofbaalM5JmSWHwyC1y536Klck1J_YnLXNNVatr6w5yXR8G8CJQ4n3kVCyIurh2ZfRqvZcVgfWg8mhgSgt6ZuqCqeIsHpwkYq_nAVdbW-mkAULR-_UJ34QX_gd99OuN3o0lUYgMnaDZ-1lu_W_jwRf9G0-sOyLRUw_VLJTLl4y_QcU3bNkvfIH18Uz5n1iyvms4MnrGZCVyN0r7nmpOJQy6Nk7e46vQHyfj8Z8lVlKO6uh_vCMG9_LS-UNi4XSSKfzSHwSoMAlvfKtKQ01O1HuqR5zTzUB4l27NuQ6EPCvG8pvBil8GJbJuC8X30lTa66DFWqlNZ9yrNyA0npnlB0i48N0WR4jCkVePbtjCOoD2uNydoeiyMMhjJlg7S7-J55HREHIbfR8H0tEoydmTJ8Lr-XGU-xZ_lCUbnICBNtCrz0zCrcJAFmnlfPTXv9R4aWR5xKXZRwWNTM3FsOW5GTXeszobeYiUEpwJ3K6LtCYRa6noDp86F0ary6lIN6eTm5bAdSu7zN2ITIBdhhyc1zMFesLZPOpJ3DTa1p0RWLNawRqWAL58MWYgvP41FulIASBvxq5jvb-PCnyokSRP0m0yRMFxMqpKzixFBZH_lG5EDe4hWyeTdmCXAQADdzAOCxYqLIgsW7C5SV8UXcWMedBLF5j5GGV3jmj_Q8qjvXAVzvSS3-r79X9M3BIyw6E4-LDzmRQ-XCs4HFx2jJSkbrhA3nfL9xeDDqQMuhXbQ86Ocfj6suS9UEQas8pXW0feyicVpBhRomzFpI0TyDrU6Ghx-35DG7egEi7Kpar1-_P_Rr0F93hzS-Qb32MXqlJ7q9XgAQIBX_kVUk1-u20uMZrNu9pIg-k5LNDienQ0Z-u_YY2wdvf-BmK-6CZ87bxKqnwlZ4he_xYzn7m5Sl7dLAnnsOMM6eZ2isJc1qj_D2mE_wL8WIcP_GISUiowgKTZOqtSVQE5Qs3FoQK6BuasD-xqsTNYlcygvJBs6Qw8AcgCb865sdEgQem4X5SyolC1PgDiu229GMKEkzflA1juJHmJ3yMGryIJ6hyNOpR1ypqU_m6nUKEZKtbB-9B9l7XfKg0jQyIYQJskGO0B8OkiU3cTrWcuaIdAYKfJ3Ob6xXvv4WNIA4xOPo7RNKnJckfWA_ii1oqYV5toEXq4r5hpoR9vRBVDofVlOAy7k7gkDcw8QpmqIFbjg2KMu-MUQb957Ux6EICOfiaSqar2VhwSjJsk6x7VNEyKOqeWZwV9g-T-FL58A2DHKwdOaJXzv4D-bOrvoMNRZNGrPAZFfWueRqQjv2Rrxlsn0gwzjaSq2aCq8J0gWaBDewhEy7kxTgZ2WTackKgu2zJyRPHbYjIoVWiUE8roiynRv3WvLM3KzK18TbCLFF5UajLSVWTLtx1wHbHn4APhx4V1PIuy3NwccGV3S6uH1HskrH4A0IHH_sFW-HG7ABHxgCF0UkhLa-Nwbfr6hR8gHCo3gMBMRdtQWkddeRbFQjP6pACuv0GqVmh0kghBq-y-6YfHUN9dh_UVFEgY97yQ7z1-ISn8QoBr6rPMuEmkKQSl-GHc5aF6NpBV5Qg3g-Zqgr4ZCnz17Mf2H0AW5QDBKd8U1Z0E0ZTLaYTTYc-t5KElvXxCYUjYtwBhJ3xrKM5xNUpIMzwGgvZLzxGujY4F_5qaGRL-cCI-Dtz0DkD5cgg60Pw-Zo9jMg5RyGeQr1VuikfNcUrsH0xpUCAQSTgDICaaNI8b6NZiT4qZw9yo03nMCnMvY1Cc2imrne8DTX5aWGlEUuTBcQRIZgh9LGbHMVwJhKHOVoxsQ94nw9-bVNLP0J1HLIjU9jRQg5RgBYAE&bundleId=&ias_xappb=

Request Chain 415

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMi-FMCdDy5HQRj8HsjlrFk&google_cver=1&google_push=AXcoOmSpiQFR5kUo5E5EDrUr1KbDJibNj6WUAq5ErBbuFIYcFE3HHH5IBDTEka9DzVa5ynolTkwaEb2QJZMT-b6v9QbT5d8oG2on HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1UdD1XGRSGAfz0uGjw7jCw&google_push=AXcoOmSpiQFR5kUo5E5EDrUr1KbDJibNj6WUAq5ErBbuFIYcFE3HHH5IBDTEka9DzVa5ynolTkwaEb2QJZMT-b6v9QbT5d8oG2on

Request Chain 417

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE9EpaPJjjoY4HT1DaoqhjI&google_cver=1&google_push=AXcoOmRm3mv6GqJJl3yzfzpdycLZNsZFXVeMKeaOzEqrwclncd4Vh1jOUUhrxmyKphBa0TpSNIyRQIS5aQAvnuugYj6rOIOzro9K HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE9EpaPJjjoY4HT1DaoqhjI&google_cver=1&google_push=AXcoOmRm3mv6GqJJl3yzfzpdycLZNsZFXVeMKeaOzEqrwclncd4Vh1jOUUhrxmyKphBa0TpSNIyRQIS5aQAvnuugYj6rOIOzro9K&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GMWwjGLVQ4i8vi31iDMXpA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRm3mv6GqJJl3yzfzpdycLZNsZFXVeMKeaOzEqrwclncd4Vh1jOUUhrxmyKphBa0TpSNIyRQIS5aQAvnuugYj6rOIOzro9K

Request Chain 419

https://sync.inmobi.com/gob?google_gid=CAESEPiB2iIolqjNvIFHFzsOp7U&google_cver=1&google_push=AXcoOmStvJPuNXMJ8KHn90y851GCoVYKehVAplgHtXCLd24Yts66_yI0n30e0EvfHq3hWM8mUXSg-O5sVFBasTU6puo4OWsKvyUEfw HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmStvJPuNXMJ8KHn90y851GCoVYKehVAplgHtXCLd24Yts66_yI0n30e0EvfHq3hWM8mUXSg-O5sVFBasTU6puo4OWsKvyUEfw

Request Chain 420

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEN_Ll5FgjSMY-4iz5DEjKVE&google_cver=1&google_push=AXcoOmSO86BAKVArPP7At1Dk95oktFyqJ_TdEoQnsezyPyl71aGsJrlMSUkas5-9rsA3nA986bvwtsKIIYxWQb1KyGsrQTC63BYd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSO86BAKVArPP7At1Dk95oktFyqJ_TdEoQnsezyPyl71aGsJrlMSUkas5-9rsA3nA986bvwtsKIIYxWQb1KyGsrQTC63BYd HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 421

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEFLFyOckJ6BV_MH9yRgv23o&google_cver=1&google_push=AXcoOmQsXGmPku9OJCnZ1n2UyxLqZ62dKnIo1lQ01D4u2AE0ZvMHdDGz1FGy6ZGCHV39MdjgxFdtHCIdqKl5CWgZ_Wfn4jH2dGYdow HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQsXGmPku9OJCnZ1n2UyxLqZ62dKnIo1lQ01D4u2AE0ZvMHdDGz1FGy6ZGCHV39MdjgxFdtHCIdqKl5CWgZ_Wfn4jH2dGYdow

447 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.eokultv.com/ 72 KB
18 KB 108ms
40ms Document
text/html 194.54.82.174
SERVER server.ua

General

Check archive.org

Show headers Download Go to

Full URL: http://www.eokultv.com/
Protocol: HTTP/1.1
Server: 194.54.82.174 , Ukraine, ASN3236 (SERVER server.ua, UA),
Reverse DNS: server.1ua.photos
Software: LiteSpeed /
Resource Hash: 356bd82c89d63b5e89a4a1bcb3a9d662b8e63cbab11ee34faec3c3f87bbcaa9a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-encoding: gzip
content-length: 18192
content-type: text/html; charset=UTF-8
date: Tue, 31 Oct 2023 19:51:47 GMT
etag: "1350196-1698781810;gz"
server: LiteSpeed
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache: hit

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
84 KB 58ms
30ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NGHJB18CB5

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

78074dd2bf2c0ee5f539e68f9db06281aaaa20b047da8f706a717456c5b85b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85573
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Oct 2023 19:51:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
68 KB 50ms
22ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-77747364-1

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f112f56b66c9757f3280d1c855c73741f5c2708309ff1bd4ef18c30b28a5bded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68788
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Oct 2023 19:51:47 GMT

GET
H2 200 style.css
www.eokultv.com/wp-content/themes/netegitim/ 120 KB
20 KB 178ms
79ms Stylesheet
text/css 194.54.82.174
SERVER server.ua

General

Check archive.org

Show headers Download Go to

Full URL: https://www.eokultv.com/wp-content/themes/netegitim/style.css
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.54.82.174 , Ukraine, ASN3236 (SERVER server.ua, UA),
Reverse DNS: server.1ua.photos
Software: LiteSpeed /
Resource Hash: 84efc2c9aeef49ffe7a4985ffd3fd79695fac6e3ee47dd69087cccb5cfc2eda6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: br
last-modified: Tue, 01 Nov 2022 13:38:57 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 20546
expires: Thu, 31 Oct 2024 01:51:48 GMT

GET
H/1.1 200
OK style.min.css
www.eokultv.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 76ms
42ms Stylesheet
text/css 194.54.82.174
SERVER server.ua

General

Check archive.org

Show headers Download Go to

Full URL: http://www.eokultv.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: HTTP/1.1
Server: 194.54.82.174 , Ukraine, ASN3236 (SERVER server.ua, UA),
Reverse DNS: server.1ua.photos
Software: LiteSpeed /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:47 GMT
content-encoding: gzip
last-modified: Sun, 09 Jul 2023 17:27:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 12701
expires: Thu, 31 Oct 2024 01:51:47 GMT

GET
H/1.1 200
OK classic-themes.min.css
www.eokultv.com/wp-includes/css/ 291 B
583 B 81ms
40ms Stylesheet
text/css 194.54.82.174
SERVER server.ua

General

Check archive.org

Show headers Download Go to

Full URL: http://www.eokultv.com/wp-includes/css/classic-themes.min.css
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: HTTP/1.1
Server: 194.54.82.174 , Ukraine, ASN3236 (SERVER server.ua, UA),
Reverse DNS: server.1ua.photos
Software: LiteSpeed /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: gzip
last-modified: Sun, 09 Jul 2023 17:27:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 211
expires: Thu, 31 Oct 2024 01:51:48 GMT

GET
H/1.1 200
OK front.min.css
www.eokultv.com/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 82ms
41ms Stylesheet
text/css 194.54.82.174
SERVER server.ua

General

Check archive.org

Show headers Download Go to

Full URL: http://www.eokultv.com/wp-content/plugins/cookie-notice/css/front.min.css
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: HTTP/1.1
Server: 194.54.82.174 , Ukraine, ASN3236 (SERVER server.ua, UA),
Reverse DNS: server.1ua.photos
Software: LiteSpeed /
Resource Hash: f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: gzip
last-modified: Sun, 08 Oct 2023 19:15:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1104
expires: Thu, 31 Oct 2024 01:51:48 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
94 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js?ver=1.11.3

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 07:46:20 GMT
x-content-type-options: nosniff
age: 43527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95992
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Oct 2024 07:46:20 GMT

GET
H/1.1 200
OK front.min.js Show response
www.eokultv.com/wp-content/plugins/cookie-notice/js/ 8 KB
2 KB 42ms
41ms Script
application/javascript 194.54.82.174
SERVER server.ua

General

Check archive.org

Show headers Download Go to

Full URL: http://www.eokultv.com/wp-content/plugins/cookie-notice/js/front.min.js
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: HTTP/1.1
Server: 194.54.82.174 , Ukraine, ASN3236 (SERVER server.ua, UA),
Reverse DNS: server.1ua.photos
Software: LiteSpeed /
Resource Hash: 08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: gzip
last-modified: Sun, 08 Oct 2023 19:15:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 2118
expires: Thu, 31 Oct 2024 01:51:48 GMT

GET
H2 200 app.js Show response
sdki.truepush.com/sdk/v2.0.2/ 1 KB
948 B 25ms
6ms Script
application/javascript 2600:9000:2491:1200:7:6b7b:1000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdki.truepush.com/sdk/v2.0.2/app.js
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:1200:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c600adb1e3d6281621818ba058f98a8fa9ba43bd31a97c2cf98901400ba6f461

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 19:29:08 GMT
content-encoding: gzip
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
last-modified: Wed, 31 Mar 2021 07:22:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 1038161
etag: "b861f6349fdb27190bd25dbfcd7674ff"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 581
x-amz-cf-id: swOWQ-6BaVQg5V1AwSn0fAyPmNmw0NF1jFd8vGlY43dAgqCqzUSxPg==

GET
H2 200 jquery-1.7.1.min.js Show response
code.jquery.com/ 92 KB
33 KB 38ms
8ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.7.1.min.js
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:47 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3981154
x-cache: HIT, HIT
content-length: 33120
x-served-by: cache-lga21945-LGA, cache-fra-eddf8230091-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1698781908.948410,VS0,VE0
etag: W/"28feccc0-16eac"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 31, 37445

GET
H2 200 font-awesome.css
www.eokultv.com/wp-content/themes/netegitim/font/css/ 34 KB
6 KB 140ms
81ms Stylesheet
text/css 194.54.82.174
SERVER server.ua

General

Check archive.org

Show headers Download Go to

Full URL: https://www.eokultv.com/wp-content/themes/netegitim/font/css/font-awesome.css
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.54.82.174 , Ukraine, ASN3236 (SERVER server.ua, UA),
Reverse DNS: server.1ua.photos
Software: LiteSpeed /
Resource Hash: 882997bd37c070a8ef29082c63eee7bee71badeb7b4fd5f34b4368e9042d2ddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: br
last-modified: Fri, 17 Sep 2021 21:46:09 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 6563
expires: Thu, 31 Oct 2024 01:51:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
70 KB 26ms
24ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11252078978

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3df50f63d741d12f6474b2723da114dc6035a5d5752e85b94d6d276200b012cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71779
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Oct 2023 19:51:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FNZMWC1HCX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-77747364-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19a601291397da6e2aa77140340ac4c04723370cc52a003ad03afd16d54b332e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80603
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Oct 2023 19:51:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-77747364-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 19:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 126
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 31 Oct 2023 21:49:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
84 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NGHJB18CB5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-77747364-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6551d1ad2eb228bb2a0a9c3a0f12f2550717ee4b6384e9704ba51707a7b095be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85582
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Oct 2023 19:51:48 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 39ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NGHJB18CB5&gtm=45je3ap0v888781661&_p=695587219&gcd=11l1l1l1l1&cid=496794985.1698781908&ul=en-us&sr=1600x1200&_s=1&sid=1698781908&sct=1&seg=0&dl=http%3A%2F%2Fwww.eokultv.com%2F&dt=Konu%20anlat%C4%B1mlar%C4%B1%2C%20Ders%20Notlar%C4%B1%20ve%20Test%20Sorular%C4%B1%20%C3%87%C3%B6z%C3%BCmleri&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NGHJB18CB5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.eokultv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 111 KB
43 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T9D9LMJ

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f5f50df394c9e0fe9687ca800782538fb3bb80993c95b2b2347b76c1c154c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44072
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Oct 2023 19:51:48 GMT

GET
DATA 200
OK truncated
/ 425 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8135466f45a58560ad5729f86a10a2dc469c2ac3a6b663cb469256a3190a72ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 643d6f2ff70d3e19c32e392bf11475635d6d896d7f3847c964c2250c3c46f7b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ 79 KB
27 KB 454ms
47ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19661

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

2c935aa3711f0af15b730354c3747e2a30aa982a2baf028c71bff33ea1b67cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
last-modified: Mon, 30 Oct 2023 15:32:17 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 199 KB
69 KB 272ms
124ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

56170d5dc5e437edf605f64d0effd274f3e628db747d75fc412bb95637092e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 31 Oct 2023 10:58:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6540ddce-11140"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 69952
expires: Tue, 31 Oct 2023 20:51:48 GMT

GET
H2 200 cssspr.png
www.eokultv.com/wp-content/themes/netegitim/ 1 KB
1 KB 41ms
40ms Image
image/png 194.54.82.174
SERVER server.ua

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.eokultv.com/wp-content/themes/netegitim/cssspr.png
Requested by: Host: www.eokultv.com
URL: https://www.eokultv.com/wp-content/themes/netegitim/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.54.82.174 , Ukraine, ASN3236 (SERVER server.ua, UA),
Reverse DNS: server.1ua.photos
Software: LiteSpeed /
Resource Hash: eb08598849aeb07ab4cf9eb083f665672a690700791647e48c11828486696823

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eokultv.com/wp-content/themes/netegitim/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
last-modified: Fri, 17 Sep 2021 21:46:03 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1175
expires: Thu, 31 Oct 2024 01:51:48 GMT

GET
H2 200 icon-calendar-widget.png
www.eokultv.com/wp-content/themes/netegitim/images/ 1 KB
1 KB 40ms
39ms Image
image/png 194.54.82.174
SERVER server.ua

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.eokultv.com/wp-content/themes/netegitim/images/icon-calendar-widget.png
Requested by: Host: www.eokultv.com
URL: https://www.eokultv.com/wp-content/themes/netegitim/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.54.82.174 , Ukraine, ASN3236 (SERVER server.ua, UA),
Reverse DNS: server.1ua.photos
Software: LiteSpeed /
Resource Hash: 54aca18f5e54f1055c43b6cc4627b13315a1ca5982fe9b9787f98786be996b26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eokultv.com/wp-content/themes/netegitim/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
last-modified: Fri, 17 Sep 2021 21:46:15 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1072
expires: Thu, 31 Oct 2024 01:51:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
70 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11252078978&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-77747364-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32845cfa0596f96ab2cfd630c6ddb240b315d37bc2cf6b9bf4d88e154f00fa2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71838
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Oct 2023 19:51:48 GMT

GET fontawesome-webfont.woff2
www.eokultv.com/wp-content/themes/netegitim/font/fonts/ 0
0

GET
H2 200 version.json Show response
sdki.truepush.com/sdk/ 176 B
569 B 29ms
6ms XHR
application/json 2600:9000:2491:1200:7:6b7b:1000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdki.truepush.com/sdk/version.json
Requested by: Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.2/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:1200:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ecf24b7db78a8e99bb3c0581cc859f5edc4ef62e682d91e963ff3e9f8763c62

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 21:17:16 GMT
via: 1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jul 2022 05:36:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 2068473
etag: "327739750637fd5a1dd49dd855637862"
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=300
accept-ranges: bytes
content-length: 176
x-amz-cf-id: dXMpBi7CfxKkWw6fKLD8lX6z3qeRuMiwrZZG29ZgV9bwbyRHCgyyRQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 15ms
15ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=695587219&t=pageview&_s=1&dl=http%3A%2F%2Fwww.eokultv.com%2F&ul=en-us&de=UTF-8&dt=Konu%20anlat%C4%B1mlar%C4%B1%2C%20Ders%20Notlar%C4%B1%20ve%20Test%20Sorular%C4%B1%20%C3%87%C3%B6z%C3%BCmleri&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1646501030&gjid=1793411967&cid=496794985.1698781908&tid=UA-77747364-1&_gid=1026597884.1698781908&_r=1&gtm=457e3ap0&gcd=11l1l1l1l1&jsscut=1&z=484627014

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.eokultv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.eokultv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11252078978/ 3 KB
2 KB 118ms
92ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11252078978/?random=1698781908247&cv=11&fst=1698781908247&bg=ffffff&guid=ON&async=1&gtm=45be3ap0&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=http%3A%2F%2Fwww.eokultv.com%2F&hn=www.googleadservices.com&frm=0&tiba=Konu%20anlat%C4%B1mlar%C4%B1%2C%20Ders%20Notlar%C4%B1%20ve%20Test%20Sorular%C4%B1%20%C3%87%C3%B6z%C3%BCmleri&auid=400482007.1698781908&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11252078978

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

306482bad2815bd821294054cee7ab6fe6609d387b1b4ba595e9e542566604a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 16ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FNZMWC1HCX&gtm=45je3ap0v9115724131&_p=695587219&_gaz=1&gcd=11l1l1l1l1&cid=496794985.1698781908&ul=en-us&sr=1600x1200&ir=1&_eu=EAAI&_s=1&sid=1698781908&sct=1&seg=0&dl=http%3A%2F%2Fwww.eokultv.com%2F&dt=Konu%20anlat%C4%B1mlar%C4%B1%2C%20Ders%20Notlar%C4%B1%20ve%20Test%20Sorular%C4%B1%20%C3%87%C3%B6z%C3%BCmleri&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FNZMWC1HCX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.eokultv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 64ms
21ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FNZMWC1HCX&cid=496794985.1698781908&gtm=45je3ap0v9115724131&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FNZMWC1HCX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.eokultv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 375ms
353ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FNZMWC1HCX&cid=496794985.1698781908&gtm=45je3ap0v9115724131&aip=1&z=635737912

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.js Show response
sdki.truepush.com/sdk/v2.0.4/ 80 KB
19 KB 7ms
7ms Script
application/javascript 2600:9000:2491:1200:7:6b7b:1000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdki.truepush.com/sdk/v2.0.4/main.js
Requested by: Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.2/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:1200:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6dc50509c75d563ba18f32e35c8aa2ff630f46492df8dad7c66515fe6eaf34ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 07:48:13 GMT
content-encoding: gzip
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jul 2022 04:37:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 216216
etag: "3d47f45ecfb765f8b8b58d2a4b1883fb"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 18934
x-amz-cf-id: iYL5OuOISGC6Ivx2B4sUOSNi2Vr9i5Gu1iWuQJmIjvU5aU7Z-bFjqw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 51ms
20ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-77747364-1&cid=496794985.1698781908&jid=1646501030&gjid=1793411967&_gid=1026597884.1698781908&_u=YADAAUAAAAAAACAAI~&z=1484781473

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.eokultv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 31 Oct 2023 19:51:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.eokultv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET fontawesome-webfont.woff
www.eokultv.com/wp-content/themes/netegitim/font/fonts/ 0
0

OPTIONS
H/1.1 204
No Content truepushSDKPlatfromDetails
sdk.truepush.com/api/v2/ Frame 0
0 1263ms
259ms Preflight 103.231.212.226
CTRLS-AS-IN CtrlS

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.truepush.com/api/v2/truepushSDKPlatfromDetails
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.212.226 , India, ASN18229 (CTRLS-AS-IN CtrlS, IN),
Reverse DNS: static-103-231-212-226.ctrls.in
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://www.eokultv.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: http://www.eokultv.com
Content-Length: 0
Date: Tue, 31 Oct 2023 19:51:49 GMT
Vary: Origin, Access-Control-Request-Headers
X-Powered-By: Express

POST
H/1.1 200
OK truepushSDKPlatfromDetails Show response
sdk.truepush.com/api/v2/ 1 KB
2 KB 1027ms
260ms XHR
application/json 103.231.212.226
CTRLS-AS-IN CtrlS

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.truepush.com/api/v2/truepushSDKPlatfromDetails

Requested by

Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.4/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.212.226 , India, ASN18229 (CTRLS-AS-IN CtrlS, IN),

Reverse DNS

static-103-231-212-226.ctrls.in

Software

Resource Hash

21215d0fa3feba3d7d16e7b0cc6946938f3cdea29afebeb1b3e223aab1c53eef

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.eokultv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

Content-Security-Policy: img-src * data:
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Tue, 31 Oct 2023 19:51:50 GMT
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Transfer-Encoding: chunked
X-XSS-Protection: 0
Referrer-Policy: no-referrer
ETag: W/"42f-q4jzqRwr89C0auU3WGyywYlcdI0"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Vary: Origin, X-HTTP-Method-Override, Accept-Encoding
X-Download-Options: noopen
Access-Control-Allow-Origin: http://www.eokultv.com
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Credentials: true

GET fontawesome-webfont.ttf
www.eokultv.com/wp-content/themes/netegitim/font/fonts/ 0
0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 57ms
35ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-77747364-1&cid=496794985.1698781908&jid=1646501030&_u=YADAAUAAAAAAACAAI~&z=620641580

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 323ms
323ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-77747364-1&cid=496794985.1698781908&jid=1646501030&_u=YADAAUAAAAAAACAAI~&z=620641580

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11252078978/ 42 B
455 B 29ms
21ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11252078978/?random=1698781908247&cv=11&fst=1698778800000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0&u_w=1600&u_h=1200&url=http%3A%2F%2Fwww.eokultv.com%2F&frm=0&tiba=Konu%20anlat%C4%B1mlar%C4%B1%2C%20Ders%20Notlar%C4%B1%20ve%20Test%20Sorular%C4%B1%20%C3%87%C3%B6z%C3%BCmleri&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=485033026&rmt_tld=0&ipr=y

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11252078978/ 42 B
455 B 272ms
272ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11252078978/?random=1698781908247&cv=11&fst=1698778800000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0&u_w=1600&u_h=1200&url=http%3A%2F%2Fwww.eokultv.com%2F&frm=0&tiba=Konu%20anlat%C4%B1mlar%C4%B1%2C%20Ders%20Notlar%C4%B1%20ve%20Test%20Sorular%C4%B1%20%C3%87%C3%B6z%C3%BCmleri&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=485033026&rmt_tld=1&ipr=y

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10172.VFnJlsCZ3a5YwI0RKyFGfhNeIgpi1U-CICxfJLhDTm_mX5NFvDxX4GQqIgcpPTWa.L-yXhBjk-y9-JZhD1gB1c58wUH8%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10172.LyJ9p4fHEvJ3NIxQ9vancJVQSOz7OCQN24ELK7WhO9yx88V0IJSeALH-23lhcbUdR0Jj8bGXihZYgPIdCXrKwR9bitJ79RgV4QyRB65L1-ZsbKetioHwW7kTlNvzCKd1Alts_ID6rD...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10172.Sb_GUiGCoTKidg4PQkJ3CiccdXlRmctSuD02Tqy-FCnqlL97XteUFzeyc_hGP4_x2_lfHrDALJyd2erylLVR3b78A7c5ncptZuXR89qjanApM...

43 B
584 B

71ms
71ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10172.Sb_GUiGCoTKidg4PQkJ3CiccdXlRmctSuD02Tqy-FCnqlL97XteUFzeyc_hGP4_x2_lfHrDALJyd2erylLVR3b78A7c5ncptZuXR89qjanApMcwo5ZWgL5enkq_IHluQBlc0W-UiXFC2KTQD0UJDVqyQ4s1fimS0kxZQDpzof1RAoxsp--H9oJvTTTmEbDHe0Qh1LhPi8KA38WkQE4isRg%2C%2C.DrdNboRczEMfcqV50RdAJFhqS78%2C

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10172.Sb_GUiGCoTKidg4PQkJ3CiccdXlRmctSuD02Tqy-FCnqlL97XteUFzeyc_hGP4_x2_lfHrDALJyd2erylLVR3b78A7c5ncptZuXR89qjanApMcwo5ZWgL5enkq_IHluQBlc0W-UiXFC2KTQD0UJDVqyQ4s1fimS0kxZQDpzof1RAoxsp--H9oJvTTTmEbDHe0Qh1LhPi8KA38WkQE4isRg%2C%2C.DrdNboRczEMfcqV50RdAJFhqS78%2C
date: Tue, 31 Oct 2023 19:51:48 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
476 B 69ms
64ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 31 Oct 2023 10:58:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6540ddce-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 31 Oct 2023 20:51:48 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 96 KB
30 KB 151ms
128ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19661

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971f253068e731d60762a53c8578239607db8cf08923d23d9f5955102990193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30210
x-xss-protection: 0
server: cafe
etag: 737 / 19661 / 31079210 / config-hash: 8176479978453507540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 19:51:48 GMT

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ 120 B
338 B 45ms
45ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19661

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
strict-transport-security: max-age=63072000
last-modified: Wed, 21 Dec 2022 18:47:42 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 120

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame 44A5 891 B
1 KB 95ms
95ms Document
text/html 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.virgul.com/theme/mockups/outside/str.html?v=2

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19661

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://www.eokultv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Tue, 31 Oct 2023 19:51:48 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3
strict-transport-security: max-age=63072000

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 81ms
58ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19661

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef11845c5c29bd5dbfe4c08bdd8e07da8754fdd6a14629520b3fe2fbd6805016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.eokultv.com/
Origin: http://www.eokultv.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52087
x-xss-protection: 0
server: cafe
etag: 14264468097783903239
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 19:51:48 GMT

GET
H2 200 prebid8.7.0.js Show response
static.virgul.com/theme/mockups/outside/ 488 KB
184 KB 50ms
49ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.virgul.com/theme/mockups/outside/prebid8.7.0.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19661

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

e24dec08f69841a2828a585c6918ff8be70af4bf2b9700a99884f60c8d71d3fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
last-modified: Mon, 07 Aug 2023 10:02:46 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2

200

apstag.js Show response
c.amazon-adsystem.com/aax2/
Redirect Chain

http://c.amazon-adsystem.com/aax2/apstag.js
https://c.amazon-adsystem.com/aax2/apstag.js

264 KB
65 KB

451ms
22ms

Script
application/javascript

13.224.225.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Server: 13.224.225.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-225-68.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 039a2d3b0a025c36845720df9d5d8253ed0accd2b7e37cb76c6d2d8cc137e7b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:37:13 GMT
content-encoding: gzip
via: 1.1 c709dd795eaea0aaf9c63cb64d7e891e.cloudfront.net (CloudFront), 1.1 9020b755bdec9fbd562cc16c0a42d6f2.cloudfront.net (CloudFront)
last-modified: Tue, 24 Oct 2023 21:00:30 GMT
server: AmazonS3
x-amz-cf-pop: LHR62-C4, LHR61-C2
age: 877
etag: W/"f90f24d20b0a1f80ef986c97a9726a2b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: mrDsu40_wSb3cfsL5vPkxAm0nWoccoc9RdNjB6MYsihP6UZVkUv21Q==

Redirect headers

Date: Tue, 31 Oct 2023 19:51:48 GMT
Via: 1.1 b17ae12a9b26d355791fb59ca965e382.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: LHR61-C2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://c.amazon-adsystem.com/aax2/apstag.js
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: ioNvxJIQMkasBJoqzbsBHaX0-vC0QOWbdUf2R7JufP9teQylYBRLCA==

GET
H2 200 pageview Show response
ng.virgul.com/ 15 KB
4 KB 225ms
66ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1698781908592&v=http%3A%2F%2Fwww.eokultv.com%2F&r=eokultv:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1&info=&ref=&rdmt=0.7458302159251433
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19661
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 26b21b722dc4dbf55256588fb44bda94a48832ef1585ac1a26a9fd77a7e0dd94

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: http://www.eokultv.com
content-type: application/javascript
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 eokultv.js Show response
static.virgul.com/theme/mockups/fallback/ 14 KB
5 KB 95ms
95ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.virgul.com/theme/mockups/fallback/eokultv.js?dts=19661

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19661

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

7538e77606e6c6ad6fc0d71a7ccbb5ff84c516bdf9ad4f9f7f971fecaa3780e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
last-modified: Mon, 30 Oct 2023 06:42:37 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 hb Show response
ng.virgul.com/ 13 KB
3 KB 200ms
46ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=eokultv&dts=471883
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19661
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 485e23dc0cd4ab2cacc08421f030e993d58ac0e429da3f76c852f34d93df135c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: http://www.eokultv.com
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/ 398 KB
135 KB 95ms
78ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=www.eokultv.com&bust=31079248

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

260ed300137d80e58a1b0baa925e0678fc504c1585c2b962520bdb08b8c23422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138070
x-xss-protection: 0
server: cafe
etag: 10640035709168996568
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 19:51:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/ Frame 11CA 10 KB
5 KB 10ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.eokultv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 01:56:01 GMT
etag: 4569948109300706969
expires: Tue, 14 Nov 2023 01:56:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/24313435/
Redirect Chain

https://mc.yandex.com/watch/24313435?wmode=7&page-url=http%3A%2F%2Fwww.eokultv.com%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A404%3Afu%3A0%3Aen%3Autf-8%3...
https://mc.yandex.com/watch/24313435/1?wmode=7&page-url=http%3A%2F%2Fwww.eokultv.com%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A404%3Afu%3A0%3Aen%3Autf-8...

420 B
607 B

72ms
70ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/24313435/1?wmode=7&page-url=http%3A%2F%2Fwww.eokultv.com%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A404%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1142%3Acn%3A1%3Adp%3A0%3Als%3A110422456836%3Ahid%3A480405425%3Az%3A60%3Ai%3A20231031205148%3Aet%3A1698781908%3Ac%3A1%3Arn%3A732940774%3Arqn%3A1%3Au%3A1698781908857450292%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A29%2C39%2C40%2C40%2C0%2C0%2C%2C246%2C32%2C%2C%2C%2C395%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1698781907762%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1698781909%3At%3AKonu%20anlat%C4%B1mlar%C4%B1%2C%20Ders%20Notlar%C4%B1%20ve%20Test%20Sorular%C4%B1%20%C3%87%C3%B6z%C3%BCmleri&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f50dafee19c8453317659c166db0db43f1364c8a9a08a60757401175be308764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 31-Oct-2023 19:51:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.eokultv.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Tue, 31-Oct-2023 19:51:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:48 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 31-Oct-2023 19:51:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/24313435/1?wmode=7&page-url=http%3A%2F%2Fwww.eokultv.com%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A404%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1142%3Acn%3A1%3Adp%3A0%3Als%3A110422456836%3Ahid%3A480405425%3Az%3A60%3Ai%3A20231031205148%3Aet%3A1698781908%3Ac%3A1%3Arn%3A732940774%3Arqn%3A1%3Au%3A1698781908857450292%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A29%2C39%2C40%2C40%2C0%2C0%2C%2C246%2C32%2C%2C%2C%2C395%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1698781907762%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1698781909%3At%3AKonu%20anlat%C4%B1mlar%C4%B1%2C%20Ders%20Notlar%C4%B1%20ve%20Test%20Sorular%C4%B1%20%C3%87%C3%B6z%C3%BCmleri&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: http://www.eokultv.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 31-Oct-2023 19:51:48 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/ 422 KB
132 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

509462bceaa85aa49996bf168611149074a30659a709948634a306a41a7f1af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 10:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33275
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135432
x-xss-protection: 0
server: cafe
etag: 13870563710225165476
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 30 Oct 2024 10:37:13 GMT

GET
H2 200 empowerwebplayer4.js Show response
static.virgul.com/theme/mockups/outside/ 12 KB
4 KB 52ms
47ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.virgul.com/theme/mockups/outside/empowerwebplayer4.js?v=18

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

7c0da909438cc10026ad4e61a73d30be3a6cdba12d41f9dc1baa20ca65a2abec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
last-modified: Mon, 25 Sep 2023 09:37:34 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 eokultv.js Show response
static.virgul.com/theme/mockups/sites/ 3 KB
2 KB 49ms
48ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.virgul.com/theme/mockups/sites/eokultv.js?dts=471883

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19661

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

a57d21e3d73b42aabe952a1eef88155f5258443b57e34307b53e1276be6db4b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
last-modified: Sun, 19 Mar 2023 02:56:20 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 17 KB
5 KB 227ms
9ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19661
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:04:21 GMT
content-encoding: gzip
age: 2848
x-guploader-uploadid: ABPtcPpSISISJtxFb0n_QhCRgP7TOtw1PnduV526Nh7CDANo6J5Sq7nZMfA4wA2Nu9_aUwiw6xNaauLj5ZNkdsIWA5mr2g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5009
last-modified: Mon, 05 Jun 2023 16:36:50 GMT
server: UploadServer
etag: "47a886353056caf33a998c6041e20896"
vary: Accept-Encoding
x-goog-generation: 1685983010517890
x-goog-hash: crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 5009
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 zoneview
ng.virgul.com/ 0
213 B 50ms
49ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1698781908863&v=http%3A%2F%2Fwww.eokultv.com%2F&r=153631@153632@153626@153628:eokultv&userId=vnet5549f2a3-c772-44a3-858e-70dddb77fd4a&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1&info=&ref=&rdmt=0.9510294373768724
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: http://www.eokultv.com
date: Tue, 31 Oct 2023 19:51:48 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ 7 KB
3 KB 590ms
48ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19661
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer4.js?v=18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:49 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 11:58:21 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Tue, 07 Nov 2023 19:51:49 GMT

GET
H2 200 tag Show response
feed.pghub.io/ Frame DF0B 13 B
270 B 69ms
19ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.pghub.io/tag?referrer_url=&page_url=http%3A%2F%2Fwww.eokultv.com%2F&owner=P%26G&bp_id=noktacommedya&ch=&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.eokultv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Tue, 31 Oct 2023 19:51:49 GMT
server: Jetty(11.0.13)
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0870 0
16 B 436ms
435ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3025194257&lmt=1698778309&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C260x945_r&format=0x0&url=http%3A%2F%2Fwww.eokultv.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1698781908723&bpp=5&bdt=850&idt=391&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7057876090133&frm=20&pv=2&ga_vid=496794985.1698781908&ga_sid=1698781909&ga_hid=695587219&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078238%2C31079192%2C31079232%2C31079307%2C44795922%2C44805931%2C44806498%2C44807048%2C31078297%2C31079248&oid=2&pvsid=2929549923447421&tmod=1731016079&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=431

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=www.eokultv.com&bust=31079248

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.eokultv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 19:51:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8976 113 KB
46 KB 509ms
509ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7001363072656594&output=html&h=280&slotname=9259565938&adk=630483377&adf=1964865421&pi=t.ma~as.9259565938&w=640&fwrn=4&fwrnh=100&lmt=1698778309&rafmt=1&format=640x280&url=http%3A%2F%2Fwww.eokultv.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1698781908728&bpp=2&bdt=854&idt=462&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7057876090133&frm=20&pv=2&ga_vid=496794985.1698781908&ga_sid=1698781909&ga_hid=695587219&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078238%2C31079192%2C31079232%2C31079307%2C44795922%2C44805931%2C44806498%2C44807048%2C31078297%2C31079248&oid=2&pvsid=2929549923447421&tmod=1731016079&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=JmKc7GgWSC&p=http%3A//www.eokultv.com&dtd=468

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e824e32f3e10791862f7c0166def1dc86b07ed8030f9d0c113674221510af51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.eokultv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46672
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 19:51:49 GMT
expires: Tue, 31 Oct 2023 19:51:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 e0a76a78-9ad1-46f2-a337-886c2e24ac91 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
811 B 62ms
19ms Script
application/javascript 3.162.38.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.38.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-38-44.cdg52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3e5262f8dd2e248bae2b81dc6d3910298e930ce8f34d36751392e5e1cfe0be60

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:50:34 GMT
via: 1.1 505bedb254e2a4a9b54f62aa2026791a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CDG52-P6
age: 75
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: n5DVbjPWqSxycb-lWLO07H77XKxmjqT1sQPuYvsMygadKiGZOhri9Q==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 488 B
839 B 111ms
110ms XHR
application/json 13.224.225.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fwww.eokultv.com&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.225.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-225-68.lhr61.r.cloudfront.net
Software: Server /
Resource Hash: 844b87b27dc65dd4bfd6b4a840673478ecdb0512337f6b30f7af691c339908af

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:48 GMT
via: 1.1 9020b755bdec9fbd562cc16c0a42d6f2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: LHR61-C2
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://www.eokultv.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 488
x-amz-cf-id: gjvgm1jdvLvOEF24W4WwXBd7bKipD-glMEX6jVACD_bSGvwbFAqq-Q==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 131ms
49ms XHR
text/javascript 18.244.135.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fwww.eokultv.com%2F&pid=XXQqTXEOhfpAs&cb=0&ws=1600x1200&v=23.1020.1619&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15363221728129623web_eokultv_tower_left%22%2C%22s%22%3A%5B%22120x600%22%2C%22120x240%22%2C%22120x120%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_eokultv_tower_left%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15362621728129623web_eokultv_masthead%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22728x250%22%2C%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_eokultv_masthead%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15363121728129623web_eokultv_tower_right%22%2C%22s%22%3A%5B%22120x600%22%2C%22120x240%22%2C%22120x120%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_eokultv_tower_right%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15362821728129623web_eokultv_sidebar_top_300x250%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22200x200%22%2C%22160x160%22%2C%22300x100%22%2C%22300x50%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_eokultv_sidebar_top_300x250%22%7D%2C%7B%22id%22%3A%22Preroll%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!empower.net%2C5fe2e678e4b0b8eb9e662777%2C1%2C%2C%2C&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.135.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-135-24.lhr50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:49 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 80836ce32819cf946e10c3b85dbce514.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: LHR50-P7
x-amz-rid: 2C02XA9PFJ28M4PKTTZA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://www.eokultv.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: BDc0TjGmPgnxUB46-MkmZCh9nHqIvi09Gay3w9mhPJMcgBWKATPvBA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 65ms
23ms XHR
application/javascript 13.224.225.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.225.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-225-68.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 04:21:21 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 cccbced9d09951cf2e947066c4fc2442.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
age: 55829
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 9bI3ij65oEsmlRAD0JKzCl2DiIN2KhU88YbkquZca4iIkNeIh1wNLg==

GET
H2

200

id5-api.js Show response
cdn.id5-sync.com/api/1.0/
Redirect Chain

http://cdn.id5-sync.com/api/1.0/id5-api.js
https://cdn.id5-sync.com/api/1.0/id5-api.js

142 KB
31 KB

47ms
30ms

Script
text/javascript

2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c50ffbb0d5049173748e6468980ae6811d8c7effecb8c7428984ea00734545fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 08:11:43 GMT
server: cloudflare
x-amz-request-id: FRJHRFN6XMR6HHMN
age: 2282
etag: W/"f782ea030d6823bac929128fb89f783a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 81ee6f557be22bdf-FRA
x-amz-id-2: UXSYjp6+CzQf+wIxDNOELHqqE3Q4tasPU2XCcBL3K88jId/RDSG12+MSQDjFy3xVEoBjVd3n2TQ=

Redirect headers

Location: https://cdn.id5-sync.com/api/1.0/id5-api.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 510ms
509ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2929549923447421&correlator=3353966389241522&eid=31079210%2C31079233&output=ldjh&gdfp_req=1&vrg=202310260101&ptt=17&impl=fif&iu_parts=21728129623%3A22455267735%2Cweb_eokultv_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C468x60%7C680x90%7C300x250&fluid=height&ifi=3&didk=946392022&sfv=1-0-40&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1698781909394&lmt=1698778309&adxs=315&adys=162&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fwww.eokultv.com%2F&vis=1&psz=970x0&msz=1600x0&fws=128&ohw=0&ga_vid=496794985.1698781908&ga_sid=1698781909&ga_hid=695587219&ga_fc=true&dlt=1698781907874&idt=1288&ppid=vnet5549f2a3c77244a3858e70dddb77fd4a&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Deokultv%26mt%3D1698781908592%26pager%3D1%2540site_geneli%2540eokultv%253Asite_geneli%26policy%3D0%26host%3Dwww.eokultv.com%26url%3Dhttp%253A%2520%2520www.eokultv.com%2520%26targetCtr%3D0%26pid%3Dvnet5549f2a3-c772-44a3-858e-70dddb77fd4a%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&adks=1871473940&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ee2c9a1bedbe9f410ba54aeab38dc4c32800caa3a1f08fc4ce00ac15c8ed734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11714
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.eokultv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
14 KB 355ms
353ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2929549923447421&correlator=1857636384330151&eid=31079210%2C31079233&output=ldjh&gdfp_req=1&vrg=202310260101&ptt=17&impl=fif&iu_parts=21728129623%3A22455267735%2Cweb_eokultv_sidebar_top_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C160x160%7C300x100&fluid=height&ifi=4&didk=3578434505&sfv=1-0-40&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1698781909406&lmt=1698778309&adxs=980&adys=859&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fwww.eokultv.com%2F&vis=1&psz=310x0&msz=1600x0&fws=128&ohw=0&ga_vid=496794985.1698781908&ga_sid=1698781909&ga_hid=695587219&ga_fc=true&dlt=1698781907874&idt=1288&ppid=vnet5549f2a3c77244a3858e70dddb77fd4a&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Deokultv%26mt%3D1698781908592%26pager%3D1%2540site_geneli%2540eokultv%253Asite_geneli%26policy%3D0%26host%3Dwww.eokultv.com%26url%3Dhttp%253A%2520%2520www.eokultv.com%2520%26targetCtr%3D0%26pid%3Dvnet5549f2a3-c772-44a3-858e-70dddb77fd4a%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&adks=2073593936&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c882344872d884d0ecdca23bf8056cd7dd1f957018bc467c8c6b571b70a25ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14817
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.eokultv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
12 KB 377ms
376ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2929549923447421&correlator=4479311674609261&eid=31079210%2C31079233&output=ldjh&gdfp_req=1&vrg=202310260101&ptt=17&impl=fif&iu_parts=21728129623%3A22455267735%2Cweb_eokultv_tower_left&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=5&didk=3758309133&sfv=1-0-40&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1698781909412&lmt=1698778309&adxs=140&adys=160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fwww.eokultv.com%2F&vis=1&psz=160x-1&msz=160x-1&fws=644&ohw=160&ga_vid=496794985.1698781908&ga_sid=1698781909&ga_hid=695587219&ga_fc=true&dlt=1698781907874&idt=1288&ppid=vnet5549f2a3c77244a3858e70dddb77fd4a&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Deokultv%26mt%3D1698781908592%26pager%3D1%2540site_geneli%2540eokultv%253Asite_geneli%26policy%3D0%26host%3Dwww.eokultv.com%26url%3Dhttp%253A%2520%2520www.eokultv.com%2520%26targetCtr%3D0%26pid%3Dvnet5549f2a3-c772-44a3-858e-70dddb77fd4a%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&adks=2149371335&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b88d78537e053546fcf606f94ba42f7b1fbc7cadb13da5bcc854ecca3f2c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11804
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.eokultv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
15 KB 458ms
458ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2929549923447421&correlator=1252727506496656&eid=31079210%2C31079233&output=ldjh&gdfp_req=1&vrg=202310260101&ptt=17&impl=fif&iu_parts=21728129623%3A22455267735%2Cweb_eokultv_tower_right&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=6&didk=3499210717&sfv=1-0-40&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1698781909417&lmt=1698778309&adxs=1300&adys=160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fwww.eokultv.com%2F&vis=1&psz=160x-1&msz=160x-1&fws=644&ohw=160&ga_vid=496794985.1698781908&ga_sid=1698781909&ga_hid=695587219&ga_fc=true&dlt=1698781907874&idt=1288&ppid=vnet5549f2a3c77244a3858e70dddb77fd4a&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Deokultv%26mt%3D1698781908592%26pager%3D1%2540site_geneli%2540eokultv%253Asite_geneli%26policy%3D0%26host%3Dwww.eokultv.com%26url%3Dhttp%253A%2520%2520www.eokultv.com%2520%26targetCtr%3D0%26pid%3Dvnet5549f2a3-c772-44a3-858e-70dddb77fd4a%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&adks=1438585451&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c89d2d658d3eb7b158447aa0066f101a2a0458c9ff4c2a07fed0ccecdd61ba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14991
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.eokultv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8564 6 KB
3 KB 52ms
15ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.eokultv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 19:51:49 GMT
expires: Wed, 30 Oct 2024 19:51:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 362 KB
125 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19661

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08111d73cf694f4b8b7339301e9bb8f18326ff8e5bead87bbd8d7a9ead6e74c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127417
x-xss-protection: 0
expires: Tue, 31 Oct 2023 19:51:49 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ 398 KB
128 KB 51ms
50ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=10/31/2023
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19661
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 98957d94bdc0993764ef55e732f356f6535ca17cf0c53eeacd8f174af6be556b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:49 GMT
content-encoding: gzip
last-modified: Thu, 14 Sep 2023 15:36:49 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Tue, 07 Nov 2023 19:51:49 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E6AA 624 B
242 B 49ms
49ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYvbig5QEwAQ&v=APEucNXkxIUmE--JUnq-k9mYeC0yyhnhE2LflWIpoxb4Lwg3uHTILMqsYnjlBHkQX6sCNnOEGWAXbi-EYinO2epegj7g_KW9KxSfU2DuF09ZzrrrMuvHDW9syW9LNHmAD7rUXaFtJ2yrX9sWglVh50TX2qanf21O-8JQ86vWT_NIyRkkIvQjaC8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7001363072656594&output=html&h=280&slotname=9259565938&adk=630483377&adf=1964865421&pi=t.ma~as.9259565938&w=640&fwrn=4&fwrnh=100&lmt=1698778309&rafmt=1&format=640x280&url=http%3A%2F%2Fwww.eokultv.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1698781908728&bpp=2&bdt=854&idt=462&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7057876090133&frm=20&pv=2&ga_vid=496794985.1698781908&ga_sid=1698781909&ga_hid=695587219&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078238%2C31079192%2C31079232%2C31079307%2C44795922%2C44805931%2C44806498%2C44807048%2C31078297%2C31079248&oid=2&pvsid=2929549923447421&tmod=1731016079&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=JmKc7GgWSC&p=http%3A//www.eokultv.com&dtd=468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7001363072656594&output=html&h=280&slotname=9259565938&adk=630483377&adf=1964865421&pi=t.ma~as.9259565938&w=640&fwrn=4&fwrnh=100&lmt=1698778309&rafmt=1&format=640x280&url=http%3A%2F%2Fwww.eokultv.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1698781908728&bpp=2&bdt=854&idt=462&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7057876090133&frm=20&pv=2&ga_vid=496794985.1698781908&ga_sid=1698781909&ga_hid=695587219&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078238%2C31079192%2C31079232%2C31079307%2C44795922%2C44805931%2C44806498%2C44807048%2C31078297%2C31079248&oid=2&pvsid=2929549923447421&tmod=1731016079&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=JmKc7GgWSC&p=http%3A//www.eokultv.com&dtd=468
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 19:51:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A3ED 111 KB
39 KB 49ms
8ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 02:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Nov 2023 02:22:22 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame A3ED 7 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:43:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:43:42 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame A3ED 23 KB
9 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite_fy2021.js

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:22:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:22:37 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A3ED 41 KB
14 KB 44ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 365630
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 14:17:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame A3ED 3 KB
1 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15926
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 15:26:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A357 1 KB
643 B 11ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Wed, 01 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame A3ED 20 KB
9 KB 41ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:18:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:18:54 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A3ED 0
0 18ms
15ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9Nr1DJxjACaKFbnYcGJytkrHl0e_YAgWOz37dM9BaXQhHam_CKIQelnEi22DLNC87-IWY00aa66IBOO2Bvq6pn3Dwiw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7001363072656594&output=html&h=280&slotname=9259565938&adk=630483377&adf=1964865421&pi=t.ma~as.9259565938&w=640&fwrn=4&fwrnh=100&lmt=1698778309&rafmt=1&format=640x280&url=http%3A%2F%2Fwww.eokultv.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1698781908728&bpp=2&bdt=854&idt=462&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7057876090133&frm=20&pv=2&ga_vid=496794985.1698781908&ga_sid=1698781909&ga_hid=695587219&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078238%2C31079192%2C31079232%2C31079307%2C44795922%2C44805931%2C44806498%2C44807048%2C31078297%2C31079248&oid=2&pvsid=2929549923447421&tmod=1731016079&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=JmKc7GgWSC&p=http%3A//www.eokultv.com&dtd=468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A3ED 196 KB
62 KB 52ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca19a280b33c19e3fe4ca818cbb4b267bc2c702d0004a383f1a25eb15b220c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63005
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 19:51:49 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A3ED 42 B
63 B 42ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BwzjOmw7m9QCxhutxvCxRoTkrA1JJ5p0zhoA0eXo51eQwE2a8OrlJoXS_NguufDlUJbM2NWvAj9Oehu4u29MvV3gDqcva6IYicfFu93EA_GOxBpaE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5fe2f0a3e4b0b8eb9e6627b1
ng2.virgul.com/tck/imp/ 0
213 B 258ms
59ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5fe2f0a3e4b0b8eb9e6627b1?g=1&t=gb&r=153631@site_geneli@eokultv:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1&info=&mt=1698781908592&userId=vnet5549f2a3-c772-44a3-858e-70dddb77fd4a
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: http://www.eokultv.com
date: Tue, 31 Oct 2023 19:51:49 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A357
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI9emr-cYVRlCdyzxXKsJuk&google_cver=1&google_push=AXcoOmRYab_ZrI6wID4pozovGVkd_MimmcrSPK9dkS7aYLyxYEUTGCaVTmfeH7B-pQcPm7h-ni4j2FIsvjziXQm5DAidWil8Fdi4x...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODk5MzQ0MTU2ODI2NTg1OTMwMw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKjRJLNJfdfyIE7lexqsev8&google_cver=1

43 B
398 B

91ms
25ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKjRJLNJfdfyIE7lexqsev8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7001363072656594&output=html&h=280&slotname=9259565938&adk=630483377&adf=1964865421&pi=t.ma~as.9259565938&w=640&fwrn=4&fwrnh=100&lmt=1698778309&rafmt=1&format=640x280&url=http%3A%2F%2Fwww.eokultv.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1698781908728&bpp=2&bdt=854&idt=462&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7057876090133&frm=20&pv=2&ga_vid=496794985.1698781908&ga_sid=1698781909&ga_hid=695587219&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078238%2C31079192%2C31079232%2C31079307%2C44795922%2C44805931%2C44806498%2C44807048%2C31078297%2C31079248&oid=2&pvsid=2929549923447421&tmod=1731016079&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=JmKc7GgWSC&p=http%3A//www.eokultv.com&dtd=468
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 31 Oct 2023 19:51:49 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKjRJLNJfdfyIE7lexqsev8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A357
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMHD-o6tvTcOqxo4Oc-IIpg&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMHD-o6tvTcOqxo4Oc-IIpg&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TmFqaVNtbHAxUVhVTWQ1&google_gid=CAESEMHD-o6tvTcOqxo4Oc-IIpg&google_cver=1&google_push=AXcoOmTC-KNTP8SG_4H_FFPKbzxcaZOtNDEWgpUOp3G4Psb...

170 B
243 B

51ms
49ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TmFqaVNtbHAxUVhVTWQ1&google_gid=CAESEMHD-o6tvTcOqxo4Oc-IIpg&google_cver=1&google_push=AXcoOmTC-KNTP8SG_4H_FFPKbzxcaZOtNDEWgpUOp3G4PsbQwUhaffz5zGSodCBxeVXklqP1C52g5tybv2eKK7dYQzVmD3C0y6Skr3FBnr4SIuL6O63RbIXlrX_jAXEvIM7xhurLbhtEGVrgSMaqBE0gLa8pPPs

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 19:51:49 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-791-gff05a1f#rel-ec2-master i-0e375bc7960f51888@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TmFqaVNtbHAxUVhVTWQ1&google_gid=CAESEMHD-o6tvTcOqxo4Oc-IIpg&google_cver=1&google_push=AXcoOmTC-KNTP8SG_4H_FFPKbzxcaZOtNDEWgpUOp3G4PsbQwUhaffz5zGSodCBxeVXklqP1C52g5tybv2eKK7dYQzVmD3C0y6Skr3FBnr4SIuL6O63RbIXlrX_jAXEvIM7xhurLbhtEGVrgSMaqBE0gLa8pPPs
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame A357 70 B
149 B 135ms
36ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENGAjz0VasUZhUZFNu6F-w0&google_cver=1&google_push=AXcoOmQHXuGI5w8XDbM1C3LXhp1juClCRGVKupXpw1Dcucr71lqL9lPg-DV_CEvHVsY-AzWVA0cp9d6UiBU3bW0nrr4vmDS0HQog5MFYkyF1DPWHrMWDzeVQ5r-XCLaEU1LfZSA4VkSld_SqsJKN_05onooaVWs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7001363072656594&output=html&h=280&slotname=9259565938&adk=630483377&adf=1964865421&pi=t.ma~as.9259565938&w=640&fwrn=4&fwrnh=100&lmt=1698778309&rafmt=1&format=640x280&url=http%3A%2F%2Fwww.eokultv.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1698781908728&bpp=2&bdt=854&idt=462&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7057876090133&frm=20&pv=2&ga_vid=496794985.1698781908&ga_sid=1698781909&ga_hid=695587219&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078238%2C31079192%2C31079232%2C31079307%2C44795922%2C44805931%2C44806498%2C44807048%2C31078297%2C31079248&oid=2&pvsid=2929549923447421&tmod=1731016079&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=JmKc7GgWSC&p=http%3A//www.eokultv.com&dtd=468
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:49 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame A357 43 B
146 B 96ms
8ms Image
image/gif 18.196.85.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBC1YP3-GwlTtIn3RP6gk84&google_cver=1&google_push=AXcoOmSc7lD6NeuSCgSir-JnVgg0bgv7K0IuFCAvVL1c0gAs7zZ9h9EH2oelp1C7bYfGYEtiwFYh0c-BaA4pi5d_hPnz0U7biWYgQw7kotu8buIDO6JCxlwn18Rrvq_v9cnAnQfKySdxdSOUoWiEZv_PIzumKA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7001363072656594&output=html&h=280&slotname=9259565938&adk=630483377&adf=1964865421&pi=t.ma~as.9259565938&w=640&fwrn=4&fwrnh=100&lmt=1698778309&rafmt=1&format=640x280&url=http%3A%2F%2Fwww.eokultv.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1698781908728&bpp=2&bdt=854&idt=462&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7057876090133&frm=20&pv=2&ga_vid=496794985.1698781908&ga_sid=1698781909&ga_hid=695587219&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078238%2C31079192%2C31079232%2C31079307%2C44795922%2C44805931%2C44806498%2C44807048%2C31078297%2C31079248&oid=2&pvsid=2929549923447421&tmod=1731016079&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=JmKc7GgWSC&p=http%3A//www.eokultv.com&dtd=468
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.85.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-85-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A357
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFprYBl71VAft5CzhGntCVw&google_cver=1&google_push=AXcoOmT4-FK3Qh5xJ7XDXhWA_UrdFL_nM9MxhK8tzxEUq3xASzNhuGqKKdQB0fDYijZqFKk1vuYwd1lI...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFprYBl71VAft5CzhGntCVw&google_cver=1&google_push=AXcoOmT4-FK3Qh5xJ7XDXhWA_UrdFL_nM9MxhK8tzxEUq3xASzNhuGqKKdQB0fDYijZqFKk1vuY...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE1ODMwMDQ0NzgwNDAzMDYxMA&google_push=AXcoOmT4-FK3Qh5xJ7XDXhWA_UrdFL_nM9MxhK8tzxEUq3xASzNhuGqKKdQB0fDYijZqFKk1vuYwd1...

170 B
188 B

113ms
112ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE1ODMwMDQ0NzgwNDAzMDYxMA&google_push=AXcoOmT4-FK3Qh5xJ7XDXhWA_UrdFL_nM9MxhK8tzxEUq3xASzNhuGqKKdQB0fDYijZqFKk1vuYwd1lIu7_OWnKn_FPEfn9ddA5_68SpAddRmBv-bLRN3OPno_Kz5oryu_82It-70W78Vaa_6wdXpRt0JNTkYkU

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE1ODMwMDQ0NzgwNDAzMDYxMA&google_push=AXcoOmT4-FK3Qh5xJ7XDXhWA_UrdFL_nM9MxhK8tzxEUq3xASzNhuGqKKdQB0fDYijZqFKk1vuYwd1lIu7_OWnKn_FPEfn9ddA5_68SpAddRmBv-bLRN3OPno_Kz5oryu_82It-70W78Vaa_6wdXpRt0JNTkYkU
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A357
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEHBHYu051hAN58j3JTpfWIw&google_cver=1&google_push=AXcoOmSt1kC8pW2pmD950bf9RKLGQVKgFA1ljn84yQYfNV4kSIS68eKCyowTCc_Y9e...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSt1kC8pW2pmD950bf9RKLGQVKgFA1ljn84yQYfNV4kSIS68eKCyowTCc_Y9eajvjtuGerKPMpDE52MDMA3bkGFXpqbggKXhs8qoDi0yrff-u...

170 B
232 B

107ms
105ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSt1kC8pW2pmD950bf9RKLGQVKgFA1ljn84yQYfNV4kSIS68eKCyowTCc_Y9eajvjtuGerKPMpDE52MDMA3bkGFXpqbggKXhs8qoDi0yrff-uhkDENPsWNZvmZIsqMhmyhEite5ZxEQlEy2SOCuVPSKxgaq&google_hm=PLLz_zU3TFqm44rGe7qDkU0

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSt1kC8pW2pmD950bf9RKLGQVKgFA1ljn84yQYfNV4kSIS68eKCyowTCc_Y9eajvjtuGerKPMpDE52MDMA3bkGFXpqbggKXhs8qoDi0yrff-uhkDENPsWNZvmZIsqMhmyhEite5ZxEQlEy2SOCuVPSKxgaq&google_hm=PLLz_zU3TFqm44rGe7qDkU0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame A357
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEI-0XznoaKA2...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS1Ckb4DgeN9239VlRFjWa_ZxpeUskSplOJYhBguiVwnqto5majcSxkcxryczwAPOd_nT9kfsngL4CSvq2MjYcpkbXWpuvvM_1QNmKOkT9PNVfHf...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

188ms
187ms

Image
image/gif

2.19.245.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7001363072656594&output=html&h=280&slotname=9259565938&adk=630483377&adf=1964865421&pi=t.ma~as.9259565938&w=640&fwrn=4&fwrnh=100&lmt=1698778309&rafmt=1&format=640x280&url=http%3A%2F%2Fwww.eokultv.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1698781908728&bpp=2&bdt=854&idt=462&shv=r20231026&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7057876090133&frm=20&pv=2&ga_vid=496794985.1698781908&ga_sid=1698781909&ga_hid=695587219&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078238%2C31079192%2C31079232%2C31079307%2C44795922%2C44805931%2C44806498%2C44807048%2C31078297%2C31079248&oid=2&pvsid=2929549923447421&tmod=1731016079&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=JmKc7GgWSC&p=http%3A//www.eokultv.com&dtd=468
Protocol: H2
Server: 2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Tue, 31 Oct 2023 19:51:50 GMT
pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A357 0
130 B 72ms
21ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JEhAJQRJ4Q3sEW0yENUE8-AqAi-fTcra7AWp-K_chBbxks3kTTcci6SCcshZaOeu1tHFByoBM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame E6AA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELNXIYPcmujuSRs2XFo0zVI&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELNXIYPcmujuSRs2XFo0zVI&google_cver=1&C=1

43 B
560 B

3542ms
3532ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELNXIYPcmujuSRs2XFo0zVI&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYvbig5QEwAQ&v=APEucNXkxIUmE--JUnq-k9mYeC0yyhnhE2LflWIpoxb4Lwg3uHTILMqsYnjlBHkQX6sCNnOEGWAXbi-EYinO2epegj7g_KW9KxSfU2DuF09ZzrrrMuvHDW9syW9LNHmAD7rUXaFtJ2yrX9sWglVh50TX2qanf21O-8JQ86vWT_NIyRkkIvQjaC8
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAxhmFbXhCcOW61HH2qeqMoavDT%2FYF2d%2FHOq8HlmWxmbqmj31%2BBTjeovhUGIJkYWFJzozswPlU301CcIRmq9wpxesn8KeJhm3bf10ZAazP7GQbBY%2FhZXb%2F4qaizseSVYNLLMsecwXch5pw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81ee6f6abc7018cb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaQVkuV4%2FASYEnUHBsy%2Fck8eAtDrP1LMjEMhm%2Fw09k3QePhurW44Kj5eo%2FFL1pFl2DgjB%2FWnpaBmt8d%2BH8FBCz3qtrDC8zAkIGSF3CZCbb9R%2BZi2ZJiDijzwIvoNoPP2YKGvfrvB7QehTg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESELNXIYPcmujuSRs2XFo0zVI&google_cver=1&C=1
cache-control: no-cache
cf-ray: 81ee6f58b9e218cb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E6AA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUFa2Ap.pp0qfeuTJJMLIgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&google_hm=2

43 B
731 B

30ms
29ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYvbig5QEwAQ&v=APEucNXkxIUmE--JUnq-k9mYeC0yyhnhE2LflWIpoxb4Lwg3uHTILMqsYnjlBHkQX6sCNnOEGWAXbi-EYinO2epegj7g_KW9KxSfU2DuF09ZzrrrMuvHDW9syW9LNHmAD7rUXaFtJ2yrX9sWglVh50TX2qanf21O-8JQ86vWT_NIyRkkIvQjaC8
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CD0MXub%2Fctsj57FVRzwHEnlGsMgczeqWAEQcQcbeuopSgAf6AyiD98X%2BoScOqaPFWjSHYStbVzomyL8IU1yFWIAV3hTrLSDIrBY3lmj4ao3LQQuiOIOal%2FkCdYbkk4RPqVtTuJb0nqwrbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81ee6f80fe0365cf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame E6AA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIxRvseW3yzm-OsFcD8G8AY&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIxRvseW3yzm-OsFcD8G8AY%26google_cver%3D1

43 B
890 B

9ms
9ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIxRvseW3yzm-OsFcD8G8AY%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYvbig5QEwAQ&v=APEucNXkxIUmE--JUnq-k9mYeC0yyhnhE2LflWIpoxb4Lwg3uHTILMqsYnjlBHkQX6sCNnOEGWAXbi-EYinO2epegj7g_KW9KxSfU2DuF09ZzrrrMuvHDW9syW9LNHmAD7rUXaFtJ2yrX9sWglVh50TX2qanf21O-8JQ86vWT_NIyRkkIvQjaC8

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:49 GMT
an-x-request-uuid: 95c74d3b-950d-43a6-b65a-b3474ea75a2e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:49 GMT
an-x-request-uuid: 9da0209d-721d-4e1c-b379-d453cd68eec8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIxRvseW3yzm-OsFcD8G8AY%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E6AA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D

170 B
188 B

113ms
112ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:49 GMT
an-x-request-uuid: bc896ea2-c438-46b6-8307-52b157d8d5e2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 container.html Show response
89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F510 6 KB
3 KB 11ms
8ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.eokultv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 19:51:49 GMT
expires: Wed, 30 Oct 2024 19:51:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A3ED 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 496a58f55569b28d6eac2a280df6f71628de8e46bece472c1f16c7665ceb1abf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E74A 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.eokultv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 19:51:49 GMT
expires: Wed, 30 Oct 2024 19:51:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 26EF 624 B
242 B 73ms
54ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNUodONKdnaFHd45ywiCjW1XUd4-qZxNxi26vLwxi4zAuvPRsn9Pydc4luAarD88wrjQN1RNpzSOlOI52YlkLvfk1b9iNKsfnblfIZH5Hrjqc4ftJKom8373ZTAN-04mijtArHwU4v78zHwp7ZDZ0euSFw2bnIEurgM0faJK5XZDLPFokotWkM9VyZ4rD4uz5nJjFuMi

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 19:51:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F510 89 KB
31 KB 93ms
91ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 19:51:50 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F510 42 B
63 B 50ms
47ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Alb5R4jfR2KkPQ2Vq1NhBm1MnIk1TuoMrXZwcFTQgNI36qAKak2D24dnD_CSuItwMdo2EuyyVMIXgNKxY90yK04edpCKXx7b31JC9s0ctKgjBnzUU

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F510 0
20 B 52ms
48ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9030147274417227035&x=1&ct=76

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1520146/76103085/xbbe/creative/ Frame F510 260 KB
79 KB 143ms
35ms Script
application/javascript 54.170.148.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-C2MCOInJDTG4OPF_PtaTYuOecPWq41g0ilS9_W0wjFQUxFAgbIhr4N9eW6li8ZRj7WOrUOpPd9gqOwxmrzDcVb4tFRUPPHt2XTgAY0-oVc4ROrcaiJXE4PtbbtWiSU1IK6mIWlKBnWgxF2ato_N2z_tT52FDZXIYwiaJIfTW2x0qp2h_0SmRcAoCZ_4Ps8_kb0hZ31Zw33kpIVFaBpFtPi1yjYwHqoL5HJngAvvNh5lMOstYtkNTWvMnKh8Xrgv8Nn0_TnF4ClIcjAjVs4KGXaqAKgs9fmsBc-Ht4oEpaxjySu3DZoDfERzyKcffFqaxiuYg8hFOKnM9eWlT2CzEKOzV_1Zn2CxU0WhlUe3UEgEEPGkrwLPO3apBCp9QhPTWQiJDmH5FpUWgRZSJFLhAX2C1qAnjmSmF6KZncaOGKTV1JZFz5L_gp0r9oiOO7nXGYQ_Zo6WDRijYwbjHArT6DiGUery_e0mydzTHO24MFjrdIlTaikO9tT9K3s5Nc0b2bFJbfX0ABFxBcD5mvr7Dvu58izw72T2qLow6NH9dfaygMFT3qPLnxzkM4aaRZFQbFourtNfJIGYIquTDTXWDhmVwyU1JOejoyr3m4uL2yTlOm-jw45DzRvbtPjBTbWobUOHYNxV3HpuBPtvnGO-JzxCf0qQRjl8WOFUnXeMsebU0G3RJSo32ocwgwEyoPh61fGdKevNWdwzOW2jCUuTzyEggfRVh_iPmZHKFGBGdo6Oav_Dw78-KTM-8fsXURLGTPVhGI29dIgM4D55sFgJaJRdzomI7tjaVnt6X4HgF0dJLuuuetdELqEj3fJRCIBrRXbe228n-AdpQrY1I26v1UbldH-UMP4AFx_notaWQ_5IbbvRMAZzrp7vx4HB9c0Qg40-zgVPXQz7UQw5JUhytHIwO7tZzydGHxQvw-qjC5_TNOAmEnDwD77p0RzGP4us4FF_dHtAaiO8-l5ltDcvoxRKs_bApMmCHpUawLnTkzebcqOF9WAHs2LEVKZRuiRTRKiBeSarcJMWRoW_ayk7TUfzcW0ZhBRYhK2xI_1uvL8giis49O1tydL4HA3s3szY95_oAaaiEJ0l_f4j89ZgbzrwuOzUXwdHtmeVQddMW0iPO4R7f290Btl_wiOeaFvDdks4V_DHJY2yYrcfmEo-GIDNRcg5F-Z0Mo1aSdw7dvUMVpOQHOc17AHXc39Uni8hnj41db6JMaBPPJIorw0JJCk3UsctKU2YPMZXH7VSdiwAW7dhvjehyAuNBPN9Io1viISjWItaKXSmYLWnp6HNjjsO0D7eui5klP7TTiNPymj9r8i31-ucACqaJVbPPsh-5pGTIXy9AdJ6V8FTdBjhhtPVKomx4Knmkaz5JcT7UYa7Tg9GrkrfSRWWErSHaNnxc4QVj4YeV8j2em9gBIAWVSqN-0oVH9ry9kJSdsa5IpE7r7USK7SPMsOIi4qGVzytBanEJ5CFT8i3-xmwx4o9WK7WeU4GvD9j0jh6QAiy4Ls8rIeBRIQftEJvZfci5SKSPlYKXDRzA1qzSd1aO95ZeuICUL6Hz2aQPCQPQVfYdXLNOpDAQkKseTg7ciWXLLiH5oqPW0N38EUzgxN3_d_qyM4GLWC-rW-UZkIGkjhH9M2D6TNnxQyuC6HizBqihar5wvpcASnWtpQgL7Dgu0bAIOMIiCwH3RU3OnECKB8Ardp71C2XmmsRMxKgiko4OCVMOgbCXYeBKSQgCDcOCopLdVO2azqeZnVRE_ELwFzv-ZRxffWkcXwljwdDCkK_OVJnhZX4eRu47q16qGvKE2FCC2XKHCcdgsRqdfczqLkUUdnJr3lqNzFoyuJ_cGuiT4IkvAt1X9SVXVQX-1Om9V-mJu0k2ypdP1V4O2YJeGU_fqcKwUGwW0akE6r40epJ8jEGkJHv9ueUuNt6cwt_62nxnzEVgGcdeyk8YbRuppYhKndHZ4M2O1khBkqwY8ge5H6131o1LUF0VNszkB8zxjW_TXtUHC4I5tlk6wIDt1vwjInNksJ6hwV--EUvVD6ce_5fjzMOfDpui3Tx_i163KZk2BrZAgJN9M4l4W2MAqQ16mn13c_JIcXcXgi9as_Y4BnXSeeHSpydXYCNcTIUlQgBx7GXRJF8o_vGTFLLU6VQJjKD1ZhAFyIr0wAfM9EhWl-nIPvvoxOZ9oewRiAtW9WAKUJOdK_pICl2Pp0iaAU_S-yjkHg11JlE98KBkdyteDywy1CUyWceYW5exosHGX9VgcNOdWw2XwEjbIJECTQ4RgMPEdeV8VsrZMR5SgNA6alCJfU-PBJ9J_vXqQaf9xoRJhHtb4Pw-Hqfb9ftzgzlQwG1N449YwnluYa4pvWV9WWFt3DTry2Hz8uLaKngxaQ8Z3u3noALmyrWA9STAu6Kohxtb-tKRFy-NHOsRC5lx9KAVBFdr5RWlarJw__omr1BFa8X8MlSYAbWWSH8YKX4czbErEyvYdFkxUIoTpJvY0Px7YWRW02KeGF_c2b2t5pHjrdIEFoveWiiPQJn4mgxWXyGKnHGTrx30NjL5bedntXiRG_JEbq1znu4G-XPEjyrlGmyoCpNHlgqVc-fasFDW7C_W9sAAN1c_8mqcNsiwOOQ3P4KpGNSR4FffBWoyDnQPlrik4C840RFWwaokA7D-ISSvP3THZ1HL5iZpetuppqftl1vBTjn9inZLkJK6ZWXlSMgznvpESgFlVKxu86czoCH3gWamvI5ZARM4Up6aUAmX2FWeTpzFSTWIrtXsv19J0sXlODFUoYBbI7-hi5NqZXFYK3Xw9ilmh1ZYTM8qftFI4UQyuCCC6_WyAfMLN9YwYII1kbrJSkJIFnCS_m6MWDmixpOfU-r-XISPcqyO4MbfUrPGcRdgc7qSiPjZ_uBGWr1q9ILeQ-LwH4vypnBhWWF1fHwPUVACrEj2vwhkliJjmSuxZC8OBChiCWmpg9txfV5HX4CnNaU7iCSpQY54iVInQP3Gsael1MLDKsUlyKN1B429RQiWZ7i_-WrN64M1zEOK4Y8Cx7SrS0O5cFhXK7Cfwj9g3jqnYTVr8SYylfbGesf3dF3ZJyM2vt5vAYT-cwFTSdm_q7QxlB9Ktu-CYiA-hB24FKo2_pgf7RV8XwDI4N_suVaITd30vZdCVLf3_Irj6DUwW3pvhEmczbSeGcUsGfO_Nmv2mH0tZFcbil4utF0yCRYv0z4zmlb0p8oIBxRapEO8-D7WEZKYQcM4bd8rYxvep3q8ZBn08IynRq3DpNNDS7IlzEcdPCXUV4DLG11vBR1c0bribIUD45PK9BD9WYFlbk8gFR5NqSiAD2lUWwY-ZZCXj4w_SbUvA2EFLkbY7aEzMOGTB3x7rPcSHDM9dXph_LioV2c7Jkxpqez4Bkbrdr-0YAJVoV1hm16RfEO9AWscGKzHA39vGzThX61oYqZIhJF_ULtbm5WSFEBdLzVxxixrCfJDn9ST3gHqQm5CbF99beZvTovlm25mKVO5nC46yUCc8Rto8_dn6kaFPk75dSn_KYBC0hGb7BLOK9dBU0swISntdymOHX1niwYY7Yzyyg7V7JpHJU2pyoop-RRtBf41PWydE8V9PFi_zfeMbVn1xD3118eYKccNC_mcs3jQmkfTS7jFxJq19HkUuNkldYAv7eqT46olZD9rhfS8V-LSDjS3-ZzoGPt6r8teV_LUClrhsIwS35LCFMy5etPF1u8zLP-CUuTv1XR065LQuqrX3hWapfV-P_vt2r2-b8PM-ecthi22IeUDdWX-OZPQxZ_A2yByJsQyOYKgV881_kaoKUH6yVoNt-VjGDFubb_KJFSLiILD-CQMLJvuEKbdwd8iUl_gAlVG6eOzxEwVEYRZAWwZurmRWmxtyJV1yLP8yO699iAAdowOPHRU9pMYK7TZCjx_aCatfvnUTFwLYKsqPEZxbnecynU5B0snvMDq2P_63blrQulE3lC8RHuhw-CmuQGRlwIz9UILrQFAFFN5zRJfZ5DnyH6FeTGsO7uTohtb8qK5GrFV629rE1auRuIDS0CPsb_WUEyLzu8fPxq6VyJPdvcqfwRalr2ps5BdT_IVZI2UdHopxFNya5Kgz9jBsAuUGDs4Oz_4MLIS32MOhxO0zgb4Tkr1gSRhpTCAQSTQDICaaNZ1_LAu5_j1OlE3AtyXt8ccC7Sg0kQookZtN4PcUyMWI_QP00FUfm1olmTfmluzuBMOAR2cuq7seq3ehThpTW0Rg0CekFrceQGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=20409787662&bidurl=http://www.eokultv.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0ht-ixWnC2v7QKWsrkBFOz7
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.148.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-148-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 71f067c8fb2fc14558c6f24df9adab0781e227faee33df8f9e82be59fcc41494

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame F510 3 KB
1 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15927
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 15:26:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame F510 20 KB
8 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:18:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:18:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F510 0
0 38ms
36ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSs-Yj1V3kJF6tyuMCei4Q-k1ko0opmwTPce8dCIFi4eXgu7Y0rhwztigdgqkdN8KKR9cUUzPNyxO34M2KamPKmhMxqRg
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F510 188 KB
59 KB 34ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 19:51:50 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 747F 38 KB
13 KB 18ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 365609
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 14:18:21 GMT
expires: Sat, 26 Oct 2024 14:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6539183625060334138/ Frame D100 20 KB
4 KB 44ms
9ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6539183625060334138/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d008aec3f531b30dc0b3c142d7b1ab36fb678ecff748d469a3247561bbfd510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 303647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4394
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 07:31:03 GMT
expires: Sun, 27 Oct 2024 07:31:03 GMT
last-modified: Wed, 29 Mar 2023 14:42:09 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A3ED 0
0 107ms
52ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssz0FHGdai9PAbI-Yp07JHVBCbgXkjlOfWKbX1XT30rdTDgkMJ28Av64ewuWcH6O-aOwqx7m5ZoX6hn4TSXw7LVzUi2QAy81Ah_oWMRhJHcbNvmR81o2Y-zruURznNegjgdUaFZTGQjFEXzf2YDHDTHaY331kK4sZlDWKDcJIMwUN5a9favPcRPFwJV-htouz9J9KAIup6TOE2ajjhc84gB2Xc2LFKPC4HxTar2YpTtcVmvdmNKghOLGwoP5Fj4clNBM_mYbFFKKpyhm3nVoi6vHvVZFwWeFQo1tTIPJ0P9LNBN-sSD_BOgcF--tKolp_sW1pA5pV_oq-PetvlNIHKq2HiRZXQZYTo8qxT-230qFLrok_-qBXtr1LZPWK9CoAZyLvUj1smmtLxfqL9We-eJnR6DpdFpz5zDKeJ6ZztFiDIwXTKSl2hlsOAgQUb2cJrhfsFHCd8gBh-zV6bWwetfQabR0pIdr7f83blbPbgkGvCt0IWK8k5S0moQQMsaSaIyZukj1Ql9c0zNsbCLhRxPTRXIke4M3_c9AKBnvOeIdQGjsyMUDGmYz3vSmTMKFTm_bP629Z9v7bT4xZqnT95AiFqkPBmARPGDSjdxZQdQm8jXV9N9-8q7NVHKgMtnlgDB9NKlghn8LLARMwbbLzjOf6ooKkc59QhEONmBNFr4PGFP3uKKiAZjrsN3ZcpchSw1a5iu1h885mVQd3C8mHOsa-1CgMnFyDYIOY-FEE4w9BsUKabwIOrSsqGgNBrj9G3lDorKztDiya0Iuky2qTMQ2fA0xayDxpjPfqiE9rvmM8HVgMNIws8yD44FSvMixqXS92XxmV5cUJjM-ggLfiGiHBpVRUjB9-wCUtqgp1ol2DDBO7_66Xxwvv7xpt1EVQZEYpkWqN3qt3O9QHlfYKGyd8NOs81hGK0tB47NbTnNsufoOmDVUTVeUeNAIa_VQRAqJ6aq6syklPBQ5KsBT4aDwaKnPipNmoOKPLed6ZrD_1uj--SJWayZleSnr-l6JrFnOvv_23tJZazT0U4_gJNE950cCixblHSWAWx73LwaDkfQeE8_LUZjEbxi0RwILyhxudsW59oIKSqdWBgdX_TTy0xAkG55LEQEMS96U5rHsewNqDWTu5gHQ91wdHj5NFerdrd0Ba9l39Y7TtVtoJ4V6364vDuKWYkwiuJUFs6ibi_efkKAo8EdgpsmJuQABjkNevAQ7wZXBSAwfS5c963iXUiiKhPJbhTXsFAc9Yd1tcpbNP-sdVZXSlz1jBfKYl4yGc3Azx2V&sai=AMfl-YR-94YHARILpNmYpPdf8d47ZGSzIFFAHfBbwKDUslw5zk0K6MQyGyFidh5WfYUJMIXSa4g6dDrQVazLoRasEIWsc7hAJXiSJZL7k3hBZrf_JK0AkAxN2KQ9vDXju4NtYvsKufbCZKtgP6Iiv53yqlMVKmSmRj0XothLaiZ-uoDCJs5sL3Lh43QG_qov711tePTjSsKs82vAqLnS4e5EAh06VqSqHwVuTJkvmCO4LRY_HNTxb2pZ4EyjgynUpFQtz54Q2Ql6FGy4nfTlr8_9hVxozYLInHkV5usvvwuDNCBWABnPM6jvrS2bSogdZGWDdDxuIyb0k4s6cPs6-c08yLSHl_AjaFCQe3fiCHZTWw63LaR4Cpbd0epqFWZt5wQiGucNh2yNEcYVV5UeWPXxaIe62aF9R3YDSXIPJMD0l0pRYJth0a5t&sig=Cg0ArKJSzBEkqhtls7cyEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=304&cbvp=1&cstd=299&cisv=r20231026.21287&arae=0&ftch=1&adurl=

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Oct 2023 19:51:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4B83 6 KB
3 KB 10ms
8ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.eokultv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 19:51:49 GMT
expires: Wed, 30 Oct 2024 19:51:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BF16 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.eokultv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 19:51:49 GMT
expires: Wed, 30 Oct 2024 19:51:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D582 624 B
242 B 66ms
48ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNXPVrV0DBt9CYdLP0Rq8eSxpV1RZmFbHTMLZn8CdgxhgUNgdmGH1VUoqDgvK1EOB3wqbhFM7wTRk0s4ntBZDcrAolJS37iCAUdeVAw3gQ8KrKg8u3kzOByDnO7NK6iROaMg-FDo06fNUPC9O8SzGF_M_LN6yp9cdyDArDBZ25d_pebxuuFy-ssu9OABrMXwDaXWRWvG

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 19:51:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E74A 89 KB
31 KB 114ms
113ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 19:51:50 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E74A 42 B
63 B 45ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BR_oLHkXjVrfLjFiHaeTAR_kqGFYodoUhYAXlv4eiEuvVukuXVH_opixfp5cbR3q8v25PSzNNzPQJSMwK1QCejuAB8LYLBV3N_5d2qxZ7wKkL0o5E

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E74A 0
20 B 44ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10065548702176176293&x=1&ct=76

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame E74A 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15927
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 15:26:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame E74A 20 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:18:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:18:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E74A 0
0 17ms
15ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS46SQzrTYuw9WbodlD5_WKU8yq6tXAduKudlqvLUJbsm-V-qxhPwypdU1CxtMo_1HzpbAR_aQ8vs-r0wj4lrVAQ3VtCg
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E74A 188 KB
59 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 19:51:50 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 26EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&C=1

43 B
743 B

27ms
26ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNUodONKdnaFHd45ywiCjW1XUd4-qZxNxi26vLwxi4zAuvPRsn9Pydc4luAarD88wrjQN1RNpzSOlOI52YlkLvfk1b9iNKsfnblfIZH5Hrjqc4ftJKom8373ZTAN-04mijtArHwU4v78zHwp7ZDZ0euSFw2bnIEurgM0faJK5XZDLPFokotWkM9VyZ4rD4uz5nJjFuMi
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKYfi3anpmyqvhh%2FQoOrFAjI%2F0kt7L7KMjEX2ZmH4dn7eb%2BHGkaodsR1dicprKS3ym4O7Y1%2FoIBDL5pdBUG0PuUqmIFhaBEPTWhMnC%2F%2B%2F5%2BRjeleaeRdy%2FE6izWx6%2FYKl8%2FaUtXcMoPe%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81ee6f6c6dc965cf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cInT2Li71%2Bbln5emUyTFquxprAcTkSN%2F%2F0NLtd%2BUowbE32QoXne%2FWByVwmpfMbosMEeevB1R6GDkw5WnCLBKs4mFwfRwuTCOHuiJZZchFBI1QtJn9vc%2BnoLyZB3ecRxSvHspMgQi1EbttQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&C=1
cache-control: no-cache
cf-ray: 81ee6f5b0c7418cb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 26EF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUFa2FpXkycoI6WRkN.ciQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&google_hm=2

43 B
735 B

27ms
27ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNUodONKdnaFHd45ywiCjW1XUd4-qZxNxi26vLwxi4zAuvPRsn9Pydc4luAarD88wrjQN1RNpzSOlOI52YlkLvfk1b9iNKsfnblfIZH5Hrjqc4ftJKom8373ZTAN-04mijtArHwU4v78zHwp7ZDZ0euSFw2bnIEurgM0faJK5XZDLPFokotWkM9VyZ4rD4uz5nJjFuMi
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDr7i8jQGV1h4kvKrpxiIRdk%2Fxp5KHdY%2BlMAwvumQ%2BQlmBSfSN2iNskF1pOfwT2%2BKxzhTFASSDbR825x1mcBqpLhbvUVrmXMdoJYhMpvtyDevP6%2FSE5GcnfDKxU9fouXxY4DmrtjYy8pNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81ee6f6ea85865cf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 26EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH3RCBqN5_WgbNXsZyvxkYc&google_cver=1

43 B
843 B

32ms
31ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEH3RCBqN5_WgbNXsZyvxkYc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNUodONKdnaFHd45ywiCjW1XUd4-qZxNxi26vLwxi4zAuvPRsn9Pydc4luAarD88wrjQN1RNpzSOlOI52YlkLvfk1b9iNKsfnblfIZH5Hrjqc4ftJKom8373ZTAN-04mijtArHwU4v78zHwp7ZDZ0euSFw2bnIEurgM0faJK5XZDLPFokotWkM9VyZ4rD4uz5nJjFuMi

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
an-x-request-uuid: 16a47fda-af14-4161-b5e3-aa47f7d8f40d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEH3RCBqN5_WgbNXsZyvxkYc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26EF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D

170 B
188 B

307ms
307ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
an-x-request-uuid: 1cb15bd2-b71c-478e-a082-cc13b064fe8f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 8d07b282c8e661b71feb1e048005bbde.js Show response
s0.2mdn.net/sadbundle/6539183625060334138/ Frame D100 104 KB
30 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6539183625060334138/8d07b282c8e661b71feb1e048005bbde.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6539183625060334138/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4ca7dc00ebd21774414cb682d0c1dd4d3b7b864612e2a0daa610112503d56d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6539183625060334138/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 375123
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30387
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 14:42:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 11:39:47 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F510 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6427053213159&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F510 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6427053213159&version=m202309260101&ct=76&x=1&cor=9030147274417227000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F510 16 KB
12 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cj5KHzHaaqPxbH4F5edBSyKWmeUv2xdsfN_-LexHkLlEpbt0oRztdInEJ_firj_7pWx4vShMugqDPk8x9r2sZqeb3JJwfavG5--xLccG6v0IJkdb8Af-Ogq2bL1NiKfEZsfpnhAzrYNF7wu6yQWmgxFpG06cvCSgFLcCQZgRtP5d5eSmQ&cry=1&dbm_d=AKAmf-Ar7KFr5q3mp_9aP5pkwydD_n4sLBfqNor2YdZKLvs2f407b_R_IoIzpML5zVjVubqUcgRI-WGe6eAQklFkup0NqVWzx65MesDZ1jiX9iBEEJI0QZUShoUP_-lLSyDlc4x9dqoxgpLZeRHR3ykDPE5zn8rrH_oZkJbVfsQDUM029rK_hHjgMDsCA90LqlCFX15f_WVYw5QAG2IV-yAYgPK1qmt8kkwtdQO_TfMUPULY3Y02pDvdaxXWbkkfC1HaHUoRDebb4p9qUcfUOh_MjqHm6YjwERL4F4jUWHqa9cfZGIiBDuRYjHiKnjME2_LmRzVChigUPJmyi1syftHOF7n9JclQosbSP8ocX6MswJGIVBsP9r55_Qv6s0oik615IqTQzf8I1TqC685g9hUJfhJonMTAH5PnWQO72ArJY9LC9sQYhSgKNpGCXELgUNjnNXIUPABmf350mq-tSIpZtDyRSzReLx8AWh3xaDyBdCL50YGC_bSd6edc3_Bg7w3Q8OVGzDmUUNEIEIagTemk3fT1CKVfwgSBHuW3bHLwbL3_ESBlQyf39e7b2KuuBphlgX-Ic9bNl9NWXLhG4H76UXsGMs1Ek0gRKmfX6hDF3b5VZjNRAWzJO4QZw6fakTN_ofKpGTRlUT-u6IcUWW4i-5oG5_HdeY3PJG6ZbTIf3naCmDnz5wZHMx5QLERY4giYNY7EOrp06fIWjMMgACuMkmqYSigs-b3R79c69AFOzzt2KIDH8xMWsLwBGr1BKV8klcQth9wzL6tjsdJaLpoX5xUgA7VYpo68GxACZHjUWMAbo7jgGMWWgEpZne_Nepc7bvonwTl7Pacdmx7xfcCK6JdljDnraS3az3SqIwqGaGf06XyqgMYPrS0b8768NhO2wX3qr4aWhnaFWWT7w9rEsb04oOY0ZCMi54POinWMYprRHauiN0NyjJ00rgFCMhxPkA1mAQhdZshsa3fPnwS_TC0FaNw5XhDREy6k2lYvbngGsrno_V3wVMLAmpECf4VF2U_r8qRpbsaZv8BywEHLtLK1q5NJjd-slncYtolqeu2TxYUIHrXgDttyCeu4Buuhf-SyZVgP86JQ_ose8ujDSXTCRtEzy0s7-0yRHnJF35Vqllc6gkAmwmnPJ03Dout2m2QsqwsYiuNLc5NSbEotUQW9Xpj5TUjk7CQkuinWsGBySTE4YwMBFFLI9-3Vk1HHB2dqNtHEM5W9CRKRFuHWU5UhiZDUK8vNdxFOxnI1pcPI3spYKGFUKLDgFPisdPpLckkv-8sqN9tD8mYXNrgCUZcZ6hezQlNzDypMkqg5OfhBTkrRpJmLvYPPOs1OVIUi53sCVNdMt4b5zu__jOcPBsD5F0rWIxAf1oE-PPiEtbeK0voGIK79xSt83UJOmt_v9g14rlLx4uvzDFenO2CscDvqdbq8Xq02lC36uy2gnqea4W3XZ-aF9WdMRT9l9TmKi1ZoE03Cm31xsXOpVW1dXlAJyj7Op_qZA7qhghLhkAjKlDylxeG2AUZLf8X880i5c12uEjJFGXYdoEXCNghJdvo_fIPip89C4oGzR0X1syiLAJiuVG0U3xedd1sXsFQoGtFbzGB045P0zsD9uuDXUJzlo5PvL75kI3M0-X4OggyJ3bUzAzqbvHmH-e-abzhYb6M0FrptF2khP7Fu5z5i66ibQWWB-6T20RaNrY5crdSmdJ7ag_lo5Vf6lrZQKVClJTcJs3dQ7GbTyZj1-KuN4GCrTHptNl7yOZhJIFxcAawyFSuhC-Kj48mbT5vPwfZIKlAbifSKEa266H1CTElqH7-6f5okVnG00adTm9_2KQI_cP00azdbmNMjn5M6VAIgZpSEAHc5xrTSrfG9pfP0mX_kIvzkyKrJlMyAYK1X5J6X6QnK6Ypmi7t7Joy3tPZOmEn08uiEIi6yfxdPZEVD4FnnfbMi6oiQTWngUYHKvZRNb2mIlcXCj2t8T813kaKbuzFKJw1fJF-TmrOn-ZChi5bfOdW2mBxsEhUt8Iur08kLDYlbTCsHh92QIySi4cHcmMOgc5ZeKFNiaJcSSHnwDBHggHOdKReZ1SNCjqULpDjWC47NdN0Gt8uiZLBO6yAOO4VS6ygH8bGqOSuft2_BbT8YMyLywg8BcobES8M7hoXUfOaIOH1iNxnvgzBcoWz9V077cn21_OQgBJBvQCZJLVxEr_r16n9IH_ogO21iEdi3hzeX5lawOM6Dw26DD-IA5MGX0mvcajdNZXXRUiVLoaoDys_tSzWK5x0awTV0PZ8VPRch0H4h55m6_RxtjvIjWpBfjCoDlVcBR5m2j4seO7KXQDmfme3FYLIhT5ACRF7pBFbQUpO2ZP8pqOdKOVlcSg4yuQ7k6KaU098sxWkYvH3udL2cLrkdY6iACLUCpr_K8tYzjUFABuNGd7JUVBr6KZJ1I2P1aEkuYvg_ELXwLGlKHF5zdqjURofMnR5Pd-WZyEgzHudVxWQ4TuuYb-BppLnWB3aNY2h6BtDWWIUNb88mFvqUAci559UVyGgvgXasKwg6LQkNWmOSU0iHoyLmY6b_c5sypCzbzkQiHpUI1eE1PNaTu9zjjSboRScKJffqWk8GZ8aT8XzO22n1dxCPe_ihF5aFU1xmkophlh0y8kn5DNmTKwMPGv6dbvHd2b_Wh9PDsSVCmCLlV83KDdHZjlzDk3UzaoMgfGT6P8btkSSEs3jaoJvnsYJQXrp5PZqY6px5zDxWPLeeJFQxzxtgrNVSHntAEvUYySMulkE_jbyNUCDacOiFt3gvA6caCC9R9mFvRTOyOqvj1Zwr3ZVXq4M_5wR1dZQwTY7WFIQX6SfUu5M9-p1pc1bDPO6qHI55KGKfDOQkkTsccg6ceNIjUyr4D7gPC0oww4tWwr4uCBbEdzpZv1_BeVt1UY4W-_hifTjYHVjDbqFluGIaItUdaAh0Sf_9h-BJyM96bpUrJnC24Vp_FkniNhH-hbcWsVJtfN80UdUjCciOHrCr_AKom5HWBZGXQ_WpRlHGrxV54wahB_KKeAM5Gp54qQOIlfPNOE159Lel5eVt-mE9B11DH96rmKnnF10iZ2OYQmCSb54_LkOy7sd67XuDoQloE8XdW1tLvvMVtNsbCaC5dUHI4th1bmOzUffdeWNY_USMy_xHLug7_aFqyLmxIWK90-ZAfHX98WgY6_OEWHs1_Y7juc5oljBhjXtS12SnbgHHHwDab5rAee8f7U8BbxsNoacTZUWSZE2Mbg_sSncSiR3SsXbciW-r&cid=CAQSTQDICaaNZ1_LAu5_j1OlE3AtyXt8ccC7Sg0kQookZtN4PcUyMWI_QP00FUfm1olmTfmluzuBMOAR2cuq7seq3ehThpTW0Rg0CekFrceQGAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.eokultv.com%2F&ds=l&xdt=1&iif=1&cor=9030147274417227000&adk=3047537735&idt=103&cac=0&dtd=24

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ed73c544b9a0a8e2b42bd0cb7b5d00af6e77b838cbe55485e7e508803ae16fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12638
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0040 624 B
242 B 64ms
47ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNXEpmMFjSWBwh3r2-r201i1zSXsoODvmhxc9Dh_M_7qMXa7odsffg_pvs-nBt2ciRi-iMkQj4nTx2viur_0og1WFQJIJwtGCjLmrgiOzOeXzEr4DYk6A9CH2kmKM4KXHNILXj6yvBoi1hO-croFDthHSjMe7b3uebgtduFLbDq5JdxM9qbxQsRdQ20UUBpMcoPq2KhC

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 19:51:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4B83 89 KB
31 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 19:51:50 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B83 42 B
63 B 45ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dp1_r7SQBr-yjncZ3aAZOoAgiVLrs1KLtMYQN_RF7xz0goRVrkuEENnVRxe-gA2Wei0VGxWC52dqox3drZRGW6lLRBHkif8VQ0KIx6X--u1CvH6yE

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B83 0
20 B 45ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18252408594768162505&x=1&ct=76

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1520146/76103085/xbbe/creative/ Frame 4B83 260 KB
79 KB 36ms
34ms Script
application/javascript 54.170.148.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-Afi-2NB4dQzoLQn06BhQRcz9Y8861yssZ24S9AqglX_qhEFD8OF4QWsoy0LVS7urqprYumM6nwHvfIHjEMyaKik1YuhtgVIHvRmSoLakppBmclKxHzuAUqLV-DcczWP6ZitdtO-a9TnXG37nhf_LF_Y-uVs1_2o8RZ58x24l5BPBtq5DQS2RYAoCZ_4MHdRExkkCmGXwRrBMcCy802Xtqh-kmzTBA6yNRtXX1ov0gu-C8kim9cEb3EiKfluSrvsnj8BYHaCXvPjirFl1aXSrEQXA3bPIdA-8_Bvow8VbLmPrNY7EWGcXKzZhl48dPnlqbs7fHCWjJ3tPNVu4bi5107n3EaG1r5Dm7kZSsT-q1vnFm_9GB7kgQyVBa37Y-f7Tip3AhCm36pLLPy1dkfCQuimeNASjji4citfYwmw0hLD6ZXe361e1sA8bwHNFzhYHSo3jOurPwxo2833QZpOiV3_4QHFs48b7XSU1_Pq5O6OAXsDWuwwoTuq2bZjkrpNuhH8_Hn51qfQR5quljykjIbs1q0XWvyAWbyPI-GhffoiwcYlFj8LCkFUzW5-Q8PIzcHIakQxtKhP8XkCEQ01Z0SebHEHJPvJQwrJuamBGwC6owkiru6YfSmuCJDOY1v06NrMFqbHS1bl6U6RK4nno9rbD8f3bUTXQr026nVaKmtBOm6kmVDWbHvKUxz1IjHqSO9smSjNrycKCtrkunZ0803bFmN2SnoSisB4XtEwcJ0fmEbkMlIJXnis0PKPs8hvfIGd2agu9BVSUlClwpK8Wb8_61k85dFYGHC5eTeu9cv5b0t-S2AmqyRoyckas30OikCJJaFevH0FViN-7N0J7Tzq59OXW1kPXp1APsde9HZSnFIwiMrKQib8Rt7UsVPSv429H3_oX9xtzTIpGnATlsCZhIIjHN_RowaJEvt-Tg4lEBmntVE79ER4H-oMKsIu0eUsdZABIKJR3LZEylfH6sR1gd52Rpn_B03qWLvghRjaTygwczrIQYn5AFN-IVuOxNKnhWGYEc32V2k6X95jZhf1yW4unfgkEWQhycaNhOmpfblULF7O065-I2c0CYOafEvx1PaaM87FtCZ7rR-moo9v2roObc5zyzm8Aeu3k7_iT_qE3qHqxnFBxgXbpL-JnyupFinnFt4m8K8MA1r79Fnc0Zu7aNUGbt6YTjbQtIOvBb1aYINgiv3MRInEhfC5F_ZS5hHvUkIS06CnItLoSQ7ZSGpDUcXoL7eJ9aJnAGiAJ82MNW_rOPBwC5Me7Hrv8iCJcpXKKWstN07PbXkBP7_5bNAT_k1mckvejbBh4zQ1xAUy0K8HmD6K1CFE-uWYOoOePuew_haopi9OY24sHtXrX_J7rq1pqPcJWtWSlB0zqP9RnTTUf-a5MQ2geRCE_QtYhGnlgM9Q2xIb_gkXPPIknSHG2jid6qc0YK2kNBUpUgJ70ubH2phWepERZ2U52G-Zhw3rptCGL-poc5Qd5uZzJpSualHGA4N1VAu3eroHRlBdJ8yl7o_xJAixVMV6JSL8XVRllm1h3qB_kIN2Oas1ffImgoYlpiaNqiMHwjvOLt3J2LPR5Sp8PttmviCaYnc3ICVYq0QhxYhoxcgp6CU8OGwAnu-DRNTwulHjwyoBsWka-kkoyyuPoR8xaA-ojPzzjXjvetrhXZt9SjZujFANLl8AgS6nHEtj-F7cutDRWUmceKA1xMGsBYVcqXA_KofemMGbQfzRwvVECoFwubOW-LGSCUOWa7JRItcwsEKsYgKXEfgEvx1m0tMMeX_co3YfRF1UoHZdGrL4Qy33H6qev-oi0PXA0xeDAzJDJkLFZjErATINcZmfENymADN-qkq3xNe-zAauxzN_1tnbDE0ZjQ8BfgnMBzV5XMCCrmgmnNnoIkG8pVqVsCqqs_3JeaM6cXrAe9dBm5-pul6dWCKCnt03mCAS6g41zpUb0s58OnwV6TyC1gl1QjtNTWeug5peLXCs4hDFPgzENgzf7HrWKmw43mu9wgukCcw1Z22IWVaOxSvZELHplgDbJlXYCgVOW49EnXKM6k_7ixgGxme93VM6JF2TRqgrZUbuzfzoX-h-AtrftOJVa1WtHNyL7dLXhraE3S6P_23K47Og_aDlUvHL6oPyAwQOzjCRI8sTTBogbPFpD4kph8fpwomxMN6zr4CjP80X3WY3FITXbT5goUsYSalY3pE1EWolwHJfF4poKSyGRIjziJJB-P8tx2dQDBnFGQqzHoZoZ351z8DfEh5Qku8v3slIPGyDqR84DLBcSM_7sYN67EryNlThw6-PgypfCSU7tnhjCBKqv9mXTVc4Kd6nNZBevrCvQ6ZC8o6OR3AOduLdvsT_misSmmO_NYJaWzAKBlh0S01JiXV1Zxx5YGbvq_R_wDo7YeR0TbZZncjNmwtR1MknGQM5jYm9i9BzJBpC3auHcM4zsEZwNWjJTwQdfkC4D_t38-8podim6WmjG-N_Cp3lb-vFQVHASZJ4TTMfIYeeln1YUrohFa1ON_4z5H1lfLlfPM3CsJu0I6JLLkhvuUydVS9hMisHrfEA594RZYV9rKgXRzjZ4DDYYoVsX244O-1fxXdFcMugpxvbPi7qmLaKkepXdUH__BIvrFMloZoRl5O_Q7bAetDcpH_DAk-CZrQ_fX-DObjRciKT7trPW30Rc72rU7TtvYCKf-6coNpxfzFT9lobpb3PyHdA_AxYu4WCDe-a3xTbrIeN4jCSKzjPX-eqR2bC5aJw2uBhCy6PQIoMu7Q1FBWaNA7TZJzpTYoWjzylpTAgQJqZT4j0XBCbgsS1pa1TbgZ1JBBDy2CEjDo8McwmjuCr4HJj_TlTlKckXr3941Yi9UEvsKMQf3hYSuYiGkTKiuN9fXefeRx-l7c2sPA0q5yRBXM5ZXZc5i199jvxh7JlYWyjZxEAkcRZZFRdUERLP5I0BwgBggRIKdmf5UNOWwNfHynaXKWavu2KKY4nUdIaLnTi2OhUQvkUwiVHqzIL7SYAqViYahXyM1o3CFxsh0YtCQT2we8047ASwle2FA3pvflb3rNAzeALxKGwsJKL0d_Eqk2fbKXJuhRJUvBikLU0wVi_iGmnZjbyWfDVVnwQXHHkRG-PeYIjO2F_4TaM7odf_EAkifgNLxZBaEqSKWt_Gx5Jm5Orw2mnvKCGqVS3ffO7B1hPN4NwiUNjyQTaz0MITYxjoal9dRWB8FT44fzM98s1mqj4NFwdWPqtwVef7j9Ia4E3fFo3fQoz-F3sfrmaEoJEO_FhdIFuqJ1K-p4tOVulWIB4Gum0O2RmyNqSjbPUk0Zz6v5WF7AAGTNZC2LKVtfnF6Wxh2kebTaa-6Y71KOkmAmkn4oQ8-2dYCEe3kc9EjBlHW4uj6AXJpqYYekLCBPlZXTUrcgkJjStjAGoIKbvapG5lvnSnJh1lODBImkPCSfFev9uav3g9UzJIWHD60-SK6Nkb7Y-FenIednBvyDVEsr4_BuGwscLtSt5GISOA4G_-M41b4003Gb0UHMetZQvOAZMnSLGKksalHA2NocACtifStL1BCE8vDgkvwC5Iw_5YSR1YjbzIWqU5QyPgYDVeDdADrRwefumSF3tZYM3gx0BxrOwr4Kzi38PfUVfvWiGsRhFKcFJfF-1ge91c7yVqlo6o3r1VYxRaCvc1KUXV0oyQeQMw_ZPDEBf0gyu1e-qewoWGHL8Tyv7IBXwOv89elzrgY9z3dst-kT9X9CSjLr-4IMmD5apJ9RY8SuA5IVx98uvGtmJ8KelpuJWm0z-SLWi4gvRqbOZF1wlhPSWsutOraJMsjy2Vp30Q6-IeXUZHMvQoekxQ85LL6qhdGvhhws_3_RyGTzUMXnk7LfThVS-s1TreUvXQpAUtMriNVsTvzAKjB6D3zlxSxoMYvTGh9XbvtS1-3rMbFDZ2nAbmoo3GLJ_C2wxRz9F0UphBgwu5JkCFq7j1QlX2wh1bwedQrzQK5_avE92RypLsxSdQ5wOjqP5B6RAKdna21O9pR_NRqurY033KUngI1_hnrPaUlYLkh6Py5UGlQIBBJOAMgJpo2EgWJWT6au1r6vUJCcN1yXKSIXp8zq0nlJVx4D8YEqvCzTihUE8bbf6xrFPd4QTlpVu6Bv_5TGXlSJhsVFEGwo_yOnTrZD5F-IGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=20409787662&bidurl=http://www.eokultv.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jtiqvQdlQbdhcAvQFx7R-U
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.148.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-148-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b28d6ab76893a74a79af8101ec52c977aa41f24cfe99827d1b8aa15827a06131

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 4B83 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15927
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 15:26:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 4B83 20 KB
8 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:18:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:18:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4B83 0
0 17ms
15ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQACtq7hA7lAjJUuHXTjkJaJufrIVDNs1N0SM3vOLSH0Xq9MsnpE_-d9WCk4Il2jvwjaz1T8CqhWRdtQvqCaY8t9nUu4w
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B83 188 KB
59 KB 2118ms
2116ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=ufswebdisp

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 19:51:52 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 05B2 624 B
242 B 65ms
48ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIL_ofABMAE&v=APEucNUDGYN9VbSAaPu-0TksqOD-tF6Ik1wHc709PB15x1L3E0AVRjG_XZSMMJ1YqmVxHMNM7F6Spf6lHCJPpntSJtoJyXyn1MCjf2evUYPq5MWmESq5Z40Mt8vf8f1SN_o0QIcN-Hx6bnSStPv5W3-MoUcaRxls48efZGQErzR1oDlYZB1LIYtJfOFVEeDRnPLt7mfZ7Gpr

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 19:51:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BF16 89 KB
31 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 19:51:50 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF16 42 B
63 B 45ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AP0iIEhXqwRydHZLOL-e0M2oQen9f6YBuNy3kqwMFu3P1uSdRVqWW9Wb1OP949s3cJV6_sQxC_pwg_ub_OZseSm4YHFrKQthv0MMZCS_Z0jCetdhs

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF16 0
20 B 48ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1661149157785097651&x=1&ct=76

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame BF16 3 KB
1 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15927
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 15:26:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame BF16 20 KB
8 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:18:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:18:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BF16 0
0 21ms
16ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfKqd-i16_g1rmO5jWBm0jltsaaOF81rXg2BC54g9SMEh_NgEnmg-v8QGOqW5VyR00zAxhK7g-u5lyWTTD56Q86KQSag
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF16 188 KB
59 KB 19ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 19:51:50 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D582
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&C=1

43 B
736 B

106ms
105ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNXPVrV0DBt9CYdLP0Rq8eSxpV1RZmFbHTMLZn8CdgxhgUNgdmGH1VUoqDgvK1EOB3wqbhFM7wTRk0s4ntBZDcrAolJS37iCAUdeVAw3gQ8KrKg8u3kzOByDnO7NK6iROaMg-FDo06fNUPC9O8SzGF_M_LN6yp9cdyDArDBZ25d_pebxuuFy-ssu9OABrMXwDaXWRWvG
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlqruNR975UA%2FXy9IVJ8vsl4mEYCOJGEaz%2FaV%2BRD4ji8x5vKBvgOp6C0EYwAfNUwDYhNEeLho4u6%2BbqCyD1dtjAh3xtFam%2BvFCumJ9qBg3dfRnzz6v4N71Kjlnx8kBZPrtZz3sVjBfso3A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81ee6f6d4ec465cf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U87dELlSwuk4C2UED6mvvf4KLMA3FUHygOyZfe7CkuZ%2Fdav9kBsFlCMJONok2EXi%2BD23stsdcpd9rw4DWUumz5WtJRCfjgv3N%2FJH1yCyYBqINe%2BVCffwPwqcUK78CKhQiv1t82VL2EvGXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&C=1
cache-control: no-cache
cf-ray: 81ee6f5c3da918cb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D582
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUFa2QJnME7sALFiiQ6VEwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1

43 B
736 B

31ms
29ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNXPVrV0DBt9CYdLP0Rq8eSxpV1RZmFbHTMLZn8CdgxhgUNgdmGH1VUoqDgvK1EOB3wqbhFM7wTRk0s4ntBZDcrAolJS37iCAUdeVAw3gQ8KrKg8u3kzOByDnO7NK6iROaMg-FDo06fNUPC9O8SzGF_M_LN6yp9cdyDArDBZ25d_pebxuuFy-ssu9OABrMXwDaXWRWvG
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mm8Ncsx9zDtuRICwPi%2Bf%2B3kJa4oQkFu2pLKW8H%2F6WSX%2F1sPK75kjasKO8a%2Bl8mtZ8Ssn4CGmeAwitrMR0NbQo%2BdZwOoNQ9rPMFjEJDfCYvgEV40tXQg2MDoQ7B0jGgxlKndi3IpWsa%2B3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81ee6f6ea85b65cf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame D582
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH3RCBqN5_WgbNXsZyvxkYc&google_cver=1

43 B
843 B

8ms
8ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEH3RCBqN5_WgbNXsZyvxkYc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNXPVrV0DBt9CYdLP0Rq8eSxpV1RZmFbHTMLZn8CdgxhgUNgdmGH1VUoqDgvK1EOB3wqbhFM7wTRk0s4ntBZDcrAolJS37iCAUdeVAw3gQ8KrKg8u3kzOByDnO7NK6iROaMg-FDo06fNUPC9O8SzGF_M_LN6yp9cdyDArDBZ25d_pebxuuFy-ssu9OABrMXwDaXWRWvG

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
an-x-request-uuid: 2e4f24a9-8b6b-42f6-977b-b79b29062564
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEH3RCBqN5_WgbNXsZyvxkYc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D582
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D

170 B
188 B

108ms
108ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
an-x-request-uuid: 3f361edb-0634-46ec-8d9f-a151f8f0e15a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 747F 38 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 15:26:24 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame F510 41 KB
14 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cj5KHzHaaqPxbH4F5edBSyKWmeUv2xdsfN_-LexHkLlEpbt0oRztdInEJ_firj_7pWx4vShMugqDPk8x9r2sZqeb3JJwfavG5--xLccG6v0IJkdb8Af-Ogq2bL1NiKfEZsfpnhAzrYNF7wu6yQWmgxFpG06cvCSgFLcCQZgRtP5d5eSmQ&cry=1&dbm_d=AKAmf-Ar7KFr5q3mp_9aP5pkwydD_n4sLBfqNor2YdZKLvs2f407b_R_IoIzpML5zVjVubqUcgRI-WGe6eAQklFkup0NqVWzx65MesDZ1jiX9iBEEJI0QZUShoUP_-lLSyDlc4x9dqoxgpLZeRHR3ykDPE5zn8rrH_oZkJbVfsQDUM029rK_hHjgMDsCA90LqlCFX15f_WVYw5QAG2IV-yAYgPK1qmt8kkwtdQO_TfMUPULY3Y02pDvdaxXWbkkfC1HaHUoRDebb4p9qUcfUOh_MjqHm6YjwERL4F4jUWHqa9cfZGIiBDuRYjHiKnjME2_LmRzVChigUPJmyi1syftHOF7n9JclQosbSP8ocX6MswJGIVBsP9r55_Qv6s0oik615IqTQzf8I1TqC685g9hUJfhJonMTAH5PnWQO72ArJY9LC9sQYhSgKNpGCXELgUNjnNXIUPABmf350mq-tSIpZtDyRSzReLx8AWh3xaDyBdCL50YGC_bSd6edc3_Bg7w3Q8OVGzDmUUNEIEIagTemk3fT1CKVfwgSBHuW3bHLwbL3_ESBlQyf39e7b2KuuBphlgX-Ic9bNl9NWXLhG4H76UXsGMs1Ek0gRKmfX6hDF3b5VZjNRAWzJO4QZw6fakTN_ofKpGTRlUT-u6IcUWW4i-5oG5_HdeY3PJG6ZbTIf3naCmDnz5wZHMx5QLERY4giYNY7EOrp06fIWjMMgACuMkmqYSigs-b3R79c69AFOzzt2KIDH8xMWsLwBGr1BKV8klcQth9wzL6tjsdJaLpoX5xUgA7VYpo68GxACZHjUWMAbo7jgGMWWgEpZne_Nepc7bvonwTl7Pacdmx7xfcCK6JdljDnraS3az3SqIwqGaGf06XyqgMYPrS0b8768NhO2wX3qr4aWhnaFWWT7w9rEsb04oOY0ZCMi54POinWMYprRHauiN0NyjJ00rgFCMhxPkA1mAQhdZshsa3fPnwS_TC0FaNw5XhDREy6k2lYvbngGsrno_V3wVMLAmpECf4VF2U_r8qRpbsaZv8BywEHLtLK1q5NJjd-slncYtolqeu2TxYUIHrXgDttyCeu4Buuhf-SyZVgP86JQ_ose8ujDSXTCRtEzy0s7-0yRHnJF35Vqllc6gkAmwmnPJ03Dout2m2QsqwsYiuNLc5NSbEotUQW9Xpj5TUjk7CQkuinWsGBySTE4YwMBFFLI9-3Vk1HHB2dqNtHEM5W9CRKRFuHWU5UhiZDUK8vNdxFOxnI1pcPI3spYKGFUKLDgFPisdPpLckkv-8sqN9tD8mYXNrgCUZcZ6hezQlNzDypMkqg5OfhBTkrRpJmLvYPPOs1OVIUi53sCVNdMt4b5zu__jOcPBsD5F0rWIxAf1oE-PPiEtbeK0voGIK79xSt83UJOmt_v9g14rlLx4uvzDFenO2CscDvqdbq8Xq02lC36uy2gnqea4W3XZ-aF9WdMRT9l9TmKi1ZoE03Cm31xsXOpVW1dXlAJyj7Op_qZA7qhghLhkAjKlDylxeG2AUZLf8X880i5c12uEjJFGXYdoEXCNghJdvo_fIPip89C4oGzR0X1syiLAJiuVG0U3xedd1sXsFQoGtFbzGB045P0zsD9uuDXUJzlo5PvL75kI3M0-X4OggyJ3bUzAzqbvHmH-e-abzhYb6M0FrptF2khP7Fu5z5i66ibQWWB-6T20RaNrY5crdSmdJ7ag_lo5Vf6lrZQKVClJTcJs3dQ7GbTyZj1-KuN4GCrTHptNl7yOZhJIFxcAawyFSuhC-Kj48mbT5vPwfZIKlAbifSKEa266H1CTElqH7-6f5okVnG00adTm9_2KQI_cP00azdbmNMjn5M6VAIgZpSEAHc5xrTSrfG9pfP0mX_kIvzkyKrJlMyAYK1X5J6X6QnK6Ypmi7t7Joy3tPZOmEn08uiEIi6yfxdPZEVD4FnnfbMi6oiQTWngUYHKvZRNb2mIlcXCj2t8T813kaKbuzFKJw1fJF-TmrOn-ZChi5bfOdW2mBxsEhUt8Iur08kLDYlbTCsHh92QIySi4cHcmMOgc5ZeKFNiaJcSSHnwDBHggHOdKReZ1SNCjqULpDjWC47NdN0Gt8uiZLBO6yAOO4VS6ygH8bGqOSuft2_BbT8YMyLywg8BcobES8M7hoXUfOaIOH1iNxnvgzBcoWz9V077cn21_OQgBJBvQCZJLVxEr_r16n9IH_ogO21iEdi3hzeX5lawOM6Dw26DD-IA5MGX0mvcajdNZXXRUiVLoaoDys_tSzWK5x0awTV0PZ8VPRch0H4h55m6_RxtjvIjWpBfjCoDlVcBR5m2j4seO7KXQDmfme3FYLIhT5ACRF7pBFbQUpO2ZP8pqOdKOVlcSg4yuQ7k6KaU098sxWkYvH3udL2cLrkdY6iACLUCpr_K8tYzjUFABuNGd7JUVBr6KZJ1I2P1aEkuYvg_ELXwLGlKHF5zdqjURofMnR5Pd-WZyEgzHudVxWQ4TuuYb-BppLnWB3aNY2h6BtDWWIUNb88mFvqUAci559UVyGgvgXasKwg6LQkNWmOSU0iHoyLmY6b_c5sypCzbzkQiHpUI1eE1PNaTu9zjjSboRScKJffqWk8GZ8aT8XzO22n1dxCPe_ihF5aFU1xmkophlh0y8kn5DNmTKwMPGv6dbvHd2b_Wh9PDsSVCmCLlV83KDdHZjlzDk3UzaoMgfGT6P8btkSSEs3jaoJvnsYJQXrp5PZqY6px5zDxWPLeeJFQxzxtgrNVSHntAEvUYySMulkE_jbyNUCDacOiFt3gvA6caCC9R9mFvRTOyOqvj1Zwr3ZVXq4M_5wR1dZQwTY7WFIQX6SfUu5M9-p1pc1bDPO6qHI55KGKfDOQkkTsccg6ceNIjUyr4D7gPC0oww4tWwr4uCBbEdzpZv1_BeVt1UY4W-_hifTjYHVjDbqFluGIaItUdaAh0Sf_9h-BJyM96bpUrJnC24Vp_FkniNhH-hbcWsVJtfN80UdUjCciOHrCr_AKom5HWBZGXQ_WpRlHGrxV54wahB_KKeAM5Gp54qQOIlfPNOE159Lel5eVt-mE9B11DH96rmKnnF10iZ2OYQmCSb54_LkOy7sd67XuDoQloE8XdW1tLvvMVtNsbCaC5dUHI4th1bmOzUffdeWNY_USMy_xHLug7_aFqyLmxIWK90-ZAfHX98WgY6_OEWHs1_Y7juc5oljBhjXtS12SnbgHHHwDab5rAee8f7U8BbxsNoacTZUWSZE2Mbg_sSncSiR3SsXbciW-r&cid=CAQSTQDICaaNZ1_LAu5_j1OlE3AtyXt8ccC7Sg0kQookZtN4PcUyMWI_QP00FUfm1olmTfmluzuBMOAR2cuq7seq3ehThpTW0Rg0CekFrceQGAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.eokultv.com%2F&ds=l&xdt=1&iif=1&cor=9030147274417227000&adk=3047537735&idt=103&cac=0&dtd=24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 365631
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 14:17:59 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E74A 0
20 B 42ms
40ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9930797156773&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E74A 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9930797156773&version=m202309260101&ct=76&x=1&cor=10065548702176176000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E74A 106 KB
41 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhTodNZsWFU3i8N65lHSG3-Q6md0nKn7TuyJFowjkwm43pTl5aUVYSqmL5Jun22MdH6f2t7ni4XUdO4FR5p-K44H6b-k6mkXLoGGibeViUoWuZUDZiwwmMF6f3Sl6iL_gM1H4UZ1zNNWCdvxQerSImVu8Ltn4rcwdgDTEPqp0htXzysaM&dbm_d=AKAmf-C3ECJVt--GBrdLuSdcUcXwTbJQVpSazzvOsbgFezl0e720gBHsn-JhJOXJZ2Wa2OhhMg-be0b6_MT-UU3tUo94WNOZgqyH41INUK93JBQVi3ggngP7kjyuk8NuuO4ulLmNbep2xanKh9gwhviy2e_q6C7UjI8xM6UJt1QDOo8J4RpchtN0oXXMEjR9fa0hSdYdI31PvrXhLHQZJpNK8HuPG6GMbGNYJM5z1WgcTl8UXx9F6XuK4yzVArQiQd6g2K8TiWqPaiZar4qOErvP6HVAjxWEUvhhY2lq1QNA6yxVHJXa6z370Oq2mAyBdhDXZzS_9QpgQZq6sOtLPSCR9LOP-T-FpJEWwvyuEbH2bKBQK9_PmY6FboPORC-4QKXpylaCT5kjdk5x6XwNjEeX8Nlv2cAOObsZ8tlYqCP0N-EhdRF_XwM2pqswvE0GJwX-XNYltoEWOyERUUNVraxVlB-iFw0QvbQlr7wxcSiioLvzVhK0hVbJKNPIws4G74Fohd-xSDLyxPleXxDuL8vSvTyDE1BcM8qtK2iqv36aENFZ02bB9uMJiVzRq0H4NZocDFJtTl4-dl3g9RRBYdqUq6WiPLkGhayKDrrqiqchPnLX8Hefhu7G0ye9kcWAez6I56B5dX62f1S2vSrAM8RWuI47DkerN_gwRMUIcglwzxs_mFBYq66Qx6eS5_RXXBX-nJbs4AFZjyywnPpy-R20ZeOru96koeGcZAcx3IR7mJKej9T--TgAHOCjtPbF1RwObpMiXEcgxUX5U-cMcHtqumplFvqXvVC_PsI2ltHDg1gP94nEuHpE40I_wC7u10OKScia9T2qrdrtucKkroQlYGgmg9cCdjoGVBAoPboXP2JBQe9YlIHw19onp5I_wY9gYbvSNiIokm1b_71k6MxKk0wL6Ls20EidIkBpNB1HH1JjBwYeKzKjU-XJymfDfTywVNqL0YnG0KBcqKzC-Mf_jWeVQgezrN_clUEJ3iigcCGvhgQ68Z2vf5GzUicDl6tnPWLFTKDHMoImh89kZNo6XJ5ZyKAE6z2jGYv5EsBroHCXtzn1SB2W27HBoP0P-0b-fxUYJMbIdJHiWQ42o6PMzBdFVo_ZDudvhsx-17NWWqGiE-GQ7flz9DCPn4tIEvSLXZDhTY9HJsWr3EvTA9cbPUsTqXWXNa1giPubM-zZgjrWkVMbu9vtEnsGju6VvYvCmKH5lP-BhDzaZGSI2YSm95NEDtLe72I9mfmvEw-tkD91c50qsfyvByX-8806zOpYGayylhjFoqWtXH8uh1xnhqjyuA_uXsQB28IpMgNsu5BlJ1vm8OelhpAHSzmR3-coExGNeQ85dkiPVi9kDOpQjgEM59SKWxSlfCJ1Qce-zqcUsUs5jtCnPD1hc9KwOgvbpCsZKeQmYwU5rRO7UqsdPnJCoYYdlNmZ7ZnjcgemThmGgckfW8f0pTRvVVYTV0Oh87qOuNr5pAByCbIhcB4LAOUsQ7FGG2EWxukwydLVWgPZjuMY4m7P4gIDUjndW9IIooc11q2AX_UZs83XNjHknV1HbuFcTl8MAeN5sTxdrloKeLqNFgkms-nLCMeiyHu9P7hvPXP0vUpZc5Y2Bnm_VDLEwP4drjQGkbXFEwDzRQLUpGtEJYbeK1VHUend-wx3OTz-9c1-dbHPe6Adgb4rMyX1sJCGnrPcLoSqkt0NHpH8wpiS4zUhxMCIc-5id9vmARgQfQy4sLUgcsKwBqJ_uILWh1kC_jPmK1nEc2F-1uef2OkEV0qYScNhP1mfK_mIu70CvhUtNQ_cm6ApW2W1SoXPInWWHUlg1gk_u4R_c3Ud6mX_EIJ6r61NZIUWG0VBIZHrYR0OmSe8tTQen-6qRa5qR-znRuwrYkdGr4R6T10JjlM8O4A02eSkyD6Je__B4fdIHTEGZZUQnBYXriCBSX116hvmObXsTfhj-IeHAd25dgjYUpJRXRjqgdj11K8ZG2L-qlVMIZ3jm07Dzk0lXGA6XxX8tr2XRVwFsUD9ijJZFaDIIhd4QaE461Tz010BPHe94Vuez-u9b5l5K0M05yuRAHNAgKNsBGVbyyl3eUJqgkjqOzECBtaW0pDCeigJyssn9LrXecnIyrbHVSXVHcbrYOLHlCjJBFG7AVJEhKAsJft2n4TJ6j2DW0FLbqI2I9j8j15OMOZPXCYUnPxAstuFht9vONTLLyGVkAgx4zBlbSVlzVMF3dMa2Uj8_LG02EJ6RKZ68chSmHMVnOZTS-vnwAqPy_VBX7mL9MyjJwQzC0oxBYPniE2kvOFKcT4k9USb25IZRGiEyxZoWi5C_nn26lpcJfWC-6DodrAvyFXPNHH14gTXQvYGthFCfxv_mIlKhqTuhM_wQyjTr6INMRd0jkXGqP3N0iOOOrSmJRyp2ctLYTFR7UVuT2m_WSRvHk33yNROT_Awc6CmdCYc96IWaUO6mOWn3DH8DAxPVCQr6BgmEdjjITY-fw4MJtv_VwOQBhzycc-qSQcnI2N0aKgCm9j8UnJdVVJjNK9PvG-5pGv9UnzJCLOsHP3lX9mpaBMD75UR5dk3NprfMQ8zwq1aeOhO8Vqxq5TgcxYS9WQMYo7SJilrmaSMKw455UsC5zBGdI_OE_hwkV0c7SbavT6Q_Vl5U7ZBi3vCNQZM53jEh7e7Fzd23hL0EI9ycUt3AKBqL1pVDIpV3SYCKEfE8laCRUoVptyGo6uqCo5zM3JlFBnzwgBQHfH-K7Wna8p4Mm4tAMq4-FwDg8ld5IWBpVcvN7E4LGss93yrcML4yCFJLUUAb0esnROUC9w0ma0sPURd-Hdj_p0g8QzyNZ8QTPKPhTIFLWlI07XDlKhsiRP4efc0syF_1mpD556GeCyeQJtHbCawNqq4jI_sATwbbziJrbje91Nf5Y1XEmz6Y7cpfFyPVNP4rVe2u1BLyt_l6dQu3S_30Sf7EVnjqG0eTW3ZdM03b5BNmyy3lL2xB2yiW9rXAlbyIL1HqwQZekQXwDUFdBDz9HefuAES6_8p3MtWoI56X0cMiaAz0d_T8hC9wrIUOAphBMI0nYs--85s2lptacKFVf5GESPmPqNj9ROKwwjhf7XBPlFr2Ml0Ws6L1IgDa6vA7CGblViaLX-sYGVWTn6OByF6LLBP10u1GgZ4jVsqMl_tU9BGlzrexcpuTP77NLrYTt84MkJ1eWxRD9ZWjD2-k84MAUnTN2ZAPosJ3FunungRPj8G7xmeNG-XTV7uval_QZoasf3smChmHvYuxjsolRJDyC9z1FYUhjMcMkkGCGqEhHHjc20TI9KFhgk0Ly9QxoJjOVnQ1_ma6vYdhY3fpzZ3OOb-p-ypksslXoIryW4X4GlaCjwXq7buF73HOCJ5VJ_59jANSH2-PtY9jFYtUHJad6Qi97PvZKLYe4ABjRTDBOt00O73X__SJL4nSpFXMaeAERs1Ezpspb4kzVualdrZbgttVb76BKlOP3SsvCMWZBlEXeABq3ebWPcqm46z7EixmNjd3agy7RBhetJWP1j7Z68EO2RynX1TwpDlzFaQk3srMeH2ktBzv1V-wr7DrK2lHoifoaC9SdjsDtmfQjR97zZNszzZlGvjujbeEUQw_2lMRWLCJkDD_3zGvkKJwTS9gROUUlHDVDcEkvFUpsnjIOcvC7BzOsVTkm2mJxqRQzQlr4gRH6uFeX0pY3Enj0r6UPTJV2j3o8C-G10axJoliPQbUkofJi9HfVaCrJUnRZr0EDFmQMyg-M7veEx9qQfhyQspNrJ9qjlcxFis&cid=CAQSTgDICaaNMY8mk1HnJfo1cxRrHpRivc0B0oQaRaw-LoonrrquM9zOFhW2OFq1fwbmolazIMIlJTxx4VhmZVXr47IZXpXyteZW9DddllR4AhgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.eokultv.com%2F&ds=l&xdt=1&iif=1&cor=10065548702176176000&adk=2857193498&idt=144&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f63c9bcc64b615ae9a416b2afce6d2c1a62254339072f1abae805ef603150adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41824
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame F510
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-C2MCOInJDTG4OPF_PtaTYuOecPWq41g0ilS9_W0wjFQUxFAgbIhr4...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-C2MCOInJDTG4OPF_PtaTYuOecPWq41g0ilS9_W0wjFQUxFAgbIhr4N9eW6li8ZRj7WOrUOpPd9gqOwx...

72 KB
25 KB

146ms
57ms

Script
text/javascript

142.250.13.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-C2MCOInJDTG4OPF_PtaTYuOecPWq41g0ilS9_W0wjFQUxFAgbIhr4N9eW6li8ZRj7WOrUOpPd9gqOwxmrzDcVb4tFRUPPHt2XTgAY0-oVc4ROrcaiJXE4PtbbtWiSU1IK6mIWlKBnWgxF2ato_N2z_tT52FDZXIYwiaJIfTW2x0qp2h_0SmRcAoCZ_4Ps8_kb0hZ31Zw33kpIVFaBpFtPi1yjYwHqoL5HJngAvvNh5lMOstYtkNTWvMnKh8Xrgv8Nn0_TnF4ClIcjAjVs4KGXaqAKgs9fmsBc-Ht4oEpaxjySu3DZoDfERzyKcffFqaxiuYg8hFOKnM9eWlT2CzEKOzV_1Zn2CxU0WhlUe3UEgEEPGkrwLPO3apBCp9QhPTWQiJDmH5FpUWgRZSJFLhAX2C1qAnjmSmF6KZncaOGKTV1JZFz5L_gp0r9oiOO7nXGYQ_Zo6WDRijYwbjHArT6DiGUery_e0mydzTHO24MFjrdIlTaikO9tT9K3s5Nc0b2bFJbfX0ABFxBcD5mvr7Dvu58izw72T2qLow6NH9dfaygMFT3qPLnxzkM4aaRZFQbFourtNfJIGYIquTDTXWDhmVwyU1JOejoyr3m4uL2yTlOm-jw45DzRvbtPjBTbWobUOHYNxV3HpuBPtvnGO-JzxCf0qQRjl8WOFUnXeMsebU0G3RJSo32ocwgwEyoPh61fGdKevNWdwzOW2jCUuTzyEggfRVh_iPmZHKFGBGdo6Oav_Dw78-KTM-8fsXURLGTPVhGI29dIgM4D55sFgJaJRdzomI7tjaVnt6X4HgF0dJLuuuetdELqEj3fJRCIBrRXbe228n-AdpQrY1I26v1UbldH-UMP4AFx_notaWQ_5IbbvRMAZzrp7vx4HB9c0Qg40-zgVPXQz7UQw5JUhytHIwO7tZzydGHxQvw-qjC5_TNOAmEnDwD77p0RzGP4us4FF_dHtAaiO8-l5ltDcvoxRKs_bApMmCHpUawLnTkzebcqOF9WAHs2LEVKZRuiRTRKiBeSarcJMWRoW_ayk7TUfzcW0ZhBRYhK2xI_1uvL8giis49O1tydL4HA3s3szY95_oAaaiEJ0l_f4j89ZgbzrwuOzUXwdHtmeVQddMW0iPO4R7f290Btl_wiOeaFvDdks4V_DHJY2yYrcfmEo-GIDNRcg5F-Z0Mo1aSdw7dvUMVpOQHOc17AHXc39Uni8hnj41db6JMaBPPJIorw0JJCk3UsctKU2YPMZXH7VSdiwAW7dhvjehyAuNBPN9Io1viISjWItaKXSmYLWnp6HNjjsO0D7eui5klP7TTiNPymj9r8i31-ucACqaJVbPPsh-5pGTIXy9AdJ6V8FTdBjhhtPVKomx4Knmkaz5JcT7UYa7Tg9GrkrfSRWWErSHaNnxc4QVj4YeV8j2em9gBIAWVSqN-0oVH9ry9kJSdsa5IpE7r7USK7SPMsOIi4qGVzytBanEJ5CFT8i3-xmwx4o9WK7WeU4GvD9j0jh6QAiy4Ls8rIeBRIQftEJvZfci5SKSPlYKXDRzA1qzSd1aO95ZeuICUL6Hz2aQPCQPQVfYdXLNOpDAQkKseTg7ciWXLLiH5oqPW0N38EUzgxN3_d_qyM4GLWC-rW-UZkIGkjhH9M2D6TNnxQyuC6HizBqihar5wvpcASnWtpQgL7Dgu0bAIOMIiCwH3RU3OnECKB8Ardp71C2XmmsRMxKgiko4OCVMOgbCXYeBKSQgCDcOCopLdVO2azqeZnVRE_ELwFzv-ZRxffWkcXwljwdDCkK_OVJnhZX4eRu47q16qGvKE2FCC2XKHCcdgsRqdfczqLkUUdnJr3lqNzFoyuJ_cGuiT4IkvAt1X9SVXVQX-1Om9V-mJu0k2ypdP1V4O2YJeGU_fqcKwUGwW0akE6r40epJ8jEGkJHv9ueUuNt6cwt_62nxnzEVgGcdeyk8YbRuppYhKndHZ4M2O1khBkqwY8ge5H6131o1LUF0VNszkB8zxjW_TXtUHC4I5tlk6wIDt1vwjInNksJ6hwV--EUvVD6ce_5fjzMOfDpui3Tx_i163KZk2BrZAgJN9M4l4W2MAqQ16mn13c_JIcXcXgi9as_Y4BnXSeeHSpydXYCNcTIUlQgBx7GXRJF8o_vGTFLLU6VQJjKD1ZhAFyIr0wAfM9EhWl-nIPvvoxOZ9oewRiAtW9WAKUJOdK_pICl2Pp0iaAU_S-yjkHg11JlE98KBkdyteDywy1CUyWceYW5exosHGX9VgcNOdWw2XwEjbIJECTQ4RgMPEdeV8VsrZMR5SgNA6alCJfU-PBJ9J_vXqQaf9xoRJhHtb4Pw-Hqfb9ftzgzlQwG1N449YwnluYa4pvWV9WWFt3DTry2Hz8uLaKngxaQ8Z3u3noALmyrWA9STAu6Kohxtb-tKRFy-NHOsRC5lx9KAVBFdr5RWlarJw__omr1BFa8X8MlSYAbWWSH8YKX4czbErEyvYdFkxUIoTpJvY0Px7YWRW02KeGF_c2b2t5pHjrdIEFoveWiiPQJn4mgxWXyGKnHGTrx30NjL5bedntXiRG_JEbq1znu4G-XPEjyrlGmyoCpNHlgqVc-fasFDW7C_W9sAAN1c_8mqcNsiwOOQ3P4KpGNSR4FffBWoyDnQPlrik4C840RFWwaokA7D-ISSvP3THZ1HL5iZpetuppqftl1vBTjn9inZLkJK6ZWXlSMgznvpESgFlVKxu86czoCH3gWamvI5ZARM4Up6aUAmX2FWeTpzFSTWIrtXsv19J0sXlODFUoYBbI7-hi5NqZXFYK3Xw9ilmh1ZYTM8qftFI4UQyuCCC6_WyAfMLN9YwYII1kbrJSkJIFnCS_m6MWDmixpOfU-r-XISPcqyO4MbfUrPGcRdgc7qSiPjZ_uBGWr1q9ILeQ-LwH4vypnBhWWF1fHwPUVACrEj2vwhkliJjmSuxZC8OBChiCWmpg9txfV5HX4CnNaU7iCSpQY54iVInQP3Gsael1MLDKsUlyKN1B429RQiWZ7i_-WrN64M1zEOK4Y8Cx7SrS0O5cFhXK7Cfwj9g3jqnYTVr8SYylfbGesf3dF3ZJyM2vt5vAYT-cwFTSdm_q7QxlB9Ktu-CYiA-hB24FKo2_pgf7RV8XwDI4N_suVaITd30vZdCVLf3_Irj6DUwW3pvhEmczbSeGcUsGfO_Nmv2mH0tZFcbil4utF0yCRYv0z4zmlb0p8oIBxRapEO8-D7WEZKYQcM4bd8rYxvep3q8ZBn08IynRq3DpNNDS7IlzEcdPCXUV4DLG11vBR1c0bribIUD45PK9BD9WYFlbk8gFR5NqSiAD2lUWwY-ZZCXj4w_SbUvA2EFLkbY7aEzMOGTB3x7rPcSHDM9dXph_LioV2c7Jkxpqez4Bkbrdr-0YAJVoV1hm16RfEO9AWscGKzHA39vGzThX61oYqZIhJF_ULtbm5WSFEBdLzVxxixrCfJDn9ST3gHqQm5CbF99beZvTovlm25mKVO5nC46yUCc8Rto8_dn6kaFPk75dSn_KYBC0hGb7BLOK9dBU0swISntdymOHX1niwYY7Yzyyg7V7JpHJU2pyoop-RRtBf41PWydE8V9PFi_zfeMbVn1xD3118eYKccNC_mcs3jQmkfTS7jFxJq19HkUuNkldYAv7eqT46olZD9rhfS8V-LSDjS3-ZzoGPt6r8teV_LUClrhsIwS35LCFMy5etPF1u8zLP-CUuTv1XR065LQuqrX3hWapfV-P_vt2r2-b8PM-ecthi22IeUDdWX-OZPQxZ_A2yByJsQyOYKgV881_kaoKUH6yVoNt-VjGDFubb_KJFSLiILD-CQMLJvuEKbdwd8iUl_gAlVG6eOzxEwVEYRZAWwZurmRWmxtyJV1yLP8yO699iAAdowOPHRU9pMYK7TZCjx_aCatfvnUTFwLYKsqPEZxbnecynU5B0snvMDq2P_63blrQulE3lC8RHuhw-CmuQGRlwIz9UILrQFAFFN5zRJfZ5DnyH6FeTGsO7uTohtb8qK5GrFV629rE1auRuIDS0CPsb_WUEyLzu8fPxq6VyJPdvcqfwRalr2ps5BdT_IVZI2UdHopxFNya5Kgz9jBsAuUGDs4Oz_4MLIS32MOhxO0zgb4Tkr1gSRhpTCAQSTQDICaaNZ1_LAu5_j1OlE3AtyXt8ccC7Sg0kQookZtN4PcUyMWI_QP00FUfm1olmTfmluzuBMOAR2cuq7seq3ehThpTW0Rg0CekFrceQGAFgAQ&bundleId=&ias_xappb=

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.13.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f156.1e100.net

Software

cafe /

Resource Hash

1ebbbaaf938a76af2a7dff3db876c9e40e323b2ce1fcda6d96e991da068d39b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25525
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-C2MCOInJDTG4OPF_PtaTYuOecPWq41g0ilS9_W0wjFQUxFAgbIhr4N9eW6li8ZRj7WOrUOpPd9gqOwxmrzDcVb4tFRUPPHt2XTgAY0-oVc4ROrcaiJXE4PtbbtWiSU1IK6mIWlKBnWgxF2ato_N2z_tT52FDZXIYwiaJIfTW2x0qp2h_0SmRcAoCZ_4Ps8_kb0hZ31Zw33kpIVFaBpFtPi1yjYwHqoL5HJngAvvNh5lMOstYtkNTWvMnKh8Xrgv8Nn0_TnF4ClIcjAjVs4KGXaqAKgs9fmsBc-Ht4oEpaxjySu3DZoDfERzyKcffFqaxiuYg8hFOKnM9eWlT2CzEKOzV_1Zn2CxU0WhlUe3UEgEEPGkrwLPO3apBCp9QhPTWQiJDmH5FpUWgRZSJFLhAX2C1qAnjmSmF6KZncaOGKTV1JZFz5L_gp0r9oiOO7nXGYQ_Zo6WDRijYwbjHArT6DiGUery_e0mydzTHO24MFjrdIlTaikO9tT9K3s5Nc0b2bFJbfX0ABFxBcD5mvr7Dvu58izw72T2qLow6NH9dfaygMFT3qPLnxzkM4aaRZFQbFourtNfJIGYIquTDTXWDhmVwyU1JOejoyr3m4uL2yTlOm-jw45DzRvbtPjBTbWobUOHYNxV3HpuBPtvnGO-JzxCf0qQRjl8WOFUnXeMsebU0G3RJSo32ocwgwEyoPh61fGdKevNWdwzOW2jCUuTzyEggfRVh_iPmZHKFGBGdo6Oav_Dw78-KTM-8fsXURLGTPVhGI29dIgM4D55sFgJaJRdzomI7tjaVnt6X4HgF0dJLuuuetdELqEj3fJRCIBrRXbe228n-AdpQrY1I26v1UbldH-UMP4AFx_notaWQ_5IbbvRMAZzrp7vx4HB9c0Qg40-zgVPXQz7UQw5JUhytHIwO7tZzydGHxQvw-qjC5_TNOAmEnDwD77p0RzGP4us4FF_dHtAaiO8-l5ltDcvoxRKs_bApMmCHpUawLnTkzebcqOF9WAHs2LEVKZRuiRTRKiBeSarcJMWRoW_ayk7TUfzcW0ZhBRYhK2xI_1uvL8giis49O1tydL4HA3s3szY95_oAaaiEJ0l_f4j89ZgbzrwuOzUXwdHtmeVQddMW0iPO4R7f290Btl_wiOeaFvDdks4V_DHJY2yYrcfmEo-GIDNRcg5F-Z0Mo1aSdw7dvUMVpOQHOc17AHXc39Uni8hnj41db6JMaBPPJIorw0JJCk3UsctKU2YPMZXH7VSdiwAW7dhvjehyAuNBPN9Io1viISjWItaKXSmYLWnp6HNjjsO0D7eui5klP7TTiNPymj9r8i31-ucACqaJVbPPsh-5pGTIXy9AdJ6V8FTdBjhhtPVKomx4Knmkaz5JcT7UYa7Tg9GrkrfSRWWErSHaNnxc4QVj4YeV8j2em9gBIAWVSqN-0oVH9ry9kJSdsa5IpE7r7USK7SPMsOIi4qGVzytBanEJ5CFT8i3-xmwx4o9WK7WeU4GvD9j0jh6QAiy4Ls8rIeBRIQftEJvZfci5SKSPlYKXDRzA1qzSd1aO95ZeuICUL6Hz2aQPCQPQVfYdXLNOpDAQkKseTg7ciWXLLiH5oqPW0N38EUzgxN3_d_qyM4GLWC-rW-UZkIGkjhH9M2D6TNnxQyuC6HizBqihar5wvpcASnWtpQgL7Dgu0bAIOMIiCwH3RU3OnECKB8Ardp71C2XmmsRMxKgiko4OCVMOgbCXYeBKSQgCDcOCopLdVO2azqeZnVRE_ELwFzv-ZRxffWkcXwljwdDCkK_OVJnhZX4eRu47q16qGvKE2FCC2XKHCcdgsRqdfczqLkUUdnJr3lqNzFoyuJ_cGuiT4IkvAt1X9SVXVQX-1Om9V-mJu0k2ypdP1V4O2YJeGU_fqcKwUGwW0akE6r40epJ8jEGkJHv9ueUuNt6cwt_62nxnzEVgGcdeyk8YbRuppYhKndHZ4M2O1khBkqwY8ge5H6131o1LUF0VNszkB8zxjW_TXtUHC4I5tlk6wIDt1vwjInNksJ6hwV--EUvVD6ce_5fjzMOfDpui3Tx_i163KZk2BrZAgJN9M4l4W2MAqQ16mn13c_JIcXcXgi9as_Y4BnXSeeHSpydXYCNcTIUlQgBx7GXRJF8o_vGTFLLU6VQJjKD1ZhAFyIr0wAfM9EhWl-nIPvvoxOZ9oewRiAtW9WAKUJOdK_pICl2Pp0iaAU_S-yjkHg11JlE98KBkdyteDywy1CUyWceYW5exosHGX9VgcNOdWw2XwEjbIJECTQ4RgMPEdeV8VsrZMR5SgNA6alCJfU-PBJ9J_vXqQaf9xoRJhHtb4Pw-Hqfb9ftzgzlQwG1N449YwnluYa4pvWV9WWFt3DTry2Hz8uLaKngxaQ8Z3u3noALmyrWA9STAu6Kohxtb-tKRFy-NHOsRC5lx9KAVBFdr5RWlarJw__omr1BFa8X8MlSYAbWWSH8YKX4czbErEyvYdFkxUIoTpJvY0Px7YWRW02KeGF_c2b2t5pHjrdIEFoveWiiPQJn4mgxWXyGKnHGTrx30NjL5bedntXiRG_JEbq1znu4G-XPEjyrlGmyoCpNHlgqVc-fasFDW7C_W9sAAN1c_8mqcNsiwOOQ3P4KpGNSR4FffBWoyDnQPlrik4C840RFWwaokA7D-ISSvP3THZ1HL5iZpetuppqftl1vBTjn9inZLkJK6ZWXlSMgznvpESgFlVKxu86czoCH3gWamvI5ZARM4Up6aUAmX2FWeTpzFSTWIrtXsv19J0sXlODFUoYBbI7-hi5NqZXFYK3Xw9ilmh1ZYTM8qftFI4UQyuCCC6_WyAfMLN9YwYII1kbrJSkJIFnCS_m6MWDmixpOfU-r-XISPcqyO4MbfUrPGcRdgc7qSiPjZ_uBGWr1q9ILeQ-LwH4vypnBhWWF1fHwPUVACrEj2vwhkliJjmSuxZC8OBChiCWmpg9txfV5HX4CnNaU7iCSpQY54iVInQP3Gsael1MLDKsUlyKN1B429RQiWZ7i_-WrN64M1zEOK4Y8Cx7SrS0O5cFhXK7Cfwj9g3jqnYTVr8SYylfbGesf3dF3ZJyM2vt5vAYT-cwFTSdm_q7QxlB9Ktu-CYiA-hB24FKo2_pgf7RV8XwDI4N_suVaITd30vZdCVLf3_Irj6DUwW3pvhEmczbSeGcUsGfO_Nmv2mH0tZFcbil4utF0yCRYv0z4zmlb0p8oIBxRapEO8-D7WEZKYQcM4bd8rYxvep3q8ZBn08IynRq3DpNNDS7IlzEcdPCXUV4DLG11vBR1c0bribIUD45PK9BD9WYFlbk8gFR5NqSiAD2lUWwY-ZZCXj4w_SbUvA2EFLkbY7aEzMOGTB3x7rPcSHDM9dXph_LioV2c7Jkxpqez4Bkbrdr-0YAJVoV1hm16RfEO9AWscGKzHA39vGzThX61oYqZIhJF_ULtbm5WSFEBdLzVxxixrCfJDn9ST3gHqQm5CbF99beZvTovlm25mKVO5nC46yUCc8Rto8_dn6kaFPk75dSn_KYBC0hGb7BLOK9dBU0swISntdymOHX1niwYY7Yzyyg7V7JpHJU2pyoop-RRtBf41PWydE8V9PFi_zfeMbVn1xD3118eYKccNC_mcs3jQmkfTS7jFxJq19HkUuNkldYAv7eqT46olZD9rhfS8V-LSDjS3-ZzoGPt6r8teV_LUClrhsIwS35LCFMy5etPF1u8zLP-CUuTv1XR065LQuqrX3hWapfV-P_vt2r2-b8PM-ecthi22IeUDdWX-OZPQxZ_A2yByJsQyOYKgV881_kaoKUH6yVoNt-VjGDFubb_KJFSLiILD-CQMLJvuEKbdwd8iUl_gAlVG6eOzxEwVEYRZAWwZurmRWmxtyJV1yLP8yO699iAAdowOPHRU9pMYK7TZCjx_aCatfvnUTFwLYKsqPEZxbnecynU5B0snvMDq2P_63blrQulE3lC8RHuhw-CmuQGRlwIz9UILrQFAFFN5zRJfZ5DnyH6FeTGsO7uTohtb8qK5GrFV629rE1auRuIDS0CPsb_WUEyLzu8fPxq6VyJPdvcqfwRalr2ps5BdT_IVZI2UdHopxFNya5Kgz9jBsAuUGDs4Oz_4MLIS32MOhxO0zgb4Tkr1gSRhpTCAQSTQDICaaNZ1_LAu5_j1OlE3AtyXt8ccC7Sg0kQookZtN4PcUyMWI_QP00FUfm1olmTfmluzuBMOAR2cuq7seq3ehThpTW0Rg0CekFrceQGAFgAQ&bundleId=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 0459 91 KB
23 KB 51ms
7ms Script
application/javascript 2600:9000:223f:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3526960
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 6podt-SlIYxAZOt2qXBa50_h1aBLwKYB6bAKhV31t3IMT6niHRFAOQ==

GET
H2 200 css
fonts.googleapis.com/ Frame D100 2 KB
979 B 60ms
24ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6539183625060334138/8d07b282c8e661b71feb1e048005bbde.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd3fad3e15262b0e096e7d7cc57efd2e684a679ccacb704d94542ba3d7d93d17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 19:30:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 19:51:50 GMT

GET
H3 200 77e503fdd5608713dd6d5f54d6330658.png
s0.2mdn.net/sadbundle/6539183625060334138/media/ Frame D100 44 KB
44 KB 14ms
12ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6539183625060334138/media/77e503fdd5608713dd6d5f54d6330658.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6539183625060334138/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10ac3ab3158ad55cb0f47da3e7c7fe53572200eaeb67c6b7253f504d7dc2164c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6539183625060334138/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 12:13:08 GMT
x-content-type-options: nosniff
age: 373122
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44990
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 14:42:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 12:13:08 GMT

GET
H3 200 fb2405b160d35da2c54812c244ca11bc.svg
s0.2mdn.net/sadbundle/6539183625060334138/media/ Frame D100 7 KB
2 KB 12ms
11ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6539183625060334138/media/fb2405b160d35da2c54812c244ca11bc.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6539183625060334138/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ae0acf8f41b691001b7f1ab5413ddb845dc438f0edf7e354960a305f3f9d1bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6539183625060334138/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 17:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7906
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2357
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 14:42:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Oct 2024 17:40:04 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F510 43 B
215 B 614ms
174ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=60b9e6e3-faa3-dc15-fec4-813062a01490&tv=%7Bc:sEMpsN,pingTime:-3,time:64,type:v,im:%7BpBlk:55%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:65,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B57~0%5D,as:%5B57~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C17*.1520146-76103085%7C171%7C181%7C191%7C1a1,idMap:17*,rmeas:1,rend:0,renddet:IMG.us,siq:24%7D&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F510 43 B
215 B 610ms
173ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=60b9e6e3-faa3-dc15-fec4-813062a01490&tv=%7Bc:sEMpsP,pingTime:-6,time:66,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:66,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C17*.1520146-76103085%7C171%7C181%7C191%7C1a1,idMap:17*,rmeas:1,rend:0,renddet:IMG.us,siq:24%7D&tpiLookup=ao:www.eokultv.com&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK bridge3.599.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9732 753 KB
242 KB 27ms
13ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.599.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.eokultv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 379392
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Content-Length: 247375
Content-Type: text/html
Cross-Origin-Opener-Policy: same-origin; report-to="ads-doubleclick-instream-static"
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 27 Oct 2023 10:28:38 GMT
Expires: Sat, 26 Oct 2024 10:28:38 GMT
Last-Modified: Fri, 27 Oct 2023 06:13:31 GMT
Report-To: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Server: sffe
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Oct 2023 19:51:50 GMT

POST
H2 200 count
logger.virgul.com/ 0
116 B 290ms
47ms Ping
image/jpeg 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=infoLoad&g=m&r=npm_eokultv:::&o=0-100&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=10/31/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 19:51:50 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0980 40 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 18:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 31 Oct 2023 19:58:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F510 43 B
216 B 545ms
172ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=60b9e6e3-faa3-dc15-fec4-813062a01490&tv=%7Bc:sEMptU,pingTime:-2,time:133,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:482,beZ:483,mfA:486,cmA:488,inA:488,inZ:492,prA:492,prZ:498,si:506,poA:507,bl:537,poZ:537,cmZ:537,mfZ:537,loA:548,loZ:551,ltA:614,ltZ:614%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:133,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B125~0%5D,as:%5B125~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C17*.1520146-76103085%7C171%7C181%7C191%7C1a1,idMap:17*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:24,sinceFw:107,readyFired:false%7D&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D100 16 KB
16 KB 50ms
11ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:18:02 GMT
x-content-type-options: nosniff
age: 362028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 15:18:02 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
274 B 55ms
8ms Fetch
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

621fadf96b8d22253dee137fbd7b14cab527de410cb021797096d33dd5119bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: http://www.eokultv.com
date: Tue, 31 Oct 2023 19:51:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0040
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&C=1

43 B
734 B

25ms
24ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNXEpmMFjSWBwh3r2-r201i1zSXsoODvmhxc9Dh_M_7qMXa7odsffg_pvs-nBt2ciRi-iMkQj4nTx2viur_0og1WFQJIJwtGCjLmrgiOzOeXzEr4DYk6A9CH2kmKM4KXHNILXj6yvBoi1hO-croFDthHSjMe7b3uebgtduFLbDq5JdxM9qbxQsRdQ20UUBpMcoPq2KhC
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=No4Lz%2BiBZeB1M5Tw%2FcKLEduKf7IunbdIQ7EVsJdU3u1BSGXX5XJTEjooQXA3P%2BS2K6xc9kbP5nKEsFWNJDjpBOdEd72H31E%2Ba4QqZ50ld6k3alnentmaF2MW1IYXO6sL3Csreyq7WGZx1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81ee6f6dbf3065cf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKhnX3YkIttkWgsZnq8y0%2Ftmkd2Qd%2Bys8Ook6iJDFIodecjBJs8uKLumehIaKCZaGHh8wIrxWhrOdBTuNhzpVXdHTJERRjA4dV4439lPuNn4zefYDAdFzOaFvUTkIirgdOJsOu7A8C2%2FLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&C=1
cache-control: no-cache
cf-ray: 81ee6f5cae2218cb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0040
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUFa2Xbyc.w1FwSJqj8zrwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&google_hm=2

43 B
735 B

29ms
28ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNXEpmMFjSWBwh3r2-r201i1zSXsoODvmhxc9Dh_M_7qMXa7odsffg_pvs-nBt2ciRi-iMkQj4nTx2viur_0og1WFQJIJwtGCjLmrgiOzOeXzEr4DYk6A9CH2kmKM4KXHNILXj6yvBoi1hO-croFDthHSjMe7b3uebgtduFLbDq5JdxM9qbxQsRdQ20UUBpMcoPq2KhC
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zF6Y%2FoWwoGAmhAavZU2kW6BJhpkMV9tS23IRC0pk5VZFqFPge7bIGHZChQlghWvPmid3IXFiRpIQfIuF2LZKjpxX08ymZWhXkPcYbgOlBlF8B0d%2B%2Fq4rA8RwcRweDTLhw%2BZsfUzYVlLvjg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81ee6f6e1fac65cf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 0040
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH3RCBqN5_WgbNXsZyvxkYc&google_cver=1

43 B
843 B

9ms
9ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEH3RCBqN5_WgbNXsZyvxkYc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNXEpmMFjSWBwh3r2-r201i1zSXsoODvmhxc9Dh_M_7qMXa7odsffg_pvs-nBt2ciRi-iMkQj4nTx2viur_0og1WFQJIJwtGCjLmrgiOzOeXzEr4DYk6A9CH2kmKM4KXHNILXj6yvBoi1hO-croFDthHSjMe7b3uebgtduFLbDq5JdxM9qbxQsRdQ20UUBpMcoPq2KhC

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
an-x-request-uuid: a9312d48-5645-43f7-a6ee-faf06dfc029d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEH3RCBqN5_WgbNXsZyvxkYc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0040
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D

170 B
188 B

108ms
108ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
an-x-request-uuid: 4fb44847-8322-4073-8642-5922b2cf6518
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 05B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&C=1

43 B
729 B

26ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIL_ofABMAE&v=APEucNUDGYN9VbSAaPu-0TksqOD-tF6Ik1wHc709PB15x1L3E0AVRjG_XZSMMJ1YqmVxHMNM7F6Spf6lHCJPpntSJtoJyXyn1MCjf2evUYPq5MWmESq5Z40Mt8vf8f1SN_o0QIcN-Hx6bnSStPv5W3-MoUcaRxls48efZGQErzR1oDlYZB1LIYtJfOFVEeDRnPLt7mfZ7Gpr
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDu3ieWl2mOuMQXq6cALNw9w4igT6U2hQWgYLeSz01rpDbPDYc7mmkBYMqlnWDnxSgk3jV5IjEk7sSwEKlZyxyIRoTVyvomnSOrXjBKhsrzR29Az9CT2xlxn6iJulskmkh1rN%2BceZErT9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81ee6f6ddf5e65cf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6H7bcG8wskYNj0DIKA%2BSvBhS%2FhfCL8QW4RWuy6uTdAYTy%2FX2K5bpt0F4rmyzGdqa5g8xXr2FkmIOEkx8zuh9vlpQYePjGe%2FAMkhyW2UGH89xHEd%2BU83KQJKjXxgNwrj%2FdJpwc4TzVRg6Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&C=1
cache-control: no-cache
cf-ray: 81ee6f5cde4118cb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 05B2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUFa2Xbyc.w1FwSJqj8zrwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&google_hm=2

43 B
735 B

25ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIL_ofABMAE&v=APEucNUDGYN9VbSAaPu-0TksqOD-tF6Ik1wHc709PB15x1L3E0AVRjG_XZSMMJ1YqmVxHMNM7F6Spf6lHCJPpntSJtoJyXyn1MCjf2evUYPq5MWmESq5Z40Mt8vf8f1SN_o0QIcN-Hx6bnSStPv5W3-MoUcaRxls48efZGQErzR1oDlYZB1LIYtJfOFVEeDRnPLt7mfZ7Gpr
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qg5llsScDHrOos2c5NHcjdZTQoF4mGWUvbA4BRxweYRjhOUkQXluBqISZUGhlzp5XsQcTF3s9s3P4xw%2BwnMhypWQyyPK9wBAssyU0%2F4yTSCw%2FPdWbf0eVQzDemqJhAW36HDEwy%2BY3ssEBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81ee6f6e0f8365cf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo8AO6v5B2pY_VlG6qKguI&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 05B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH3RCBqN5_WgbNXsZyvxkYc&google_cver=1

43 B
843 B

10ms
9ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEH3RCBqN5_WgbNXsZyvxkYc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIL_ofABMAE&v=APEucNUDGYN9VbSAaPu-0TksqOD-tF6Ik1wHc709PB15x1L3E0AVRjG_XZSMMJ1YqmVxHMNM7F6Spf6lHCJPpntSJtoJyXyn1MCjf2evUYPq5MWmESq5Z40Mt8vf8f1SN_o0QIcN-Hx6bnSStPv5W3-MoUcaRxls48efZGQErzR1oDlYZB1LIYtJfOFVEeDRnPLt7mfZ7Gpr

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
an-x-request-uuid: b638a6ec-a743-40d8-9dbb-d1a5fdcac539
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEH3RCBqN5_WgbNXsZyvxkYc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 05B2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
an-x-request-uuid: 00d6e297-9efe-42e7-bad2-f4fdbe5a86b9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF16 0
20 B 49ms
48ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3203315920492&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF16 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3203315920492&version=m202309260101&ct=76&x=1&cor=1661149157785097700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BF16 106 KB
41 KB 64ms
62ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-aL75SuXb_ZSsdoOXyCDQ13DPDmnArr3XrJRLcBSgORtkbrUWZu9igwjkTn-X9nDFRUDMOgJCYWHjcIz2xSmevz3qmP2fxfWnuNpdbFZfUOh3u2FpRwsocFTxmbWwuvmmedHCf4h9nh5CbCOJSIAQVXNo38ZdPCJv2w9K5RjuP5VILB8&dbm_d=AKAmf-A5gyIT-zRbkI0wZHN6Z58VdQD7XTnvawYNmBxkEfSlhtoz8_wt3EWuUPY-zXprd8X0pa1e_MqotU3B1L0Kqqop6KZ3TB2f9m1pvGcivl_byquCIRG2XVyS17zAFDLtjKbsYQVVDRsO80oBQ8Jf9ZBIT1lkI04D-sMPbHFCaQnmX6ZLXMGB78JhurH3nJ2u-IWzJIDf5V_iJJYiMtrAQ0TcUcVOVgiMLXgmLJtPScDO1U7vRbQjvMOpuZsF3mJ9BHjSovomvGVw6SbM9Q_oFGgvqIvhGGj0UoQLleZSRbEAdzp2DaJEatUClnGOJbIwr01EIYLkMJg_ASilMBrzHOnROxKdJzX6UvVRAZbzeT91GkHRJMK6wA14AVqJOJCnzeQJ6Ri7_EbNZ3exCrAoty4lV2TThGU2bJS8_oK5b9m8eSrKmKpsP7xtDujquL_Ohrg0cEHS4xi6xVwH9sU7f9Gix0viUFVZpTuhnTRD6bHt2VL5Jf6yGe5UKQoz66XnJBo_hPmPRasuRPoTpYReFULhYiDVYIljPk7yOs0WFOKU2qC_wn_U7g4RWnWtJZrwL9Coty4xL07ml_-TyXLJ1JsnVK6UmT7Hh2zZjACtk34ob5jFlgJ6uIFi5OLehJAss6eOuNHcQCzOU_2RcbFfSql5qMoxEu-MZr7rIgQbScfRc3WidmSvRuQrovpyQCSZmCVE7fRMkxv_qFFoh7IC5nCwUyLV1gFaz3ydYak_6KJsD2vYbgb-QY9UCY7UEvPaqDGiPPnx3lQ9MZ5eqQEwKltcG6hxkm1MmsJusGJMxIvROnQNW-zN8Yen6bWMMZreTEa1wa9mlPZ1gCDd-0lLPRuvYGx_gZWvC2Xuhbg041kIV2jXi3ve4gyjOucmNz1tAnahaTofCQkQYS3OfiTqkCRIEdwSktjcKC20ATikou2BEX9OT7pAGXLXaSBMrs0WmULyRrd4VN0zXyz2iXaJXXBemtQ664eXGZ3drJi8BOmAk3iDB073DWL9yU14tEJOK9xDjrh7Pq-oRPLRD2VRQcKVO8wIJXCZ4F9lSuHhd9qWfHgnG_hJeZfYxnp3ZJm1VyeaSy25kHe-ul_I3mecmLN2tB4592Vur7qcvtBN5xkdiddo7B9qctYarlxMP7zDlAUKC4KnOnVJZVnyjZ2bYKMvBcDN5PKLT4d4eyxHLCz4wfZckbmltPuR0A9_z7SBIvQXd-dhr6NtolzOw5JSujJ5T7cVyytmfY_qjqgwhDdeuxHlX_O8sp0Nr5QlVKtcSyhFo0YwGRqu7msC-Njpn1-bzuHBv6gW96823QwdRPrAGRRckZgeyUiJydtfwAXyQz_3P3nc2irsXi8lNICDyiwpVHsuJ247TrJhSlFQrzW39gLLyPbWRu6T-UUHnGPevlQqZgrld3dleJLEQimltxga1emVmhTC8pCPh02j67_vpz04avlb1Qu9xnXThw5NF1QnBOlRPVwsQC_ikLgZZ9N8VgIjqttHwz84p6lTkfjrUhInrrRhTAJAnA8N7PabRuWMXbhCxgmKKq2o8CRuE_aklyOPttcFzmEzp9knuxNW2jLOfbe3US4Qa2GFSizbFZ7e64OlzxsNYw5cActysQFuR63uAVqs2VsV3vJkDn_kBqKdRBgrdzieWVLEGWTCz1Kjo554gBZ6V1o8Nwh_K_o4vh7gC0TQTOUiXJfTRiKGnR-XQR7BFBNhOJvMBBt8QAbnLDdEQoUGs7-1ZAHfxqcQKMo7gfA1xg60EKpSwNQo0H_xaZKRcSyNCrOCbRy4mewZDV6F5O8JAZCN1dPfz6w9HKJP4-1YWf9aGAHF0NqaHyOwHERVIgeXvJ9Z8sYYGza91WGgErif8wSssuloxXYYeTdx3djjL1Scq_ElL6sbaMm5UZ_rTs4YvFycdCRujKnNwtqrmS1RLdrNQB9UzG7DhGEJY3aTa8tPtLtXv5kDJ9O71vHPegBHZ_lNp1I7QqhTCOW00IAN3CHpT0Id0TS8sjVgtYTTeCPht6FTWpkaskFzb0hjTZtMPQIo4JZBClb7aBjRIljlQ7cK7kYu1uy-IAqgiCrEgHW0bpRLSjo8wWwSTWsHKVbkl7UyXNT7Zz6YUyq6xT2Dmo4eHNpbb5lNrrpQ_AXgjumkZvLqtLU2cHcgDk8jaJB8rkxyjxL0B7vUEKBUcrFxGv9moQIEWYZVy8IJgP0qLcbpLNxxwn1PK2-IKaOLeWbuU9a4KE4omvXTgOZOJ2CptJk4uovrLEA7fCeDFZa-hutrkLKVuQYsg44_pSfiZ4pNciIOXgaN_eB-g3PJulwwN-KWsaFqpFtK1yjs27kw5l_XCytwlNUYsCWnqY6ww7LB_FW78uuOMmT3QMEkYBAG-piZFxQIdg6V4M7ilCp8XmqC2TFLONqfkPtMHx7PbbkczCG6GqOSebp5tmbiV51OPEHJis2GRdSh8bRL75zL7nkJ9jFu0Waqnw9WqQjhS94xDKcmxkE4WJKwRhJfDDAKvPx40Tqqaoab7rc8KR3ooN7QdaJhMBeauMKzdDVvPRvpYiDsYd8UsKh0Xj3ItIlhaGrtfd2V4_8gLRW6Ui3SeGS9hy8AHBBjhMvTRlxAEpyUihMbNFSF1OgMwJ6E8rTxixEWDjDYLmhs12MCnv1VU07CQHM2NG3djv_4JonzmMZrOqTQ9uMoWM0lwIBmwwEqu99YTIP_xJGoZfvK9MK2B5zTDeDPSLlNh3A3LB550daysSy1c7re4wvcFBRR7DjFCECQPq70Je1nx0QKfk4AZRcCagGbKa-KYBn5D0MicU13q9sL1KgZQQt0sP43UtrRZ3g0BPo0TcOf49l8k2nPL3dSt3rpLuCLNhB5X2spT_PuUfGcWEWQdVewxmwlsfxYHtOM6IicdSUlNONY1UlgGxpqth8sDmBd04HHXc5zeATVhx86LW_0FlplI2mCQvAiLdKjfp7zRLS16mUoR-gCxZcdCL-nZdckOw28quI4jlIGh1VusRTiuRTTMRQDq-AJDMAf1FYPwt2xr31XOTWPZuiGxG1qu6W2xEnzpq4zjIiHyb_36x9m-QhOCb8fgXGOxQDJM93eEjjYL6AU-LsnFyaBzl3bSXD-_XijZdldrE6Yqxm9S2ll4hCUmZX600SU-N-CNZsB8w38bkp_CYWCWAT5kzD2RBnyYRHKK0lIOqXSaE5R2Nga3xTIZtqtogzjpu-C0zvOo6aFmkpDcNVKOudikW9GnZZ8eCEp-aVpj8MhZVoMAeD2Q5M7inyGEvS1ytgoV9M35pOdUsA7TdLSuSC6hBFoNhhiSLp9AGZH4lW5NwJljJO8H9_XuGuvu0M3-MwoU7ubbC69Pd3hVlYW6H5kfzugh924xxOtldhlx6IbAPF8TV_lJDbgbUa0rKOuIv0EiyYUiFYnfYFs5kvLDsaXNZ8qv-fHLUZhs941tSB8ajtuAWI_NGKIJZegZS6N4qurLETUUK8wED3GMvQxd-UHTbulOWe3pdFEfllHFOtbgG_ylJuQywih3i0VITbjGmQ64E5MafMyKWR-qCtfu_Z2DvlAaOM-7mg4Rd_S5V-P0lyE-aOKEVI1XS6qPgaGCfoFW1t2o97jKR0kk_TVLtFDP5ecpJVGhBTqqocldEMQO5TwInRBtVJX7PFNX1aQRwjVesiAPBlxp7cueaCA86L3nztLDtYeBHPeoEx16aNOGLdr1ZKEKmHIA4Vh_iGHkIQT2OtfU4CGP_gLDyCmxOIgBDejSNqXlsRTQusXb-clAeFwGuulp4T7PKJQ-2MHUbggmRZKDPiu1SnRlYU5ylL7VBgduivC7pSrnt9xQpBlC4ZkmEht0sEZxMN_a-ptJW54dTygbdxiqy0Tsg&cid=CAQSTgDICaaNYKSjuRjgyBDdJ7B4xJkeGDcEqDRw53Qaf1_BcwWdWlsT0LRehYhFo6lenDUp4V5JCJTpo87xPc3uIe5OQ1-rFrKaAMfIZE8-2xgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.eokultv.com%2F&ds=l&xdt=1&iif=1&cor=1661149157785097700&adk=3944675600&idt=89&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa88fb45e4a1909e20eb95f45f13646dba017d0463edc0a10764b3b307e9373f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42025
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B83 0
20 B 43ms
42ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4943375442886&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B83 0
20 B 43ms
43ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4943375442886&version=m202309260101&ct=76&x=1&cor=18252408594768163000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4B83 16 KB
12 KB 59ms
51ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BiaB46IBw1hC6fbpc2s3GeWGbHb3iyeQPTkkd4gU-qpYu4oSwLKdd3wvP8gBRF0FR8VNFUL1lLEOK1mEwewio1PJP33dy4Bu0l-CL67bCn0en7fc4J1Cp0el2pJ_Gal3De073zPHK1HnptxX1aAbpXWQsvuywAypvxYfPFuDTZKeajyEA&cry=1&dbm_d=AKAmf-AxVYJX4I5VcVSs_yl54mnGUJ3PlSZ5KUvoRX-8G3xXSRzRjIdad00xDNmb6eZcQ2Isd--lTujkoy38HJNWwNzh7GMEtMp47bxtnfVkauIAHuFtNrZJjq3p0yyFHGgRTG1xZ-tHbzforCx38r4KbOGpeRi43Dx94tLKfRuQGcRvdmANevAiZQNUkkE-FYP_2K96gKAsckx2Ip-_XLMiUfHJLT-e0QI4ibcfGsqBhWuapZ969ldJROu564uSN1cItrklyG9iH_TQvserElYGnBi1L6OTVDm4r8yQSY4e95b-3m26LO0ewLwxuTix1SWKRu02N1M7Xr6AF_ZZ-lUO4x23c0rh6Tpn_rAaD9SgibETRRgOTuETTdkcUukFH76LCTQvaY_FaeLcLVfzbXKgXD-_LCkCjmxw0FdN6bHgUEEL8xU33cDNc1wchEiVyQ5qFWig03DZmIGJ0Y3IYeGsYgKePU4-KFRhUK17OM-g23qT8xCUKd1hqgvrQXTu6XQR6elLAVpeUFCmOU_9K3jt3Rwl3bOfkxVb_DUdjT4sDR_7iHOIVmlOi2h2KtZRb5CELjowcxn4yzw7ggdxCrC5hQVxoT3zqeaTSdTKzjtztBD7x5ya3HEZRhrbMw39QWob2afrOxFtryXLNmvV6OHws_E-l18WvZBGGp4YZGe9nxPZFYvl7Ne64zlqwC-_Hv0_pB05SRdZ3wcLsaIsaf_6xmDKXQdg9urX2n70zSWaOYyiR5i508gT0Y-Bq6O-BvlFfkw5b9mNJU5IrSv3yBTThUBNCxeevzVkw3htq1Djb-14kEO8ueRDsHz0hhUQfgTfj0m8APiZ7eX7u8_eNiOoEIAhEebfyV8K5A4dvnk1Ug6NEw82oLT7ravtBS1loD5XLNPAl26AWB1ooDnstdglalUvB4CVZ9Fn3I5KTOhcZnnEbnLxpbwMFHkwxSPNbp9Ns_Vkj2xAEkhrLCeotdlxH_ladW1yRm5InCxdIddmn411qCYwxTgtwuzJhS5MevmphqwMMlIhX9YmNXdqhRlimY3EqomyYDiD9sxJT-T67PG0n9V4i4D3A8QKqQ5SvqTUsTLBah54bW8pLt8zUisjR8-ve2ll1hzcEqU2gGrKoMV-ArbJx5FKrwXBisJEAiWwmsUNmgz5rlCiPRgdPxqK9owRjEJ63rLGfihcExvc4HbJHLM1i9hVxqFPN5xk3s_CT4lVBNWJN7eYOTY-JVjUD-PcQt5wdzMJp95CawiB07A7j_qmoix48jktaFVpQ7ztnjZ7s7PyT2E0T5tBptG5-ugIDAI3H-2igPcnw4ETqBvy6h_3r8tQgYj2LcEdTnvjyNgHZEoSMtYjpfomTKXJLvNMCSsBwC0fWoUFCZA9Id8557sr9haeG7nqcihVXtFZ4Oo4qYM6QhIWdx3LuMInSgAIGprqmKVTChAWsb27fxlHRg9St1g2N3FFvMjaL8Ng4TKGgfjYo4aPKLCRg63vZWNQFW0HOkFfcmwzUarNZgQntkaDjPp3wGAutdD_Eo6z9AWWCd44lpbBy44yLbREnKM3vsqXZRGYLeTYiBcd2-MOFqRzVtOrlGD65I7eLlBYEkKB0es__HEP5gzyEgNARg28LutTuXTvDyVdmqlqFa0kNfxybGLlXAmiv623x1h6X9S15bOTLY7HxnfvksMNdh5KH6Enh_hMFeBOn2TXsx-T4dz9fdwz4u--IgOSg0M40V-8OPEVgz5TC7GWz0Bd7fNuP9UIq6dk0VeVgBCkY6jjSlhrY9nEWfWgvwtlJ8zIHpWdcUrju_X-Tm5o9h3WQCAPN6edAcxRGwUtLpEP4g4Ny4A6KaNHG-aQi2LhJ1tPbQVgZSTpijhO-5SC_5dazGn0mdSL6YtMqdwX-c1H9H-KhYtgtdBs4xd1ACKtwNsl4fo_eRUkPIb86R55zLx23rXv_I4seOe8nUDKGLtXehteOy07bo3aiGL32jqsWRivnzWCm3rgSVRPD_p86IEUz52kNM5xtSIHh_dZGPplqKNUDRBuQtibEl79KC37Kt-XKVx0dTMi2wfgEDvEq2gDIuHF3f4AXE8Wm9PQxa5KY1tKOAI80HFCu938fyadVRwtU9cMOD58uSf4QekZK1GCGf2pSwTC3s9TJyBOcfpRKpo8Tu_8RNG2qs12cmGGVzSDmJ9Ccj4GHkc5tLAlkwFZnVXQVuBXdR3uY6GHo58NPu4ShxxfMgLzbC9rkkLpqH8L2rcI53Q5xiGNW_4EBixHc6BNsOjYA4aORgyeODz3mtLnswxzB4cUbzG5YaZYOTkT02DtJdOBm7NCiomC-KF9OYZLgjgKS-evp1x2QCSa7SVMRojKt-KiiJQ3xovu1PHk7yEIo8BfpLyw4HZdnUou-Vw8P3TuXNykKSRDhk1Ke3q4aKpJkRxX5aNxHmKCUbUVaadvOPsy7ixSd03CfQFYeVvzC0BRo2-KRW8zyQkCo_7GX3miWeMZmMyyaimIdh2pvqUVPS18L18udFbHC_uI6Cn392ixUhFJuVYohDfyMLTJ5NXkQNHrlca5Lq47knnn5d7ECj15chLmhoSGiZVx5wvOI2oBuUlcDoyv1xtDkImJTQP4QvRGQXoxsbwAgLHgiprG3L-OfpVasElXetgJ_zIV3VfkCIYFrAooIONoWvrKoTVcbjvl07U9qY6SxbdFEaeR_oUzNpH0he0xxgnLwBKMs0X9vTN4BCBWoU-JRdCWXL5WtamlKWenSdcuEhnpIZcxuH4oGtYWKnKTN4rn45MtndTYtBQRVyhI090Kj6unKvAo5cQTsg4Oo-hbCvdK-KUdE_68ODjh3Yf9nMZ6RDlH94wR8G-UP3woeeYbRLOdTDbh3OEN_ccCwpaIAGM3dvw1MDp0Sn5DKTMAiiSSe79m8LuvAixWcBJx6MvdTY01PL1W7PM5SrM0f5HEVqUW5QDFSJMPmU-_F-kUsKlxDeAu_cJZQl8MNwreG2iJsuMl4qyJ7OuJb537NPF2y7KxPp03E4L61CJy-VsRwr85EnDR7DexGVsBn8I4zFwrhsTDkWrcupickmUZSMXeyKuf2-xbl6hg1Zz8AdI0j1WRr4NHNkW54VU-yxSUHxup1UyLJrVuaqDekMTmdyRL2TBjqn8JFC711kSMNfopvPU_K0_zuAm8eIxRk6JfLVBJpB2dYuxF_sY&cid=CAQSTgDICaaNhIFiVk-mrta-r1CQnDdclykiF6fM6tJ5SVceA_GBKrws04oVBPG23-saxT3eEE5aVbugb_-Uxl5UiYbFRRBsKP8jp062Q-RfiBgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.eokultv.com%2F&ds=l&xdt=1&iif=1&cor=18252408594768163000&adk=2086295851&idt=65&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c69c12b36d4fc58355ca5b50ca6960588bd1928ca79067d7529c6e9d0192a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12361
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634098/ Frame E74A 253 KB
76 KB 42ms
37ms Script
application/javascript 54.170.148.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634098/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=20343398390&bidurl=http://www.eokultv.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g16MuGp_Acvq4YGgD5-Yvd
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.148.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-148-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9150ae79267803d858ea9d801ab8ad2d5a0a018ea978917cf11c5c10aefa58e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame E74A 111 KB
39 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Origin: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 02:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62968
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Nov 2023 02:22:22 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame E74A 11 KB
4 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhTodNZsWFU3i8N65lHSG3-Q6md0nKn7TuyJFowjkwm43pTl5aUVYSqmL5Jun22MdH6f2t7ni4XUdO4FR5p-K44H6b-k6mkXLoGGibeViUoWuZUDZiwwmMF6f3Sl6iL_gM1H4UZ1zNNWCdvxQerSImVu8Ltn4rcwdgDTEPqp0htXzysaM&dbm_d=AKAmf-C3ECJVt--GBrdLuSdcUcXwTbJQVpSazzvOsbgFezl0e720gBHsn-JhJOXJZ2Wa2OhhMg-be0b6_MT-UU3tUo94WNOZgqyH41INUK93JBQVi3ggngP7kjyuk8NuuO4ulLmNbep2xanKh9gwhviy2e_q6C7UjI8xM6UJt1QDOo8J4RpchtN0oXXMEjR9fa0hSdYdI31PvrXhLHQZJpNK8HuPG6GMbGNYJM5z1WgcTl8UXx9F6XuK4yzVArQiQd6g2K8TiWqPaiZar4qOErvP6HVAjxWEUvhhY2lq1QNA6yxVHJXa6z370Oq2mAyBdhDXZzS_9QpgQZq6sOtLPSCR9LOP-T-FpJEWwvyuEbH2bKBQK9_PmY6FboPORC-4QKXpylaCT5kjdk5x6XwNjEeX8Nlv2cAOObsZ8tlYqCP0N-EhdRF_XwM2pqswvE0GJwX-XNYltoEWOyERUUNVraxVlB-iFw0QvbQlr7wxcSiioLvzVhK0hVbJKNPIws4G74Fohd-xSDLyxPleXxDuL8vSvTyDE1BcM8qtK2iqv36aENFZ02bB9uMJiVzRq0H4NZocDFJtTl4-dl3g9RRBYdqUq6WiPLkGhayKDrrqiqchPnLX8Hefhu7G0ye9kcWAez6I56B5dX62f1S2vSrAM8RWuI47DkerN_gwRMUIcglwzxs_mFBYq66Qx6eS5_RXXBX-nJbs4AFZjyywnPpy-R20ZeOru96koeGcZAcx3IR7mJKej9T--TgAHOCjtPbF1RwObpMiXEcgxUX5U-cMcHtqumplFvqXvVC_PsI2ltHDg1gP94nEuHpE40I_wC7u10OKScia9T2qrdrtucKkroQlYGgmg9cCdjoGVBAoPboXP2JBQe9YlIHw19onp5I_wY9gYbvSNiIokm1b_71k6MxKk0wL6Ls20EidIkBpNB1HH1JjBwYeKzKjU-XJymfDfTywVNqL0YnG0KBcqKzC-Mf_jWeVQgezrN_clUEJ3iigcCGvhgQ68Z2vf5GzUicDl6tnPWLFTKDHMoImh89kZNo6XJ5ZyKAE6z2jGYv5EsBroHCXtzn1SB2W27HBoP0P-0b-fxUYJMbIdJHiWQ42o6PMzBdFVo_ZDudvhsx-17NWWqGiE-GQ7flz9DCPn4tIEvSLXZDhTY9HJsWr3EvTA9cbPUsTqXWXNa1giPubM-zZgjrWkVMbu9vtEnsGju6VvYvCmKH5lP-BhDzaZGSI2YSm95NEDtLe72I9mfmvEw-tkD91c50qsfyvByX-8806zOpYGayylhjFoqWtXH8uh1xnhqjyuA_uXsQB28IpMgNsu5BlJ1vm8OelhpAHSzmR3-coExGNeQ85dkiPVi9kDOpQjgEM59SKWxSlfCJ1Qce-zqcUsUs5jtCnPD1hc9KwOgvbpCsZKeQmYwU5rRO7UqsdPnJCoYYdlNmZ7ZnjcgemThmGgckfW8f0pTRvVVYTV0Oh87qOuNr5pAByCbIhcB4LAOUsQ7FGG2EWxukwydLVWgPZjuMY4m7P4gIDUjndW9IIooc11q2AX_UZs83XNjHknV1HbuFcTl8MAeN5sTxdrloKeLqNFgkms-nLCMeiyHu9P7hvPXP0vUpZc5Y2Bnm_VDLEwP4drjQGkbXFEwDzRQLUpGtEJYbeK1VHUend-wx3OTz-9c1-dbHPe6Adgb4rMyX1sJCGnrPcLoSqkt0NHpH8wpiS4zUhxMCIc-5id9vmARgQfQy4sLUgcsKwBqJ_uILWh1kC_jPmK1nEc2F-1uef2OkEV0qYScNhP1mfK_mIu70CvhUtNQ_cm6ApW2W1SoXPInWWHUlg1gk_u4R_c3Ud6mX_EIJ6r61NZIUWG0VBIZHrYR0OmSe8tTQen-6qRa5qR-znRuwrYkdGr4R6T10JjlM8O4A02eSkyD6Je__B4fdIHTEGZZUQnBYXriCBSX116hvmObXsTfhj-IeHAd25dgjYUpJRXRjqgdj11K8ZG2L-qlVMIZ3jm07Dzk0lXGA6XxX8tr2XRVwFsUD9ijJZFaDIIhd4QaE461Tz010BPHe94Vuez-u9b5l5K0M05yuRAHNAgKNsBGVbyyl3eUJqgkjqOzECBtaW0pDCeigJyssn9LrXecnIyrbHVSXVHcbrYOLHlCjJBFG7AVJEhKAsJft2n4TJ6j2DW0FLbqI2I9j8j15OMOZPXCYUnPxAstuFht9vONTLLyGVkAgx4zBlbSVlzVMF3dMa2Uj8_LG02EJ6RKZ68chSmHMVnOZTS-vnwAqPy_VBX7mL9MyjJwQzC0oxBYPniE2kvOFKcT4k9USb25IZRGiEyxZoWi5C_nn26lpcJfWC-6DodrAvyFXPNHH14gTXQvYGthFCfxv_mIlKhqTuhM_wQyjTr6INMRd0jkXGqP3N0iOOOrSmJRyp2ctLYTFR7UVuT2m_WSRvHk33yNROT_Awc6CmdCYc96IWaUO6mOWn3DH8DAxPVCQr6BgmEdjjITY-fw4MJtv_VwOQBhzycc-qSQcnI2N0aKgCm9j8UnJdVVJjNK9PvG-5pGv9UnzJCLOsHP3lX9mpaBMD75UR5dk3NprfMQ8zwq1aeOhO8Vqxq5TgcxYS9WQMYo7SJilrmaSMKw455UsC5zBGdI_OE_hwkV0c7SbavT6Q_Vl5U7ZBi3vCNQZM53jEh7e7Fzd23hL0EI9ycUt3AKBqL1pVDIpV3SYCKEfE8laCRUoVptyGo6uqCo5zM3JlFBnzwgBQHfH-K7Wna8p4Mm4tAMq4-FwDg8ld5IWBpVcvN7E4LGss93yrcML4yCFJLUUAb0esnROUC9w0ma0sPURd-Hdj_p0g8QzyNZ8QTPKPhTIFLWlI07XDlKhsiRP4efc0syF_1mpD556GeCyeQJtHbCawNqq4jI_sATwbbziJrbje91Nf5Y1XEmz6Y7cpfFyPVNP4rVe2u1BLyt_l6dQu3S_30Sf7EVnjqG0eTW3ZdM03b5BNmyy3lL2xB2yiW9rXAlbyIL1HqwQZekQXwDUFdBDz9HefuAES6_8p3MtWoI56X0cMiaAz0d_T8hC9wrIUOAphBMI0nYs--85s2lptacKFVf5GESPmPqNj9ROKwwjhf7XBPlFr2Ml0Ws6L1IgDa6vA7CGblViaLX-sYGVWTn6OByF6LLBP10u1GgZ4jVsqMl_tU9BGlzrexcpuTP77NLrYTt84MkJ1eWxRD9ZWjD2-k84MAUnTN2ZAPosJ3FunungRPj8G7xmeNG-XTV7uval_QZoasf3smChmHvYuxjsolRJDyC9z1FYUhjMcMkkGCGqEhHHjc20TI9KFhgk0Ly9QxoJjOVnQ1_ma6vYdhY3fpzZ3OOb-p-ypksslXoIryW4X4GlaCjwXq7buF73HOCJ5VJ_59jANSH2-PtY9jFYtUHJad6Qi97PvZKLYe4ABjRTDBOt00O73X__SJL4nSpFXMaeAERs1Ezpspb4kzVualdrZbgttVb76BKlOP3SsvCMWZBlEXeABq3ebWPcqm46z7EixmNjd3agy7RBhetJWP1j7Z68EO2RynX1TwpDlzFaQk3srMeH2ktBzv1V-wr7DrK2lHoifoaC9SdjsDtmfQjR97zZNszzZlGvjujbeEUQw_2lMRWLCJkDD_3zGvkKJwTS9gROUUlHDVDcEkvFUpsnjIOcvC7BzOsVTkm2mJxqRQzQlr4gRH6uFeX0pY3Enj0r6UPTJV2j3o8C-G10axJoliPQbUkofJi9HfVaCrJUnRZr0EDFmQMyg-M7veEx9qQfhyQspNrJ9qjlcxFis&cid=CAQSTgDICaaNMY8mk1HnJfo1cxRrHpRivc0B0oQaRaw-LoonrrquM9zOFhW2OFq1fwbmolazIMIlJTxx4VhmZVXr47IZXpXyteZW9DddllR4AhgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.eokultv.com%2F&ds=l&xdt=1&iif=1&cor=10065548702176176000&adk=2857193498&idt=144&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:21:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame E74A 30 KB
11 KB 19ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:20:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11597
x-xss-protection: 0
server: cafe
etag: 8023538936332676572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:20:57 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E74A 41 KB
14 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 365631
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 14:17:59 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A3ED 0
0 48ms
46ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssz0FHGdai9PAbI-Yp07JHVBCbgXkjlOfWKbX1XT30rdTDgkMJ28Av64ewuWcH6O-aOwqx7m5ZoX6hn4TSXw7LVzUi2QAy81Ah_oWMRhJHcbNvmR81o2Y-zruURznNegjgdUaFZTGQjFEXzf2YDHDTHaY331kK4sZlDWKDcJIMwUN5a9favPcRPFwJV-htouz9J9KAIup6TOE2ajjhc84gB2Xc2LFKPC4HxTar2YpTtcVmvdmNKghOLGwoP5Fj4clNBM_mYbFFKKpyhm3nVoi6vHvVZFwWeFQo1tTIPJ0P9LNBN-sSD_BOgcF--tKolp_sW1pA5pV_oq-PetvlNIHKq2HiRZXQZYTo8qxT-230qFLrok_-qBXtr1LZPWK9CoAZyLvUj1smmtLxfqL9We-eJnR6DpdFpz5zDKeJ6ZztFiDIwXTKSl2hlsOAgQUb2cJrhfsFHCd8gBh-zV6bWwetfQabR0pIdr7f83blbPbgkGvCt0IWK8k5S0moQQMsaSaIyZukj1Ql9c0zNsbCLhRxPTRXIke4M3_c9AKBnvOeIdQGjsyMUDGmYz3vSmTMKFTm_bP629Z9v7bT4xZqnT95AiFqkPBmARPGDSjdxZQdQm8jXV9N9-8q7NVHKgMtnlgDB9NKlghn8LLARMwbbLzjOf6ooKkc59QhEONmBNFr4PGFP3uKKiAZjrsN3ZcpchSw1a5iu1h885mVQd3C8mHOsa-1CgMnFyDYIOY-FEE4w9BsUKabwIOrSsqGgNBrj9G3lDorKztDiya0Iuky2qTMQ2fA0xayDxpjPfqiE9rvmM8HVgMNIws8yD44FSvMixqXS92XxmV5cUJjM-ggLfiGiHBpVRUjB9-wCUtqgp1ol2DDBO7_66Xxwvv7xpt1EVQZEYpkWqN3qt3O9QHlfYKGyd8NOs81hGK0tB47NbTnNsufoOmDVUTVeUeNAIa_VQRAqJ6aq6syklPBQ5KsBT4aDwaKnPipNmoOKPLed6ZrD_1uj--SJWayZleSnr-l6JrFnOvv_23tJZazT0U4_gJNE950cCixblHSWAWx73LwaDkfQeE8_LUZjEbxi0RwILyhxudsW59oIKSqdWBgdX_TTy0xAkG55LEQEMS96U5rHsewNqDWTu5gHQ91wdHj5NFerdrd0Ba9l39Y7TtVtoJ4V6364vDuKWYkwiuJUFs6ibi_efkKAo8EdgpsmJuQABjkNevAQ7wZXBSAwfS5c963iXUiiKhPJbhTXsFAc9Yd1tcpbNP-sdVZXSlz1jBfKYl4yGc3Azx2V&sai=AMfl-YR-94YHARILpNmYpPdf8d47ZGSzIFFAHfBbwKDUslw5zk0K6MQyGyFidh5WfYUJMIXSa4g6dDrQVazLoRasEIWsc7hAJXiSJZL7k3hBZrf_JK0AkAxN2KQ9vDXju4NtYvsKufbCZKtgP6Iiv53yqlMVKmSmRj0XothLaiZ-uoDCJs5sL3Lh43QG_qov711tePTjSsKs82vAqLnS4e5EAh06VqSqHwVuTJkvmCO4LRY_HNTxb2pZ4EyjgynUpFQtz54Q2Ql6FGy4nfTlr8_9hVxozYLInHkV5usvvwuDNCBWABnPM6jvrS2bSogdZGWDdDxuIyb0k4s6cPs6-c08yLSHl_AjaFCQe3fiCHZTWw63LaR4Cpbd0epqFWZt5wQiGucNh2yNEcYVV5UeWPXxaIe62aF9R3YDSXIPJMD0l0pRYJth0a5t&sig=Cg0ArKJSzBEkqhtls7cyEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=899&vt=11&dtpt=595&dett=3&cstd=299&cisv=r20231026.21287&arae=0&ftch=1&adurl=

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E654 38 KB
13 KB 9ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 365609
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 14:18:21 GMT
expires: Sat, 26 Oct 2024 14:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 count
logger.virgul.com/ 0
116 B 45ms
43ms Ping
image/jpeg 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adDataLoad&g=m&r=npm_eokultv:preroll:100&o=&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=10/31/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 19:51:50 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
DATA 200
OK truncated
/ 1016 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6823cdc5c5bc297bd4ac06187687fecb2a5c110658ebd5efba820132571fe6a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 zoneview
ng.virgul.com/ 0
213 B 48ms
47ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1698781910675&v=http%3A%2F%2Fwww.eokultv.com%2F%26vi%3D10734210%40&r=153624:eokultv&userId=vnet5549f2a3-c772-44a3-858e-70dddb77fd4a&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1&info=&ref=&rdmt=0.8136350754052937
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: http://www.eokultv.com
date: Tue, 31 Oct 2023 19:51:50 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E5EF 1 KB
646 B 8ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Wed, 01 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E74A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c33f22f397149b0097f3abb97f2b25933fa10bfbdcc935f8b3654940b0743595

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ 6 KB
753 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

466798fae129eb3899a28dc6cd8aaab04bfbad6e4a9f51d598a225041ea64165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 19:22:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 19:51:50 GMT

GET
H3 200 fb2405b160d35da2c54812c244ca11bc.svg
s0.2mdn.net/sadbundle/6539183625060334138/media/ Frame D100 7 KB
2 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6539183625060334138/media/fb2405b160d35da2c54812c244ca11bc.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6539183625060334138/8d07b282c8e661b71feb1e048005bbde.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ae0acf8f41b691001b7f1ab5413ddb845dc438f0edf7e354960a305f3f9d1bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6539183625060334138/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 17:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7906
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2357
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 14:42:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Oct 2024 17:40:04 GMT

GET
H2 200 5fe2f0cde4b0b8eb9e6627b3
ng2.virgul.com/tck/imp/ 0
213 B 45ms
45ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5fe2f0cde4b0b8eb9e6627b3?g=1&t=gb&r=153632@site_geneli@eokultv:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1&info=&mt=1698781908592&userId=vnet5549f2a3-c772-44a3-858e-70dddb77fd4a
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: http://www.eokultv.com
date: Tue, 31 Oct 2023 19:51:50 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

POST
H2 200 count
logger.virgul.com/ 0
116 B 46ms
45ms Ping
image/jpeg 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=alive&g=h&r=&o=npm_eokultv::25:::vnet5549f2a3-c772-44a3-858e-70dddb77fd4a&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=10/31/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 19:51:50 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 200 count
logger.virgul.com/ 0
116 B 46ms
45ms Ping
image/jpeg 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=alive&g=h&r=&o=npm_eokultv::50:::vnet5549f2a3-c772-44a3-858e-70dddb77fd4a&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=10/31/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 19:51:50 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 200 count
logger.virgul.com/ 0
116 B 46ms
46ms Ping
image/jpeg 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=alive&g=h&r=&o=npm_eokultv::75:::vnet5549f2a3-c772-44a3-858e-70dddb77fd4a&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=10/31/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 19:51:50 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
H2 206 10734210-270_1-72k.mp4
istr-n2.nktcdn.com/data/videos/10734/ 975 KB
0 218ms
52ms Media
video/mp4 185.7.176.202
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://istr-n2.nktcdn.com/data/videos/10734/10734210-270_1-72k.mp4?token=AyH2k7NVYUgYdXJ0xMLM7w&ts=2032013538
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.202 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash

Request headers

Referer: http://www.eokultv.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Range: bytes=0-

Response headers

access-control-allow-origin: *
Content-Range: bytes 0-1676530/1676531
date: Tue, 31 Oct 2023 19:51:50 GMT
last-modified: Mon, 19 Dec 2022 07:00:08 GMT
server: openresty/1.15.8.3
Content-Length: 1676531
content-type: video/mp4

GET
H3 200 77e503fdd5608713dd6d5f54d6330658.png
s0.2mdn.net/sadbundle/6539183625060334138/media/ Frame D100 44 KB
44 KB 7ms
7ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6539183625060334138/media/77e503fdd5608713dd6d5f54d6330658.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10ac3ab3158ad55cb0f47da3e7c7fe53572200eaeb67c6b7253f504d7dc2164c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6539183625060334138/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 12:13:08 GMT
x-content-type-options: nosniff
age: 373122
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44990
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 14:42:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 12:13:08 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1549653/72555946/ Frame BF16 252 KB
76 KB 34ms
33ms Script
application/javascript 54.170.148.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1549653/72555946/skeleton.js
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.148.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-148-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1b523ea574bbcdea241789da417c07ba604f437c5d9e35213aa529610cc6bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame BF16 172 KB
60 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Origin: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 07:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Nov 2023 07:14:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame BF16 11 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-aL75SuXb_ZSsdoOXyCDQ13DPDmnArr3XrJRLcBSgORtkbrUWZu9igwjkTn-X9nDFRUDMOgJCYWHjcIz2xSmevz3qmP2fxfWnuNpdbFZfUOh3u2FpRwsocFTxmbWwuvmmedHCf4h9nh5CbCOJSIAQVXNo38ZdPCJv2w9K5RjuP5VILB8&dbm_d=AKAmf-A5gyIT-zRbkI0wZHN6Z58VdQD7XTnvawYNmBxkEfSlhtoz8_wt3EWuUPY-zXprd8X0pa1e_MqotU3B1L0Kqqop6KZ3TB2f9m1pvGcivl_byquCIRG2XVyS17zAFDLtjKbsYQVVDRsO80oBQ8Jf9ZBIT1lkI04D-sMPbHFCaQnmX6ZLXMGB78JhurH3nJ2u-IWzJIDf5V_iJJYiMtrAQ0TcUcVOVgiMLXgmLJtPScDO1U7vRbQjvMOpuZsF3mJ9BHjSovomvGVw6SbM9Q_oFGgvqIvhGGj0UoQLleZSRbEAdzp2DaJEatUClnGOJbIwr01EIYLkMJg_ASilMBrzHOnROxKdJzX6UvVRAZbzeT91GkHRJMK6wA14AVqJOJCnzeQJ6Ri7_EbNZ3exCrAoty4lV2TThGU2bJS8_oK5b9m8eSrKmKpsP7xtDujquL_Ohrg0cEHS4xi6xVwH9sU7f9Gix0viUFVZpTuhnTRD6bHt2VL5Jf6yGe5UKQoz66XnJBo_hPmPRasuRPoTpYReFULhYiDVYIljPk7yOs0WFOKU2qC_wn_U7g4RWnWtJZrwL9Coty4xL07ml_-TyXLJ1JsnVK6UmT7Hh2zZjACtk34ob5jFlgJ6uIFi5OLehJAss6eOuNHcQCzOU_2RcbFfSql5qMoxEu-MZr7rIgQbScfRc3WidmSvRuQrovpyQCSZmCVE7fRMkxv_qFFoh7IC5nCwUyLV1gFaz3ydYak_6KJsD2vYbgb-QY9UCY7UEvPaqDGiPPnx3lQ9MZ5eqQEwKltcG6hxkm1MmsJusGJMxIvROnQNW-zN8Yen6bWMMZreTEa1wa9mlPZ1gCDd-0lLPRuvYGx_gZWvC2Xuhbg041kIV2jXi3ve4gyjOucmNz1tAnahaTofCQkQYS3OfiTqkCRIEdwSktjcKC20ATikou2BEX9OT7pAGXLXaSBMrs0WmULyRrd4VN0zXyz2iXaJXXBemtQ664eXGZ3drJi8BOmAk3iDB073DWL9yU14tEJOK9xDjrh7Pq-oRPLRD2VRQcKVO8wIJXCZ4F9lSuHhd9qWfHgnG_hJeZfYxnp3ZJm1VyeaSy25kHe-ul_I3mecmLN2tB4592Vur7qcvtBN5xkdiddo7B9qctYarlxMP7zDlAUKC4KnOnVJZVnyjZ2bYKMvBcDN5PKLT4d4eyxHLCz4wfZckbmltPuR0A9_z7SBIvQXd-dhr6NtolzOw5JSujJ5T7cVyytmfY_qjqgwhDdeuxHlX_O8sp0Nr5QlVKtcSyhFo0YwGRqu7msC-Njpn1-bzuHBv6gW96823QwdRPrAGRRckZgeyUiJydtfwAXyQz_3P3nc2irsXi8lNICDyiwpVHsuJ247TrJhSlFQrzW39gLLyPbWRu6T-UUHnGPevlQqZgrld3dleJLEQimltxga1emVmhTC8pCPh02j67_vpz04avlb1Qu9xnXThw5NF1QnBOlRPVwsQC_ikLgZZ9N8VgIjqttHwz84p6lTkfjrUhInrrRhTAJAnA8N7PabRuWMXbhCxgmKKq2o8CRuE_aklyOPttcFzmEzp9knuxNW2jLOfbe3US4Qa2GFSizbFZ7e64OlzxsNYw5cActysQFuR63uAVqs2VsV3vJkDn_kBqKdRBgrdzieWVLEGWTCz1Kjo554gBZ6V1o8Nwh_K_o4vh7gC0TQTOUiXJfTRiKGnR-XQR7BFBNhOJvMBBt8QAbnLDdEQoUGs7-1ZAHfxqcQKMo7gfA1xg60EKpSwNQo0H_xaZKRcSyNCrOCbRy4mewZDV6F5O8JAZCN1dPfz6w9HKJP4-1YWf9aGAHF0NqaHyOwHERVIgeXvJ9Z8sYYGza91WGgErif8wSssuloxXYYeTdx3djjL1Scq_ElL6sbaMm5UZ_rTs4YvFycdCRujKnNwtqrmS1RLdrNQB9UzG7DhGEJY3aTa8tPtLtXv5kDJ9O71vHPegBHZ_lNp1I7QqhTCOW00IAN3CHpT0Id0TS8sjVgtYTTeCPht6FTWpkaskFzb0hjTZtMPQIo4JZBClb7aBjRIljlQ7cK7kYu1uy-IAqgiCrEgHW0bpRLSjo8wWwSTWsHKVbkl7UyXNT7Zz6YUyq6xT2Dmo4eHNpbb5lNrrpQ_AXgjumkZvLqtLU2cHcgDk8jaJB8rkxyjxL0B7vUEKBUcrFxGv9moQIEWYZVy8IJgP0qLcbpLNxxwn1PK2-IKaOLeWbuU9a4KE4omvXTgOZOJ2CptJk4uovrLEA7fCeDFZa-hutrkLKVuQYsg44_pSfiZ4pNciIOXgaN_eB-g3PJulwwN-KWsaFqpFtK1yjs27kw5l_XCytwlNUYsCWnqY6ww7LB_FW78uuOMmT3QMEkYBAG-piZFxQIdg6V4M7ilCp8XmqC2TFLONqfkPtMHx7PbbkczCG6GqOSebp5tmbiV51OPEHJis2GRdSh8bRL75zL7nkJ9jFu0Waqnw9WqQjhS94xDKcmxkE4WJKwRhJfDDAKvPx40Tqqaoab7rc8KR3ooN7QdaJhMBeauMKzdDVvPRvpYiDsYd8UsKh0Xj3ItIlhaGrtfd2V4_8gLRW6Ui3SeGS9hy8AHBBjhMvTRlxAEpyUihMbNFSF1OgMwJ6E8rTxixEWDjDYLmhs12MCnv1VU07CQHM2NG3djv_4JonzmMZrOqTQ9uMoWM0lwIBmwwEqu99YTIP_xJGoZfvK9MK2B5zTDeDPSLlNh3A3LB550daysSy1c7re4wvcFBRR7DjFCECQPq70Je1nx0QKfk4AZRcCagGbKa-KYBn5D0MicU13q9sL1KgZQQt0sP43UtrRZ3g0BPo0TcOf49l8k2nPL3dSt3rpLuCLNhB5X2spT_PuUfGcWEWQdVewxmwlsfxYHtOM6IicdSUlNONY1UlgGxpqth8sDmBd04HHXc5zeATVhx86LW_0FlplI2mCQvAiLdKjfp7zRLS16mUoR-gCxZcdCL-nZdckOw28quI4jlIGh1VusRTiuRTTMRQDq-AJDMAf1FYPwt2xr31XOTWPZuiGxG1qu6W2xEnzpq4zjIiHyb_36x9m-QhOCb8fgXGOxQDJM93eEjjYL6AU-LsnFyaBzl3bSXD-_XijZdldrE6Yqxm9S2ll4hCUmZX600SU-N-CNZsB8w38bkp_CYWCWAT5kzD2RBnyYRHKK0lIOqXSaE5R2Nga3xTIZtqtogzjpu-C0zvOo6aFmkpDcNVKOudikW9GnZZ8eCEp-aVpj8MhZVoMAeD2Q5M7inyGEvS1ytgoV9M35pOdUsA7TdLSuSC6hBFoNhhiSLp9AGZH4lW5NwJljJO8H9_XuGuvu0M3-MwoU7ubbC69Pd3hVlYW6H5kfzugh924xxOtldhlx6IbAPF8TV_lJDbgbUa0rKOuIv0EiyYUiFYnfYFs5kvLDsaXNZ8qv-fHLUZhs941tSB8ajtuAWI_NGKIJZegZS6N4qurLETUUK8wED3GMvQxd-UHTbulOWe3pdFEfllHFOtbgG_ylJuQywih3i0VITbjGmQ64E5MafMyKWR-qCtfu_Z2DvlAaOM-7mg4Rd_S5V-P0lyE-aOKEVI1XS6qPgaGCfoFW1t2o97jKR0kk_TVLtFDP5ecpJVGhBTqqocldEMQO5TwInRBtVJX7PFNX1aQRwjVesiAPBlxp7cueaCA86L3nztLDtYeBHPeoEx16aNOGLdr1ZKEKmHIA4Vh_iGHkIQT2OtfU4CGP_gLDyCmxOIgBDejSNqXlsRTQusXb-clAeFwGuulp4T7PKJQ-2MHUbggmRZKDPiu1SnRlYU5ylL7VBgduivC7pSrnt9xQpBlC4ZkmEht0sEZxMN_a-ptJW54dTygbdxiqy0Tsg&cid=CAQSTgDICaaNYKSjuRjgyBDdJ7B4xJkeGDcEqDRw53Qaf1_BcwWdWlsT0LRehYhFo6lenDUp4V5JCJTpo87xPc3uIe5OQ1-rFrKaAMfIZE8-2xgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.eokultv.com%2F&ds=l&xdt=1&iif=1&cor=1661149157785097700&adk=3944675600&idt=89&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:21:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame BF16 30 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:20:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11597
x-xss-protection: 0
server: cafe
etag: 8023538936332676572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:20:57 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame BF16 41 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 365631
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 14:17:59 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4B83 41 KB
14 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BiaB46IBw1hC6fbpc2s3GeWGbHb3iyeQPTkkd4gU-qpYu4oSwLKdd3wvP8gBRF0FR8VNFUL1lLEOK1mEwewio1PJP33dy4Bu0l-CL67bCn0en7fc4J1Cp0el2pJ_Gal3De073zPHK1HnptxX1aAbpXWQsvuywAypvxYfPFuDTZKeajyEA&cry=1&dbm_d=AKAmf-AxVYJX4I5VcVSs_yl54mnGUJ3PlSZ5KUvoRX-8G3xXSRzRjIdad00xDNmb6eZcQ2Isd--lTujkoy38HJNWwNzh7GMEtMp47bxtnfVkauIAHuFtNrZJjq3p0yyFHGgRTG1xZ-tHbzforCx38r4KbOGpeRi43Dx94tLKfRuQGcRvdmANevAiZQNUkkE-FYP_2K96gKAsckx2Ip-_XLMiUfHJLT-e0QI4ibcfGsqBhWuapZ969ldJROu564uSN1cItrklyG9iH_TQvserElYGnBi1L6OTVDm4r8yQSY4e95b-3m26LO0ewLwxuTix1SWKRu02N1M7Xr6AF_ZZ-lUO4x23c0rh6Tpn_rAaD9SgibETRRgOTuETTdkcUukFH76LCTQvaY_FaeLcLVfzbXKgXD-_LCkCjmxw0FdN6bHgUEEL8xU33cDNc1wchEiVyQ5qFWig03DZmIGJ0Y3IYeGsYgKePU4-KFRhUK17OM-g23qT8xCUKd1hqgvrQXTu6XQR6elLAVpeUFCmOU_9K3jt3Rwl3bOfkxVb_DUdjT4sDR_7iHOIVmlOi2h2KtZRb5CELjowcxn4yzw7ggdxCrC5hQVxoT3zqeaTSdTKzjtztBD7x5ya3HEZRhrbMw39QWob2afrOxFtryXLNmvV6OHws_E-l18WvZBGGp4YZGe9nxPZFYvl7Ne64zlqwC-_Hv0_pB05SRdZ3wcLsaIsaf_6xmDKXQdg9urX2n70zSWaOYyiR5i508gT0Y-Bq6O-BvlFfkw5b9mNJU5IrSv3yBTThUBNCxeevzVkw3htq1Djb-14kEO8ueRDsHz0hhUQfgTfj0m8APiZ7eX7u8_eNiOoEIAhEebfyV8K5A4dvnk1Ug6NEw82oLT7ravtBS1loD5XLNPAl26AWB1ooDnstdglalUvB4CVZ9Fn3I5KTOhcZnnEbnLxpbwMFHkwxSPNbp9Ns_Vkj2xAEkhrLCeotdlxH_ladW1yRm5InCxdIddmn411qCYwxTgtwuzJhS5MevmphqwMMlIhX9YmNXdqhRlimY3EqomyYDiD9sxJT-T67PG0n9V4i4D3A8QKqQ5SvqTUsTLBah54bW8pLt8zUisjR8-ve2ll1hzcEqU2gGrKoMV-ArbJx5FKrwXBisJEAiWwmsUNmgz5rlCiPRgdPxqK9owRjEJ63rLGfihcExvc4HbJHLM1i9hVxqFPN5xk3s_CT4lVBNWJN7eYOTY-JVjUD-PcQt5wdzMJp95CawiB07A7j_qmoix48jktaFVpQ7ztnjZ7s7PyT2E0T5tBptG5-ugIDAI3H-2igPcnw4ETqBvy6h_3r8tQgYj2LcEdTnvjyNgHZEoSMtYjpfomTKXJLvNMCSsBwC0fWoUFCZA9Id8557sr9haeG7nqcihVXtFZ4Oo4qYM6QhIWdx3LuMInSgAIGprqmKVTChAWsb27fxlHRg9St1g2N3FFvMjaL8Ng4TKGgfjYo4aPKLCRg63vZWNQFW0HOkFfcmwzUarNZgQntkaDjPp3wGAutdD_Eo6z9AWWCd44lpbBy44yLbREnKM3vsqXZRGYLeTYiBcd2-MOFqRzVtOrlGD65I7eLlBYEkKB0es__HEP5gzyEgNARg28LutTuXTvDyVdmqlqFa0kNfxybGLlXAmiv623x1h6X9S15bOTLY7HxnfvksMNdh5KH6Enh_hMFeBOn2TXsx-T4dz9fdwz4u--IgOSg0M40V-8OPEVgz5TC7GWz0Bd7fNuP9UIq6dk0VeVgBCkY6jjSlhrY9nEWfWgvwtlJ8zIHpWdcUrju_X-Tm5o9h3WQCAPN6edAcxRGwUtLpEP4g4Ny4A6KaNHG-aQi2LhJ1tPbQVgZSTpijhO-5SC_5dazGn0mdSL6YtMqdwX-c1H9H-KhYtgtdBs4xd1ACKtwNsl4fo_eRUkPIb86R55zLx23rXv_I4seOe8nUDKGLtXehteOy07bo3aiGL32jqsWRivnzWCm3rgSVRPD_p86IEUz52kNM5xtSIHh_dZGPplqKNUDRBuQtibEl79KC37Kt-XKVx0dTMi2wfgEDvEq2gDIuHF3f4AXE8Wm9PQxa5KY1tKOAI80HFCu938fyadVRwtU9cMOD58uSf4QekZK1GCGf2pSwTC3s9TJyBOcfpRKpo8Tu_8RNG2qs12cmGGVzSDmJ9Ccj4GHkc5tLAlkwFZnVXQVuBXdR3uY6GHo58NPu4ShxxfMgLzbC9rkkLpqH8L2rcI53Q5xiGNW_4EBixHc6BNsOjYA4aORgyeODz3mtLnswxzB4cUbzG5YaZYOTkT02DtJdOBm7NCiomC-KF9OYZLgjgKS-evp1x2QCSa7SVMRojKt-KiiJQ3xovu1PHk7yEIo8BfpLyw4HZdnUou-Vw8P3TuXNykKSRDhk1Ke3q4aKpJkRxX5aNxHmKCUbUVaadvOPsy7ixSd03CfQFYeVvzC0BRo2-KRW8zyQkCo_7GX3miWeMZmMyyaimIdh2pvqUVPS18L18udFbHC_uI6Cn392ixUhFJuVYohDfyMLTJ5NXkQNHrlca5Lq47knnn5d7ECj15chLmhoSGiZVx5wvOI2oBuUlcDoyv1xtDkImJTQP4QvRGQXoxsbwAgLHgiprG3L-OfpVasElXetgJ_zIV3VfkCIYFrAooIONoWvrKoTVcbjvl07U9qY6SxbdFEaeR_oUzNpH0he0xxgnLwBKMs0X9vTN4BCBWoU-JRdCWXL5WtamlKWenSdcuEhnpIZcxuH4oGtYWKnKTN4rn45MtndTYtBQRVyhI090Kj6unKvAo5cQTsg4Oo-hbCvdK-KUdE_68ODjh3Yf9nMZ6RDlH94wR8G-UP3woeeYbRLOdTDbh3OEN_ccCwpaIAGM3dvw1MDp0Sn5DKTMAiiSSe79m8LuvAixWcBJx6MvdTY01PL1W7PM5SrM0f5HEVqUW5QDFSJMPmU-_F-kUsKlxDeAu_cJZQl8MNwreG2iJsuMl4qyJ7OuJb537NPF2y7KxPp03E4L61CJy-VsRwr85EnDR7DexGVsBn8I4zFwrhsTDkWrcupickmUZSMXeyKuf2-xbl6hg1Zz8AdI0j1WRr4NHNkW54VU-yxSUHxup1UyLJrVuaqDekMTmdyRL2TBjqn8JFC711kSMNfopvPU_K0_zuAm8eIxRk6JfLVBJpB2dYuxF_sY&cid=CAQSTgDICaaNhIFiVk-mrta-r1CQnDdclykiF6fM6tJ5SVceA_GBKrws04oVBPG23-saxT3eEE5aVbugb_-Uxl5UiYbFRRBsKP8jp062Q-RfiBgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.eokultv.com%2F&ds=l&xdt=1&iif=1&cor=18252408594768163000&adk=2086295851&idt=65&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 365631
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 14:17:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame F510 111 KB
39 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Origin: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 02:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62968
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Nov 2023 02:22:22 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame F510 11 KB
4 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-C2MCOInJDTG4OPF_PtaTYuOecPWq41g0ilS9_W0wjFQUxFAgbIhr4N9eW6li8ZRj7WOrUOpPd9gqOwxmrzDcVb4tFRUPPHt2XTgAY0-oVc4ROrcaiJXE4PtbbtWiSU1IK6mIWlKBnWgxF2ato_N2z_tT52FDZXIYwiaJIfTW2x0qp2h_0SmRcAoCZ_4Ps8_kb0hZ31Zw33kpIVFaBpFtPi1yjYwHqoL5HJngAvvNh5lMOstYtkNTWvMnKh8Xrgv8Nn0_TnF4ClIcjAjVs4KGXaqAKgs9fmsBc-Ht4oEpaxjySu3DZoDfERzyKcffFqaxiuYg8hFOKnM9eWlT2CzEKOzV_1Zn2CxU0WhlUe3UEgEEPGkrwLPO3apBCp9QhPTWQiJDmH5FpUWgRZSJFLhAX2C1qAnjmSmF6KZncaOGKTV1JZFz5L_gp0r9oiOO7nXGYQ_Zo6WDRijYwbjHArT6DiGUery_e0mydzTHO24MFjrdIlTaikO9tT9K3s5Nc0b2bFJbfX0ABFxBcD5mvr7Dvu58izw72T2qLow6NH9dfaygMFT3qPLnxzkM4aaRZFQbFourtNfJIGYIquTDTXWDhmVwyU1JOejoyr3m4uL2yTlOm-jw45DzRvbtPjBTbWobUOHYNxV3HpuBPtvnGO-JzxCf0qQRjl8WOFUnXeMsebU0G3RJSo32ocwgwEyoPh61fGdKevNWdwzOW2jCUuTzyEggfRVh_iPmZHKFGBGdo6Oav_Dw78-KTM-8fsXURLGTPVhGI29dIgM4D55sFgJaJRdzomI7tjaVnt6X4HgF0dJLuuuetdELqEj3fJRCIBrRXbe228n-AdpQrY1I26v1UbldH-UMP4AFx_notaWQ_5IbbvRMAZzrp7vx4HB9c0Qg40-zgVPXQz7UQw5JUhytHIwO7tZzydGHxQvw-qjC5_TNOAmEnDwD77p0RzGP4us4FF_dHtAaiO8-l5ltDcvoxRKs_bApMmCHpUawLnTkzebcqOF9WAHs2LEVKZRuiRTRKiBeSarcJMWRoW_ayk7TUfzcW0ZhBRYhK2xI_1uvL8giis49O1tydL4HA3s3szY95_oAaaiEJ0l_f4j89ZgbzrwuOzUXwdHtmeVQddMW0iPO4R7f290Btl_wiOeaFvDdks4V_DHJY2yYrcfmEo-GIDNRcg5F-Z0Mo1aSdw7dvUMVpOQHOc17AHXc39Uni8hnj41db6JMaBPPJIorw0JJCk3UsctKU2YPMZXH7VSdiwAW7dhvjehyAuNBPN9Io1viISjWItaKXSmYLWnp6HNjjsO0D7eui5klP7TTiNPymj9r8i31-ucACqaJVbPPsh-5pGTIXy9AdJ6V8FTdBjhhtPVKomx4Knmkaz5JcT7UYa7Tg9GrkrfSRWWErSHaNnxc4QVj4YeV8j2em9gBIAWVSqN-0oVH9ry9kJSdsa5IpE7r7USK7SPMsOIi4qGVzytBanEJ5CFT8i3-xmwx4o9WK7WeU4GvD9j0jh6QAiy4Ls8rIeBRIQftEJvZfci5SKSPlYKXDRzA1qzSd1aO95ZeuICUL6Hz2aQPCQPQVfYdXLNOpDAQkKseTg7ciWXLLiH5oqPW0N38EUzgxN3_d_qyM4GLWC-rW-UZkIGkjhH9M2D6TNnxQyuC6HizBqihar5wvpcASnWtpQgL7Dgu0bAIOMIiCwH3RU3OnECKB8Ardp71C2XmmsRMxKgiko4OCVMOgbCXYeBKSQgCDcOCopLdVO2azqeZnVRE_ELwFzv-ZRxffWkcXwljwdDCkK_OVJnhZX4eRu47q16qGvKE2FCC2XKHCcdgsRqdfczqLkUUdnJr3lqNzFoyuJ_cGuiT4IkvAt1X9SVXVQX-1Om9V-mJu0k2ypdP1V4O2YJeGU_fqcKwUGwW0akE6r40epJ8jEGkJHv9ueUuNt6cwt_62nxnzEVgGcdeyk8YbRuppYhKndHZ4M2O1khBkqwY8ge5H6131o1LUF0VNszkB8zxjW_TXtUHC4I5tlk6wIDt1vwjInNksJ6hwV--EUvVD6ce_5fjzMOfDpui3Tx_i163KZk2BrZAgJN9M4l4W2MAqQ16mn13c_JIcXcXgi9as_Y4BnXSeeHSpydXYCNcTIUlQgBx7GXRJF8o_vGTFLLU6VQJjKD1ZhAFyIr0wAfM9EhWl-nIPvvoxOZ9oewRiAtW9WAKUJOdK_pICl2Pp0iaAU_S-yjkHg11JlE98KBkdyteDywy1CUyWceYW5exosHGX9VgcNOdWw2XwEjbIJECTQ4RgMPEdeV8VsrZMR5SgNA6alCJfU-PBJ9J_vXqQaf9xoRJhHtb4Pw-Hqfb9ftzgzlQwG1N449YwnluYa4pvWV9WWFt3DTry2Hz8uLaKngxaQ8Z3u3noALmyrWA9STAu6Kohxtb-tKRFy-NHOsRC5lx9KAVBFdr5RWlarJw__omr1BFa8X8MlSYAbWWSH8YKX4czbErEyvYdFkxUIoTpJvY0Px7YWRW02KeGF_c2b2t5pHjrdIEFoveWiiPQJn4mgxWXyGKnHGTrx30NjL5bedntXiRG_JEbq1znu4G-XPEjyrlGmyoCpNHlgqVc-fasFDW7C_W9sAAN1c_8mqcNsiwOOQ3P4KpGNSR4FffBWoyDnQPlrik4C840RFWwaokA7D-ISSvP3THZ1HL5iZpetuppqftl1vBTjn9inZLkJK6ZWXlSMgznvpESgFlVKxu86czoCH3gWamvI5ZARM4Up6aUAmX2FWeTpzFSTWIrtXsv19J0sXlODFUoYBbI7-hi5NqZXFYK3Xw9ilmh1ZYTM8qftFI4UQyuCCC6_WyAfMLN9YwYII1kbrJSkJIFnCS_m6MWDmixpOfU-r-XISPcqyO4MbfUrPGcRdgc7qSiPjZ_uBGWr1q9ILeQ-LwH4vypnBhWWF1fHwPUVACrEj2vwhkliJjmSuxZC8OBChiCWmpg9txfV5HX4CnNaU7iCSpQY54iVInQP3Gsael1MLDKsUlyKN1B429RQiWZ7i_-WrN64M1zEOK4Y8Cx7SrS0O5cFhXK7Cfwj9g3jqnYTVr8SYylfbGesf3dF3ZJyM2vt5vAYT-cwFTSdm_q7QxlB9Ktu-CYiA-hB24FKo2_pgf7RV8XwDI4N_suVaITd30vZdCVLf3_Irj6DUwW3pvhEmczbSeGcUsGfO_Nmv2mH0tZFcbil4utF0yCRYv0z4zmlb0p8oIBxRapEO8-D7WEZKYQcM4bd8rYxvep3q8ZBn08IynRq3DpNNDS7IlzEcdPCXUV4DLG11vBR1c0bribIUD45PK9BD9WYFlbk8gFR5NqSiAD2lUWwY-ZZCXj4w_SbUvA2EFLkbY7aEzMOGTB3x7rPcSHDM9dXph_LioV2c7Jkxpqez4Bkbrdr-0YAJVoV1hm16RfEO9AWscGKzHA39vGzThX61oYqZIhJF_ULtbm5WSFEBdLzVxxixrCfJDn9ST3gHqQm5CbF99beZvTovlm25mKVO5nC46yUCc8Rto8_dn6kaFPk75dSn_KYBC0hGb7BLOK9dBU0swISntdymOHX1niwYY7Yzyyg7V7JpHJU2pyoop-RRtBf41PWydE8V9PFi_zfeMbVn1xD3118eYKccNC_mcs3jQmkfTS7jFxJq19HkUuNkldYAv7eqT46olZD9rhfS8V-LSDjS3-ZzoGPt6r8teV_LUClrhsIwS35LCFMy5etPF1u8zLP-CUuTv1XR065LQuqrX3hWapfV-P_vt2r2-b8PM-ecthi22IeUDdWX-OZPQxZ_A2yByJsQyOYKgV881_kaoKUH6yVoNt-VjGDFubb_KJFSLiILD-CQMLJvuEKbdwd8iUl_gAlVG6eOzxEwVEYRZAWwZurmRWmxtyJV1yLP8yO699iAAdowOPHRU9pMYK7TZCjx_aCatfvnUTFwLYKsqPEZxbnecynU5B0snvMDq2P_63blrQulE3lC8RHuhw-CmuQGRlwIz9UILrQFAFFN5zRJfZ5DnyH6FeTGsO7uTohtb8qK5GrFV629rE1auRuIDS0CPsb_WUEyLzu8fPxq6VyJPdvcqfwRalr2ps5BdT_IVZI2UdHopxFNya5Kgz9jBsAuUGDs4Oz_4MLIS32MOhxO0zgb4Tkr1gSRhpTCAQSTQDICaaNZ1_LAu5_j1OlE3AtyXt8ccC7Sg0kQookZtN4PcUyMWI_QP00FUfm1olmTfmluzuBMOAR2cuq7seq3ehThpTW0Rg0CekFrceQGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=20409787662&bidurl=http://www.eokultv.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0ht-ixWnC2v7QKWsrkBFOz7&adsafe_url=http%3A%2F%2Fwww.eokultv.com&adsafe_type=y&adsafe_url=http%3A%2F%2Fwww.eokultv.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:60b9e6e3-faa3-dc15-fec4-813062a01490,c:sEMps8,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-554d68d5bf-mcsgw,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C17*.1520146-76103085%7C171%7C181%7C191%7C1a1,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:24,oid:ee8a10f8-7826-11ee-a487-d2ea9a43dc12,v:19.8.458,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:21:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame F510 30 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:20:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11597
x-xss-protection: 0
server: cafe
etag: 8023538936332676572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:20:57 GMT

POST
H2 200 v2 Show response
id5-sync.com/gm/ 276 B
556 B 30ms
7ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v2

Requested by

Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a7b574eed524aa879be3850c92b0002f47c52062d8511ff5228c9587760fee9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://www.eokultv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.eokultv.com
date: Tue, 31 Oct 2023 19:51:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3527 1 KB
646 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Wed, 01 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BF16 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a98d4ad137369784016869f984b36bb060a8c7e272793d09247bad8b27056987

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 4B83
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-Afi-2NB4dQzoLQn06BhQRcz9Y8861yssZ24S9AqglX_qhEFD8OF4Q...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-Afi-2NB4dQzoLQn06BhQRcz9Y8861yssZ24S9AqglX_qhEFD8OF4QWsoy0LVS7urqprYumM6nwHvfIH...

72 KB
25 KB

61ms
60ms

Script
text/javascript

142.250.13.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-Afi-2NB4dQzoLQn06BhQRcz9Y8861yssZ24S9AqglX_qhEFD8OF4QWsoy0LVS7urqprYumM6nwHvfIHjEMyaKik1YuhtgVIHvRmSoLakppBmclKxHzuAUqLV-DcczWP6ZitdtO-a9TnXG37nhf_LF_Y-uVs1_2o8RZ58x24l5BPBtq5DQS2RYAoCZ_4MHdRExkkCmGXwRrBMcCy802Xtqh-kmzTBA6yNRtXX1ov0gu-C8kim9cEb3EiKfluSrvsnj8BYHaCXvPjirFl1aXSrEQXA3bPIdA-8_Bvow8VbLmPrNY7EWGcXKzZhl48dPnlqbs7fHCWjJ3tPNVu4bi5107n3EaG1r5Dm7kZSsT-q1vnFm_9GB7kgQyVBa37Y-f7Tip3AhCm36pLLPy1dkfCQuimeNASjji4citfYwmw0hLD6ZXe361e1sA8bwHNFzhYHSo3jOurPwxo2833QZpOiV3_4QHFs48b7XSU1_Pq5O6OAXsDWuwwoTuq2bZjkrpNuhH8_Hn51qfQR5quljykjIbs1q0XWvyAWbyPI-GhffoiwcYlFj8LCkFUzW5-Q8PIzcHIakQxtKhP8XkCEQ01Z0SebHEHJPvJQwrJuamBGwC6owkiru6YfSmuCJDOY1v06NrMFqbHS1bl6U6RK4nno9rbD8f3bUTXQr026nVaKmtBOm6kmVDWbHvKUxz1IjHqSO9smSjNrycKCtrkunZ0803bFmN2SnoSisB4XtEwcJ0fmEbkMlIJXnis0PKPs8hvfIGd2agu9BVSUlClwpK8Wb8_61k85dFYGHC5eTeu9cv5b0t-S2AmqyRoyckas30OikCJJaFevH0FViN-7N0J7Tzq59OXW1kPXp1APsde9HZSnFIwiMrKQib8Rt7UsVPSv429H3_oX9xtzTIpGnATlsCZhIIjHN_RowaJEvt-Tg4lEBmntVE79ER4H-oMKsIu0eUsdZABIKJR3LZEylfH6sR1gd52Rpn_B03qWLvghRjaTygwczrIQYn5AFN-IVuOxNKnhWGYEc32V2k6X95jZhf1yW4unfgkEWQhycaNhOmpfblULF7O065-I2c0CYOafEvx1PaaM87FtCZ7rR-moo9v2roObc5zyzm8Aeu3k7_iT_qE3qHqxnFBxgXbpL-JnyupFinnFt4m8K8MA1r79Fnc0Zu7aNUGbt6YTjbQtIOvBb1aYINgiv3MRInEhfC5F_ZS5hHvUkIS06CnItLoSQ7ZSGpDUcXoL7eJ9aJnAGiAJ82MNW_rOPBwC5Me7Hrv8iCJcpXKKWstN07PbXkBP7_5bNAT_k1mckvejbBh4zQ1xAUy0K8HmD6K1CFE-uWYOoOePuew_haopi9OY24sHtXrX_J7rq1pqPcJWtWSlB0zqP9RnTTUf-a5MQ2geRCE_QtYhGnlgM9Q2xIb_gkXPPIknSHG2jid6qc0YK2kNBUpUgJ70ubH2phWepERZ2U52G-Zhw3rptCGL-poc5Qd5uZzJpSualHGA4N1VAu3eroHRlBdJ8yl7o_xJAixVMV6JSL8XVRllm1h3qB_kIN2Oas1ffImgoYlpiaNqiMHwjvOLt3J2LPR5Sp8PttmviCaYnc3ICVYq0QhxYhoxcgp6CU8OGwAnu-DRNTwulHjwyoBsWka-kkoyyuPoR8xaA-ojPzzjXjvetrhXZt9SjZujFANLl8AgS6nHEtj-F7cutDRWUmceKA1xMGsBYVcqXA_KofemMGbQfzRwvVECoFwubOW-LGSCUOWa7JRItcwsEKsYgKXEfgEvx1m0tMMeX_co3YfRF1UoHZdGrL4Qy33H6qev-oi0PXA0xeDAzJDJkLFZjErATINcZmfENymADN-qkq3xNe-zAauxzN_1tnbDE0ZjQ8BfgnMBzV5XMCCrmgmnNnoIkG8pVqVsCqqs_3JeaM6cXrAe9dBm5-pul6dWCKCnt03mCAS6g41zpUb0s58OnwV6TyC1gl1QjtNTWeug5peLXCs4hDFPgzENgzf7HrWKmw43mu9wgukCcw1Z22IWVaOxSvZELHplgDbJlXYCgVOW49EnXKM6k_7ixgGxme93VM6JF2TRqgrZUbuzfzoX-h-AtrftOJVa1WtHNyL7dLXhraE3S6P_23K47Og_aDlUvHL6oPyAwQOzjCRI8sTTBogbPFpD4kph8fpwomxMN6zr4CjP80X3WY3FITXbT5goUsYSalY3pE1EWolwHJfF4poKSyGRIjziJJB-P8tx2dQDBnFGQqzHoZoZ351z8DfEh5Qku8v3slIPGyDqR84DLBcSM_7sYN67EryNlThw6-PgypfCSU7tnhjCBKqv9mXTVc4Kd6nNZBevrCvQ6ZC8o6OR3AOduLdvsT_misSmmO_NYJaWzAKBlh0S01JiXV1Zxx5YGbvq_R_wDo7YeR0TbZZncjNmwtR1MknGQM5jYm9i9BzJBpC3auHcM4zsEZwNWjJTwQdfkC4D_t38-8podim6WmjG-N_Cp3lb-vFQVHASZJ4TTMfIYeeln1YUrohFa1ON_4z5H1lfLlfPM3CsJu0I6JLLkhvuUydVS9hMisHrfEA594RZYV9rKgXRzjZ4DDYYoVsX244O-1fxXdFcMugpxvbPi7qmLaKkepXdUH__BIvrFMloZoRl5O_Q7bAetDcpH_DAk-CZrQ_fX-DObjRciKT7trPW30Rc72rU7TtvYCKf-6coNpxfzFT9lobpb3PyHdA_AxYu4WCDe-a3xTbrIeN4jCSKzjPX-eqR2bC5aJw2uBhCy6PQIoMu7Q1FBWaNA7TZJzpTYoWjzylpTAgQJqZT4j0XBCbgsS1pa1TbgZ1JBBDy2CEjDo8McwmjuCr4HJj_TlTlKckXr3941Yi9UEvsKMQf3hYSuYiGkTKiuN9fXefeRx-l7c2sPA0q5yRBXM5ZXZc5i199jvxh7JlYWyjZxEAkcRZZFRdUERLP5I0BwgBggRIKdmf5UNOWwNfHynaXKWavu2KKY4nUdIaLnTi2OhUQvkUwiVHqzIL7SYAqViYahXyM1o3CFxsh0YtCQT2we8047ASwle2FA3pvflb3rNAzeALxKGwsJKL0d_Eqk2fbKXJuhRJUvBikLU0wVi_iGmnZjbyWfDVVnwQXHHkRG-PeYIjO2F_4TaM7odf_EAkifgNLxZBaEqSKWt_Gx5Jm5Orw2mnvKCGqVS3ffO7B1hPN4NwiUNjyQTaz0MITYxjoal9dRWB8FT44fzM98s1mqj4NFwdWPqtwVef7j9Ia4E3fFo3fQoz-F3sfrmaEoJEO_FhdIFuqJ1K-p4tOVulWIB4Gum0O2RmyNqSjbPUk0Zz6v5WF7AAGTNZC2LKVtfnF6Wxh2kebTaa-6Y71KOkmAmkn4oQ8-2dYCEe3kc9EjBlHW4uj6AXJpqYYekLCBPlZXTUrcgkJjStjAGoIKbvapG5lvnSnJh1lODBImkPCSfFev9uav3g9UzJIWHD60-SK6Nkb7Y-FenIednBvyDVEsr4_BuGwscLtSt5GISOA4G_-M41b4003Gb0UHMetZQvOAZMnSLGKksalHA2NocACtifStL1BCE8vDgkvwC5Iw_5YSR1YjbzIWqU5QyPgYDVeDdADrRwefumSF3tZYM3gx0BxrOwr4Kzi38PfUVfvWiGsRhFKcFJfF-1ge91c7yVqlo6o3r1VYxRaCvc1KUXV0oyQeQMw_ZPDEBf0gyu1e-qewoWGHL8Tyv7IBXwOv89elzrgY9z3dst-kT9X9CSjLr-4IMmD5apJ9RY8SuA5IVx98uvGtmJ8KelpuJWm0z-SLWi4gvRqbOZF1wlhPSWsutOraJMsjy2Vp30Q6-IeXUZHMvQoekxQ85LL6qhdGvhhws_3_RyGTzUMXnk7LfThVS-s1TreUvXQpAUtMriNVsTvzAKjB6D3zlxSxoMYvTGh9XbvtS1-3rMbFDZ2nAbmoo3GLJ_C2wxRz9F0UphBgwu5JkCFq7j1QlX2wh1bwedQrzQK5_avE92RypLsxSdQ5wOjqP5B6RAKdna21O9pR_NRqurY033KUngI1_hnrPaUlYLkh6Py5UGlQIBBJOAMgJpo2EgWJWT6au1r6vUJCcN1yXKSIXp8zq0nlJVx4D8YEqvCzTihUE8bbf6xrFPd4QTlpVu6Bv_5TGXlSJhsVFEGwo_yOnTrZD5F-IGAFgAQ&bundleId=&ias_xappb=

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.13.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f156.1e100.net

Software

cafe /

Resource Hash

c51ba7ca9c7d104eb46d62e7be6960becae56a4a3d7ee25d9de2ede502b7587d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25445
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: nginx
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-Afi-2NB4dQzoLQn06BhQRcz9Y8861yssZ24S9AqglX_qhEFD8OF4QWsoy0LVS7urqprYumM6nwHvfIHjEMyaKik1YuhtgVIHvRmSoLakppBmclKxHzuAUqLV-DcczWP6ZitdtO-a9TnXG37nhf_LF_Y-uVs1_2o8RZ58x24l5BPBtq5DQS2RYAoCZ_4MHdRExkkCmGXwRrBMcCy802Xtqh-kmzTBA6yNRtXX1ov0gu-C8kim9cEb3EiKfluSrvsnj8BYHaCXvPjirFl1aXSrEQXA3bPIdA-8_Bvow8VbLmPrNY7EWGcXKzZhl48dPnlqbs7fHCWjJ3tPNVu4bi5107n3EaG1r5Dm7kZSsT-q1vnFm_9GB7kgQyVBa37Y-f7Tip3AhCm36pLLPy1dkfCQuimeNASjji4citfYwmw0hLD6ZXe361e1sA8bwHNFzhYHSo3jOurPwxo2833QZpOiV3_4QHFs48b7XSU1_Pq5O6OAXsDWuwwoTuq2bZjkrpNuhH8_Hn51qfQR5quljykjIbs1q0XWvyAWbyPI-GhffoiwcYlFj8LCkFUzW5-Q8PIzcHIakQxtKhP8XkCEQ01Z0SebHEHJPvJQwrJuamBGwC6owkiru6YfSmuCJDOY1v06NrMFqbHS1bl6U6RK4nno9rbD8f3bUTXQr026nVaKmtBOm6kmVDWbHvKUxz1IjHqSO9smSjNrycKCtrkunZ0803bFmN2SnoSisB4XtEwcJ0fmEbkMlIJXnis0PKPs8hvfIGd2agu9BVSUlClwpK8Wb8_61k85dFYGHC5eTeu9cv5b0t-S2AmqyRoyckas30OikCJJaFevH0FViN-7N0J7Tzq59OXW1kPXp1APsde9HZSnFIwiMrKQib8Rt7UsVPSv429H3_oX9xtzTIpGnATlsCZhIIjHN_RowaJEvt-Tg4lEBmntVE79ER4H-oMKsIu0eUsdZABIKJR3LZEylfH6sR1gd52Rpn_B03qWLvghRjaTygwczrIQYn5AFN-IVuOxNKnhWGYEc32V2k6X95jZhf1yW4unfgkEWQhycaNhOmpfblULF7O065-I2c0CYOafEvx1PaaM87FtCZ7rR-moo9v2roObc5zyzm8Aeu3k7_iT_qE3qHqxnFBxgXbpL-JnyupFinnFt4m8K8MA1r79Fnc0Zu7aNUGbt6YTjbQtIOvBb1aYINgiv3MRInEhfC5F_ZS5hHvUkIS06CnItLoSQ7ZSGpDUcXoL7eJ9aJnAGiAJ82MNW_rOPBwC5Me7Hrv8iCJcpXKKWstN07PbXkBP7_5bNAT_k1mckvejbBh4zQ1xAUy0K8HmD6K1CFE-uWYOoOePuew_haopi9OY24sHtXrX_J7rq1pqPcJWtWSlB0zqP9RnTTUf-a5MQ2geRCE_QtYhGnlgM9Q2xIb_gkXPPIknSHG2jid6qc0YK2kNBUpUgJ70ubH2phWepERZ2U52G-Zhw3rptCGL-poc5Qd5uZzJpSualHGA4N1VAu3eroHRlBdJ8yl7o_xJAixVMV6JSL8XVRllm1h3qB_kIN2Oas1ffImgoYlpiaNqiMHwjvOLt3J2LPR5Sp8PttmviCaYnc3ICVYq0QhxYhoxcgp6CU8OGwAnu-DRNTwulHjwyoBsWka-kkoyyuPoR8xaA-ojPzzjXjvetrhXZt9SjZujFANLl8AgS6nHEtj-F7cutDRWUmceKA1xMGsBYVcqXA_KofemMGbQfzRwvVECoFwubOW-LGSCUOWa7JRItcwsEKsYgKXEfgEvx1m0tMMeX_co3YfRF1UoHZdGrL4Qy33H6qev-oi0PXA0xeDAzJDJkLFZjErATINcZmfENymADN-qkq3xNe-zAauxzN_1tnbDE0ZjQ8BfgnMBzV5XMCCrmgmnNnoIkG8pVqVsCqqs_3JeaM6cXrAe9dBm5-pul6dWCKCnt03mCAS6g41zpUb0s58OnwV6TyC1gl1QjtNTWeug5peLXCs4hDFPgzENgzf7HrWKmw43mu9wgukCcw1Z22IWVaOxSvZELHplgDbJlXYCgVOW49EnXKM6k_7ixgGxme93VM6JF2TRqgrZUbuzfzoX-h-AtrftOJVa1WtHNyL7dLXhraE3S6P_23K47Og_aDlUvHL6oPyAwQOzjCRI8sTTBogbPFpD4kph8fpwomxMN6zr4CjP80X3WY3FITXbT5goUsYSalY3pE1EWolwHJfF4poKSyGRIjziJJB-P8tx2dQDBnFGQqzHoZoZ351z8DfEh5Qku8v3slIPGyDqR84DLBcSM_7sYN67EryNlThw6-PgypfCSU7tnhjCBKqv9mXTVc4Kd6nNZBevrCvQ6ZC8o6OR3AOduLdvsT_misSmmO_NYJaWzAKBlh0S01JiXV1Zxx5YGbvq_R_wDo7YeR0TbZZncjNmwtR1MknGQM5jYm9i9BzJBpC3auHcM4zsEZwNWjJTwQdfkC4D_t38-8podim6WmjG-N_Cp3lb-vFQVHASZJ4TTMfIYeeln1YUrohFa1ON_4z5H1lfLlfPM3CsJu0I6JLLkhvuUydVS9hMisHrfEA594RZYV9rKgXRzjZ4DDYYoVsX244O-1fxXdFcMugpxvbPi7qmLaKkepXdUH__BIvrFMloZoRl5O_Q7bAetDcpH_DAk-CZrQ_fX-DObjRciKT7trPW30Rc72rU7TtvYCKf-6coNpxfzFT9lobpb3PyHdA_AxYu4WCDe-a3xTbrIeN4jCSKzjPX-eqR2bC5aJw2uBhCy6PQIoMu7Q1FBWaNA7TZJzpTYoWjzylpTAgQJqZT4j0XBCbgsS1pa1TbgZ1JBBDy2CEjDo8McwmjuCr4HJj_TlTlKckXr3941Yi9UEvsKMQf3hYSuYiGkTKiuN9fXefeRx-l7c2sPA0q5yRBXM5ZXZc5i199jvxh7JlYWyjZxEAkcRZZFRdUERLP5I0BwgBggRIKdmf5UNOWwNfHynaXKWavu2KKY4nUdIaLnTi2OhUQvkUwiVHqzIL7SYAqViYahXyM1o3CFxsh0YtCQT2we8047ASwle2FA3pvflb3rNAzeALxKGwsJKL0d_Eqk2fbKXJuhRJUvBikLU0wVi_iGmnZjbyWfDVVnwQXHHkRG-PeYIjO2F_4TaM7odf_EAkifgNLxZBaEqSKWt_Gx5Jm5Orw2mnvKCGqVS3ffO7B1hPN4NwiUNjyQTaz0MITYxjoal9dRWB8FT44fzM98s1mqj4NFwdWPqtwVef7j9Ia4E3fFo3fQoz-F3sfrmaEoJEO_FhdIFuqJ1K-p4tOVulWIB4Gum0O2RmyNqSjbPUk0Zz6v5WF7AAGTNZC2LKVtfnF6Wxh2kebTaa-6Y71KOkmAmkn4oQ8-2dYCEe3kc9EjBlHW4uj6AXJpqYYekLCBPlZXTUrcgkJjStjAGoIKbvapG5lvnSnJh1lODBImkPCSfFev9uav3g9UzJIWHD60-SK6Nkb7Y-FenIednBvyDVEsr4_BuGwscLtSt5GISOA4G_-M41b4003Gb0UHMetZQvOAZMnSLGKksalHA2NocACtifStL1BCE8vDgkvwC5Iw_5YSR1YjbzIWqU5QyPgYDVeDdADrRwefumSF3tZYM3gx0BxrOwr4Kzi38PfUVfvWiGsRhFKcFJfF-1ge91c7yVqlo6o3r1VYxRaCvc1KUXV0oyQeQMw_ZPDEBf0gyu1e-qewoWGHL8Tyv7IBXwOv89elzrgY9z3dst-kT9X9CSjLr-4IMmD5apJ9RY8SuA5IVx98uvGtmJ8KelpuJWm0z-SLWi4gvRqbOZF1wlhPSWsutOraJMsjy2Vp30Q6-IeXUZHMvQoekxQ85LL6qhdGvhhws_3_RyGTzUMXnk7LfThVS-s1TreUvXQpAUtMriNVsTvzAKjB6D3zlxSxoMYvTGh9XbvtS1-3rMbFDZ2nAbmoo3GLJ_C2wxRz9F0UphBgwu5JkCFq7j1QlX2wh1bwedQrzQK5_avE92RypLsxSdQ5wOjqP5B6RAKdna21O9pR_NRqurY033KUngI1_hnrPaUlYLkh6Py5UGlQIBBJOAMgJpo2EgWJWT6au1r6vUJCcN1yXKSIXp8zq0nlJVx4D8YEqvCzTihUE8bbf6xrFPd4QTlpVu6Bv_5TGXlSJhsVFEGwo_yOnTrZD5F-IGAFgAQ&bundleId=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 499B 91 KB
23 KB 14ms
13ms Script
application/javascript 2600:9000:223f:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3526961
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: aYjRBENjL-HlYn6qpPJyYXPaILFoaXkZ4jsGUIY8WrD3RrK6-ht-pA==

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame E74A
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634098/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=20343398390&bidurl=http://www.eokultv.com/&i...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_1lpBZaW_E5jpx_APjKOXyA0&cbFunctionName=goog_wrapCb_1lpBZaW_E5jpx_APjKOXyA0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

10ms
10ms

Script
application/javascript

2600:9000:223f:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_1lpBZaW_E5jpx_APjKOXyA0&cbFunctionName=goog_wrapCb_1lpBZaW_E5jpx_APjKOXyA0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:01:52 GMT
x-amz-version-id: vBWVP21J15tPY2s9w9TMkzU6H2VI4KIK
content-encoding: gzip
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 445800
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 26 Oct 2023 16:01:50 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: m-iD0z6oLxx1AiDZ53Fc8PCrzrn1Tl70sCLWeU9A6zyRPEKLgM3-tg==

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: nginx
x-server-name: app01.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_1lpBZaW_E5jpx_APjKOXyA0&cbFunctionName=goog_wrapCb_1lpBZaW_E5jpx_APjKOXyA0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 285C 91 KB
23 KB 8ms
7ms Script
application/javascript 2600:9000:223f:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3526961
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Y_r6v5WV0s9MiTZZeJOCjAMptS7xBeFCJcJ7vDKN_ljR0_g_04CrSQ==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0F59 1 KB
646 B 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Wed, 01 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F510 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f18a6e42383f01b8e0fbf858086637e59068e57ce9392810a8d5a20658d665b3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E5EF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGdF8OTEmSUtEkjM528e2qk&google_push=AXcoOmS_AgRmJLuMm0ThBMYQb10hLJ_fZRAeEHWcLvLXbQSbHVhFkV1niP...

170 B
188 B

107ms
107ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGdF8OTEmSUtEkjM528e2qk&google_push=AXcoOmS_AgRmJLuMm0ThBMYQb10hLJ_fZRAeEHWcLvLXbQSbHVhFkV1niPPqxjbGU_SzlI6CJXigD0dFibEk6hrudpFGzRRp2jc

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230080-FRA
pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1698781911.150773,VS0,VE96
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGdF8OTEmSUtEkjM528e2qk&google_push=AXcoOmS_AgRmJLuMm0ThBMYQb10hLJ_fZRAeEHWcLvLXbQSbHVhFkV1niPPqxjbGU_SzlI6CJXigD0dFibEk6hrudpFGzRRp2jc
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame E5EF 70 B
148 B 35ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESED4OtIJUR0So4QQ4HzVwAXM&google_cver=1&google_push=AXcoOmQVFZhJ04a0QlrIGuva0XbKwlL566kpwk5RqXyHedxvBUOuQ4FcTD-8p592WykXoVH4pCoHicdzJAV9M1VxMwEo15Mg6es
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:51 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E5EF
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPFRWm1KkvU_ao0ijZxu9Cg&google_cver=1&google_push=AXcoOmQ7SJ-RLFhiOwYETkTZ9Xfh7xYFnbGbAl9Zr6f3TShquoSc0QXC5Hj6YmamNAnMHH7WKmv1Ho--hQzePYMT...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1UdD1XGRSGAfz0uGjw7jCw&google_push=AXcoOmQ7SJ-RLFhiOwYETkTZ9Xfh7xYFnbGbAl9Zr6f3TShquoSc0QXC5Hj6YmamNAnMHH7WKmv1Ho--hQzePYMTV5XBSLu6DV1Q

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1UdD1XGRSGAfz0uGjw7jCw&google_push=AXcoOmQ7SJ-RLFhiOwYETkTZ9Xfh7xYFnbGbAl9Zr6f3TShquoSc0QXC5Hj6YmamNAnMHH7WKmv1Ho--hQzePYMTV5XBSLu6DV1Q

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 31 Oct 2023 19:51:51 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1UdD1XGRSGAfz0uGjw7jCw&google_push=AXcoOmQ7SJ-RLFhiOwYETkTZ9Xfh7xYFnbGbAl9Zr6f3TShquoSc0QXC5Hj6YmamNAnMHH7WKmv1Ho--hQzePYMTV5XBSLu6DV1Q
x-host: tde-deliveryengine-production-5597b7478c-5rqlq
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E5EF
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEJHiMX_ruHHHJ_l6QKe0qr8&google_cver=1&google_push=AXcoOmRn1J166wkxQqRWg1CcuBFP7do2VQbOWrCx7M3iyBrnbN5R61GxFCg4vGbZkLrrQon4MBXyqKO4wiInSFcL_oo2Fmo...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJHiMX_ruHHHJ_l6QKe0qr8&google_cver=1&google_push=AXcoOmRn1J166wkxQqRWg1CcuBFP7do2VQbOWrCx7M3iyBrnbN5R61GxFCg4vGbZkLrrQon4MBXyqKO4wiInSFcL_oo2F...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRn1J166wkxQqRWg1CcuBFP7do2VQbOWrCx7M3iyBrnbN5R61GxFCg4vGbZkLrrQon4MBXyqKO4wiInSFcL_oo2FmonlbM

170 B
188 B

110ms
110ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRn1J166wkxQqRWg1CcuBFP7do2VQbOWrCx7M3iyBrnbN5R61GxFCg4vGbZkLrrQon4MBXyqKO4wiInSFcL_oo2FmonlbM

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRn1J166wkxQqRWg1CcuBFP7do2VQbOWrCx7M3iyBrnbN5R61GxFCg4vGbZkLrrQon4MBXyqKO4wiInSFcL_oo2FmonlbM
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame E5EF 43 B
363 B 60ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRTzo_3PuM-Kbvs0oCgkmI0RB6XOWjzHxLyFDIH6-I-dQUnQPesKBNLL7KwIDJvSuX73tFAvisk7nH0Uh3rwzPLbFk2OlTY&google_gid=CAESEPy6mIQIFK7AGfdbvo5f6io&google_cver=1

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 240411
expires: Tue, 31 Oct 2023 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame E5EF 43 B
245 B 54ms
14ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPzw--pc6yGqAqGUSsoaU5s&google_cver=1&google_push=AXcoOmSJfUsPJS1L7leds1GNl49MgfHFsowW3kNkOLlWJIbY48c4a6mc4DY3Bmw0P3NAXcsJS-_-et2ztWTYYQDLpzcVF7O17mQA
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E5EF
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEB2Dlm3VbrUwulAOCK5oz4w&google_cver=1&google_push=AXcoOmTfH4e4fvpYU...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D&google_gid=CAESEB2Dlm3VbrUwulAOCK5oz4w&google_cver=1&google_push=AXcoOmTfH4e4fvpYU6wa1H5SKOtdm8RksZ...

170 B
188 B

105ms
104ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D&google_gid=CAESEB2Dlm3VbrUwulAOCK5oz4w&google_cver=1&google_push=AXcoOmTfH4e4fvpYU6wa1H5SKOtdm8RksZFHjTkvYrZ8uSBrp1_BK7lX-Equp9m46xon77ktM4aQxKSPMbt_dwF64PPu9oUCJqwa7Q

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
an-x-request-uuid: 94848f72-31e0-4b59-82da-e10d5151f36e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D&google_gid=CAESEB2Dlm3VbrUwulAOCK5oz4w&google_cver=1&google_push=AXcoOmTfH4e4fvpYU6wa1H5SKOtdm8RksZFHjTkvYrZ8uSBrp1_BK7lX-Equp9m46xon77ktM4aQxKSPMbt_dwF64PPu9oUCJqwa7Q
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E5EF 0
12 B 16ms
15ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KPypfLl1atWhvbL6vJV33yrt8rEigDtFI2KkYMDhP1jIbfEOnLOsx7sOGkr4zyAqyGT6_Ogg

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4B83 43 B
215 B 172ms
171ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=1204cfb3-e3e4-0821-b4d9-15e857b84420&tv=%7Bc:sEMpFb,pingTime:-3,time:202,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:39%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:202,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B196~0%5D,as:%5B196~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUinM4P+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C171%7C172%7C173%7C181%7C182%7C19*.1520146-76103085%7C191%7C1a1%7C1a2%7C1b%7C1c1%7C1c2,idMap:19*,rmeas:1,rend:0,renddet:IMG.us,siq:40%7D&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4B83 43 B
215 B 173ms
173ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=1204cfb3-e3e4-0821-b4d9-15e857b84420&tv=%7Bc:sEMpFd,pingTime:-6,time:204,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:204,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B198~0%5D,as:%5B198~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUinM4P+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C171%7C172%7C173%7C181%7C182%7C19*.1520146-76103085%7C191%7C1a1%7C1a2%7C1b%7C1c1%7C1c2,idMap:19*,rmeas:1,rend:0,renddet:IMG.us,siq:40%7D&tpiLookup=ao:www.eokultv.com&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E74A 43 B
215 B 174ms
173ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c97984bf-7c15-b59b-386e-948576e3fb58&tv=%7Bc:sEMpFM,pingTime:-3,time:162,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:162,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B155~0%5D,as:%5B155~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUinM4P+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C171%7C172%7C173%7C18*.990511-61634098%7C181%7C182%7C19.1520146-76103085%7C191%7C192%7C1a1%7C1a2%7C1b%7C1c1%7C1c2,idMap:18*,rmeas:1,rend:0,renddet:svg.us,siq:21%7D&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E74A 43 B
215 B 173ms
172ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c97984bf-7c15-b59b-386e-948576e3fb58&tv=%7Bc:sEMpFN,pingTime:-6,time:163,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:163,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B156~0%5D,as:%5B156~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUinM4P+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C171%7C172%7C173%7C18*.990511-61634098%7C181%7C182%7C19.1520146-76103085%7C191%7C192%7C1a1%7C1a2%7C1b%7C1c1%7C1c2,idMap:18*,rmeas:1,rend:0,renddet:svg.us,siq:21%7D&tpiLookup=ao:www.eokultv.com&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: nginx
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9EEC 38 KB
13 KB 7ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 365610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 14:18:21 GMT
expires: Sat, 26 Oct 2024 14:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10256918388168393334/ Frame 8D53 148 KB
23 KB 10ms
7ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c69976cd568b69a76e60900676f5e45c901c66b2cd4b0181e1ac468bc28c986c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 312776
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23597
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 04:58:55 GMT
expires: Sun, 27 Oct 2024 04:58:55 GMT
last-modified: Wed, 09 Feb 2022 10:34:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E74A 0
0 51ms
51ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsumJQi7ao0YX8cNkmBe3YHEiBxq9lyKe9KteRYByCy66FFqitXEWAZ7fsEFXkQdEzeSHwqYcPxgT7tZHY82Z04GTdhx9MfY1AZiWDBR_ySyBGY9ySO3omkqhshDAaeKDFtxsMiqLkXNCpIN9DsL3ARzgs8TJ9oKRZ-b8uXOtL4cJ1HiEpxfAKdRD_oWF6IXEOBRvWJUpBbvuhr_u-U7652AcshpdAyxMDQVBeIj0_AM1fAwJBBQSzWcu44E77mUF0qI_F80K5k-EGA8LrVBlrfcZCEV3Ui6cpt4vk-j29pOqVV3r_eYtSUxO6jMRS8Wlmnv4wfnya19kc6liy2Q2m0ffhW-w9rWMKuk_IDYsvb80l-EiILd-FdtMWiFYO_Ge3GhrrCp4r6Nb_Qc47gcnfeVWl8CARgyBXOduDS7TB6Q_p-HHmVh5K5Y9oWgO4ybhIziKriRIq3ABtZYHt61coLOKW2RI9K-P2kvaNyxzMmZOEFXxK_nwpg6OQSKicqoyfqGU-eeZbQ8khAH3pU9gw--dFIVv3b3TjYBbmyjwc4D3y9YtJJe9gMNiElkIbPiJSnRktJ4ksJk5eG8Icnwku_Ado4iWrrmi2eO-_VL_qX1KSbOtahORO7MPNptr5Lt2CeHqzFjuZdvpEw6FXAh7UFgHx5ZH9dsdReyqyeVoe9VJ-dmiTQhxgboPxVYEKOReaSX_fnSjtL5CVbY3acOML9ScsNeYSBltlQsxwIqsAwONvXME9oD1JyO46E2n1wUx6LoXMCQo5N2Np2GMGx_uRBrHN0rNz3ELZu9PFacUTL46uXRW6D3f3RcnZShrm9UHMOze94J8JSU8AvLjIg6dhvt9RNqzOKkUcAPm5-khGj1Ko2hbGWT_BGrDvA_86VJIKsDfOSbg_9SluROtQyhW9PGGiLeZIUpQAfvGoEF7sl8SHmXkruHEJVSGWsMUfeYcxFGxuiZDJt40NXVZLg4JDY_OFPNAdpCye_YlRkPillKA0B7wMSweLUVIoLNmRygdcNGbSd8sCdadXrk6a4v8gq87TI5CDaWHUaCtrj12MgM0sE0LgzQ3EBKmlF3_M3ghfV-Vr2oQB2kAk8mYDbUhEHSQ-l49GEbzh_Ew3KbZL51eCt-zE8LUb9S3-60HKF2Kj5acj7N5l5n5JEzn_9-z3rwwHmVjF1rCjjj1W267jtjVIcHe4-cNGhQSfd9VG3FP1J38X29BQseUHmrWvzTd5hwcV-zUAtJmjixJhgMXz3er0_895aO7iB7I2UxXSRtPJuv2lEiqzqitOvIb6XBEaLOtH6nbvZ0FPtNcX4YeaN3MXssus5TmMaZj3INi69C_ljDAxsbl85nXF3T9iSSVr6VTFBWBwiC7r8rv-YYtMgUC2OOgBCNiqYrLJFqzbE344HTCoAZAFIvfa-2hqMWtlWU1R2CrgAtpGf9_A&sai=AMfl-YSdmH3Nxe6ZVZNlqYSR6MfWskZYpnNcChuBUlr3sXcBUxGv2in9VUenCqs8pwRU5p_prdM34sNH9DYBoVz1BFsc2YcIVy2hgqHZfrNOkli31RR4DidLt8RtWKHuNoN7Vicn7EBi7BiBl_3U8Z3XS1WSiw8usFgqo1eYUcl6Fn61rMrGRNDL6A8gN6YnAgOA6w9ASY5eewBo-JMjla3DmGRadxKcSfaRGNjV72MFzPqW-JrjzQhbhfXmoX14fsE7bp-WT7gXOcQVJubFIThz6hDDA_iof3VoHLBpdAX-A_p52JVxUQrKJ7bhHTOggcg&sig=Cg0ArKJSzBpYzQT51ghsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=640&cbvp=1&cstd=637&cisv=r20231026.24963&arae=0&ftch=1&adurl=

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Oct 2023 19:51:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame E654 38 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 15:26:24 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F510 43 B
215 B 175ms
174ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=60b9e6e3-faa3-dc15-fec4-813062a01490&tv=%7Bc:sEMpGv,pingTime:-10,time:914,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTguMC41OTkzLjExNyBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1698781911215%7C%7C1730ec3f3fde8d3e8d645f22650f1140%7C%7C2a46ab34512a4512731c109fe969e5e3%7C%7C2a8542079a7c3ba2af04cfd3ad9deacf%7C%7Cfbcc56889b8ea1108b65c160c36e3b18%7C%7Cfc5a12ea1fcadb658166c3cc04be176c%7C%7C14b87a34d9c08724ac6cf1cb028ed9c3%7C%7C0c61645d568072f243adee01ab2d13ce%7C%7C1663701684,im:%7BpWait:149%7D%7D
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4B83 43 B
215 B 174ms
173ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=1204cfb3-e3e4-0821-b4d9-15e857b84420&tv=%7Bc:sEMpHe,pingTime:-2,time:329,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:855,beZ:856,mfA:858,cmA:859,inA:859,inZ:863,prA:863,prZ:887,si:895,poA:897,poZ:924,cmZ:924,mfZ:924,loA:1059,loZ:1062,ltA:1184,ltZ:1184%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:39%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:329,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B324~0%5D,as:%5B324~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C17.1520146-76103085%7C171%7C172%7C173%7C18.990511-61634098%7C181%7C182%7C19*.1520146-76103085%7C191%7C1a1%7C1a2%7C1b%7C1c1%7C1c2,idMap:19*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:40,sinceFw:287,readyFired:false%7D&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E74A 43 B
215 B 172ms
172ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c97984bf-7c15-b59b-386e-948576e3fb58&tv=%7Bc:sEMpHj,pingTime:-2,time:257,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1084,beZ:1085,mfA:1088,cmA:1090,inA:1090,inZ:1093,prA:1093,prZ:1100,si:1105,poA:1106,poZ:1127,cmZ:1127,mfZ:1128,loA:1247,loZ:1250,ltA:1340,ltZ:1340%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:257,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B250~0%5D,as:%5B250~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C17.1520146-76103085%7C171%7C172%7C173%7C18*.990511-61634098%7C181%7C182%7C19.1520146-76103085%7C191%7C192%7C1a1%7C1a2%7C1b%7C1c1%7C1c2,idMap:18*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,siq:21,sinceFw:234,readyFired:true%7D&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6346 38 KB
13 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 365610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 14:18:21 GMT
expires: Sat, 26 Oct 2024 14:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11526246211769912184/DE-DEU_XA-07_0_300x250_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/ Frame E4C3 261 KB
167 KB 9ms
8ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11526246211769912184/DE-DEU_XA-07_0_300x250_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4525aeb23c838abe1bba4b3c708f3994ec186a2945f7811d5bbeefb98caac6e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 103238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 170629
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 15:11:13 GMT
expires: Tue, 29 Oct 2024 15:11:13 GMT
last-modified: Fri, 09 Jun 2023 11:27:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F510 0
0 46ms
45ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsslugAr0qhri6ml0u47kxOW5lWboNW6kTV_Eg1FeMZ2nMGYwrT-u5iiQP7W6nWP4jDYePaA2B2a4DWT55-7b5Sg9UV7d5t2dsjrDKYXqM0wnozA8EwdRA2vOINxTYxnvgXpdbvv5t8z9L0_JKrDUiyfYv59R2et5xefIYqpF7CfVvcZBCV2DopyTvby8c3STWU35jCWTKipBMnE_y5LVnXH&sai=AMfl-YSffeYt2hGdFPD_0N0n3Sml4MIDDtcdMgWkx3HhblxzYNdU0lDvW7R_znmdeJH9xHsTCjRxg6VQuUm9vnXhSIdbSI6IXYj2zHl_x6ydOelM5EmjoyxpbaY_7jTclS4HD815K4G9Eh338SL8OxEx1xgO1GUamfhJnLw3Nt6c-Pxt1F1eRA&sig=Cg0ArKJSzJKTziRhDv8sEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=442&cbvp=1&cstd=438&cisv=r20231026.10883&arae=0&ftch=1&adurl=

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame BF16
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1549653/72555946/4.js?adContainerId=brand_safety_1lpBZfOSIY2q3gP-vaH4Bg&cbFunctionName=goog_wrapCb_1lpBZfOSIY2q3gP-vaH4Bg&true_pb=&adsafe_pb=https%3A%2F%2Fstat...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_1lpBZfOSIY2q3gP-vaH4Bg&cbFunctionName=goog_wrapCb_1lpBZfOSIY2q3gP-vaH4Bg&true_pb=

1 KB
1 KB

10ms
10ms

Script
application/javascript

2600:9000:223f:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_1lpBZfOSIY2q3gP-vaH4Bg&cbFunctionName=goog_wrapCb_1lpBZfOSIY2q3gP-vaH4Bg&true_pb=
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:01:52 GMT
x-amz-version-id: vBWVP21J15tPY2s9w9TMkzU6H2VI4KIK
content-encoding: gzip
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 445800
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 26 Oct 2023 16:01:50 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 1kwmn91BnctlXHc2wPejWzMlN9DAaon8hfqTBXDFdB4WRzzcsWOzUQ==

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_1lpBZfOSIY2q3gP-vaH4Bg&cbFunctionName=goog_wrapCb_1lpBZfOSIY2q3gP-vaH4Bg&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame F229 91 KB
23 KB 11ms
10ms Script
application/javascript 2600:9000:223f:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3526961
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: dj-v8Qm2XD7q0Z0pnl8Wz5GTkqt7t4XSvskSWnMGVZ9TU5sNModpIg==

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 8D53 29 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 10:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32832
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Nov 2023 10:44:39 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 3527 0
173 B 57ms
14ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELxb6TRFZMJrfXPJ2ujOB8Y&google_cver=1&google_push=AXcoOmTqmBzj3d7wvPv5MNYNkWsdjSew73LptZx8RYcDBQdWtQOCsZnNeauZ00cpjKV_fF5IUYzs4Rmk09IPP9n3gqwVjlSd1iaZHw
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3527
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMi-FMCdDy5HQRj8HsjlrFk&google_cver=1&google_push=AXcoOmRT4YqCTTr91lcZFYsdBCkYYfu9m9eaZSw-CWc7NPQ23l19XP_0z6NeJsHtOYsCrdapwkJvMNAuBvPMQiCl...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1UdD1XGRSGAfz0uGjw7jCw&google_push=AXcoOmRT4YqCTTr91lcZFYsdBCkYYfu9m9eaZSw-CWc7NPQ23l19XP_0z6NeJsHtOYsCrdapwkJvMNAuBvPMQiCl6dcA-oYRDNKn9A

170 B
188 B

21ms
20ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1UdD1XGRSGAfz0uGjw7jCw&google_push=AXcoOmRT4YqCTTr91lcZFYsdBCkYYfu9m9eaZSw-CWc7NPQ23l19XP_0z6NeJsHtOYsCrdapwkJvMNAuBvPMQiCl6dcA-oYRDNKn9A

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 31 Oct 2023 19:51:51 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1UdD1XGRSGAfz0uGjw7jCw&google_push=AXcoOmRT4YqCTTr91lcZFYsdBCkYYfu9m9eaZSw-CWc7NPQ23l19XP_0z6NeJsHtOYsCrdapwkJvMNAuBvPMQiCl6dcA-oYRDNKn9A
x-host: tde-deliveryengine-production-5597b7478c-5rqlq
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3527
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFxha2nGWkBLHLAkB6xPFs0&google_cver=1&google_push=AXcoOmTw-ii21oPJPNXJSDO3u13RJpIdWu3vFUhgu5hcOt4VdEiGRqzBFUrBS2lu4phjGk2G9q2LaWceDlU1LbS__6Va3OM...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTw-ii21oPJPNXJSDO3u13RJpIdWu3vFUhgu5hcOt4VdEiGRqzBFUrBS2lu4phjGk2G9q2LaWceDlU1LbS__6Va3OMF8wYh&google_hm=eS1UeUdZSHQ5RTJwRjc5MG...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTw-ii21oPJPNXJSDO3u13RJpIdWu3vFUhgu5hcOt4VdEiGRqzBFUrBS2lu4phjGk2G9q2LaWceDlU1LbS__6Va3OMF8wYh&google_hm=eS1UeUdZSHQ5RTJwRjc5MGc4dmVCVVBZcFZXOGE3M1Q2an5B

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 31 Oct 2023 19:51:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTw-ii21oPJPNXJSDO3u13RJpIdWu3vFUhgu5hcOt4VdEiGRqzBFUrBS2lu4phjGk2G9q2LaWceDlU1LbS__6Va3OMF8wYh&google_hm=eS1UeUdZSHQ5RTJwRjc5MGc4dmVCVVBZcFZXOGE3M1Q2an5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3527
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHQVm97VJkkJzaKqZd3eBT8&google_cver=1&google_push=AXcoOmTkfK-BNRdpdtOCsJXhZPU_yPbx4Gqotp8jrwsdOwSx6v_iN6GjI3w8iefxxF3Ay8VSCI4...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9FUVZaWDAtMjYtRllORA==&google_push=AXcoOmTkfK-BNRdpdtOCsJXhZPU_yPbx4Gqotp8jrwsdOwSx6v_iN6GjI3w8iefxxF3Ay8VSCI4KgdFt4ukFYfy4ZMlzqyo967t2Gw

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9FUVZaWDAtMjYtRllORA==&google_push=AXcoOmTkfK-BNRdpdtOCsJXhZPU_yPbx4Gqotp8jrwsdOwSx6v_iN6GjI3w8iefxxF3Ay8VSCI4KgdFt4ukFYfy4ZMlzqyo967t2Gw

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9FUVZaWDAtMjYtRllORA==&google_push=AXcoOmTkfK-BNRdpdtOCsJXhZPU_yPbx4Gqotp8jrwsdOwSx6v_iN6GjI3w8iefxxF3Ay8VSCI4KgdFt4ukFYfy4ZMlzqyo967t2Gw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H2 200 ebda
match.360yield.com/match/ Frame 3527 43 B
199 B 126ms
34ms Image
image/gif 52.212.188.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESECmZFEEPRO7ZFuBDEtDlyzc&google_cver=1&google_push=AXcoOmQu9gaU_mng-gQdlTY_zb8SIetM6ELYYDLbsxSl5_cmQgUwlGWugvw6xxU8oy4HJ76noAG95G815LadJrsJRkUwrjxsV1VkdA
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.188.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-188-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 19:51:51 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3527
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEHZQ8j4aeIUhWmixBQDJirQ&google_cver=1&google_push=AXcoOmTWyDe0vQO5NqTcYCXT1iA55wZr1utEn2RIaEHhyrkSkIuMTl2X6or-X8l8psGHZE47u5EP-iVMauM2Dbw--kFxmyfRL...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQxNzgzNTExNTQyODUwMDAwMFYxMA%3d%3d&mn_hm=MzQxNzgzNTExNTQyODUwMDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTWyDe0vQO5NqTcYCXT1iA55wZ...

170 B
188 B

309ms
309ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQxNzgzNTExNTQyODUwMDAwMFYxMA%3d%3d&mn_hm=MzQxNzgzNTExNTQyODUwMDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTWyDe0vQO5NqTcYCXT1iA55wZr1utEn2RIaEHhyrkSkIuMTl2X6or-X8l8psGHZE47u5EP-iVMauM2Dbw--kFxmyfRLrKteQ&gdpr=&gdpr_consent=

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 19:51:52 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQxNzgzNTExNTQyODUwMDAwMFYxMA%3d%3d&mn_hm=MzQxNzgzNTExNTQyODUwMDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTWyDe0vQO5NqTcYCXT1iA55wZr1utEn2RIaEHhyrkSkIuMTl2X6or-X8l8psGHZE47u5EP-iVMauM2Dbw--kFxmyfRLrKteQ&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Tue, 31 Oct 2023 19:51:52 GMT

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 3527 43 B
145 B 9ms
7ms Image
image/gif 18.196.85.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENToq_uNHVgiAFz9ZbJ4tbk&google_cver=1&google_push=AXcoOmR65rJmIIUkVnyiJhTDZiQLDDBoRxUqPY-i-RIyrywJl91kq0Y8nwrJ-W2N-tkveX7i_K3JKX8j3OkBmDQNvlM8G7Q_ztb9SO8
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.85.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-85-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3527 0
12 B 16ms
15ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Im6Y6K7_uPYpoxV8irFPcr6TugJFerB1nZMB-dxJgQZSRXQFb2SFmQNoRzKXn4DGid0eTUEg

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 0F59 70 B
148 B 37ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEM_D1MKaI79Gtdx79-ayPCs&google_cver=1&google_push=AXcoOmS3L9OODhX6c5ZZuP3FVTes2uK0SOGdLC3q1RbqVu-K5hb1bWCevz3tiaNLtsPyccMfIeJeHU-sMHmmAicK5xgYuI5tU6Dl
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:51 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 0F59 43 B
362 B 17ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTcljWj91b9-zxQ2eTHlJKQ1VvjZKSlQrSgNeb0EtWP39wWzqPMu80hkFcLfVfF9ybdfMjYkHNEd_eJM6yls07LZ8c1cJLO&google_gid=CAESEAFc_AjAJo1BqFbpVk491Iw&google_cver=1

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:50 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 286219
expires: Tue, 31 Oct 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0F59
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO_XXvSWcz3M_kSQsPqsBkc&google_cver=1&google_push=AXcoOmTSVbDRqA3WWCA9oYq9Zs8LGZT6IiJ0v069cNHClOtNElkl6XsDaT0gqGsUFpX5frJGOXp0H1EkqOMd...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTSVbDRqA3WWCA9oYq9Zs8LGZT6IiJ0v069cNHClOtNElkl6XsDaT0gqGsUFpX5frJGOXp0H1EkqOMdzsuerKSj5KrxnbYO

170 B
188 B

58ms
58ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTSVbDRqA3WWCA9oYq9Zs8LGZT6IiJ0v069cNHClOtNElkl6XsDaT0gqGsUFpX5frJGOXp0H1EkqOMdzsuerKSj5KrxnbYO

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTSVbDRqA3WWCA9oYq9Zs8LGZT6IiJ0v069cNHClOtNElkl6XsDaT0gqGsUFpX5frJGOXp0H1EkqOMdzsuerKSj5KrxnbYO
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0F59
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRxe_o7ggJSqau0_5xry1i27yugBBus1Ux64-33cr5ebtr2UD6-Bl_wkq0gTBOwb0qVkJu2CZ3iufFObXVPkJ0Ef88qqmc3oA&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-764ba516-3b47-480d-85d7-fcba14a96992-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRxe_o7ggJSqau0_5xry...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRxe_o7ggJSqau0_5xry1i27yugBBus1Ux64-33cr5ebtr2UD6-Bl_wkq0gTBOwb0qVkJu2CZ3iufFObXVPkJ0Ef88qqmc3oA&google_hm=A3ZLpRY7R0gNhdf8uhSpaZI

170 B
188 B

49ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRxe_o7ggJSqau0_5xry1i27yugBBus1Ux64-33cr5ebtr2UD6-Bl_wkq0gTBOwb0qVkJu2CZ3iufFObXVPkJ0Ef88qqmc3oA&google_hm=A3ZLpRY7R0gNhdf8uhSpaZI

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRxe_o7ggJSqau0_5xry1i27yugBBus1Ux64-33cr5ebtr2UD6-Bl_wkq0gTBOwb0qVkJu2CZ3iufFObXVPkJ0Ef88qqmc3oA&google_hm=A3ZLpRY7R0gNhdf8uhSpaZI
date: Tue, 31 Oct 2023 19:51:51 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX764ba5163b47480d85d7fcba14a96992003
content-type: text/html

GET
H/1.1 200
OK pub
cs.chocolateplatform.com/ Frame 0F59 0
134 B 304ms
91ms Image
text/plain 159.203.145.121
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEMUG2pGBi38xfKrHtPvRRwk&google_cver=1&google_push=AXcoOmRz6-4-nzSs-yG4ggggpD--Yy9PRyAJiTdvIveh4BxVkm6HgGedp3xONVpXVq8QUPUg8P_zzRj94Z4x1RlZw4ElGhCU5GwQtQ
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: CookieSync Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 19:51:51 GMT
server: CookieSync Server
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 0F59
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEO_XXvSWcz3M_kSQsPqsBkc&google_cver=1&google_push=AXcoOmQbK6YfJenZIFAM-D_a1LVJpkuI8HYGWoDp-OiHZHShYw51EB4PRcS6-LC9iHb9IS4qvB7RtrhE9Ig...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQbK6YfJenZIFAM-D_a1LVJpkuI8HYGWoDp-OiHZHShYw51EB4PRcS6-LC9iHb9IS4qvB7RtrhE9IgvzSk_i_fW-j3VWEamdQ
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

8ms
7ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0F59
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEPGS2KtK70uAHkOntK1-6Cc&google_cver=1&google_push=AXcoOmRo_mj_Ljzfs...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D&google_gid=CAESEPGS2KtK70uAHkOntK1-6Cc&google_cver=1&google_push=AXcoOmRo_mj_LjzfsICpeERjBp0Q5HFg3F...

170 B
188 B

22ms
22ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D&google_gid=CAESEPGS2KtK70uAHkOntK1-6Cc&google_cver=1&google_push=AXcoOmRo_mj_LjzfsICpeERjBp0Q5HFg3F7GmZJGNkOGH1ui6IrqmK4n7SZB3Kk1pvr6rsSFvMQ7ZSqNTlMtKVr7tCUQ4T6IfgaEZEM

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
an-x-request-uuid: bd9bd6e6-41c1-4650-afeb-39cab25b3dbd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzAwODEyMjc3NjU4MzU1NzMxOA%3D%3D&google_gid=CAESEPGS2KtK70uAHkOntK1-6Cc&google_cver=1&google_push=AXcoOmRo_mj_LjzfsICpeERjBp0Q5HFg3F7GmZJGNkOGH1ui6IrqmK4n7SZB3Kk1pvr6rsSFvMQ7ZSqNTlMtKVr7tCUQ4T6IfgaEZEM
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0F59 0
12 B 17ms
14ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KJLTxTXDC8dF-Q8YpG1oCQk9ufv9yFEYNHRsWFj_0DBIWRpuOZN_VOOx7LlzXUw-ySiCltzew

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Cisco_ko.svg.js Show response
s0.2mdn.net/sadbundle/11526246211769912184/DE-DEU_XA-07_0_300x250_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/ Frame E4C3 3 KB
1 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11526246211769912184/DE-DEU_XA-07_0_300x250_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/Cisco_ko.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11526246211769912184/DE-DEU_XA-07_0_300x250_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

617d204630af6b19d0fb864374108dcd2323183f81b5b25343477a60a9f29473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11526246211769912184/DE-DEU_XA-07_0_300x250_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103238
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1008
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 11:27:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 15:11:13 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF16 43 B
215 B 175ms
172ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=a39e18a9-5080-8a1c-4a18-e46e7486b4da&tv=%7Bc:sEMpK6,pingTime:-3,time:146,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:42%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:146,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B138~0%5D,as:%5B138~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUinMaE+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C171%7C172%7C173%7C174%7C175%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C1a*.1549653-72555946%7C1a1%7C1a2%7C1b%7C1c1%7C1c2,idMap:1a*,rmeas:1,rend:0,renddet:svg.us,siq:43%7D&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF16 43 B
215 B 172ms
172ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=a39e18a9-5080-8a1c-4a18-e46e7486b4da&tv=%7Bc:sEMpK9,pingTime:-6,time:149,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:149,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B140~0%5D,as:%5B140~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUinMaE+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C171%7C172%7C173%7C174%7C175%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C1a*.1549653-72555946%7C1a1%7C1a2%7C1b%7C1c1%7C1c2,idMap:1a*,rmeas:1,rend:0,renddet:svg.us,siq:43%7D&tpiLookup=ao:www.eokultv.com&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4B83 111 KB
39 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Origin: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 02:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62969
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Nov 2023 02:22:22 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame 4B83 11 KB
4 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-Afi-2NB4dQzoLQn06BhQRcz9Y8861yssZ24S9AqglX_qhEFD8OF4QWsoy0LVS7urqprYumM6nwHvfIHjEMyaKik1YuhtgVIHvRmSoLakppBmclKxHzuAUqLV-DcczWP6ZitdtO-a9TnXG37nhf_LF_Y-uVs1_2o8RZ58x24l5BPBtq5DQS2RYAoCZ_4MHdRExkkCmGXwRrBMcCy802Xtqh-kmzTBA6yNRtXX1ov0gu-C8kim9cEb3EiKfluSrvsnj8BYHaCXvPjirFl1aXSrEQXA3bPIdA-8_Bvow8VbLmPrNY7EWGcXKzZhl48dPnlqbs7fHCWjJ3tPNVu4bi5107n3EaG1r5Dm7kZSsT-q1vnFm_9GB7kgQyVBa37Y-f7Tip3AhCm36pLLPy1dkfCQuimeNASjji4citfYwmw0hLD6ZXe361e1sA8bwHNFzhYHSo3jOurPwxo2833QZpOiV3_4QHFs48b7XSU1_Pq5O6OAXsDWuwwoTuq2bZjkrpNuhH8_Hn51qfQR5quljykjIbs1q0XWvyAWbyPI-GhffoiwcYlFj8LCkFUzW5-Q8PIzcHIakQxtKhP8XkCEQ01Z0SebHEHJPvJQwrJuamBGwC6owkiru6YfSmuCJDOY1v06NrMFqbHS1bl6U6RK4nno9rbD8f3bUTXQr026nVaKmtBOm6kmVDWbHvKUxz1IjHqSO9smSjNrycKCtrkunZ0803bFmN2SnoSisB4XtEwcJ0fmEbkMlIJXnis0PKPs8hvfIGd2agu9BVSUlClwpK8Wb8_61k85dFYGHC5eTeu9cv5b0t-S2AmqyRoyckas30OikCJJaFevH0FViN-7N0J7Tzq59OXW1kPXp1APsde9HZSnFIwiMrKQib8Rt7UsVPSv429H3_oX9xtzTIpGnATlsCZhIIjHN_RowaJEvt-Tg4lEBmntVE79ER4H-oMKsIu0eUsdZABIKJR3LZEylfH6sR1gd52Rpn_B03qWLvghRjaTygwczrIQYn5AFN-IVuOxNKnhWGYEc32V2k6X95jZhf1yW4unfgkEWQhycaNhOmpfblULF7O065-I2c0CYOafEvx1PaaM87FtCZ7rR-moo9v2roObc5zyzm8Aeu3k7_iT_qE3qHqxnFBxgXbpL-JnyupFinnFt4m8K8MA1r79Fnc0Zu7aNUGbt6YTjbQtIOvBb1aYINgiv3MRInEhfC5F_ZS5hHvUkIS06CnItLoSQ7ZSGpDUcXoL7eJ9aJnAGiAJ82MNW_rOPBwC5Me7Hrv8iCJcpXKKWstN07PbXkBP7_5bNAT_k1mckvejbBh4zQ1xAUy0K8HmD6K1CFE-uWYOoOePuew_haopi9OY24sHtXrX_J7rq1pqPcJWtWSlB0zqP9RnTTUf-a5MQ2geRCE_QtYhGnlgM9Q2xIb_gkXPPIknSHG2jid6qc0YK2kNBUpUgJ70ubH2phWepERZ2U52G-Zhw3rptCGL-poc5Qd5uZzJpSualHGA4N1VAu3eroHRlBdJ8yl7o_xJAixVMV6JSL8XVRllm1h3qB_kIN2Oas1ffImgoYlpiaNqiMHwjvOLt3J2LPR5Sp8PttmviCaYnc3ICVYq0QhxYhoxcgp6CU8OGwAnu-DRNTwulHjwyoBsWka-kkoyyuPoR8xaA-ojPzzjXjvetrhXZt9SjZujFANLl8AgS6nHEtj-F7cutDRWUmceKA1xMGsBYVcqXA_KofemMGbQfzRwvVECoFwubOW-LGSCUOWa7JRItcwsEKsYgKXEfgEvx1m0tMMeX_co3YfRF1UoHZdGrL4Qy33H6qev-oi0PXA0xeDAzJDJkLFZjErATINcZmfENymADN-qkq3xNe-zAauxzN_1tnbDE0ZjQ8BfgnMBzV5XMCCrmgmnNnoIkG8pVqVsCqqs_3JeaM6cXrAe9dBm5-pul6dWCKCnt03mCAS6g41zpUb0s58OnwV6TyC1gl1QjtNTWeug5peLXCs4hDFPgzENgzf7HrWKmw43mu9wgukCcw1Z22IWVaOxSvZELHplgDbJlXYCgVOW49EnXKM6k_7ixgGxme93VM6JF2TRqgrZUbuzfzoX-h-AtrftOJVa1WtHNyL7dLXhraE3S6P_23K47Og_aDlUvHL6oPyAwQOzjCRI8sTTBogbPFpD4kph8fpwomxMN6zr4CjP80X3WY3FITXbT5goUsYSalY3pE1EWolwHJfF4poKSyGRIjziJJB-P8tx2dQDBnFGQqzHoZoZ351z8DfEh5Qku8v3slIPGyDqR84DLBcSM_7sYN67EryNlThw6-PgypfCSU7tnhjCBKqv9mXTVc4Kd6nNZBevrCvQ6ZC8o6OR3AOduLdvsT_misSmmO_NYJaWzAKBlh0S01JiXV1Zxx5YGbvq_R_wDo7YeR0TbZZncjNmwtR1MknGQM5jYm9i9BzJBpC3auHcM4zsEZwNWjJTwQdfkC4D_t38-8podim6WmjG-N_Cp3lb-vFQVHASZJ4TTMfIYeeln1YUrohFa1ON_4z5H1lfLlfPM3CsJu0I6JLLkhvuUydVS9hMisHrfEA594RZYV9rKgXRzjZ4DDYYoVsX244O-1fxXdFcMugpxvbPi7qmLaKkepXdUH__BIvrFMloZoRl5O_Q7bAetDcpH_DAk-CZrQ_fX-DObjRciKT7trPW30Rc72rU7TtvYCKf-6coNpxfzFT9lobpb3PyHdA_AxYu4WCDe-a3xTbrIeN4jCSKzjPX-eqR2bC5aJw2uBhCy6PQIoMu7Q1FBWaNA7TZJzpTYoWjzylpTAgQJqZT4j0XBCbgsS1pa1TbgZ1JBBDy2CEjDo8McwmjuCr4HJj_TlTlKckXr3941Yi9UEvsKMQf3hYSuYiGkTKiuN9fXefeRx-l7c2sPA0q5yRBXM5ZXZc5i199jvxh7JlYWyjZxEAkcRZZFRdUERLP5I0BwgBggRIKdmf5UNOWwNfHynaXKWavu2KKY4nUdIaLnTi2OhUQvkUwiVHqzIL7SYAqViYahXyM1o3CFxsh0YtCQT2we8047ASwle2FA3pvflb3rNAzeALxKGwsJKL0d_Eqk2fbKXJuhRJUvBikLU0wVi_iGmnZjbyWfDVVnwQXHHkRG-PeYIjO2F_4TaM7odf_EAkifgNLxZBaEqSKWt_Gx5Jm5Orw2mnvKCGqVS3ffO7B1hPN4NwiUNjyQTaz0MITYxjoal9dRWB8FT44fzM98s1mqj4NFwdWPqtwVef7j9Ia4E3fFo3fQoz-F3sfrmaEoJEO_FhdIFuqJ1K-p4tOVulWIB4Gum0O2RmyNqSjbPUk0Zz6v5WF7AAGTNZC2LKVtfnF6Wxh2kebTaa-6Y71KOkmAmkn4oQ8-2dYCEe3kc9EjBlHW4uj6AXJpqYYekLCBPlZXTUrcgkJjStjAGoIKbvapG5lvnSnJh1lODBImkPCSfFev9uav3g9UzJIWHD60-SK6Nkb7Y-FenIednBvyDVEsr4_BuGwscLtSt5GISOA4G_-M41b4003Gb0UHMetZQvOAZMnSLGKksalHA2NocACtifStL1BCE8vDgkvwC5Iw_5YSR1YjbzIWqU5QyPgYDVeDdADrRwefumSF3tZYM3gx0BxrOwr4Kzi38PfUVfvWiGsRhFKcFJfF-1ge91c7yVqlo6o3r1VYxRaCvc1KUXV0oyQeQMw_ZPDEBf0gyu1e-qewoWGHL8Tyv7IBXwOv89elzrgY9z3dst-kT9X9CSjLr-4IMmD5apJ9RY8SuA5IVx98uvGtmJ8KelpuJWm0z-SLWi4gvRqbOZF1wlhPSWsutOraJMsjy2Vp30Q6-IeXUZHMvQoekxQ85LL6qhdGvhhws_3_RyGTzUMXnk7LfThVS-s1TreUvXQpAUtMriNVsTvzAKjB6D3zlxSxoMYvTGh9XbvtS1-3rMbFDZ2nAbmoo3GLJ_C2wxRz9F0UphBgwu5JkCFq7j1QlX2wh1bwedQrzQK5_avE92RypLsxSdQ5wOjqP5B6RAKdna21O9pR_NRqurY033KUngI1_hnrPaUlYLkh6Py5UGlQIBBJOAMgJpo2EgWJWT6au1r6vUJCcN1yXKSIXp8zq0nlJVx4D8YEqvCzTihUE8bbf6xrFPd4QTlpVu6Bv_5TGXlSJhsVFEGwo_yOnTrZD5F-IGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=20409787662&bidurl=http://www.eokultv.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jtiqvQdlQbdhcAvQFx7R-U&adsafe_url=http%3A%2F%2Fwww.eokultv.com&adsafe_type=y&adsafe_url=http%3A%2F%2Fwww.eokultv.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:1204cfb3-e3e4-0821-b4d9-15e857b84420,c:sEMpCy,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-554d68d5bf-sr9v9,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tUinM4P+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C171%7C172%7C173%7C181%7C182%7C19*.1520146-76103085%7C191%7C1a1%7C1a2%7C1b%7C1c1%7C1c2,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:40,oid:ee9d7190-7826-11ee-8f98-226de2a7262d,v:19.8.458,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:21:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame 4B83 30 KB
11 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-Afi-2NB4dQzoLQn06BhQRcz9Y8861yssZ24S9AqglX_qhEFD8OF4QWsoy0LVS7urqprYumM6nwHvfIHjEMyaKik1YuhtgVIHvRmSoLakppBmclKxHzuAUqLV-DcczWP6ZitdtO-a9TnXG37nhf_LF_Y-uVs1_2o8RZ58x24l5BPBtq5DQS2RYAoCZ_4MHdRExkkCmGXwRrBMcCy802Xtqh-kmzTBA6yNRtXX1ov0gu-C8kim9cEb3EiKfluSrvsnj8BYHaCXvPjirFl1aXSrEQXA3bPIdA-8_Bvow8VbLmPrNY7EWGcXKzZhl48dPnlqbs7fHCWjJ3tPNVu4bi5107n3EaG1r5Dm7kZSsT-q1vnFm_9GB7kgQyVBa37Y-f7Tip3AhCm36pLLPy1dkfCQuimeNASjji4citfYwmw0hLD6ZXe361e1sA8bwHNFzhYHSo3jOurPwxo2833QZpOiV3_4QHFs48b7XSU1_Pq5O6OAXsDWuwwoTuq2bZjkrpNuhH8_Hn51qfQR5quljykjIbs1q0XWvyAWbyPI-GhffoiwcYlFj8LCkFUzW5-Q8PIzcHIakQxtKhP8XkCEQ01Z0SebHEHJPvJQwrJuamBGwC6owkiru6YfSmuCJDOY1v06NrMFqbHS1bl6U6RK4nno9rbD8f3bUTXQr026nVaKmtBOm6kmVDWbHvKUxz1IjHqSO9smSjNrycKCtrkunZ0803bFmN2SnoSisB4XtEwcJ0fmEbkMlIJXnis0PKPs8hvfIGd2agu9BVSUlClwpK8Wb8_61k85dFYGHC5eTeu9cv5b0t-S2AmqyRoyckas30OikCJJaFevH0FViN-7N0J7Tzq59OXW1kPXp1APsde9HZSnFIwiMrKQib8Rt7UsVPSv429H3_oX9xtzTIpGnATlsCZhIIjHN_RowaJEvt-Tg4lEBmntVE79ER4H-oMKsIu0eUsdZABIKJR3LZEylfH6sR1gd52Rpn_B03qWLvghRjaTygwczrIQYn5AFN-IVuOxNKnhWGYEc32V2k6X95jZhf1yW4unfgkEWQhycaNhOmpfblULF7O065-I2c0CYOafEvx1PaaM87FtCZ7rR-moo9v2roObc5zyzm8Aeu3k7_iT_qE3qHqxnFBxgXbpL-JnyupFinnFt4m8K8MA1r79Fnc0Zu7aNUGbt6YTjbQtIOvBb1aYINgiv3MRInEhfC5F_ZS5hHvUkIS06CnItLoSQ7ZSGpDUcXoL7eJ9aJnAGiAJ82MNW_rOPBwC5Me7Hrv8iCJcpXKKWstN07PbXkBP7_5bNAT_k1mckvejbBh4zQ1xAUy0K8HmD6K1CFE-uWYOoOePuew_haopi9OY24sHtXrX_J7rq1pqPcJWtWSlB0zqP9RnTTUf-a5MQ2geRCE_QtYhGnlgM9Q2xIb_gkXPPIknSHG2jid6qc0YK2kNBUpUgJ70ubH2phWepERZ2U52G-Zhw3rptCGL-poc5Qd5uZzJpSualHGA4N1VAu3eroHRlBdJ8yl7o_xJAixVMV6JSL8XVRllm1h3qB_kIN2Oas1ffImgoYlpiaNqiMHwjvOLt3J2LPR5Sp8PttmviCaYnc3ICVYq0QhxYhoxcgp6CU8OGwAnu-DRNTwulHjwyoBsWka-kkoyyuPoR8xaA-ojPzzjXjvetrhXZt9SjZujFANLl8AgS6nHEtj-F7cutDRWUmceKA1xMGsBYVcqXA_KofemMGbQfzRwvVECoFwubOW-LGSCUOWa7JRItcwsEKsYgKXEfgEvx1m0tMMeX_co3YfRF1UoHZdGrL4Qy33H6qev-oi0PXA0xeDAzJDJkLFZjErATINcZmfENymADN-qkq3xNe-zAauxzN_1tnbDE0ZjQ8BfgnMBzV5XMCCrmgmnNnoIkG8pVqVsCqqs_3JeaM6cXrAe9dBm5-pul6dWCKCnt03mCAS6g41zpUb0s58OnwV6TyC1gl1QjtNTWeug5peLXCs4hDFPgzENgzf7HrWKmw43mu9wgukCcw1Z22IWVaOxSvZELHplgDbJlXYCgVOW49EnXKM6k_7ixgGxme93VM6JF2TRqgrZUbuzfzoX-h-AtrftOJVa1WtHNyL7dLXhraE3S6P_23K47Og_aDlUvHL6oPyAwQOzjCRI8sTTBogbPFpD4kph8fpwomxMN6zr4CjP80X3WY3FITXbT5goUsYSalY3pE1EWolwHJfF4poKSyGRIjziJJB-P8tx2dQDBnFGQqzHoZoZ351z8DfEh5Qku8v3slIPGyDqR84DLBcSM_7sYN67EryNlThw6-PgypfCSU7tnhjCBKqv9mXTVc4Kd6nNZBevrCvQ6ZC8o6OR3AOduLdvsT_misSmmO_NYJaWzAKBlh0S01JiXV1Zxx5YGbvq_R_wDo7YeR0TbZZncjNmwtR1MknGQM5jYm9i9BzJBpC3auHcM4zsEZwNWjJTwQdfkC4D_t38-8podim6WmjG-N_Cp3lb-vFQVHASZJ4TTMfIYeeln1YUrohFa1ON_4z5H1lfLlfPM3CsJu0I6JLLkhvuUydVS9hMisHrfEA594RZYV9rKgXRzjZ4DDYYoVsX244O-1fxXdFcMugpxvbPi7qmLaKkepXdUH__BIvrFMloZoRl5O_Q7bAetDcpH_DAk-CZrQ_fX-DObjRciKT7trPW30Rc72rU7TtvYCKf-6coNpxfzFT9lobpb3PyHdA_AxYu4WCDe-a3xTbrIeN4jCSKzjPX-eqR2bC5aJw2uBhCy6PQIoMu7Q1FBWaNA7TZJzpTYoWjzylpTAgQJqZT4j0XBCbgsS1pa1TbgZ1JBBDy2CEjDo8McwmjuCr4HJj_TlTlKckXr3941Yi9UEvsKMQf3hYSuYiGkTKiuN9fXefeRx-l7c2sPA0q5yRBXM5ZXZc5i199jvxh7JlYWyjZxEAkcRZZFRdUERLP5I0BwgBggRIKdmf5UNOWwNfHynaXKWavu2KKY4nUdIaLnTi2OhUQvkUwiVHqzIL7SYAqViYahXyM1o3CFxsh0YtCQT2we8047ASwle2FA3pvflb3rNAzeALxKGwsJKL0d_Eqk2fbKXJuhRJUvBikLU0wVi_iGmnZjbyWfDVVnwQXHHkRG-PeYIjO2F_4TaM7odf_EAkifgNLxZBaEqSKWt_Gx5Jm5Orw2mnvKCGqVS3ffO7B1hPN4NwiUNjyQTaz0MITYxjoal9dRWB8FT44fzM98s1mqj4NFwdWPqtwVef7j9Ia4E3fFo3fQoz-F3sfrmaEoJEO_FhdIFuqJ1K-p4tOVulWIB4Gum0O2RmyNqSjbPUk0Zz6v5WF7AAGTNZC2LKVtfnF6Wxh2kebTaa-6Y71KOkmAmkn4oQ8-2dYCEe3kc9EjBlHW4uj6AXJpqYYekLCBPlZXTUrcgkJjStjAGoIKbvapG5lvnSnJh1lODBImkPCSfFev9uav3g9UzJIWHD60-SK6Nkb7Y-FenIednBvyDVEsr4_BuGwscLtSt5GISOA4G_-M41b4003Gb0UHMetZQvOAZMnSLGKksalHA2NocACtifStL1BCE8vDgkvwC5Iw_5YSR1YjbzIWqU5QyPgYDVeDdADrRwefumSF3tZYM3gx0BxrOwr4Kzi38PfUVfvWiGsRhFKcFJfF-1ge91c7yVqlo6o3r1VYxRaCvc1KUXV0oyQeQMw_ZPDEBf0gyu1e-qewoWGHL8Tyv7IBXwOv89elzrgY9z3dst-kT9X9CSjLr-4IMmD5apJ9RY8SuA5IVx98uvGtmJ8KelpuJWm0z-SLWi4gvRqbOZF1wlhPSWsutOraJMsjy2Vp30Q6-IeXUZHMvQoekxQ85LL6qhdGvhhws_3_RyGTzUMXnk7LfThVS-s1TreUvXQpAUtMriNVsTvzAKjB6D3zlxSxoMYvTGh9XbvtS1-3rMbFDZ2nAbmoo3GLJ_C2wxRz9F0UphBgwu5JkCFq7j1QlX2wh1bwedQrzQK5_avE92RypLsxSdQ5wOjqP5B6RAKdna21O9pR_NRqurY033KUngI1_hnrPaUlYLkh6Py5UGlQIBBJOAMgJpo2EgWJWT6au1r6vUJCcN1yXKSIXp8zq0nlJVx4D8YEqvCzTihUE8bbf6xrFPd4QTlpVu6Bv_5TGXlSJhsVFEGwo_yOnTrZD5F-IGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=20409787662&bidurl=http://www.eokultv.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jtiqvQdlQbdhcAvQFx7R-U&adsafe_url=http%3A%2F%2Fwww.eokultv.com&adsafe_type=y&adsafe_url=http%3A%2F%2Fwww.eokultv.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:1204cfb3-e3e4-0821-b4d9-15e857b84420,c:sEMpCy,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-554d68d5bf-sr9v9,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tUinM4P+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C171%7C172%7C173%7C181%7C182%7C19*.1520146-76103085%7C191%7C1a1%7C1a2%7C1b%7C1c1%7C1c2,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:40,oid:ee9d7190-7826-11ee-8f98-226de2a7262d,v:19.8.458,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:20:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11597
x-xss-protection: 0
server: cafe
etag: 8023538936332676572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:20:57 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3174 38 KB
13 KB 11ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 365610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 14:18:21 GMT
expires: Sat, 26 Oct 2024 14:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9956634213443940069/ Frame BEAC 2 KB
786 B 15ms
15ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9956634213443940069/index.html?e=69&leftOffset=0&topOffset=0&c=jpkzb9NwPn&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b19dfb2680cdc789a4a7452f0d016b2c0137a298d1269aa19582f74dbc4457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 758
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 19:51:51 GMT
expires: Wed, 30 Oct 2024 19:51:51 GMT
last-modified: Tue, 05 Sep 2023 14:26:20 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF16 0
0 54ms
54ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstPusr9VWLayTP_jZhZdX3gH7Xz-1-ZCT-TSzp_YWSuDGU34XLtKZBr-1-rbDcMsi-SHGrpan43mQWEyMp8VRcgl10gXBvC2jKnQPcBTh6NPzLwGkDtCyicrggBupcnYBpP9ngmkS9jB0Gagk333Eea1LLqKQzreoZ2wWwa5W8qukki98ngPrvENh0bUeD-AEtqnAn-TekM88f3NJnsf62OyIOm9VrV4f7XmttlmulWftMNLvyWUwKFRkXK6KOvn_aLjCXHxkR9ev9d_PqezT3eLnDbkb84uux85oONY72m6uCq-pZ6VkIVdzXaJusjYSs8-0HdLNsUWf41UxQnO6KIcFOj_lIEn6f0ZKYvcJMlgNrKnHxFKLLHDUjYxW6FVUk_DeOQL_Xpvhsy630q7Ncj_nUiThYlcJvPXq4FLJhwLWTrSVfHhbe_ra_NaJAkqkIdE9PtiPzUsJ0clcvZ5UlktBx-1cwxtk1gj2DJHs6UdsYuiZk4MBQDbnCuMKP93UbbZdFyFHjsqkSP4GwFoqrMo3ToX3DPJQxw4IpsCJ5KcJbAmCAv1Xh1dswyVrVnxyaQC-PEboOBz4El4rV_aWKPenP1NcE-Wq4XFIM8v90yn54iEdeHajdNfaQGyd58aHzigQ-YLmkFqDF0ppXg6uu5LHU90ITp2XPyvtp96RGu8upVOVItQBV5qZ_O0Fhpv2fDhaDYyTzKVZ__LQ-zrjR5iR3K9rcvgodii4mS9HhHHgXbiMb811SMNruQ8NyG6i1oVPb8vnmWtjZPQx0jJhJ-QgvI0GeQAlT_QYY8GYvHir9xL7xGCvGRm0g3HaZnLkgA_ApQMnqRI9GG9hq6q4I1zwQrp_QbinX9WEDSJIND1FdVBRoHZLJO-timPsv7Wqx-QKLrMWuswGmicYcjL5tDAq4xG4WFIvMJdz3vgR6bgtQ1OQPNGqicFvLdfhWrBaBUn9kCzVl5OT4ZyNLUfE2yB_rt-SJbEW_8M7HuH9zoXbzCI5Tlo9eDGxra-KItN7bXjt_y8oV9sd8Bqhwv2PiBw0kEUDmgQF15oWL3Nk57s6sZ8_7mUeU0DG7QQQnJZ2HPY5VBjA0zfbuxEgh9yVtpstvllSSKQ68jind62ddhTxDiKmBEoaXUavIuJR610RDjpBYFWO35Na75thk3YgIdR8GiUaKiSPLIsioj3FCCLoJLvqVATJPu2pBSS-edwSpPTmUYSPx6FizxYfzYyRSXRSh62V4HA6EJiTbqjUl4VVs5GBQmwGiFswW6iWWRwGcAHMwx-MtDa44CbCfpi1q-n6CoiHzTRXaebNF3nV5yo_qaAFPKlx7F5KLAQ_JWKauGfg6V2EBzEBiYRFfp0G62oxba0JzIE-yimgoeLcX-SYgBGqGN9kfe18_MV6odSYz4RVCuzKhY40Cvpw&sai=AMfl-YTFwrr1ZRR325IsxzdNmiJj3Oi84Sh1Yp1cn4eEP-E0MTyr9auODSBHqbNzK6aoSGFZ-paJ010WHAV627TKjMlVxuCmsNb5tgkdw8FYloo6Bisk2F614PiNbE_ifRmFVaJtLi9VyQlsWKImt6HwVzLN-uNLloLdKlPZ5y7W2KiSMFYc8Q51nns0cXC8-rCVVq9jVyTvPQzWQj50ByrsJMTMBqmLVsO1LtNoKIRdwEg2nSXvlcHSxCwirZCUY_Deu4gdm5H9mFq8w9n3pQ0BaG-F2Bc9gXjIX9YvtCkQblhUOI3CjtNgDMcjq2zZy386QI_Mt1gqAjXXi_KtWpsbG6tbhA&sig=Cg0ArKJSzErHmiTdme7lEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=698&cbvp=1&cstd=677&cisv=r20231026.63144&arae=0&ftch=1&adurl=

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Oct 2023 19:51:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF16 43 B
215 B 180ms
180ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=a39e18a9-5080-8a1c-4a18-e46e7486b4da&tv=%7Bc:sEMpM6,pingTime:-2,time:270,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:717,mdZ:756,beA:1182,beZ:1184,mfA:1187,cmA:1189,inA:1189,inZ:1194,prA:1195,prZ:1219,si:1224,poA:1226,poZ:1254,cmZ:1254,mfZ:1254,loA:1331,loZ:1335,ltA:1451,ltZ:1451%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:42%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:270,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B261~0%5D,as:%5B261~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C17.1520146-76103085%7C171%7C172%7C173%7C174%7C175%7C18.990511-61634098%7C181%7C182%7C183%7C184%7C185%7C19.1520146-76103085%7C191%7C192%7C193%7C1a*.1549653-72555946%7C1a1%7C1a2%7C1b%7C1c1%7C1c2,idMap:1a*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,siq:43,sinceFw:225,readyFired:true%7D&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AD23 1 KB
646 B 9ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Wed, 01 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4B83 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afe156d43ec395ab77251275d95798b555c97149a09d5f806eb6b0eee47f2989

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame BEAC 120 KB
41 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9956634213443940069/index.html?e=69&leftOffset=0&topOffset=0&c=jpkzb9NwPn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9956634213443940069/index.html?e=69&leftOffset=0&topOffset=0&c=jpkzb9NwPn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 17:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10254
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Nov 2023 17:00:57 GMT

GET
H3 200 gsap_3.11.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame BEAC 69 KB
27 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9956634213443940069/index.html?e=69&leftOffset=0&topOffset=0&c=jpkzb9NwPn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9956634213443940069/index.html?e=69&leftOffset=0&topOffset=0&c=jpkzb9NwPn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27635
x-xss-protection: 0
last-modified: Fri, 12 May 2023 16:03:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Oct 2023 19:51:51 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/9956634213443940069/ Frame BEAC 13 KB
4 KB 10ms
9ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9956634213443940069/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9956634213443940069/index.html?e=69&leftOffset=0&topOffset=0&c=jpkzb9NwPn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8eec8e86acd8d78e51b53ee64e4810278fb924efe416beecc76c2812a271b814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9956634213443940069/index.html?e=69&leftOffset=0&topOffset=0&c=jpkzb9NwPn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:41:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540622
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4270
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 14:26:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Oct 2024 13:41:29 GMT

POST
H2 200 count
logger.virgul.com/ 0
116 B 45ms
44ms Ping
image/jpeg 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=initBufferFull&g=h&r=npm_eokultv::&o=&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=10/31/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 19:51:51 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 200 count
logger.virgul.com/ 0
116 B 45ms
44ms Ping
image/jpeg 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=start&g=m&r=npm_eokultv::::&o=vnet5549f2a3-c772-44a3-858e-70dddb77fd4a:32:900-1000::&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=10/31/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 19:51:51 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 200 count
logger.virgul.com/ 0
116 B 45ms
44ms Ping
image/jpeg 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adRequest&g=m&r=npm_eokultv:preroll&o=&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=10/31/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 19:51:51 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
DATA 200
OK truncated
/ 985 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6efe7e4964448fbdd5349e5116703648d6692fc191736eb19b62515e21a7a3d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9EEC 38 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 15:26:24 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4B83 43 B
215 B 173ms
172ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=1204cfb3-e3e4-0821-b4d9-15e857b84420&tv=%7Bc:sEMpNZ,pingTime:-10,time:748,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTguMC41OTkzLjExNyBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1698781911215%7C%7C1730ec3f3fde8d3e8d645f22650f1140%7C%7C2a46ab34512a4512731c109fe969e5e3%7C%7C2a8542079a7c3ba2af04cfd3ad9deacf%7C%7Cfbcc56889b8ea1108b65c160c36e3b18%7C%7Cfc5a12ea1fcadb658166c3cc04be176c%7C%7C14b87a34d9c08724ac6cf1cb028ed9c3%7C%7C0c61645d568072f243adee01ab2d13ce%7C%7C1663701684,im:%7Bpci:%7Btdr:631%7D%7D,sca:%7Bspg:60b9e6e3-faa3-dc15-fec4-813062a01490%7D%7D
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 5fe2ed34e4b0b8eb9e66279d
ng2.virgul.com/tck/imp/ 0
213 B 45ms
44ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5fe2ed34e4b0b8eb9e66279d?g=1&t=gb&r=153626@site_geneli@eokultv:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1&info=&mt=1698781908592&userId=vnet5549f2a3-c772-44a3-858e-70dddb77fd4a
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: http://www.eokultv.com
date: Tue, 31 Oct 2023 19:51:51 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6346 38 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 15:26:24 GMT

GET
DATA 200
OK truncated
/ Frame E4C3 73 KB
73 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame E4C3 73 KB
73 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fec887106ba2c9d7c00a3b18f691a517c3f9831926442abd498bdaad4cde786

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E74A 0
0 44ms
44ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsumJQi7ao0YX8cNkmBe3YHEiBxq9lyKe9KteRYByCy66FFqitXEWAZ7fsEFXkQdEzeSHwqYcPxgT7tZHY82Z04GTdhx9MfY1AZiWDBR_ySyBGY9ySO3omkqhshDAaeKDFtxsMiqLkXNCpIN9DsL3ARzgs8TJ9oKRZ-b8uXOtL4cJ1HiEpxfAKdRD_oWF6IXEOBRvWJUpBbvuhr_u-U7652AcshpdAyxMDQVBeIj0_AM1fAwJBBQSzWcu44E77mUF0qI_F80K5k-EGA8LrVBlrfcZCEV3Ui6cpt4vk-j29pOqVV3r_eYtSUxO6jMRS8Wlmnv4wfnya19kc6liy2Q2m0ffhW-w9rWMKuk_IDYsvb80l-EiILd-FdtMWiFYO_Ge3GhrrCp4r6Nb_Qc47gcnfeVWl8CARgyBXOduDS7TB6Q_p-HHmVh5K5Y9oWgO4ybhIziKriRIq3ABtZYHt61coLOKW2RI9K-P2kvaNyxzMmZOEFXxK_nwpg6OQSKicqoyfqGU-eeZbQ8khAH3pU9gw--dFIVv3b3TjYBbmyjwc4D3y9YtJJe9gMNiElkIbPiJSnRktJ4ksJk5eG8Icnwku_Ado4iWrrmi2eO-_VL_qX1KSbOtahORO7MPNptr5Lt2CeHqzFjuZdvpEw6FXAh7UFgHx5ZH9dsdReyqyeVoe9VJ-dmiTQhxgboPxVYEKOReaSX_fnSjtL5CVbY3acOML9ScsNeYSBltlQsxwIqsAwONvXME9oD1JyO46E2n1wUx6LoXMCQo5N2Np2GMGx_uRBrHN0rNz3ELZu9PFacUTL46uXRW6D3f3RcnZShrm9UHMOze94J8JSU8AvLjIg6dhvt9RNqzOKkUcAPm5-khGj1Ko2hbGWT_BGrDvA_86VJIKsDfOSbg_9SluROtQyhW9PGGiLeZIUpQAfvGoEF7sl8SHmXkruHEJVSGWsMUfeYcxFGxuiZDJt40NXVZLg4JDY_OFPNAdpCye_YlRkPillKA0B7wMSweLUVIoLNmRygdcNGbSd8sCdadXrk6a4v8gq87TI5CDaWHUaCtrj12MgM0sE0LgzQ3EBKmlF3_M3ghfV-Vr2oQB2kAk8mYDbUhEHSQ-l49GEbzh_Ew3KbZL51eCt-zE8LUb9S3-60HKF2Kj5acj7N5l5n5JEzn_9-z3rwwHmVjF1rCjjj1W267jtjVIcHe4-cNGhQSfd9VG3FP1J38X29BQseUHmrWvzTd5hwcV-zUAtJmjixJhgMXz3er0_895aO7iB7I2UxXSRtPJuv2lEiqzqitOvIb6XBEaLOtH6nbvZ0FPtNcX4YeaN3MXssus5TmMaZj3INi69C_ljDAxsbl85nXF3T9iSSVr6VTFBWBwiC7r8rv-YYtMgUC2OOgBCNiqYrLJFqzbE344HTCoAZAFIvfa-2hqMWtlWU1R2CrgAtpGf9_A&sai=AMfl-YSdmH3Nxe6ZVZNlqYSR6MfWskZYpnNcChuBUlr3sXcBUxGv2in9VUenCqs8pwRU5p_prdM34sNH9DYBoVz1BFsc2YcIVy2hgqHZfrNOkli31RR4DidLt8RtWKHuNoN7Vicn7EBi7BiBl_3U8Z3XS1WSiw8usFgqo1eYUcl6Fn61rMrGRNDL6A8gN6YnAgOA6w9ASY5eewBo-JMjla3DmGRadxKcSfaRGNjV72MFzPqW-JrjzQhbhfXmoX14fsE7bp-WT7gXOcQVJubFIThz6hDDA_iof3VoHLBpdAX-A_p52JVxUQrKJ7bhHTOggcg&sig=Cg0ArKJSzBpYzQT51ghsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1247&vt=11&dtpt=607&dett=3&cstd=637&cisv=r20231026.24963&vwbs=1&arae=0&ftch=1&adurl=

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7908765322425119429/DE-DEU_XA-07_0_160x600_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/ Frame 4016 261 KB
167 KB 8ms
8ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7908765322425119429/DE-DEU_XA-07_0_160x600_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0adad0cddecce521bf6083fd71c77c27958157ab5af8d5698c73d5288bbc988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 103160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 170635
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 15:12:31 GMT
expires: Tue, 29 Oct 2024 15:12:31 GMT
last-modified: Fri, 09 Jun 2023 11:27:20 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4B83 0
0 47ms
47ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjBKU4pkQBPfobBepEhnNeF6_kOJGb21gCO-Qn4kOI2ywWe1mCY5SmF9Bf_ePSdtZil3xdYNzjxpN46I5kIqwAZsROnojh-xCY958bu4hVFc5uS049nBGgRYrt65aWWUMh_qFDDEVOMHU7j2d3AolbGI7jE9XIyEhakvH6gbaCYx5_FuUBnU9OyYyBX23RirsaJ8zYXUelo4GcWYYpwf9U&sai=AMfl-YTiC3gnZnkylla8fYYoMxh6F2rQvjh7KJ4d7QNunhOopKzcb0PB8N8uy4AIkC5968V-cXapV4QfLhqSfTF7mdE3pAjDcRihuQLp8IMSE6w8MKy3PRY7iyTfeitesT18-iB8o6VbH7swq_kCUcfcCKq5aojx8n89BGAVsea4XWqh8PaPz0s&sig=Cg0ArKJSzPHBe9V1Q20-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=349&cbvp=1&cstd=344&cisv=r20231026.00286&arae=0&ftch=1&adurl=

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E74A 43 B
215 B 187ms
186ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c97984bf-7c15-b59b-386e-948576e3fb58&tv=%7Bc:sEMpQv,pingTime:-10,time:827,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTguMC41OTkzLjExNyBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1698781911215%7C%7C1730ec3f3fde8d3e8d645f22650f1140%7C%7C2a46ab34512a4512731c109fe969e5e3%7C%7C2a8542079a7c3ba2af04cfd3ad9deacf%7C%7Cfbcc56889b8ea1108b65c160c36e3b18%7C%7Cfc5a12ea1fcadb658166c3cc04be176c%7C%7C14b87a34d9c08724ac6cf1cb028ed9c3%7C%7C0c61645d568072f243adee01ab2d13ce%7C%7C1663701684,im:%7Bpci:%7Btdr:774%7D%7D,sca:%7Bspg:60b9e6e3-faa3-dc15-fec4-813062a01490%7D%7D
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: nginx
x-server-name: dt23.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F510 0
0 50ms
49ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsslugAr0qhri6ml0u47kxOW5lWboNW6kTV_Eg1FeMZ2nMGYwrT-u5iiQP7W6nWP4jDYePaA2B2a4DWT55-7b5Sg9UV7d5t2dsjrDKYXqM0wnozA8EwdRA2vOINxTYxnvgXpdbvv5t8z9L0_JKrDUiyfYv59R2et5xefIYqpF7CfVvcZBCV2DopyTvby8c3STWU35jCWTKipBMnE_y5LVnXH&sai=AMfl-YSffeYt2hGdFPD_0N0n3Sml4MIDDtcdMgWkx3HhblxzYNdU0lDvW7R_znmdeJH9xHsTCjRxg6VQuUm9vnXhSIdbSI6IXYj2zHl_x6ydOelM5EmjoyxpbaY_7jTclS4HD815K4G9Eh338SL8OxEx1xgO1GUamfhJnLw3Nt6c-Pxt1F1eRA&sig=Cg0ArKJSzJKTziRhDv8sEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=998&vt=11&dtpt=556&dett=3&cstd=438&cisv=r20231026.10883&arae=0&ftch=1&adurl=

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame AD23 35 B
463 B 62ms
9ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEG6OALyh4ZQkUbA7aSUUKKs&google_cver=1&google_push=AXcoOmQ-iE1Ik0yBje_yaYjVOXEHHIpaJOfvccUHX2J65Z_cn0khIsH357AG_DFqMdaGq8FYifVBdLOZofnlCTMVI-vb3FecZrgfsw

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame AD23 43 B
362 B 17ms
15ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS1-P4F0zI6n2C_29h4Tim65kzTGfcAJw0OvUHV2xKbKlWYLNiWr95C8dl3MudvbTtjBFXH1j4Xm2ebtjdxsnnMXe2X7tK_&google_gid=CAESEOLC99bM7KesFIB9qkivIiw&google_cver=1

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 379942
expires: Tue, 31 Oct 2023 00:00:00 GMT

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame AD23 0
237 B 113ms
51ms Image
text/plain 2600:9000:2362:3e00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKQM29E4khjrzCw8zcgRUWE&google_cver=1&google_push=AXcoOmRDH1hfNsMsjVfg0wmHP_FkJGHWe0mUgDExoZ9GBLjnPccZ7Pl7O5HPCoZ5vAyC0WcLd-XQfUaGMnCfHl-IwQS0V5zdFlVRLQ
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2362:3e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:51 GMT
cache-control: no-cache, must-revalidate
via: 1.1 a6a1a17bbe377bf7c4423397c71959da.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: d88O7Lmv7s3jpf4ROi0QssDlSnnFS1jOucuGDPv9P-HKMSGwbYxrQQ==
x-cache: Miss from cloudfront

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD23
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
https://sync.targeting.unrulymedia.com/csync/RX-764ba516-3b47-480d-85d7-fcba14a96992-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSjmznqDyU9ejddKw04N...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSjmznqDyU9ejddKw04NE7VQVvErKScZ7jj1RC8T5meCrZWg4wMA1QmE7qco-tOyFjPYyu-gHIMIXGO1BoSBg5FN1HgwC7s4g&google_hm=A3ZLpRY7R0gNhdf8uhSpaZI

170 B
188 B

109ms
108ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSjmznqDyU9ejddKw04NE7VQVvErKScZ7jj1RC8T5meCrZWg4wMA1QmE7qco-tOyFjPYyu-gHIMIXGO1BoSBg5FN1HgwC7s4g&google_hm=A3ZLpRY7R0gNhdf8uhSpaZI

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSjmznqDyU9ejddKw04NE7VQVvErKScZ7jj1RC8T5meCrZWg4wMA1QmE7qco-tOyFjPYyu-gHIMIXGO1BoSBg5FN1HgwC7s4g&google_hm=A3ZLpRY7R0gNhdf8uhSpaZI
date: Tue, 31 Oct 2023 19:51:51 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX764ba5163b47480d85d7fcba14a96992003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD23
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPZ8jONaJMR5KOFoSCnvq6k&google_cver=1&google_push=AXcoOmTitWtD5ay0UicSGK1NHVOv9VSoLvuExB4dY13P7gpIhZfZWlsuYUWWC7SOlEDgOeoq_XqH7Sh13PMCE4qsiPzqTgu_FS...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTitWtD5ay0UicSGK1NHVOv9VSoLvuExB4dY13P7gpIhZfZWlsuYUWWC7SOlEDgOeoq_XqH7Sh13PMCE4qsiPzqTgu_FSZ...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1MzU1NDI5MjA2MjU0Nzg2NTIyOA%3D%3D&google_push=AXcoOmTitWtD5ay0UicSGK1NHVOv9VSoLvuExB4dY13P7gpIhZfZWlsu...

170 B
188 B

104ms
103ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1MzU1NDI5MjA2MjU0Nzg2NTIyOA%3D%3D&google_push=AXcoOmTitWtD5ay0UicSGK1NHVOv9VSoLvuExB4dY13P7gpIhZfZWlsuYUWWC7SOlEDgOeoq_XqH7Sh13PMCE4qsiPzqTgu_FSZ44g

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1MzU1NDI5MjA2MjU0Nzg2NTIyOA%3D%3D&google_push=AXcoOmTitWtD5ay0UicSGK1NHVOv9VSoLvuExB4dY13P7gpIhZfZWlsuYUWWC7SOlEDgOeoq_XqH7Sh13PMCE4qsiPzqTgu_FSZ44g
date: Tue, 31 Oct 2023 19:51:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame AD23 0
45 B 402ms
284ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGRsvrljR2qLh_tFQ6ko-sg&google_cver=1&google_push=AXcoOmT6Y94pTLfmXLPkqS1zTiMoajfKyZ3dE6Z--O4ASUEq8cqWpw_eoBybhoSddBBUrGRdax70XBLnSu8sK_6RtrG7YktZT6-FJA
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:51 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame AD23
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELeSDR91i6lu9ke-vgVMER4&google_cver=1&google_push=AXcoOmSMOXmhZUkqYiSvjWrSOVZDZQcUFU8UJPB52zomYRRR97j7Ebpq6T0f0zVTSIPWaDFq716zQCLQ9rF...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSMOXmhZUkqYiSvjWrSOVZDZQcUFU8UJPB52zomYRRR97j7Ebpq6T0f0zVTSIPWaDFq716zQCLQ9rFHdWi0IgiGeyIv_SJIIVw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

9ms
8ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AD23 0
12 B 17ms
16ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JYk7-YjZdoXioY59zgbfMZu9pM-tYHz3mUzqiZqV4D4Mq56zBsVJgJfTdMfcWKyp68PtmDew

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3174 38 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 15:26:24 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 9732 126 KB
24 KB 633ms
578ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21728129623%2C22455267735%2Fweb_eokultv_preroll_FP3&description_url=http%3A%2F%2Fwww.eokultv.com&env=vp&correlator=225117656125154&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x360&unviewed_position_start=1&max_ad_duration=120000&ppid=vnet5549f2a3c77244a3858e70dddb77fd4a&cust_params=site%3Deokultv%26env%3Dweb%26mt%3D1698781908592%26r%3D153624%40site_geneli%40eokultv%3Asite_geneli%26info%3D%26policy%3D0%26targetCtr%3D0%26viewable%3D2%26site%3Deokultv%26plm%3Dnull%26pid%3Dvnet5549f2a3-c772-44a3-858e-70dddb77fd4a%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=4116922795&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&sid=FEA5A5DB-00F1-4D3F-8A93-568A2B935952&nel=0&eid=44752657%2C44772139%2C44777649%2C44781409%2C44802463&url=http%3A%2F%2Fwww.eokultv.com%2F&dlt=1698781907874&idt=2900&dt=1698781911868&cookie=ID%3Df9d465af1940a9ac%3AT%3D1698781909%3ART%3D1698781909%3AS%3DALNI_MabMQ4k_iJ83LRBQ4br6gxrDzoZMg&gpic=UID%3D00000caf9f51d5e8%3AT%3D1698781909%3ART%3D1698781909%3AS%3DALNI_MakEqXUfynk28AnJrcSeOg4HaN66Q&scor=1704969676795674&ged=ve4_td4_tt1_pd4_la4000_er457.975.610.1275_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.599.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53f03808a2d0a36a77027e9541258ca726f26f6c4b179a6794c29205bd9719d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24528
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: http://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Cisco_navy.svg.js Show response
s0.2mdn.net/sadbundle/7908765322425119429/DE-DEU_XA-07_0_160x600_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/ Frame 4016 3 KB
1 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7908765322425119429/DE-DEU_XA-07_0_160x600_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/Cisco_navy.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7908765322425119429/DE-DEU_XA-07_0_160x600_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e1f60ec4ca4ed21fce2fa9d050d7adf1962f2f7991204efa73f3bf0d6bce50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7908765322425119429/DE-DEU_XA-07_0_160x600_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:12:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103156
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1015
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 11:27:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 15:12:35 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 747F 0
25 B 44ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BikBN1VpBZayAEqDntOUPt-Wx8A0AAAAAOAHgBAI&bg=!OjmlOXbNAAbo5yKYyOc7ADQBe5WfOPbTvF-fImbWfZFqiGzUvGn38yCoNzZk6zSd3ubf6jDrYL4YjH1Qm9ReMQpETzDrAgAABD9SAAAABGgBB5kDAvIpmCU1oHbPkSHZnG5XWqkcKI8qZx1bOYRvZrxFiSKmRwDKzb7uu1c1yqpN259ofLRbMzD2hgN6m7w-F6XckuDyzuD5MkF6IN9-ubU34rJvXRL5f6BYqwvQzQRKgUpL_AzoBOj2cuT147TEIFJY1sgsv_UGKNLr1LzfOX14xxjV7TAGs8ACLmogMA7yrBI4uTZRVhplj8yXauNxVsAn7vkqES-FFZ262AQ93Pbb8udENOjde-bUCiutjWhex7D4NtdMMMrjhWXoZlioTsAbc9dcclTHY5Pn2xEbAVNxWrM14JOd0OFi3pP2WtUIuQcCN_Nfo1mrvnFwq5wLHd_4cOFJS5-A0RHMJXi7qUaQ4c1odkZpNzZPMObi61EImAqENKuegawm1DkFGbn6qF7WSAR2w2qZrzVmMSGK7TjvBR79JQSaSWn_iLM82fiI14jN10wRUA4RGPnNzxTYoNUCn6bdiedKCkZFBTt4qBzwXtzVoOk2lv43FMHk8x82-JoNL91unTIBOnPAMP053gRz47QlpYeStuYp3qCMzvD0Rk0fhQluaPcW5bgCHfqIjIXzCkMii_UuPS8y6PpLZpsd-Si-Reg1FjAsU0hBCqa_bZhc8OMQvkEUvO1tlvi-rXybIEnzrD6ZgyKiWnQ8RRltTmlzSd9es6juALztI1frYwdz1z0aPhF396mMX9WVae1wGoku8QU_e7xWfPo_WHMJYOAnwZMcPo7b7ZtVwbc7EDnpBl71rF78jCNHJ76ykvJIh7GNgobcTVRByDsOr9A63MieQA5Edqci_IVtbi2MEl0YmlyPeJYIhbL1dM666_E3NPxotJ5dQWcSfSgxWUERZaxlebBz3jFpecZjQ1uFIYtr_hDEF8ZM0auGRVo59IwJRN-WgQoxZcSyf4k6e4hCEAhe8z8FdNh9FR2MSYjqTqlW9-yqGmjaj4Ub_tbJ_AXfC4lwIyoGa_Twc06Sv7_C7PQ5oPBew2VxJBAW6omREcFBFwWmF5R7WresI4P8q8N41XOv

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ART_CISCO_Q3Social_FSO_PaidMedia_300x250_v1.jpg
s0.2mdn.net/sadbundle/11526246211769912184/DE-DEU_XA-07_0_300x250_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/ Frame E4C3 49 KB
49 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11526246211769912184/DE-DEU_XA-07_0_300x250_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/ART_CISCO_Q3Social_FSO_PaidMedia_300x250_v1.jpg?

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45ed3238fe2adb23a08918b5ae9ebc46ca02404c4142bfcf4ef07574eb746ad1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11526246211769912184/DE-DEU_XA-07_0_300x250_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:11:13 GMT
x-content-type-options: nosniff
age: 103238
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50515
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 11:27:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 15:11:13 GMT

GET
H2 200 5fe2f0a3e4b0b8eb9e6627b1
ng.virgul.com/tck/i_vb2/ 0
213 B 52ms
50ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5fe2f0a3e4b0b8eb9e6627b1?l=&r=153631@site_geneli@eokultv:site_geneli&cs=1698781911941&userId=vnet5549f2a3-c772-44a3-858e-70dddb77fd4a
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: http://www.eokultv.com
date: Tue, 31 Oct 2023 19:51:51 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5fe2f0cde4b0b8eb9e6627b3
ng.virgul.com/tck/i_vb2/ 0
213 B 53ms
51ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5fe2f0cde4b0b8eb9e6627b3?l=&r=153632@site_geneli@eokultv:site_geneli&cs=1698781911941&userId=vnet5549f2a3-c772-44a3-858e-70dddb77fd4a
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: http://www.eokultv.com
date: Tue, 31 Oct 2023 19:51:51 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5fe2ed34e4b0b8eb9e66279d
ng.virgul.com/tck/i_vb2/ 0
213 B 49ms
47ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5fe2ed34e4b0b8eb9e66279d?l=&r=153626@site_geneli@eokultv:site_geneli&cs=1698781911941&userId=vnet5549f2a3-c772-44a3-858e-70dddb77fd4a
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: http://www.eokultv.com
date: Tue, 31 Oct 2023 19:51:51 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5fe2ee38e4b0b8eb9e6627a7
ng.virgul.com/tck/i_vb2/ 0
213 B 49ms
48ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5fe2ee38e4b0b8eb9e6627a7?l=&r=153628@site_geneli@eokultv:site_geneli&cs=1698781911942&userId=vnet5549f2a3-c772-44a3-858e-70dddb77fd4a
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: http://www.eokultv.com
date: Tue, 31 Oct 2023 19:51:51 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 8D53 6 KB
2 KB 18ms
17ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Oct 2023 19:57:21 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 8D53 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 786
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Oct 2023 19:53:46 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 8D53 3 KB
1 KB 16ms
15ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:48:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Oct 2023 20:03:42 GMT

GET
H3 200 head2_5line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 8D53 12 KB
3 KB 16ms
15ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_5line_paare.svg

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fc65e436756cddb5fdfe98535eb5c0dadda31f81801a21fa4c0839d45daebd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:48:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3331
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 13:00:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Oct 2023 20:03:14 GMT

GET
H3 200 head1_2line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 8D53 4 KB
2 KB 16ms
16ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_2line_paare.svg

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ab6793dc8e7ecc84e623176376fac17df0d4513fc68ab392d3850200da5f13b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:48:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1686
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 13:00:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Oct 2023 20:03:14 GMT

GET
H3 200 160x600_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 8D53 37 KB
37 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/160x600_kv_paar.jpg

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d6d8aa9116c8538da4416d44de1532dcf9f5ec4ddc85f4d524714e8ed918ee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:48:14 GMT
x-content-type-options: nosniff
age: 218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37561
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 08:15:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Oct 2023 20:03:14 GMT

GET
H3 200 ART_CISCO_Q3Social_FSO_PaidMedia_300x250_v1.jpg
s0.2mdn.net/sadbundle/11526246211769912184/DE-DEU_XA-07_0_300x250_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/ Frame E4C3 49 KB
49 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11526246211769912184/DE-DEU_XA-07_0_300x250_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/ART_CISCO_Q3Social_FSO_PaidMedia_300x250_v1.jpg?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11526246211769912184/DE-DEU_XA-07_0_300x250_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45ed3238fe2adb23a08918b5ae9ebc46ca02404c4142bfcf4ef07574eb746ad1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11526246211769912184/DE-DEU_XA-07_0_300x250_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:11:13 GMT
x-content-type-options: nosniff
age: 103239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50515
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 11:27:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 15:11:13 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BF16 42 B
174 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3WN3pdJ1Mp5Mt6Gj9TWJAyWh7Pe3U_fElSbsh8kHt6arCzLd2_pla6SrLs2T-pLPtQ-EDWA2ntBGDFZeYTiZdDLe1x5nYujg9AexUNJi3-rOIQEO9tJAR-KXVyiLAaibTbNa6PqW_CgTo&sai=AMfl-YSWwVatN5bCe3Shr6lCnIgC04oYepKMhRfXFBaOEKrmBmnuDRYqkUQRBlXy0vS5gY78Xm1c_otOBOpPo1oi3osUF-j1sFIEuEVzbODhcWOs5Cm2vjQWEnY068NVP48rG8z-ghHx66awK7-DfQ8o&sig=Cg0ArKJSzFPXHp81E9m9EAE&cid=CAQSTgDICaaNYKSjuRjgyBDdJ7B4xJkeGDcEqDRw53Qaf1_BcwWdWlsT0LRehYhFo6lenDUp4V5JCJTpo87xPc3uIe5OQ1-rFrKaAMfIZE8-2xgB&id=lidar2&mcvt=1059&p=162,650,412,950&mtos=1059,1059,1059,1059,1059&tos=1059,0,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1871473940&rs=4&la=0&cr=0&vs=4&r=v&rst=1698781910110&rpt=815&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BEAC 8 KB
6 KB 57ms
57ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b03124345e4ac61b50579a9fcc7a9b97b58ec6b37863db8c54b56c227a4484c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5893
x-xss-protection: 0

GET
H3 200 style.css
s0.2mdn.net/sadbundle/9956634213443940069/ Frame BEAC 3 KB
933 B 11ms
10ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9956634213443940069/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9956634213443940069/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27881c78063a561e8328f5b09db24b7b412c8f6de481b75318487ea457736020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9956634213443940069/index.html?e=69&leftOffset=0&topOffset=0&c=jpkzb9NwPn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540621
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 896
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 14:26:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Oct 2024 13:41:31 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF16 0
0 51ms
51ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstPusr9VWLayTP_jZhZdX3gH7Xz-1-ZCT-TSzp_YWSuDGU34XLtKZBr-1-rbDcMsi-SHGrpan43mQWEyMp8VRcgl10gXBvC2jKnQPcBTh6NPzLwGkDtCyicrggBupcnYBpP9ngmkS9jB0Gagk333Eea1LLqKQzreoZ2wWwa5W8qukki98ngPrvENh0bUeD-AEtqnAn-TekM88f3NJnsf62OyIOm9VrV4f7XmttlmulWftMNLvyWUwKFRkXK6KOvn_aLjCXHxkR9ev9d_PqezT3eLnDbkb84uux85oONY72m6uCq-pZ6VkIVdzXaJusjYSs8-0HdLNsUWf41UxQnO6KIcFOj_lIEn6f0ZKYvcJMlgNrKnHxFKLLHDUjYxW6FVUk_DeOQL_Xpvhsy630q7Ncj_nUiThYlcJvPXq4FLJhwLWTrSVfHhbe_ra_NaJAkqkIdE9PtiPzUsJ0clcvZ5UlktBx-1cwxtk1gj2DJHs6UdsYuiZk4MBQDbnCuMKP93UbbZdFyFHjsqkSP4GwFoqrMo3ToX3DPJQxw4IpsCJ5KcJbAmCAv1Xh1dswyVrVnxyaQC-PEboOBz4El4rV_aWKPenP1NcE-Wq4XFIM8v90yn54iEdeHajdNfaQGyd58aHzigQ-YLmkFqDF0ppXg6uu5LHU90ITp2XPyvtp96RGu8upVOVItQBV5qZ_O0Fhpv2fDhaDYyTzKVZ__LQ-zrjR5iR3K9rcvgodii4mS9HhHHgXbiMb811SMNruQ8NyG6i1oVPb8vnmWtjZPQx0jJhJ-QgvI0GeQAlT_QYY8GYvHir9xL7xGCvGRm0g3HaZnLkgA_ApQMnqRI9GG9hq6q4I1zwQrp_QbinX9WEDSJIND1FdVBRoHZLJO-timPsv7Wqx-QKLrMWuswGmicYcjL5tDAq4xG4WFIvMJdz3vgR6bgtQ1OQPNGqicFvLdfhWrBaBUn9kCzVl5OT4ZyNLUfE2yB_rt-SJbEW_8M7HuH9zoXbzCI5Tlo9eDGxra-KItN7bXjt_y8oV9sd8Bqhwv2PiBw0kEUDmgQF15oWL3Nk57s6sZ8_7mUeU0DG7QQQnJZ2HPY5VBjA0zfbuxEgh9yVtpstvllSSKQ68jind62ddhTxDiKmBEoaXUavIuJR610RDjpBYFWO35Na75thk3YgIdR8GiUaKiSPLIsioj3FCCLoJLvqVATJPu2pBSS-edwSpPTmUYSPx6FizxYfzYyRSXRSh62V4HA6EJiTbqjUl4VVs5GBQmwGiFswW6iWWRwGcAHMwx-MtDa44CbCfpi1q-n6CoiHzTRXaebNF3nV5yo_qaAFPKlx7F5KLAQ_JWKauGfg6V2EBzEBiYRFfp0G62oxba0JzIE-yimgoeLcX-SYgBGqGN9kfe18_MV6odSYz4RVCuzKhY40Cvpw&sai=AMfl-YTFwrr1ZRR325IsxzdNmiJj3Oi84Sh1Yp1cn4eEP-E0MTyr9auODSBHqbNzK6aoSGFZ-paJ010WHAV627TKjMlVxuCmsNb5tgkdw8FYloo6Bisk2F614PiNbE_ifRmFVaJtLi9VyQlsWKImt6HwVzLN-uNLloLdKlPZ5y7W2KiSMFYc8Q51nns0cXC8-rCVVq9jVyTvPQzWQj50ByrsJMTMBqmLVsO1LtNoKIRdwEg2nSXvlcHSxCwirZCUY_Deu4gdm5H9mFq8w9n3pQ0BaG-F2Bc9gXjIX9YvtCkQblhUOI3CjtNgDMcjq2zZy386QI_Mt1gqAjXXi_KtWpsbG6tbhA&sig=Cg0ArKJSzErHmiTdme7lEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1255&vt=11&dtpt=557&dett=3&cstd=677&cisv=r20231026.63144&vwbs=1&arae=0&ftch=1&adurl=

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4016 73 KB
73 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 4016 73 KB
73 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fec887106ba2c9d7c00a3b18f691a517c3f9831926442abd498bdaad4cde786

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4B83 0
0 45ms
45ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjBKU4pkQBPfobBepEhnNeF6_kOJGb21gCO-Qn4kOI2ywWe1mCY5SmF9Bf_ePSdtZil3xdYNzjxpN46I5kIqwAZsROnojh-xCY958bu4hVFc5uS049nBGgRYrt65aWWUMh_qFDDEVOMHU7j2d3AolbGI7jE9XIyEhakvH6gbaCYx5_FuUBnU9OyYyBX23RirsaJ8zYXUelo4GcWYYpwf9U&sai=AMfl-YTiC3gnZnkylla8fYYoMxh6F2rQvjh7KJ4d7QNunhOopKzcb0PB8N8uy4AIkC5968V-cXapV4QfLhqSfTF7mdE3pAjDcRihuQLp8IMSE6w8MKy3PRY7iyTfeitesT18-iB8o6VbH7swq_kCUcfcCKq5aojx8n89BGAVsea4XWqh8PaPz0s&sig=Cg0ArKJSzPHBe9V1Q20-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=704&vt=11&dtpt=355&dett=3&cstd=344&cisv=r20231026.00286&arae=0&ftch=1&adurl=

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F510 42 B
64 B 55ms
54ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVGHwNS_fSoZZqFoPm45rqLB1ZCwUDMML70kCmYrH5ZKgylHOLhbNOFuMULbsGEM0bQcmNN4KTE4jh88f65ay11QjuT7DFSpuvkUF7ygpZhQ-ILB7hNlE2HZT_NKN4djXgVzLPoHWjWkTT&sai=AMfl-YSumF8AJ6qyRmDG1td6JLtglg_BYHUHOvB7sNZgrNDIDxDLKRMhoGStjDlnYBFG_QRaoRYKbIiYAfbY687mL1mW0Nh1tGAqqCIlrjZpjcDC00u0seT2B0BfTrW6HxaA9AIIVaOHLnG5pwbOdl8&sig=Cg0ArKJSzDHB0mDu9F4BEAE&cid=CAQSTQDICaaNZ1_LAu5_j1OlE3AtyXt8ccC7Sg0kQookZtN4PcUyMWI_QP00FUfm1olmTfmluzuBMOAR2cuq7seq3ehThpTW0Rg0CekFrceQGAE&id=lidar2&mcvt=1068&p=858,979,1108,1279&mtos=1068,1068,1068,1068,1068&tos=1068,0,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2073593936&rs=4&la=0&cr=0&vs=4&r=v&rst=1698781909819&rpt=1253&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 terms_copy.png
s0.2mdn.net/sadbundle/9956634213443940069/ Frame BEAC 3 KB
3 KB 10ms
9ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9956634213443940069/terms_copy.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9956634213443940069/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69b1ab00597f3da76b29aa74066430cc3be348c4823deee02de3d2f708f1b3a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9956634213443940069/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 19:31:09 GMT
x-content-type-options: nosniff
age: 433243
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2763
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 14:26:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Oct 2024 19:31:09 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/9956634213443940069/ Frame BEAC 3 KB
3 KB 13ms
12ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9956634213443940069/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9956634213443940069/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6849288b64ebc48de45202a8901631a20cd3adee91558f1f8ca6c4dd248d6441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9956634213443940069/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 22:30:00 GMT
x-content-type-options: nosniff
age: 76912
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3157
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 14:26:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 22:30:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BEAC 17 KB
6 KB 91ms
89ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 19:51:52 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/9956634213443940069/ Frame BEAC 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9956634213443940069/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9956634213443940069/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6849288b64ebc48de45202a8901631a20cd3adee91558f1f8ca6c4dd248d6441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9956634213443940069/index.html?e=69&leftOffset=0&topOffset=0&c=jpkzb9NwPn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 22:30:00 GMT
x-content-type-options: nosniff
age: 76912
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3157
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 14:26:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 22:30:00 GMT

GET
H3 200 cta_1.png
s0.2mdn.net/sadbundle/9956634213443940069/ Frame BEAC 733 B
767 B 10ms
9ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9956634213443940069/cta_1.png

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af64d5d738a8f469582aeca115859e2e721dbd78c8b2c28ac4a5b254e4e0fcbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9956634213443940069/index.html?e=69&leftOffset=0&topOffset=0&c=jpkzb9NwPn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:41:31 GMT
x-content-type-options: nosniff
age: 540621
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 733
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 14:26:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Oct 2024 13:41:31 GMT

GET
H3 200 cta_2.png
s0.2mdn.net/sadbundle/9956634213443940069/ Frame BEAC 733 B
767 B 11ms
9ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9956634213443940069/cta_2.png

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e414b102b2b229302325299d0ab64043eaef34bef01199cda3d4c27c5b166f1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9956634213443940069/index.html?e=69&leftOffset=0&topOffset=0&c=jpkzb9NwPn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:41:31 GMT
x-content-type-options: nosniff
age: 540621
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 733
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 14:26:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Oct 2024 13:41:31 GMT

GET
H3 200 ART_CISCO_Q3Social_FSO_PaidMedia_160x600_v1.jpg
s0.2mdn.net/sadbundle/7908765322425119429/DE-DEU_XA-07_0_160x600_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/ Frame 4016 59 KB
59 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7908765322425119429/DE-DEU_XA-07_0_160x600_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/ART_CISCO_Q3Social_FSO_PaidMedia_160x600_v1.jpg?

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2524b3abc53dd390ae8577b213fbc1c76d006087e029594214d43201343eb23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7908765322425119429/DE-DEU_XA-07_0_160x600_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:12:38 GMT
x-content-type-options: nosniff
age: 103154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60216
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 11:27:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 15:12:38 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 60 KB
20 KB 626ms
625ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2929549923447421&correlator=2442829509227540&eid=31079210%2C31079233&output=ldjh&gdfp_req=1&vrg=202310260101&ptt=17&impl=fif&iu_parts=21728129623%3A22455267735%2Cm_eokultv_page_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=7&didk=3808746303&sfv=1-0-40&ists=1&fas=8&eri=1&sc=0&cookie=ID%3Df9d465af1940a9ac%3AT%3D1698781909%3ART%3D1698781909%3AS%3DALNI_MabMQ4k_iJ83LRBQ4br6gxrDzoZMg&gpic=UID%3D00000caf9f51d5e8%3AT%3D1698781909%3ART%3D1698781909%3AS%3DALNI_MakEqXUfynk28AnJrcSeOg4HaN66Q&abxe=1&dt=1698781912274&lmt=1698778312&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fwww.eokultv.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=496794985.1698781908&ga_sid=1698781909&ga_hid=695587219&ga_fc=true&dlt=1698781907874&idt=1288&ppid=vnet5549f2a3c77244a3858e70dddb77fd4a&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Deokultv%26mt%3D1698781908592%26pager%3D1%2540site_geneli%2540eokultv%253Asite_geneli%26policy%3D0%26host%3Dwww.eokultv.com%26url%3Dhttp%253A%2520%2520www.eokultv.com%2520%26targetCtr%3D0%26pid%3Dvnet5549f2a3-c772-44a3-858e-70dddb77fd4a%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&adks=3261361557&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

129d1b84477b2828d1bb357bcf373d369628e0abb13ab4d9dead3dd58d510688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20814
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.eokultv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/ 39 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl_page_level_ads.js?cb=31079210

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee4716a6da2cb64dac712d35dac832d9f47a2f45094f6c0979ef19d8fbf6438d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 10:39:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33169
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13712
x-xss-protection: 0
server: cafe
etag: 9520715235413911519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 30 Oct 2024 10:39:03 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E74A 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7z5UTOZgF2c9iyR4VuBmhnyrcNtx7jBqjWVAHNxFeOcO_aTbAc8DR3ZmVsimWAVAUKZwsOJRziToJxC9OJ2pB6LT5c1hOfsJvM_BruEJishQiRHVWldQxiWri7asvqm2nrPXufl-Hdz1m&sai=AMfl-YT1xC9L_ICb8hS27GmPDn8cUfPcPJALOUXS_ZajNrXXxeMIFKstWG9kfcO1qjJtq7daM1qaOvH8iZ8W1QZB3hJnaLOPXJoGEc-RzgOhDgjYbwSvcbpSx3kekx37-eqgy1BfM5LYGNeVxRdIaQOb&sig=Cg0ArKJSzNqMabEmR8FOEAE&cid=CAQSTgDICaaNMY8mk1HnJfo1cxRrHpRivc0B0oQaRaw-LoonrrquM9zOFhW2OFq1fwbmolazIMIlJTxx4VhmZVXr47IZXpXyteZW9DddllR4AhgB&id=lidar2&mcvt=1087&p=160,259,200,300&mtos=1087,1087,1087,1087,1087&tos=1087,0,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2149371335&rs=4&la=0&cr=0&vs=4&r=v&rst=1698781909924&rpt=813&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F510 43 B
215 B 173ms
172ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=60b9e6e3-faa3-dc15-fec4-813062a01490&tv=%7Bc:sEMpYx,time:2032,type:e,im:%7Bpci:%7Btdr:1131%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:878,o:1154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1146~0%5D,as:%5B1146~300.250%5D%7D%7D,%7Bsl:i,t:1154,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B878~100%5D,as:%5B878~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:330,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C17*.1520146-76103085%7C171%7C18.990511-61634098%7C181%7C19.1520146-76103085%7C191%7C1a.1549653-72555946%7C1a1,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:24,sis:550%7D&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/9956634213443940069/ Frame BEAC 126 KB
127 KB 11ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9956634213443940069/bg.jpg

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbb185d2fb9ea4375f23b230dc6e42c1ef8834b393b61158aa3529f3d1d9a3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9956634213443940069/index.html?e=69&leftOffset=0&topOffset=0&c=jpkzb9NwPn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:41:31 GMT
x-content-type-options: nosniff
age: 540621
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129496
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 14:26:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Oct 2024 13:41:31 GMT

GET
H3 200 copy_1.png
s0.2mdn.net/sadbundle/9956634213443940069/ Frame BEAC 6 KB
6 KB 14ms
9ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9956634213443940069/copy_1.png

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a738bac7916aaed5f90c24ba65205c1a4a058d1895b4d9cd66d6755ab0a272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9956634213443940069/index.html?e=69&leftOffset=0&topOffset=0&c=jpkzb9NwPn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:41:31 GMT
x-content-type-options: nosniff
age: 540621
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5845
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 14:26:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Oct 2024 13:41:31 GMT

GET
H3 200 copy_2.png
s0.2mdn.net/sadbundle/9956634213443940069/ Frame BEAC 2 KB
2 KB 14ms
10ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9956634213443940069/copy_2.png

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73bbb261048fed0af949c8648e3881d4e3478b0153baa48c7f070a4ac761cf93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9956634213443940069/index.html?e=69&leftOffset=0&topOffset=0&c=jpkzb9NwPn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:41:31 GMT
x-content-type-options: nosniff
age: 540621
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1965
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 14:26:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Oct 2024 13:41:31 GMT

GET
H3 200 ART_CISCO_Q3Social_FSO_PaidMedia_160x600_v1.jpg
s0.2mdn.net/sadbundle/7908765322425119429/DE-DEU_XA-07_0_160x600_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/ Frame 4016 59 KB
59 KB 13ms
9ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7908765322425119429/DE-DEU_XA-07_0_160x600_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/ART_CISCO_Q3Social_FSO_PaidMedia_160x600_v1.jpg?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7908765322425119429/DE-DEU_XA-07_0_160x600_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2524b3abc53dd390ae8577b213fbc1c76d006087e029594214d43201343eb23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7908765322425119429/DE-DEU_XA-07_0_160x600_BAN-A_HTML5_MOFU-no-Cross-Architecture-GuideMeToolv2-ALL_0_50/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:12:38 GMT
x-content-type-options: nosniff
age: 103154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60216
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 11:27:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 15:12:38 GMT

GET
H3 200 cta_1.png
s0.2mdn.net/sadbundle/9956634213443940069/ Frame BEAC 733 B
767 B 8ms
7ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9956634213443940069/cta_1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9956634213443940069/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af64d5d738a8f469582aeca115859e2e721dbd78c8b2c28ac4a5b254e4e0fcbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9956634213443940069/index.html?e=69&leftOffset=0&topOffset=0&c=jpkzb9NwPn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:41:31 GMT
x-content-type-options: nosniff
age: 540621
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 733
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 14:26:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Oct 2024 13:41:31 GMT

GET
H3 200 cta_2.png
s0.2mdn.net/sadbundle/9956634213443940069/ Frame BEAC 733 B
767 B 9ms
8ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9956634213443940069/cta_2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9956634213443940069/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e414b102b2b229302325299d0ab64043eaef34bef01199cda3d4c27c5b166f1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9956634213443940069/index.html?e=69&leftOffset=0&topOffset=0&c=jpkzb9NwPn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:41:31 GMT
x-content-type-options: nosniff
age: 540621
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 733
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 14:26:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Oct 2024 13:41:31 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame CFBE 38 KB
15 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 15:26:24 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF16 43 B
215 B 194ms
185ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=a39e18a9-5080-8a1c-4a18-e46e7486b4da&tv=%7Bc:sEMq1l,time:1215,type:e,im:%7Bimprf:%7Bttecl:968,ecd:140,tsecr:320%7D,pci:%7Btdr:760%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1215,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1206~0%5D,as:%5B477~0.0,729~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:275,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C17.1520146-76103085%7C171%7C172%7C173%7C174%7C175%7C18.990511-61634098%7C181%7C182%7C183%7C184%7C185%7C19.1520146-76103085%7C191%7C192%7C193%7C1a*.1549653-72555946%7C1a1%7C1a2%7C1b%7C1c1%7C1c2,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:43,sis:503%7D&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
server: nginx
x-server-name: dt22.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E654 0
25 B 47ms
46ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BCNAI1lpBZYLzDZLx3gP4_L2gDgAAAAA4AeAEAg&bg=!2Nul25TNAAbo5yKYyOc7ADQBe5WfODP7BoSJM96kD48Uikv9CCoRzB4fpNy3RczVIskdY6dRZghA3HFMc4H0Pv2tQw2zAgAAAyZSAAAAA2gBB5kDCypu85cG66xYVSLXjtA_bHV2QxApFahEQsi8WspUJxX5V_jHtoBRt5OClYonX9sUDUyLPa0tv64RwqncPSVVnq8xrDeIsVOFQoht8f84ROjIH8pJR87E4Sp_TiwsaK2ayYqVSlCLPnAydUdo2r4EdZO16SUCy05N4k-sQ-_WazkX7ngxyhkYPf3VPUZyAyJTXqYHTgDMkBRrxSoVhOL-YkSEhTKRKm_XL8eu54cHVRQrPRCNHghUcIPZUrUEDaBGZpO7v8qNEv3tivfeua8iTqEwaBFs7nVgS2MI1dvRuAr8dLZfZeyErvJ0dNfuRjJAdcWcAeczw1l7XyJVTdVtj4KzDfRMkVEMwG4xi02fJwcfBuLKJyCRdC3r6tdIU9gzKhnp_6uL6IfKKosfZtyE7UbfRFpOiBavC7DoF5e_9hOWZxTDL8vidZ-AhZ4OWvyZPC7LDLmdh1-7iI6wMrOUnyM9nnzdd232gB1FrZ34Mj6BgSnFWXVIqRvdWq2y-XTM3I4JodLrQ2dxa_ANOVCLOJWEUKjDsD2DJfB6oneVQbqil0gBDqjFzDFXZ8vywUmylXTsd-fN3ARbjuxOr6RcBCPaxGNn4IBKQHN2NZyP7gHSNEKoNFbMlBYOn32f2Uk-o8seTi7SW0sR0Ms3opHTDwjIZiVstkXgee6_b5ZeVMc5gtvqcx27cyGOMxz_g-e7iorp7ZryuPFuy5z0uu58YOO1lLnlcgoPaGjqgGRI378pqPHateafLiMzAjJ-cfnLawv5PElbf7Ys7mymfa_BfQiHuUirdvvASk5wGXL40ybolYiqScKjrSkB8MnwK4CZPa-usitJGFAerLWnHVbK5546zlMCDBOMd5DfudNL2DJCYUz3qzwGcR7cto1q1fdPdDPlBrmM0rzPfgWzxnBwOt6Zx1EFUCszQMrhOezhBkgSeuJLJaRnliHfn3Lfi6nLcBwXTXxowgVhO5ox1-MkmAecRD_020S8Rsxw7sY9PgQMg-_rVT0c5_y3inlVQjR5lAj0qntpG0eYY-JR

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E74A 43 B
215 B 177ms
171ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c97984bf-7c15-b59b-386e-948576e3fb58&tv=%7Bc:sEMq2a,pingTime:0,time:1550,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:20%7D,%7Br:r,w:160,h:600,t:388%7D,%7Bpiv:100,vs:i,r:,t:1550%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1550,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1543~0,0~100%5D,as:%5B381~0.0,1162~160.600%5D%7D%7D,%7Bsl:i,t:1550,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1543~0,0~100%5D,as:%5B381~0.0,1162~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:245,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C17.1520146-76103085%7C171%7C172%7C173%7C18*.990511-61634098%7C181%7C182%7C19.1520146-76103085%7C191%7C192%7C1a.1549653-72555946%7C1a1%7C1a2%7C1b%7C1c1%7C1c2,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:21,sis:631%7D&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 5fe2ee38e4b0b8eb9e6627a7
ng2.virgul.com/tck/imp/ 0
213 B 52ms
49ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5fe2ee38e4b0b8eb9e6627a7?g=1&t=gb&r=153628@site_geneli@eokultv:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1&info=&mt=1698781908592&userId=vnet5549f2a3-c772-44a3-858e-70dddb77fd4a
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: http://www.eokultv.com
date: Tue, 31 Oct 2023 19:51:52 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F510 43 B
215 B 175ms
172ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=60b9e6e3-faa3-dc15-fec4-813062a01490&tv=%7Bc:sEMq2c,pingTime:1,time:2259,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:23%7D,%7Bpiv:100,vs:i,r:,t:1154%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1105,o:1154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1146~0%5D,as:%5B1146~300.250%5D%7D%7D,%7Bsl:i,t:1154,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1105~100%5D,as:%5B1105~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:330,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C17*.1520146-76103085%7C171%7C18.990511-61634098%7C181%7C19.1520146-76103085%7C191%7C1a.1549653-72555946%7C1a1,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:24,sis:550%7D&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F510 43 B
215 B 177ms
174ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=60b9e6e3-faa3-dc15-fec4-813062a01490&tv=%7Bc:sEMq2d,pingTime:1,time:2260,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:23%7D,%7Bpiv:100,vs:i,r:,t:1154%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1106,o:1154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1146~0%5D,as:%5B1146~300.250%5D%7D%7D,%7Bsl:i,t:1154,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1106~100%5D,as:%5B1106~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:330,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C17*.1520146-76103085%7C171%7C18.990511-61634098%7C181%7C19.1520146-76103085%7C191%7C1a.1549653-72555946%7C1a1,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:24,sis:550%7D&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 204 csi
csi.gstatic.com/ Frame 9732 0
234 B 105ms
34ms Ping
image/gif 2a00:1450:400c:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=1~loeqvzab&c=7057876090133&slotId=3528938045066.5&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=1&ytext_hd=0&ytext_vi=fGNWALoP1BQ&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::78 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9732 0
54 B 36ms
36ms Ping
image/gif 2a00:1450:400c:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=2~loeqw0se&c=7057876090133&slotId=3528938045066.5&qqid=CNeSqOOHoYIDFfdY9ggdCZcHJw&gqid=11pBZa78OIGI2fcPjvWcsAM&fb=ima_html5-lima&sdkv=h.3.599.0&mrd=10&aab=1&itv=1&ghmsh_eids=44752657%2C44772139%2C44777649%2C44781409%2C44802463&met.4=ghmsh_s.loeqw0sm~ghmsh_s.loeqw0so&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=vPck7bPajttv5FUt
Requested by: Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::78 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame 9732 0
0 68ms
46ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.599.0&e=44752657%2C44772139%2C44777649%2C44781409%2C44802463&id=ima_html5&c=814652306593749&domain=www.eokultv.com

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.599.0_en.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 19:51:52 GMT
X-Content-Type-Options: nosniff
Server: cafe
Content-Type: image/gif
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 9732 453 B
607 B 14ms
7ms Image
image/png 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-7983651257838282

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:20:06 GMT
x-content-type-options: nosniff
age: 1906
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 20:10:06 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9732 42 B
64 B 65ms
60ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CAGm311pBZZfLO_ex2fcPia6euALm0ryOc_jGiej0Ea-BuuPXAhABIOa0gmsoAmCV4pCCoAegAf_bisgDyAEF4AIAqAMBmAQAqgSWAk_QvrM9MPcKSteqfYx4Y_GLrgGfXtJsaP2Qo2KzP9yeqnIo_oacxe7jprVWuBFEULKzWxeDIH9_LBORwDOWybLKt3lGID44vM_fHzJjpbuafYIKB3ku3jwwa2Bf7GYFZCeiGq0l6idiSCqHGnWbJEQ84sm-pyhci_BEAdah5YIUFpZxCVOcCG7lvauEN0NzCwweyT7bKG3p8mm1rD5uCMe6YyQQ1N7T4GuJvvdt5SevHzf1sDMjFV5QrnRBQQjAxaCsvz4nDl6t-inQI44CGDPhT6SltOfVvfEnB5OgH0GABht_rpO0XuuRqRUtTpwkvDEocj3c685Gic7GiTVXwtDX-vDYhwiICAZ_QUyNKkzohfyQ_esmwAT3iKjavgTgBAGIBaH3idBLoAZUgAfy3vqjAqgH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTE4NDU5NzY4NjM3OTIwMTOxCSmyDgi-_f4bgAoDmAsByAsB0AsO2gwQCgoQ4MbFmN_txpZwEgIBA5oNAQ6qDQJERcgNAeINEwiO2Kbjh6GCAxX3WPYIHQmXByfYEwyIFAHQFQHiFgIIAfgWAYAXAQ&sigh=CAh2lh7ifbQ&label=show_ad&sdkv=h.3.599.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYxNTQ3MjMyNTQ5NjIMNjY0MTExOTA0Mjg2QLYFUiMQDyUAAGhCKAE6C2ZHTldBTG9QMUJRQglnb29nbGVhZHNQABgB

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
pubads.g.doubleclick.net/pagead/ Frame 9732 0
0 62ms
55ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CLbSH11pBZZfLO_ex2fcPia6euALm0ryOc_jGiej0Ea-BuuPXAhABIOa0gmsoAmCV4pCCoAegAf_bisgDyAEF4AIAqAMBmAQAqgSTAk_QvrM9MPcKSteqfYx4Y_GLrgGfXtJsaP2Qo2KzP9yeqnIo_oacxe7jprVWuBFEULKzWxeDIH9_LBORwDOWybLKt3lGID44vM_fHzJjpbuafYIKB3ku3jwwa2Bf7GYFZCeiGq0l6idiSCqHGnWbJEQ84sm-pyhci_BEAdah5YIUFpZxCVOcCG7lvauEN0NzCwweyT7bKG3p8mm1rD5uCMe6YyQQ1N7T4GuJvvdt5SevHzf1sDMjFV5QrnRBQQjAxaCsvz4nDl6t-inQI44CGDPhT6SltOfVvfEnB5OgH0GABht_rpO0XuuR8RS_C5YucxC685t6j1LgiUcBq4G4Dt__897AYJ1XKrKahGGhMs9qO5gMwAT3iKjavgTgBAGIBaH3idBLkgUSCBIQBRgPMJSov9CLwNWxfFABoAZUgAfy3vqjAqgH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ5f9sqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMTg0NTk3Njg2Mzc5MjAxM5oJowFodHRwczovL3d3dy5ncmFtbWFybHkuY29tL2EvZ2VybWFueT91dG1fc291cmNlPXlvdXR1YmUmdXRtX21lZGl1bT1jcGMmdXRtX3BoYXNlPXByb2Zlc3Npb25hbCZ1dG1fY2FtcGFpZ249aW5mbHVlbmNlci1nZXJtYW4mdXRtX2NvbnRlbnQ9dG9tYXJ5LTQwcy1nZXJtYW4tbGFuZHNjYXBlgAoDyAsB4g0TCI7YpuOHoYIDFfdY9ggdCZcHJ8ITBhj_24rIA9gTDIgUAdAVAeIWAggBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt&sigh=8tcn9L73nIk&cmd=Ch1jYS12aWRlby1wdWItNzk4MzY1MTI1NzgzODI4MhAAGAI&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaNOixLGPdjgY53TRWsVFJLp3Cyypg2eBQK6Z1u4EYHuIs7bhGmxbDCK2SwBEk2wBOSfJkSDOdI8r5Ji-MkBt2kywk_JxKVeMsRMhgB&vt=10&sdkv=h.3.599.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYxNTQ3MjMyNTQ5NjIMNjY0MTExOTA0Mjg2QLYFUiMQDyUAAGhCKAE6C2ZHTldBTG9QMUJRQglnb29nbGVhZHNQABgB
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 35ms
34ms Ping
image/gif 2a00:1450:400c:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&top=1&puid=1~loeqvyo7&c=7057876090133&slotId=3528938045066.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::78 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9EEC 0
25 B 47ms
46ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B605M1lpBZaW_E5jpx_APjKOXyA0AAAAAOAHgBAI&bg=!BAelB0jNAAbo5yKYyOc7ADQBe5WfOGBlA7ZOstplpyCk1ytoYoSht66iGfSrGoahaq4cS6_mhZKXfEtdDOii4S93r3lBAgAAAupSAAAABWgBB5kDEPBKiTgNm9JeEmWOK2MQ4p2oYA2cjzIfGu0uoJC0QUn8-oAXir4MdMdtVxs47CaSuLPXoK-dabkpfG028veEi99PF9SszYlEbfTGLi5r1TtE1G7J5cyz7Br3MitHyTLtNVDhMgm1ffAImuhnXBqmod111UCIuLF_whbf9dqtoeGmf6_1igGk6A-xc38NyHUEO5cX6EqFqXpGWJWY_LCwb76Fk0mpTOsx_c88fEpG-jhAMOx9GFiUpqtZLCxpDTsKCXIFThMFVNinHkccu5F1UWoPaf1yqdPWQgO0LEfFWouglBqf9xDW8VyQ7P-by3Us0WpHvRe3niEbbxXzq1mEssBQFHOZ9u0tScVjJPOqaXJixjonm_R_7YnvfXsLyD10dwd-Jl5dsuyLCOGBWtQbA9TXygZc_esAJ18eKtZhKU7CWNbpIWIUAs4l6sXtaiu-EBWBbqeRUukUnXzJtTzSC-ndrijQRm2Oswam_p7bkvwaUZhpwE-eqcCMCU59dYg_XcIMpkvLXXjmBAslyynydUwtjV9FrwlYFXxELm1VB-WeiS9qKoPDEWEqnCDt4fx6MBuRa3lE-U-ArR73ZeoaHVyo5QzCADDjpwnqktbnuF94ruid0sFTHbwZKXyCVmgb6ZdDdj54JUoOOLVL_0rKU4j62JCH6fb0NRWEnfLWhGBPopbZj9Ig3z6fsQw3Z1hmWJ1w7emtQ43v7ILZKypuSIwNq0C4MStkL1HumiwQup7Koo4ywSDrxJhtOpJm2jwu7yKwHLR7KNtwYapySCwufKAY2Z-wrbzGo75J3Yw38YjGMpevHmymJ67NoHzLUYlSEwuMBYQyLwoLHJEo_qpRI2NI7F_FWrB40nC0LRyXj4XHTzEtRMcj5kPbNw4Zd4CkENoKSg5NZ8_M7HYbMJPLCLMLRZlt9VLp2UDTlbKQb7qsClTQhmgKqPHdTFchgRPAcgoIV9iYuuAARgwe6vbik2NZO4OgCdGFvpPflxuYHo0k_toTDcGsB98xtdEj54sBTT0sD9K-u8Ahhv6n1W8A66g

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF16 43 B
215 B 172ms
172ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=a39e18a9-5080-8a1c-4a18-e46e7486b4da&tv=%7Bc:sEMq6T,pingTime:0,time:1559,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:42%7D,%7Br:r,w:300,h:250,t:486%7D,%7Bpiv:100,vs:i,r:,t:1559%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1559,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1550~0,1~100%5D,as:%5B477~0.0,1074~300.250%5D%7D%7D,%7Bsl:i,t:1559,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1550~0,1~100%5D,as:%5B477~0.0,1074~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:320,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C17.1520146-76103085%7C171%7C172%7C173%7C174%7C175%7C18.990511-61634098%7C181%7C182%7C183%7C184%7C185%7C19.1520146-76103085%7C191%7C192%7C193%7C1a*.1549653-72555946%7C1a1%7C1a2%7C1b%7C1c1%7C1c2,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:43,sis:503%7D&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 206
Partial Content videoplayback
rr4---sn-4g5lznl7.googlevideo.com/ 5 MB
0 170ms
9ms Media
video/mp4 2a00:1450:4001:1c::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5lznl7.googlevideo.com/videoplayback?expire=1698810712&ei=2FpBZdW5G5LCmLAP6ry8iAE&ip=2001:ac8:20:3a00:1011:6ee:e05b:690e&id=7c635600ba0fd414&itag=22&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=Um&mm=31&mn=sn-4g5lznl7&ms=au&mv=m&mvi=4&pl=49&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=58.723&lmt=1688569066468863&mt=1698781521&cpn=vPck7bPajttv5FUt&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AGM4YrMwRQIhALpm--BLS3RvT3xfmno9Fq2EVK_vV_pBSqckTkjoePKWAiAauo11CYKpIM4ONrPR1Y00FlS5TDHGo_jG4ktfOH6sBw==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AK1ks_kwRgIhAP6-nbazMkdEFDh2WSyX1upooBuNDNt9T_CoYSTnXsROAiEAs5DPD1M3WFDuWhrQDy-t30qgk5d05CmHwma_-0xOrZA=

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1c::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.eokultv.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 31 Oct 2023 19:51:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 05 Jul 2023 14:57:46 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-6908230/6908231
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000
Content-Length: 6908231
Expires: Tue, 31 Oct 2023 19:51:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6346 0
25 B 46ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BOjKC1lpBZaGFIrn_x_AP58Gj0AgAAAAAOAHgBAI&bg=!goGlgc7NAAbo5yKYyOc7ADQBe5WfOER7msc6YyfdsSeH_RoVeGGMsi9D39QjKTwiy7w_iwt6GwJI9_NYX38nMfUWNX2kAgAAAz9SAAAABGgBB5kDDPCX8TzU7_gbkmPLrJMaGq2n5iBoXanz57DcXUN555m79gzc2wzcdsZfLMYWiXxK0scACvw3p7dgLA1cUJ7l4BDXqbVGaHGuj3B2jQPvq4oZkzHx-TLOmWNKKnUfSzLloYFzqAm_pcqxWxDuoLbahPbzHh-qIhRo8Chfu2kJwueYNMEka7o4cGmUc1NGFtCVVxRrtB-m5WCzFFLW29KVgvEd3yqPZ1-YFfNic0W3FyHE6RYx-86YKA2VcETrrUdFirhwi1r2ZDbVNPG49gqsQYVxIGrdmOnr4F-qmg4kSnUG7ZQtbA41_1Z-2TzWowU4FL3HjBfEOqMxyWieB9DQ6mFbIfTtvsGjsBs_gBm0speKesEpWfWzOgA2g_REFdNazbf5PRHkDWJyfwgPwYeE-CklJAMiZWoFUGKfwx-UG03VjOg77_MLKEi5Kxe-M_dgVwpR3rMzXyaeCIuyw8M-Fx9VVg8NyUQs_igsVPaOss7ahTl1z6mZDtFMX-0NnjqGVt9N0AEuLTPV04a37PnijtWIGTcv96mycW01fy1CBwPSs705-GGY8Q7bOQhHmS1rlMqV8AAkXj25FAKH0ud6X1N7H24JSJp7nM8OnpCFrvaE1F-sasWGzhfk2VhxbrDVK0QmpOGf4Rx46uCVuqp6OGazf-CYz43Hl8eXs4eCDfbjSyBjXs2QbSW1eK8mffvVteSAMV2eJX599uUEDw9LqmQVCczKhWOtAC7zxjQIfmCAw4NjF1c6WGpV7ea70IeQCTDcfXxHZiKpzRQptl1AGK3ZmiGdi00HGzCkiqiUG_jfiUtfJJHp_wRobMnWlo0vUzxecht9AQ5fkhlrNY4lxxZjO34YxeItwj4GuS_ddXmLTOmX7qVj1RDnH-il3BeWHLMk5npCs1vx65wMNRAb3FjH5m1qz63jVYghS2geFdJN4Fb7TOAj1fnIO4Ql_fwcGT0SCw-OMAlYn1Lv-khCGnfmOTICEbNleNFMdWS4-xWKvuXrhbOLvz3_A-BoIwT7lU6pO-VPV0XFF_ryEw

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D23A 6 KB
3 KB 16ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.eokultv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 19:51:49 GMT
expires: Wed, 30 Oct 2024 19:51:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3174 0
25 B 44ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BZ5IP1lpBZfOSIY2q3gP-vaH4BgAAAAA4AeAEAg&bg=!Dg2lDULNAAbo5yKYyOc7ADQBe5WfONbxxeYe0INjWZzsXVSyzomcJBgcHrfqvocxNOe3x6KSAYRM_ObtzK3oWIqg218vAgAAAyFSAAAABWgBBwoAJQERJ6s3h_PyTIgtrrj5OUuLQTOUhjSjxKM5HQFZCkUbsGCz8TOZAwCRrvJNte4QukbwEsyYCZxKiBLFqE95YoqwHF-6lw98VGz6ancS3fhrNqtOfw3zlMegSMQP7aVonYRZbgIOK0vT5pX2TVVHofeQTex3xxjvG9DqJC7zjGV9OkZ94iB-FrR9kMdMr42tCzBoiUL0vrpFaYu27DUqXUM310E0w7WqOt_mYNv0cjWf3YqzIDw2VaBsrKYsyY7qUBniyRLOVg1dJ8dowx628j-ky__-3fJJ3GdiDMHruAw67sclBZv5FyqO9Nm5Scxf5FH35LRjMjQlC_TfqFbZu_5sb5akKMNSZvLuJwwvzlCWWFNcW9dJ7kU_bDoHCtXGOG5yOyN14z2d2URzElvAEbi4tkL6_1I5mvKb5GaYND4YXVTZmAtgq8JULcmAWKPdEI0AZFx2_WK-NRmBvBdDhh7eSI-qatSLWwAOos2gmJE2Hof4z38hC__O_GbmWaSTGePN6VUsLCZOLAO6OvHALwkMY7ftiJzwAlYr_miEa0FRCnTgXcaN_sOXTKj7CHT9s4kollagfXYd2v8VOHimoqD_smzPXbHB2SKUVHPORRU4S-WtlGrtwm3IY7bsT8vZG2Qvux85orwDF01M0RWxXkLHTJe4kgZJ47r_YPVu3X9f25CGYlPoK2hT2uOlfTzF2lHzU8ktZJ-AL_Zv4oWm4WDnqB-Q_7JCO2GMDDbo3drCakXGT69SaBmI6XZH5qWtwWyyM7IJH332dlVXaXQeG3djDCtbLxs1g9YgQRSbmEVhXWoL1597lPoODQvbgDKnA2-eN73j2V_fWhUg7TSbFqYY0AHOHeIQ43GBtEOuFc_0kKLwc7vq2mR2-bVx_JsPMtV4_u_sPZ-K4KOwNHLluproVeoseanS_oB-EF7tCVGmn3_rXfVK7dAgrluAdgTNMZlg0AgzLde_cokOZDLGoLxrfBQG5wD-yJcm9ZmQCSPrf_FeO3PxjzvteAgZj_yUql4vwcbVZsy4gd7uBiaa1jSoZ_WeOcMstPihh45Udbpl31wwIomfHWk

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NGHJB18CB5&gtm=45je3ap0v888781661&_p=695587219&gcd=11l1l1l1l1&cid=496794985.1698781908&ul=en-us&sr=1600x1200&_eu=AEA&_s=2&sid=1698781908&sct=1&seg=0&dl=http%3A%2F%2Fwww.eokultv.com%2F&dt=Konu%20anlat%C4%B1mlar%C4%B1%2C%20Ders%20Notlar%C4%B1%20ve%20Test%20Sorular%C4%B1%20%C3%87%C3%B6z%C3%BCmleri&en=scroll&epn.percent_scrolled=90&_et=8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NGHJB18CB5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.eokultv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame D23A 4 KB
671 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 19:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 17:55:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 19:51:53 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F864 640 B
262 B 57ms
50ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNU46z_HVVlHea1X842uxfB7Low4H8-iYqBT6JjejO0OujED5H7QXlCflPfTwB2IewRqE7SmcvtsKRpoSZBGbn-kSQBZ3cjzxJXC9b_sUwV5IljmXLcVKwAjXDOwCqmG_TK2O374BKKRrchym08hqNr8lOHLzyThPzpCio5suxMvkuBVldz2UK4QJsiCz-KmFRMHBr1v

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 19:51:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C552 89 KB
31 KB 172ms
167ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 19:51:53 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1520146/76103085/xbbe/creative/ Frame C552 260 KB
79 KB 55ms
47ms Script
application/javascript 54.170.148.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-DHvG3x2Rb_kSP3zaaF4RG3ONdZ0wmENVY6yinUVCCyQIG2j11vc5oIVCyeXNj57OjiwXmXdgZK2WJcrl3IT4yp0xbPJoee_6N1nTPzQMoq97Hd0ZB0lA6XQCEOWJJu8iiH2Yv85KwpqTezU4z2Uam_NTBWUk25-HLs1MFv8MnHyUn59JESmRcAoCZ_4Kip8Pw_sx7SO6xOPFQ7xmNpgN0teMdQmYeRS0GTHYj7LQvJPyewSJ6KlmVke7MmBv22WAaoq_9SbQBUVpT_0eucnB8JwO2Cv-0NuJpeTIAnXGF6307zcypDIA_V39wU1HyW1oNkcH4lP4OA3BRcl97fzKM2n5_PbyONVmx-O9IxbmMmKvu9ZZlTO8c13sgJeWN5082pbAIYfuAIBirlfqC3UxePsQApE8Slvyin7gfp3WCxJ_oWj_y8UAMNpvnyLZcPcE-sYaNpYCQN9Wl_tUWO27YR9U6u5cHpNGLnR86xn0EDi-qBG2-yie8-EB2-hrnPPfKPRMtp9Te2-26IKV4zgRH2LBMVNq_E4rE9Wyyi2bYR7X0i04BtCZNbL3BQ0IOq0-2-sTVqfhtxEQ955Ezd5XvxoSztSO3tkN8T8xUNYR_FIpvtyFqwe5rEU_iWXm8IvyUxJmkx65jUP9IXe-eBa7aLfsXzZyTcAp0MK9LTqhB32ecEp3OEzrkYfP-wu7K0yKokKI0cto6k2TQIehg5GIQn7s1F7GF3PJ8lN_lhLKHJWV_g4qsMfAMUoVbYNToihAhHNunfIq3xu7NVjf-od5tP83ufUf0FEMFxOnFZ5Nm48IkNWVLA-TNeEDQE520lHa2sM4cdWdP8A64LMG1ou4q3KkJm9Bz8_n-YmmmfUke5fX7y9Xy6qNhzZH1zzZCorvTeoNi8ebIEGgGCkaZmOiX2vXVDz2o9vPneaIH-kvKJAvjiRldx8k8MsIvvPtTWXihngvKU6_6HmJx6GM90tiwWgHq6ZTX-e_bbPyabGZXS_BLVW-hq9vzzMeVDIBcKqHfO5jCehrc_-pYSujeJJ7Kwz17PeF8I4vg02p-dJquMB-FkIyiUMcO2QFg8vzlJOLMQ58vLZYGOCjc5ZqOiOIwmHguC_N40k-vXcO5t88qGzEB5c8e4QWrjB1iJRDv6muaK0SDRuyT0UGgqulhhmutnNWrTtYyNaMjz__balQZBhtbIbd-nT8ErW4qkYnVTL-SK41H8lq_2QLuxgeg6Axw_dUZeVG80_aGvIygdsVoK-DWBLispa-JwzKjAC5-KbVgJLmdwHA3ofuMw-yO054KH8RiqYSmafpPfxdoPwqB0q7K3mbFTQkrkymIz4uSTBur8jYnNoAfvfe3NZJQftq1vGjDWwU22fPJDpIpeTOW0Uilf-22T23BhTnMtZXAB6KTB0ZXIlKFviTF7uenGbE942m7h1opGJrWY3QTaQc4jbd8vGQBZvFh1bbamxn-4oYs2d-BJcqH1mhhENwt5arJn-SH5l8iJyuf0kJYazLpuR1t4BeI_hmLuBPkbfisgo2E1DIugbwEPYE96U2olX3DZ3AUFbMJ2cbH30JkEG_wyGHf7lKA0NDd9GXF6UTOLMI_GYrJkm76QnZYMvDbwAPC_qtVtgWEOwFp99J0_Xh-o0kWEZSTwnSRZSgIF3Y9PLCRL0-4nGig6XTZQ_5MbgxIqOBrEXymAIsweaPd4aRSjfXh4YdWiEzBat5-tiN2BT9DPkVEZcLJ1QJt678Hr7SVROqves6vybLgh7au7Yzj1nT8FAOZTEy9-4wHAjNgokrnpzDg-j3k00qow1yGEuM1G4izpAenuonHeAKsZGxRsm1iKyJOTsApa9pn2ngrSw33NI3HImHGGGgjoayGRr_JGV8SToIfauEDJSyxD0h9hLelJej-XTzvU1_pzUoTP_U54aEvPmUVX5eQBWavrw3knZ3OScchgg-R6hTUH1t0uiib_5lSvx0PbnL_OCXJFjjdbFwnTO_YfvNOgNGr7iVP4C7lwSzT9Hb0r1A7wod_YDQuIKGgfbz2IFfPxGLT-2g8qbvaBg6tJcPJfhJc0gWatuMlyA_SYmVQ391llE32nCY9Y9cQ6AQgLMCjPvoJkPTrpBvObMYjst2BKOa_NXchzrwJSrpwUTFJMp-N4CrdpgmEU742IqTIWglYixWYyGCY70rP0HLVc696PLqPP-t8Kj69clWGO4v2cspbGMtJyee17hlwoq3_G1Vm3kgymByFya71iDTehVHPwlnmMlsRmlUBvgnc7Q8vB7IzYfXbJ14K5cX8Pq-sTqlEQhySrF37FuXlCfFzIXvtJrodYMJzc84i5OXLBWNZUXA18eC3Asotc6yk1WkZa20sLAFAP9T_WVatbAxCVIo-l6ZpWfQu-mReI9EGTwi0nEU83rh9dslSIyofbaalM5JmSWHwyC1y536Klck1J_YnLXNNVatr6w5yXR8G8CJQ4n3kVCyIurh2ZfRqvZcVgfWg8mhgSgt6ZuqCqeIsHpwkYq_nAVdbW-mkAULR-_UJ34QX_gd99OuN3o0lUYgMnaDZ-1lu_W_jwRf9G0-sOyLRUw_VLJTLl4y_QcU3bNkvfIH18Uz5n1iyvms4MnrGZCVyN0r7nmpOJQy6Nk7e46vQHyfj8Z8lVlKO6uh_vCMG9_LS-UNi4XSSKfzSHwSoMAlvfKtKQ01O1HuqR5zTzUB4l27NuQ6EPCvG8pvBil8GJbJuC8X30lTa66DFWqlNZ9yrNyA0npnlB0i48N0WR4jCkVePbtjCOoD2uNydoeiyMMhjJlg7S7-J55HREHIbfR8H0tEoydmTJ8Lr-XGU-xZ_lCUbnICBNtCrz0zCrcJAFmnlfPTXv9R4aWR5xKXZRwWNTM3FsOW5GTXeszobeYiUEpwJ3K6LtCYRa6noDp86F0ary6lIN6eTm5bAdSu7zN2ITIBdhhyc1zMFesLZPOpJ3DTa1p0RWLNawRqWAL58MWYgvP41FulIASBvxq5jvb-PCnyokSRP0m0yRMFxMqpKzixFBZH_lG5EDe4hWyeTdmCXAQADdzAOCxYqLIgsW7C5SV8UXcWMedBLF5j5GGV3jmj_Q8qjvXAVzvSS3-r79X9M3BIyw6E4-LDzmRQ-XCs4HFx2jJSkbrhA3nfL9xeDDqQMuhXbQ86Ocfj6suS9UEQas8pXW0feyicVpBhRomzFpI0TyDrU6Ghx-35DG7egEi7Kpar1-_P_Rr0F93hzS-Qb32MXqlJ7q9XgAQIBX_kVUk1-u20uMZrNu9pIg-k5LNDienQ0Z-u_YY2wdvf-BmK-6CZ87bxKqnwlZ4he_xYzn7m5Sl7dLAnnsOMM6eZ2isJc1qj_D2mE_wL8WIcP_GISUiowgKTZOqtSVQE5Qs3FoQK6BuasD-xqsTNYlcygvJBs6Qw8AcgCb865sdEgQem4X5SyolC1PgDiu229GMKEkzflA1juJHmJ3yMGryIJ6hyNOpR1ypqU_m6nUKEZKtbB-9B9l7XfKg0jQyIYQJskGO0B8OkiU3cTrWcuaIdAYKfJ3Ob6xXvv4WNIA4xOPo7RNKnJckfWA_ii1oqYV5toEXq4r5hpoR9vRBVDofVlOAy7k7gkDcw8QpmqIFbjg2KMu-MUQb957Ux6EICOfiaSqar2VhwSjJsk6x7VNEyKOqeWZwV9g-T-FL58A2DHKwdOaJXzv4D-bOrvoMNRZNGrPAZFfWueRqQjv2Rrxlsn0gwzjaSq2aCq8J0gWaBDewhEy7kxTgZ2WTackKgu2zJyRPHbYjIoVWiUE8roiynRv3WvLM3KzK18TbCLFF5UajLSVWTLtx1wHbHn4APhx4V1PIuy3NwccGV3S6uH1HskrH4A0IHH_sFW-HG7ABHxgCF0UkhLa-Nwbfr6hR8gHCo3gMBMRdtQWkddeRbFQjP6pACuv0GqVmh0kghBq-y-6YfHUN9dh_UVFEgY97yQ7z1-ISn8QoBr6rPMuEmkKQSl-GHc5aF6NpBV5Qg3g-Zqgr4ZCnz17Mf2H0AW5QDBKd8U1Z0E0ZTLaYTTYc-t5KElvXxCYUjYtwBhJ3xrKM5xNUpIMzwGgvZLzxGujY4F_5qaGRL-cCI-Dtz0DkD5cgg60Pw-Zo9jMg5RyGeQr1VuikfNcUrsH0xpUCAQSTgDICaaNI8b6NZiT4qZw9yo03nMCnMvY1Cc2imrne8DTX5aWGlEUuTBcQRIZgh9LGbHMVwJhKHOVoxsQ94nw9-bVNLP0J1HLIjU9jRQg5RgBYAE&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=20409787662&bidurl=http://www.eokultv.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hzNCtrl9fH_Un6NFj34GYS
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.148.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-148-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c6d4c9a55dfd75be40045ff69afd1efabdd8f66f9848d127268cbef9d0385924

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame C552 3 KB
1 KB 69ms
63ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15930
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 15:26:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame C552 20 KB
8 KB 66ms
61ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:18:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1979
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:18:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C552 0
0 21ms
16ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZdjYBOFKPXxuJCvISrzt94zRuAqnz3V2zuZz8yW31PDshDIjbD7FNhBJ5utKg8NElWt_iZB0pG8vFbO9tLdt7Qq9OMQ
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C552 188 KB
59 KB 64ms
59ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 19:51:53 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C552 42 B
68 B 76ms
71ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CCR1U8dCT5xfuQCWIvRsxzO9qeLSGvHfcpBd_Ay_wDgCnlF7uAjXHmY2j-FlfjTNlZwyJXE0wfhYL4WOBg3uCzYduCE88fQYZB2uc0vj9uzbZJL7M

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C552 0
25 B 75ms
70ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6624748079206966185&x=1&ct=76

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame D23A 20 KB
8 KB 66ms
61ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5198b4b9434e8096a62ef0b08309a7835e40508875b5cb3f2daa929fe28757ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:42:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8600
x-xss-protection: 0
server: cafe
etag: 14061149270319446037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:42:13 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9732 42 B
64 B 45ms
44ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CAGm311pBZZfLO_ex2fcPia6euALm0ryOc_jGiej0Ea-BuuPXAhABIOa0gmsoAmCV4pCCoAegAf_bisgDyAEF4AIAqAMBmAQAqgSWAk_QvrM9MPcKSteqfYx4Y_GLrgGfXtJsaP2Qo2KzP9yeqnIo_oacxe7jprVWuBFEULKzWxeDIH9_LBORwDOWybLKt3lGID44vM_fHzJjpbuafYIKB3ku3jwwa2Bf7GYFZCeiGq0l6idiSCqHGnWbJEQ84sm-pyhci_BEAdah5YIUFpZxCVOcCG7lvauEN0NzCwweyT7bKG3p8mm1rD5uCMe6YyQQ1N7T4GuJvvdt5SevHzf1sDMjFV5QrnRBQQjAxaCsvz4nDl6t-inQI44CGDPhT6SltOfVvfEnB5OgH0GABht_rpO0XuuRqRUtTpwkvDEocj3c685Gic7GiTVXwtDX-vDYhwiICAZ_QUyNKkzohfyQ_esmwAT3iKjavgTgBAGIBaH3idBLoAZUgAfy3vqjAqgH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTE4NDU5NzY4NjM3OTIwMTOxCSmyDgi-_f4bgAoDmAsByAsB0AsO2gwQCgoQ4MbFmN_txpZwEgIBA5oNAQ6qDQJERcgNAeINEwiO2Kbjh6GCAxX3WPYIHQmXByfYEwyIFAHQFQHiFgIIAfgWAYAXAQ&sigh=CAh2lh7ifbQ&label=video_ad_loaded&sdkv=h.3.599.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYxNTQ3MjMyNTQ5NjIMNjY0MTExOTA0Mjg2QLYFUiMQDyUAAHxCKAE6C2ZHTldBTG9QMUJRQglnb29nbGVhZHNQABgB

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 9732 0
0 147ms
53ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CLbSH11pBZZfLO_ex2fcPia6euALm0ryOc_jGiej0Ea-BuuPXAhABIOa0gmsoAmCV4pCCoAegAf_bisgDyAEF4AIAqAMBmAQAqgSTAk_QvrM9MPcKSteqfYx4Y_GLrgGfXtJsaP2Qo2KzP9yeqnIo_oacxe7jprVWuBFEULKzWxeDIH9_LBORwDOWybLKt3lGID44vM_fHzJjpbuafYIKB3ku3jwwa2Bf7GYFZCeiGq0l6idiSCqHGnWbJEQ84sm-pyhci_BEAdah5YIUFpZxCVOcCG7lvauEN0NzCwweyT7bKG3p8mm1rD5uCMe6YyQQ1N7T4GuJvvdt5SevHzf1sDMjFV5QrnRBQQjAxaCsvz4nDl6t-inQI44CGDPhT6SltOfVvfEnB5OgH0GABht_rpO0XuuR8RS_C5YucxC685t6j1LgiUcBq4G4Dt__897AYJ1XKrKahGGhMs9qO5gMwAT3iKjavgTgBAGIBaH3idBLkgUSCBIQBRgPMJSov9CLwNWxfFABoAZUgAfy3vqjAqgH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ5f9sqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMTg0NTk3Njg2Mzc5MjAxM5oJowFodHRwczovL3d3dy5ncmFtbWFybHkuY29tL2EvZ2VybWFueT91dG1fc291cmNlPXlvdXR1YmUmdXRtX21lZGl1bT1jcGMmdXRtX3BoYXNlPXByb2Zlc3Npb25hbCZ1dG1fY2FtcGFpZ249aW5mbHVlbmNlci1nZXJtYW4mdXRtX2NvbnRlbnQ9dG9tYXJ5LTQwcy1nZXJtYW4tbGFuZHNjYXBlgAoDyAsB4g0TCI7YpuOHoYIDFfdY9ggdCZcHJ8ITBhj_24rIA9gTDIgUAdAVAeIWAggBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt&sigh=8tcn9L73nIk&cmd=Ch1jYS12aWRlby1wdWItNzk4MzY1MTI1NzgzODI4MhAAGAI&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaNOixLGPdjgY53TRWsVFJLp3Cyypg2eBQK6Z1u4EYHuIs7bhGmxbDCK2SwBEk2wBOSfJkSDOdI8r5Ji-MkBt2kywk_JxKVeMsRMhgB&sdkv=h.3.599.0
Requested by: Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H/1.1 200
OK Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame 9732 41 KB
16 KB 268ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.599.0_en.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 22:46:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 507918
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15406
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 20:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs"
Vary: Accept-Encoding
Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 24 Oct 2024 22:46:35 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame 9732 0
0 252ms
250ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.599.0&e=44752657%2C44772139%2C44777649%2C44781409%2C44802463&id=ima_html5&c=814652306593749&domain=www.eokultv.com

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.599.0_en.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 19:51:53 GMT
X-Content-Type-Options: nosniff
Server: cafe
Content-Type: image/gif
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9732 42 B
64 B 61ms
55ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRIzt11pBZZfLO_ex2fcPia6euALm0ryOc_jGiej0Ea-BuuPXAhABIOa0gmsoAmCV4pCCoAegAf_bisgDyAEF4AIAqAMBmAQAqgSTAk_QvrM9MPcKSteqfYx4Y_GLrgGfXtJsaP2Qo2KzP9yeqnIo_oacxe7jprVWuBFEULKzWxeDIH9_LBORwDOWybLKt3lGID44vM_fHzJjpbuafYIKB3ku3jwwa2Bf7GYFZCeiGq0l6idiSCqHGnWbJEQ84sm-pyhci_BEAdah5YIUFpZxCVOcCG7lvauEN0NzCwweyT7bKG3p8mm1rD5uCMe6YyQQ1N7T4GuJvvdt5SevHzf1sDMjFV5QrnRBQQjAxaCsvz4nDl6t-inQI44CGDPhT6SltOfVvfEnB5OgH0GABht_rpO0XuuR8RS_C5YucxC685t6j1LgiUcBq4G4Dt__897AYJ1XKrKahGGhMs9qO5gMwAT3iKjavgTgBAGIBaH3idBLoAZUgAfy3vqjAqgH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTE4NDU5NzY4NjM3OTIwMTOACgPICwHaDBAKChDgxsWY3-3GlnASAgEDqg0CREXiDRMIjtim44ehggMV91j2CB0Jlwcn2BMMiBQB0BUB4hYCCAH4FgGAFwE&sigh=feVlT2p8NNg&cmd=Ch1jYS12aWRlby1wdWItNzk4MzY1MTI1NzgzODI4MhAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D958%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D457,975,635,1290%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D58676%26vmtime%3D-1%26is%3D33554707%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2231%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D450467798%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnk%3D1698781909835%26ptlt%3D1698781913123%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1698781912696&sdkv=h.3.599.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYxNTQ3MjMyNTQ5NjIMNjY0MTExOTA0Mjg2QLYFUiYQDyUAAHxCKAE6C2ZHTldBTG9QMUJRQglnb29nbGVhZHNIqANQABgB

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9732 42 B
69 B 56ms
50ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzPb9OZyhE8uxuEn_t1CRfB_Nd3PgChxm684sfY_3wXQdHXN_UGtvjfeuNvYKHnyGGLncqSRUSHQAl_YpRv-fRMtiCYn5FxWFb8bJ5L-WaXWkxuvEGjUq-eAxkuw8m3YC5l_Adtw2_GXSLWacjiXk3JPiguKVRJob-EilylepP5PZPawDkAlXjjZhm9s0D5RsfBOP6tM4&sai=AMfl-YTA1glTq5YXapTPv1_MhwB8lrN9y-F92fVV_GvzxwcRiSwk_UyOKKpmRllWXh46rlVMp1mJXf3t94etkN6XRu_Ss2Iy9rSJZI2mAmdURl4qFF-kSVHpoTgfBHeW2IXZiNFZPmNFyvU-njl4rCtl&sig=Cg0ArKJSzCYpzLOYcvyJEAE&cid=CAQSTgDICaaNOixLGPdjgY53TRWsVFJLp3Cyypg2eBQK6Z1u4EYHuIs7bhGmxbDCK2SwBEk2wBOSfJkSDOdI8r5Ji-MkBt2kywk_JxKVeMsRMhgB&id=lidarv&acvw=sv%3D958%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D457,975,635,1290%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D58676%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26ic%3D33554706%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2231%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D450467798%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnk%3D1698781909835%26ptlt%3D1698781913125%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1698781912696&avm=1

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9732 42 B
64 B 57ms
51ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRIzt11pBZZfLO_ex2fcPia6euALm0ryOc_jGiej0Ea-BuuPXAhABIOa0gmsoAmCV4pCCoAegAf_bisgDyAEF4AIAqAMBmAQAqgSTAk_QvrM9MPcKSteqfYx4Y_GLrgGfXtJsaP2Qo2KzP9yeqnIo_oacxe7jprVWuBFEULKzWxeDIH9_LBORwDOWybLKt3lGID44vM_fHzJjpbuafYIKB3ku3jwwa2Bf7GYFZCeiGq0l6idiSCqHGnWbJEQ84sm-pyhci_BEAdah5YIUFpZxCVOcCG7lvauEN0NzCwweyT7bKG3p8mm1rD5uCMe6YyQQ1N7T4GuJvvdt5SevHzf1sDMjFV5QrnRBQQjAxaCsvz4nDl6t-inQI44CGDPhT6SltOfVvfEnB5OgH0GABht_rpO0XuuR8RS_C5YucxC685t6j1LgiUcBq4G4Dt__897AYJ1XKrKahGGhMs9qO5gMwAT3iKjavgTgBAGIBaH3idBLoAZUgAfy3vqjAqgH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTE4NDU5NzY4NjM3OTIwMTOACgPICwHaDBAKChDgxsWY3-3GlnASAgEDqg0CREXiDRMIjtim44ehggMV91j2CB0Jlwcn2BMMiBQB0BUB4hYCCAH4FgGAFwE&sigh=feVlT2p8NNg&cmd=Ch1jYS12aWRlby1wdWItNzk4MzY1MTI1NzgzODI4MhAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D958%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D457,975,635,1290%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D58676%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26i0%3D33554707%26ic%3D0%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2231%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D450467798%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnk%3D1698781909835%26ptlt%3D1698781913126%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1698781912696&sdkv=h.3.599.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYxNTQ3MjMyNTQ5NjIMNjY0MTExOTA0Mjg2QLYFUiYQDyUAAHxCKAE6C2ZHTldBTG9QMUJRQglnb29nbGVhZHNIqANQABgB

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 playback
www.youtube.com/api/stats/ Frame 9732 0
0 107ms
44ms Image
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/api/stats/playback?cmt=0&rt=0&rtn=10&delay=30&adformat=2_2_1&c=vast_gvp_ads&el=adunit&len=58&ns=yt&ver=2&vtype=gvp&cplatform=desktop&cpn=vPck7bPajttv5FUt&docid=fGNWALoP1BQ&visitordata=Cgt3d09CcEdJZUNFYw%3D%3D&of=-_xhI4eL4MjOL53E0nwGhA
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9732 42 B
64 B 60ms
55ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRIzt11pBZZfLO_ex2fcPia6euALm0ryOc_jGiej0Ea-BuuPXAhABIOa0gmsoAmCV4pCCoAegAf_bisgDyAEF4AIAqAMBmAQAqgSTAk_QvrM9MPcKSteqfYx4Y_GLrgGfXtJsaP2Qo2KzP9yeqnIo_oacxe7jprVWuBFEULKzWxeDIH9_LBORwDOWybLKt3lGID44vM_fHzJjpbuafYIKB3ku3jwwa2Bf7GYFZCeiGq0l6idiSCqHGnWbJEQ84sm-pyhci_BEAdah5YIUFpZxCVOcCG7lvauEN0NzCwweyT7bKG3p8mm1rD5uCMe6YyQQ1N7T4GuJvvdt5SevHzf1sDMjFV5QrnRBQQjAxaCsvz4nDl6t-inQI44CGDPhT6SltOfVvfEnB5OgH0GABht_rpO0XuuR8RS_C5YucxC685t6j1LgiUcBq4G4Dt__897AYJ1XKrKahGGhMs9qO5gMwAT3iKjavgTgBAGIBaH3idBLoAZUgAfy3vqjAqgH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTE4NDU5NzY4NjM3OTIwMTOACgPICwHaDBAKChDgxsWY3-3GlnASAgEDqg0CREXiDRMIjtim44ehggMV91j2CB0Jlwcn2BMMiBQB0BUB4hYCCAH4FgGAFwE&sigh=feVlT2p8NNg&cmd=Ch1jYS12aWRlby1wdWItNzk4MzY1MTI1NzgzODI4MhAAGAI&label=admute&ad_mt=0&acvw=sv%3D958%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D457,975,635,1290%26tos%3D15,0,0,0,0%26mtos%3D15,15,15,15,15%26amtos%3D0,0,0,0,0%26mcvt%3D15%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D15%26pst%3D-1%26dur%3D58676%26vmtime%3D-1%26dvs%3D15%26dfvs%3D15%26dvpt%3D15%26is%3D33554707%26i0%3D33554707%26ic%3D4096%26cs%3D33558802%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2231%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D450467798%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnk%3D1698781909835%26ptlt%3D1698781913137%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,15&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1698781912696&sdkv=h.3.599.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYxNTQ3MjMyNTQ5NjIMNjY0MTExOTA0Mjg2QLYFUiYQDyUAAHxCKAE6C2ZHTldBTG9QMUJRQglnb29nbGVhZHNIqANQABgB

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5fe2e870e4b0b8eb9e662790
ng.virgul.com/tck/imp/ 0
213 B 57ms
53ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/imp/5fe2e870e4b0b8eb9e662790?pai=1&r=153624@site_geneli@eokultv:site_geneli&info=&t=linear:preroll:cl10o0&cs=1698781913143&v=http%3A%2F%2Fwww.eokultv.com%2F
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: http://www.eokultv.com
date: Tue, 31 Oct 2023 19:51:53 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

POST
H2 200 count
logger.virgul.com/ 0
116 B 50ms
44ms Ping
image/jpeg 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adStart&g=m&r=npm_eokultv:preroll:2400-2500&o=&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=10/31/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 19:51:53 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F864
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOF5MvQ1wQKCgVFGZ0qo0ic&google_cver=1

43 B
105 B

20ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOF5MvQ1wQKCgVFGZ0qo0ic&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNU46z_HVVlHea1X842uxfB7Low4H8-iYqBT6JjejO0OujED5H7QXlCflPfTwB2IewRqE7SmcvtsKRpoSZBGbn-kSQBZ3cjzxJXC9b_sUwV5IljmXLcVKwAjXDOwCqmG_TK2O374BKKRrchym08hqNr8lOHLzyThPzpCio5suxMvkuBVldz2UK4QJsiCz-KmFRMHBr1v
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOF5MvQ1wQKCgVFGZ0qo0ic&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame F864 43 B
295 B 71ms
17ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNU46z_HVVlHea1X842uxfB7Low4H8-iYqBT6JjejO0OujED5H7QXlCflPfTwB2IewRqE7SmcvtsKRpoSZBGbn-kSQBZ3cjzxJXC9b_sUwV5IljmXLcVKwAjXDOwCqmG_TK2O374BKKRrchym08hqNr8lOHLzyThPzpCio5suxMvkuBVldz2UK4QJsiCz-KmFRMHBr1v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame F864
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESENgoKBbOdADZVyKz22bQGPw&google_cver=1

23 B
163 B

189ms
189ms

Image
image/gif

2.19.245.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESENgoKBbOdADZVyKz22bQGPw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNU46z_HVVlHea1X842uxfB7Low4H8-iYqBT6JjejO0OujED5H7QXlCflPfTwB2IewRqE7SmcvtsKRpoSZBGbn-kSQBZ3cjzxJXC9b_sUwV5IljmXLcVKwAjXDOwCqmG_TK2O374BKKRrchym08hqNr8lOHLzyThPzpCio5suxMvkuBVldz2UK4QJsiCz-KmFRMHBr1v
Protocol: H2
Server: 2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Tue, 31 Oct 2023 19:51:53 GMT
pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESENgoKBbOdADZVyKz22bQGPw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame F864 23 B
163 B 206ms
204ms Image
image/gif 2.19.245.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjIioH8ATAB&v=APEucNU46z_HVVlHea1X842uxfB7Low4H8-iYqBT6JjejO0OujED5H7QXlCflPfTwB2IewRqE7SmcvtsKRpoSZBGbn-kSQBZ3cjzxJXC9b_sUwV5IljmXLcVKwAjXDOwCqmG_TK2O374BKKRrchym08hqNr8lOHLzyThPzpCio5suxMvkuBVldz2UK4QJsiCz-KmFRMHBr1v
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Tue, 31 Oct 2023 19:51:53 GMT
pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C552 0
25 B 43ms
42ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5292461119218&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C552 0
25 B 41ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5292461119218&version=m202309260101&ct=76&x=1&cor=6624748079206966000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C552 16 KB
12 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjkMJnUUc0c1Hbp2a71ccfnlI5mNt9EzjheeL_HwV2-aLrI0hkkpoOJvZiN-Rm58rXTT2b7WzxnknWFfW1eMZMYSQX7zSL3sdYz21vrhiS32ji4fQp-EyS-Dzo1y18eH99VcQNJojkhs6xjEmitgcmOMSgj8ZwrUW7vZy0UoMXJBKoZD8&cry=1&dbm_d=AKAmf-D_puPN-FtDbfc_74NADZaMHHE6Q4DVGiqkMxMKbzqdSTWORNuTrtW-UBo2ZiNN_KU3P4UW76aXZ2cei1cGfcIOp7UUiyU5_QDGLsen6-stIfMEtIFPzb8UOQqU7MSIwyMeK3r87ekousJpePXCQFVQ3GAMtqeb_QF7_DGKNK0WyKfG2-GnWrJvtgD6Kk60aKxYRlvStdn2qeABPNbmxnIXjFD2XKMawtXokH6ymtVxXx__Svxn88Pf2WxbZ4ye5sPgy899kFrA_wLZAjJ0YTMHHH83msa__uG1tES3grzSRwsMnORIpr7XbWE788rMigwZddMRBanAnZ6V0XtBXHpCJsQ_QnavAoRkWMibyUssNvM11z_s0IuvtcAWTHrsEtNpUbr_8er9qYWJh6o9Iuw37jz8iDS8LSKq3f-46aQDttDTHhMxJxMjF14CO1MKp5lCRgFzzIpcZSjvpZY8E7reFubBHJQlkKwxcyFql77bqLv_37-DsYo4Y6uMF2peQAvomhHkh7Bc_fM-gc4IOJIqqq3oCLXC9T8ax6klvTF_S5TcDmPfdwJtDVL4MyPZqf4pbgtBwN4MqCdNOJHwCGHQRewLjZ-jnL0E8tiNqnzEo6bhFuHNiFS_PEnoepVHlXAJsgXaWA_Ts20JEcuVoULp0GoDg3GsmXAi1n6w0Lmy9ue_9_YAE-xCxRrcT4GxIsDaTJCF-WwhfOODknsvVxEF1uKe26NUso8tKugt1ziT3hts4mIcCNQ4QS1tmPsF3-iJPvdBCIpaV5LnzWN84H0fHjhJehheSrGU1ysjfBbR-SmINy73CWMKh_qMSihHWUkThYhQCdJ5jcKf1kN0nxZGYQ1YME0rE7VWrYxnhVjpECwLoz7F8Ybv6EFH85dPEAmdDOgJhv--9y_kyc2iwdjXQlMFe9O03gPJ-SE1OZyj3GvF2LVOQzKFXlFkugAtVDRS2CYyWeobdjIiIMq_q4PJMPEzeFHrFJAM2AEpePHAWosgVwCtcue6-W5hTZICBAbBYAnL2eGCGLaQl1a0smQXdY-qJsnIw78wkEjUPhfKM_Qvbinsn49WtiBjsL4XjULevXYr2W_R8yUXg9YuPWKSKChAYBDRnkgopr86wBtEJG32NcOUvc1zJE0Rcfvv3GfRDbwCZ8TWK9MTxhktlxyVfY6aSIN6LZLT1VRHxC815iyLU7Gnij1xsdEapnNHRYxnUaXHEzqU2UkAFOXGw0bzlMrRrHP-I7gWw5tHDgx-aJvk9vhEsBZ43NyXcRQHShxFB7qso-660kjdCBCzk9y56ul0ZebwkbKcPjT24fsM2jtILAERG7Hjqeg7-gYSMSHVRNSa1zSdvbkzBXnfcYBbjlf-BEmeZ5KDJ0rmHn7X1x1ZGNrUofq2BfBeld3Kmr7O_-K6YVtgmOHmy7tomWYHK8QtQmHNtVbQqrbl7j6NuOwO_hyqqZSEJuDCH-e_vmFt5xh3UUu2quZzIJehd2h7loBKjR4AgCFLzQGhGSbqu4cZmRMP9OisZXNpu_dgeYbfhrkGkz-bGqexeBCvmjvoHIZ28koGlIUn4keoT2kQndjhRGexhajEpIBKOkvPKzOQ74GWVOxGSy5dB4y_GE01R6p6YCqz_qlPBqx5EwjdDFCDEF_S38TvAw9x5SKhlz-9jd3m3lgu_aqbifsz9XxehvXUaqDATx49ZoB9ZyrTbgPlRHvQV3413a38D_v3ESKxmF8XjTk81Vyrqk61D9Fd5UsKdi4ZqZa0u1a2titr7un-1DFCMOtyD_1FU15Ci60u7_YbCUpWy45KXaJdMBueC9f6RFzI0kFWw2RIhsVDU6zeZwPplJZjt7kx8BzP8pK3o-TDGU0lEzc97zhe5oQoIxJnMDB2EB7PScyyJS2lKX5vmMldk5J6cRDcutTbGtmrxIlrSHWNlOY8_1Nuoo7vwMjL-YqBn961z8JTwu0egGGFTs_f5_IYq93Kbspqddq4jn8QPtbrk5WJuHArFA_fcXfid3smUkD5XHpWAbpPbInOtkvXkyhGgiDe_HNKEq4AWUcTXsri5ZVNntXA1aLumYdgrEMZ_E5Qa9exxOe-5wRIMisNDFsIBL4soNPOYO9mPWww39YAGrvZAiDvVSXLzCZqnOKmtMpkkrZSqzU2vVgovhFShgtA1nFf8QiOFjFclnPHez_dqCmMUgGRpoFofCMu-oUVAZRpDbISDQzVtngXI_LfFBcX6PyE4a5QULMnE80F3AQQIRWcQDegB2RzrUCk3crujKGmUPpPe0i1myLdzgKiXRMsuypJ9k3W2qU8rUqI7R9Rq0DRzXcrXf1ZrZim4-lWdnbbBXm8EWY88Mu8yEPhIrM5BYKlrIPg2s0c2b4dKYi59iUTSAtDy94CXrVxJi4nkFw63t5cr6RFfGGoKqEk__9pUsL6SA8w92itgAwx8sG2J6end1oSStp2d0ME1Em2FR4Q9J7lB7nouqddyUzk4AZvhB6QDhBEvU7CStLRFgpHcQ-HC_SGQpNS5_M1SoL6Rmu4xRz_06CATLKiEgVPShvb2VjIDDuiI7D1y8tSlIeYsl2oxl2JSyRtSXGZkY_FqyA8_AGjaMB--rfbLvPmSSrS52UYkBir0iGRFFzD7ZfiisXLiEO_LwwpvKmiE-4CCNUKAt7VtdZaWaa-f2eSbrN2CUuRrwKKYE2TY4hi2qasY6y29IlqyJXxFaIYsp3lL4dimmeGZHdRapJMV3PbZTKG5YIFGFWNUj5uC1mGleqc8wpwA3z4FUGIg353TbbaLoUMscYK7ADy1pk_waMDpxtd6HxdwIHG0y78-KnZs2zQ7uc-8U87rt4AEBBiK4y-XfwLzcjmzg0KFbWi2xNaa8RaPcPYzl-E4j55eCZRDc6l-_M5Zz-1hcyfnHnSlPNpv0zELNevBHXkUFvUpenWDYBv0p_YpnDBUmZTgKozziDh0dwyg-nwf_HAq7aycmsnawExc7vdOI7lh1cONsjIc5dI6NkMuAXPC4F7gPnbqpVgGtsFoHNRXqqwuu7ntiAN2xH2UETFTnseFW4PfVMsEke_STRgNRit00bt9vNw1g68PHMCDj0uZ1uxvNy5hr8qAI96Adt0wtQfBWjLEMUchRGOxHmW0643rM8_m6TmxDQ_yd_F0fxTqb2UDbfZ4gtu-ElphK68IKmPC29x7GDlKwy23FHKQnw7pRhMGDfZ1hTEEKoe6bkZR3573yucr52IziQqoJU2frkzOU3_zZswylpnNDilhOCKmtWMuDrS&cid=CAQSTgDICaaNI8b6NZiT4qZw9yo03nMCnMvY1Cc2imrne8DTX5aWGlEUuTBcQRIZgh9LGbHMVwJhKHOVoxsQ94nw9-bVNLP0J1HLIjU9jRQg5RgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.eokultv.com%2F&ds=l&xdt=1&iif=1&cor=6624748079206966000&adk=3062569608&idt=181&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b7c4b5092f76a3227838d78968efb700570ac9642601f6177e69180c13c71b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12350
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C552 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjkMJnUUc0c1Hbp2a71ccfnlI5mNt9EzjheeL_HwV2-aLrI0hkkpoOJvZiN-Rm58rXTT2b7WzxnknWFfW1eMZMYSQX7zSL3sdYz21vrhiS32ji4fQp-EyS-Dzo1y18eH99VcQNJojkhs6xjEmitgcmOMSgj8ZwrUW7vZy0UoMXJBKoZD8&cry=1&dbm_d=AKAmf-D_puPN-FtDbfc_74NADZaMHHE6Q4DVGiqkMxMKbzqdSTWORNuTrtW-UBo2ZiNN_KU3P4UW76aXZ2cei1cGfcIOp7UUiyU5_QDGLsen6-stIfMEtIFPzb8UOQqU7MSIwyMeK3r87ekousJpePXCQFVQ3GAMtqeb_QF7_DGKNK0WyKfG2-GnWrJvtgD6Kk60aKxYRlvStdn2qeABPNbmxnIXjFD2XKMawtXokH6ymtVxXx__Svxn88Pf2WxbZ4ye5sPgy899kFrA_wLZAjJ0YTMHHH83msa__uG1tES3grzSRwsMnORIpr7XbWE788rMigwZddMRBanAnZ6V0XtBXHpCJsQ_QnavAoRkWMibyUssNvM11z_s0IuvtcAWTHrsEtNpUbr_8er9qYWJh6o9Iuw37jz8iDS8LSKq3f-46aQDttDTHhMxJxMjF14CO1MKp5lCRgFzzIpcZSjvpZY8E7reFubBHJQlkKwxcyFql77bqLv_37-DsYo4Y6uMF2peQAvomhHkh7Bc_fM-gc4IOJIqqq3oCLXC9T8ax6klvTF_S5TcDmPfdwJtDVL4MyPZqf4pbgtBwN4MqCdNOJHwCGHQRewLjZ-jnL0E8tiNqnzEo6bhFuHNiFS_PEnoepVHlXAJsgXaWA_Ts20JEcuVoULp0GoDg3GsmXAi1n6w0Lmy9ue_9_YAE-xCxRrcT4GxIsDaTJCF-WwhfOODknsvVxEF1uKe26NUso8tKugt1ziT3hts4mIcCNQ4QS1tmPsF3-iJPvdBCIpaV5LnzWN84H0fHjhJehheSrGU1ysjfBbR-SmINy73CWMKh_qMSihHWUkThYhQCdJ5jcKf1kN0nxZGYQ1YME0rE7VWrYxnhVjpECwLoz7F8Ybv6EFH85dPEAmdDOgJhv--9y_kyc2iwdjXQlMFe9O03gPJ-SE1OZyj3GvF2LVOQzKFXlFkugAtVDRS2CYyWeobdjIiIMq_q4PJMPEzeFHrFJAM2AEpePHAWosgVwCtcue6-W5hTZICBAbBYAnL2eGCGLaQl1a0smQXdY-qJsnIw78wkEjUPhfKM_Qvbinsn49WtiBjsL4XjULevXYr2W_R8yUXg9YuPWKSKChAYBDRnkgopr86wBtEJG32NcOUvc1zJE0Rcfvv3GfRDbwCZ8TWK9MTxhktlxyVfY6aSIN6LZLT1VRHxC815iyLU7Gnij1xsdEapnNHRYxnUaXHEzqU2UkAFOXGw0bzlMrRrHP-I7gWw5tHDgx-aJvk9vhEsBZ43NyXcRQHShxFB7qso-660kjdCBCzk9y56ul0ZebwkbKcPjT24fsM2jtILAERG7Hjqeg7-gYSMSHVRNSa1zSdvbkzBXnfcYBbjlf-BEmeZ5KDJ0rmHn7X1x1ZGNrUofq2BfBeld3Kmr7O_-K6YVtgmOHmy7tomWYHK8QtQmHNtVbQqrbl7j6NuOwO_hyqqZSEJuDCH-e_vmFt5xh3UUu2quZzIJehd2h7loBKjR4AgCFLzQGhGSbqu4cZmRMP9OisZXNpu_dgeYbfhrkGkz-bGqexeBCvmjvoHIZ28koGlIUn4keoT2kQndjhRGexhajEpIBKOkvPKzOQ74GWVOxGSy5dB4y_GE01R6p6YCqz_qlPBqx5EwjdDFCDEF_S38TvAw9x5SKhlz-9jd3m3lgu_aqbifsz9XxehvXUaqDATx49ZoB9ZyrTbgPlRHvQV3413a38D_v3ESKxmF8XjTk81Vyrqk61D9Fd5UsKdi4ZqZa0u1a2titr7un-1DFCMOtyD_1FU15Ci60u7_YbCUpWy45KXaJdMBueC9f6RFzI0kFWw2RIhsVDU6zeZwPplJZjt7kx8BzP8pK3o-TDGU0lEzc97zhe5oQoIxJnMDB2EB7PScyyJS2lKX5vmMldk5J6cRDcutTbGtmrxIlrSHWNlOY8_1Nuoo7vwMjL-YqBn961z8JTwu0egGGFTs_f5_IYq93Kbspqddq4jn8QPtbrk5WJuHArFA_fcXfid3smUkD5XHpWAbpPbInOtkvXkyhGgiDe_HNKEq4AWUcTXsri5ZVNntXA1aLumYdgrEMZ_E5Qa9exxOe-5wRIMisNDFsIBL4soNPOYO9mPWww39YAGrvZAiDvVSXLzCZqnOKmtMpkkrZSqzU2vVgovhFShgtA1nFf8QiOFjFclnPHez_dqCmMUgGRpoFofCMu-oUVAZRpDbISDQzVtngXI_LfFBcX6PyE4a5QULMnE80F3AQQIRWcQDegB2RzrUCk3crujKGmUPpPe0i1myLdzgKiXRMsuypJ9k3W2qU8rUqI7R9Rq0DRzXcrXf1ZrZim4-lWdnbbBXm8EWY88Mu8yEPhIrM5BYKlrIPg2s0c2b4dKYi59iUTSAtDy94CXrVxJi4nkFw63t5cr6RFfGGoKqEk__9pUsL6SA8w92itgAwx8sG2J6end1oSStp2d0ME1Em2FR4Q9J7lB7nouqddyUzk4AZvhB6QDhBEvU7CStLRFgpHcQ-HC_SGQpNS5_M1SoL6Rmu4xRz_06CATLKiEgVPShvb2VjIDDuiI7D1y8tSlIeYsl2oxl2JSyRtSXGZkY_FqyA8_AGjaMB--rfbLvPmSSrS52UYkBir0iGRFFzD7ZfiisXLiEO_LwwpvKmiE-4CCNUKAt7VtdZaWaa-f2eSbrN2CUuRrwKKYE2TY4hi2qasY6y29IlqyJXxFaIYsp3lL4dimmeGZHdRapJMV3PbZTKG5YIFGFWNUj5uC1mGleqc8wpwA3z4FUGIg353TbbaLoUMscYK7ADy1pk_waMDpxtd6HxdwIHG0y78-KnZs2zQ7uc-8U87rt4AEBBiK4y-XfwLzcjmzg0KFbWi2xNaa8RaPcPYzl-E4j55eCZRDc6l-_M5Zz-1hcyfnHnSlPNpv0zELNevBHXkUFvUpenWDYBv0p_YpnDBUmZTgKozziDh0dwyg-nwf_HAq7aycmsnawExc7vdOI7lh1cONsjIc5dI6NkMuAXPC4F7gPnbqpVgGtsFoHNRXqqwuu7ntiAN2xH2UETFTnseFW4PfVMsEke_STRgNRit00bt9vNw1g68PHMCDj0uZ1uxvNy5hr8qAI96Adt0wtQfBWjLEMUchRGOxHmW0643rM8_m6TmxDQ_yd_F0fxTqb2UDbfZ4gtu-ElphK68IKmPC29x7GDlKwy23FHKQnw7pRhMGDfZ1hTEEKoe6bkZR3573yucr52IziQqoJU2frkzOU3_zZswylpnNDilhOCKmtWMuDrS&cid=CAQSTgDICaaNI8b6NZiT4qZw9yo03nMCnMvY1Cc2imrne8DTX5aWGlEUuTBcQRIZgh9LGbHMVwJhKHOVoxsQ94nw9-bVNLP0J1HLIjU9jRQg5RgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.eokultv.com%2F&ds=l&xdt=1&iif=1&cor=6624748079206966000&adk=3062569608&idt=181&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 365634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 14:17:59 GMT

GET
H3

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame C552
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-DHvG3x2Rb_kSP3zaaF4RG3ONdZ0wmENVY6yinUVCCyQIG2j11vc5o...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-DHvG3x2Rb_kSP3zaaF4RG3ONdZ0wmENVY6yinUVCCyQIG2j11vc5oIVCyeXNj57OjiwXmXdgZK2WJcr...

81 KB
27 KB

54ms
53ms

Script
text/javascript

142.250.13.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-DHvG3x2Rb_kSP3zaaF4RG3ONdZ0wmENVY6yinUVCCyQIG2j11vc5oIVCyeXNj57OjiwXmXdgZK2WJcrl3IT4yp0xbPJoee_6N1nTPzQMoq97Hd0ZB0lA6XQCEOWJJu8iiH2Yv85KwpqTezU4z2Uam_NTBWUk25-HLs1MFv8MnHyUn59JESmRcAoCZ_4Kip8Pw_sx7SO6xOPFQ7xmNpgN0teMdQmYeRS0GTHYj7LQvJPyewSJ6KlmVke7MmBv22WAaoq_9SbQBUVpT_0eucnB8JwO2Cv-0NuJpeTIAnXGF6307zcypDIA_V39wU1HyW1oNkcH4lP4OA3BRcl97fzKM2n5_PbyONVmx-O9IxbmMmKvu9ZZlTO8c13sgJeWN5082pbAIYfuAIBirlfqC3UxePsQApE8Slvyin7gfp3WCxJ_oWj_y8UAMNpvnyLZcPcE-sYaNpYCQN9Wl_tUWO27YR9U6u5cHpNGLnR86xn0EDi-qBG2-yie8-EB2-hrnPPfKPRMtp9Te2-26IKV4zgRH2LBMVNq_E4rE9Wyyi2bYR7X0i04BtCZNbL3BQ0IOq0-2-sTVqfhtxEQ955Ezd5XvxoSztSO3tkN8T8xUNYR_FIpvtyFqwe5rEU_iWXm8IvyUxJmkx65jUP9IXe-eBa7aLfsXzZyTcAp0MK9LTqhB32ecEp3OEzrkYfP-wu7K0yKokKI0cto6k2TQIehg5GIQn7s1F7GF3PJ8lN_lhLKHJWV_g4qsMfAMUoVbYNToihAhHNunfIq3xu7NVjf-od5tP83ufUf0FEMFxOnFZ5Nm48IkNWVLA-TNeEDQE520lHa2sM4cdWdP8A64LMG1ou4q3KkJm9Bz8_n-YmmmfUke5fX7y9Xy6qNhzZH1zzZCorvTeoNi8ebIEGgGCkaZmOiX2vXVDz2o9vPneaIH-kvKJAvjiRldx8k8MsIvvPtTWXihngvKU6_6HmJx6GM90tiwWgHq6ZTX-e_bbPyabGZXS_BLVW-hq9vzzMeVDIBcKqHfO5jCehrc_-pYSujeJJ7Kwz17PeF8I4vg02p-dJquMB-FkIyiUMcO2QFg8vzlJOLMQ58vLZYGOCjc5ZqOiOIwmHguC_N40k-vXcO5t88qGzEB5c8e4QWrjB1iJRDv6muaK0SDRuyT0UGgqulhhmutnNWrTtYyNaMjz__balQZBhtbIbd-nT8ErW4qkYnVTL-SK41H8lq_2QLuxgeg6Axw_dUZeVG80_aGvIygdsVoK-DWBLispa-JwzKjAC5-KbVgJLmdwHA3ofuMw-yO054KH8RiqYSmafpPfxdoPwqB0q7K3mbFTQkrkymIz4uSTBur8jYnNoAfvfe3NZJQftq1vGjDWwU22fPJDpIpeTOW0Uilf-22T23BhTnMtZXAB6KTB0ZXIlKFviTF7uenGbE942m7h1opGJrWY3QTaQc4jbd8vGQBZvFh1bbamxn-4oYs2d-BJcqH1mhhENwt5arJn-SH5l8iJyuf0kJYazLpuR1t4BeI_hmLuBPkbfisgo2E1DIugbwEPYE96U2olX3DZ3AUFbMJ2cbH30JkEG_wyGHf7lKA0NDd9GXF6UTOLMI_GYrJkm76QnZYMvDbwAPC_qtVtgWEOwFp99J0_Xh-o0kWEZSTwnSRZSgIF3Y9PLCRL0-4nGig6XTZQ_5MbgxIqOBrEXymAIsweaPd4aRSjfXh4YdWiEzBat5-tiN2BT9DPkVEZcLJ1QJt678Hr7SVROqves6vybLgh7au7Yzj1nT8FAOZTEy9-4wHAjNgokrnpzDg-j3k00qow1yGEuM1G4izpAenuonHeAKsZGxRsm1iKyJOTsApa9pn2ngrSw33NI3HImHGGGgjoayGRr_JGV8SToIfauEDJSyxD0h9hLelJej-XTzvU1_pzUoTP_U54aEvPmUVX5eQBWavrw3knZ3OScchgg-R6hTUH1t0uiib_5lSvx0PbnL_OCXJFjjdbFwnTO_YfvNOgNGr7iVP4C7lwSzT9Hb0r1A7wod_YDQuIKGgfbz2IFfPxGLT-2g8qbvaBg6tJcPJfhJc0gWatuMlyA_SYmVQ391llE32nCY9Y9cQ6AQgLMCjPvoJkPTrpBvObMYjst2BKOa_NXchzrwJSrpwUTFJMp-N4CrdpgmEU742IqTIWglYixWYyGCY70rP0HLVc696PLqPP-t8Kj69clWGO4v2cspbGMtJyee17hlwoq3_G1Vm3kgymByFya71iDTehVHPwlnmMlsRmlUBvgnc7Q8vB7IzYfXbJ14K5cX8Pq-sTqlEQhySrF37FuXlCfFzIXvtJrodYMJzc84i5OXLBWNZUXA18eC3Asotc6yk1WkZa20sLAFAP9T_WVatbAxCVIo-l6ZpWfQu-mReI9EGTwi0nEU83rh9dslSIyofbaalM5JmSWHwyC1y536Klck1J_YnLXNNVatr6w5yXR8G8CJQ4n3kVCyIurh2ZfRqvZcVgfWg8mhgSgt6ZuqCqeIsHpwkYq_nAVdbW-mkAULR-_UJ34QX_gd99OuN3o0lUYgMnaDZ-1lu_W_jwRf9G0-sOyLRUw_VLJTLl4y_QcU3bNkvfIH18Uz5n1iyvms4MnrGZCVyN0r7nmpOJQy6Nk7e46vQHyfj8Z8lVlKO6uh_vCMG9_LS-UNi4XSSKfzSHwSoMAlvfKtKQ01O1HuqR5zTzUB4l27NuQ6EPCvG8pvBil8GJbJuC8X30lTa66DFWqlNZ9yrNyA0npnlB0i48N0WR4jCkVePbtjCOoD2uNydoeiyMMhjJlg7S7-J55HREHIbfR8H0tEoydmTJ8Lr-XGU-xZ_lCUbnICBNtCrz0zCrcJAFmnlfPTXv9R4aWR5xKXZRwWNTM3FsOW5GTXeszobeYiUEpwJ3K6LtCYRa6noDp86F0ary6lIN6eTm5bAdSu7zN2ITIBdhhyc1zMFesLZPOpJ3DTa1p0RWLNawRqWAL58MWYgvP41FulIASBvxq5jvb-PCnyokSRP0m0yRMFxMqpKzixFBZH_lG5EDe4hWyeTdmCXAQADdzAOCxYqLIgsW7C5SV8UXcWMedBLF5j5GGV3jmj_Q8qjvXAVzvSS3-r79X9M3BIyw6E4-LDzmRQ-XCs4HFx2jJSkbrhA3nfL9xeDDqQMuhXbQ86Ocfj6suS9UEQas8pXW0feyicVpBhRomzFpI0TyDrU6Ghx-35DG7egEi7Kpar1-_P_Rr0F93hzS-Qb32MXqlJ7q9XgAQIBX_kVUk1-u20uMZrNu9pIg-k5LNDienQ0Z-u_YY2wdvf-BmK-6CZ87bxKqnwlZ4he_xYzn7m5Sl7dLAnnsOMM6eZ2isJc1qj_D2mE_wL8WIcP_GISUiowgKTZOqtSVQE5Qs3FoQK6BuasD-xqsTNYlcygvJBs6Qw8AcgCb865sdEgQem4X5SyolC1PgDiu229GMKEkzflA1juJHmJ3yMGryIJ6hyNOpR1ypqU_m6nUKEZKtbB-9B9l7XfKg0jQyIYQJskGO0B8OkiU3cTrWcuaIdAYKfJ3Ob6xXvv4WNIA4xOPo7RNKnJckfWA_ii1oqYV5toEXq4r5hpoR9vRBVDofVlOAy7k7gkDcw8QpmqIFbjg2KMu-MUQb957Ux6EICOfiaSqar2VhwSjJsk6x7VNEyKOqeWZwV9g-T-FL58A2DHKwdOaJXzv4D-bOrvoMNRZNGrPAZFfWueRqQjv2Rrxlsn0gwzjaSq2aCq8J0gWaBDewhEy7kxTgZ2WTackKgu2zJyRPHbYjIoVWiUE8roiynRv3WvLM3KzK18TbCLFF5UajLSVWTLtx1wHbHn4APhx4V1PIuy3NwccGV3S6uH1HskrH4A0IHH_sFW-HG7ABHxgCF0UkhLa-Nwbfr6hR8gHCo3gMBMRdtQWkddeRbFQjP6pACuv0GqVmh0kghBq-y-6YfHUN9dh_UVFEgY97yQ7z1-ISn8QoBr6rPMuEmkKQSl-GHc5aF6NpBV5Qg3g-Zqgr4ZCnz17Mf2H0AW5QDBKd8U1Z0E0ZTLaYTTYc-t5KElvXxCYUjYtwBhJ3xrKM5xNUpIMzwGgvZLzxGujY4F_5qaGRL-cCI-Dtz0DkD5cgg60Pw-Zo9jMg5RyGeQr1VuikfNcUrsH0xpUCAQSTgDICaaNI8b6NZiT4qZw9yo03nMCnMvY1Cc2imrne8DTX5aWGlEUuTBcQRIZgh9LGbHMVwJhKHOVoxsQ94nw9-bVNLP0J1HLIjU9jRQg5RgBYAE&bundleId=&ias_xappb=

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.13.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f156.1e100.net

Software

cafe /

Resource Hash

9b49f2b7f1ffab90403101664bf93449c7d605d6cf7f6b163cd0913227b0cfb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27947
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: nginx
x-server-name: app11.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-DHvG3x2Rb_kSP3zaaF4RG3ONdZ0wmENVY6yinUVCCyQIG2j11vc5oIVCyeXNj57OjiwXmXdgZK2WJcrl3IT4yp0xbPJoee_6N1nTPzQMoq97Hd0ZB0lA6XQCEOWJJu8iiH2Yv85KwpqTezU4z2Uam_NTBWUk25-HLs1MFv8MnHyUn59JESmRcAoCZ_4Kip8Pw_sx7SO6xOPFQ7xmNpgN0teMdQmYeRS0GTHYj7LQvJPyewSJ6KlmVke7MmBv22WAaoq_9SbQBUVpT_0eucnB8JwO2Cv-0NuJpeTIAnXGF6307zcypDIA_V39wU1HyW1oNkcH4lP4OA3BRcl97fzKM2n5_PbyONVmx-O9IxbmMmKvu9ZZlTO8c13sgJeWN5082pbAIYfuAIBirlfqC3UxePsQApE8Slvyin7gfp3WCxJ_oWj_y8UAMNpvnyLZcPcE-sYaNpYCQN9Wl_tUWO27YR9U6u5cHpNGLnR86xn0EDi-qBG2-yie8-EB2-hrnPPfKPRMtp9Te2-26IKV4zgRH2LBMVNq_E4rE9Wyyi2bYR7X0i04BtCZNbL3BQ0IOq0-2-sTVqfhtxEQ955Ezd5XvxoSztSO3tkN8T8xUNYR_FIpvtyFqwe5rEU_iWXm8IvyUxJmkx65jUP9IXe-eBa7aLfsXzZyTcAp0MK9LTqhB32ecEp3OEzrkYfP-wu7K0yKokKI0cto6k2TQIehg5GIQn7s1F7GF3PJ8lN_lhLKHJWV_g4qsMfAMUoVbYNToihAhHNunfIq3xu7NVjf-od5tP83ufUf0FEMFxOnFZ5Nm48IkNWVLA-TNeEDQE520lHa2sM4cdWdP8A64LMG1ou4q3KkJm9Bz8_n-YmmmfUke5fX7y9Xy6qNhzZH1zzZCorvTeoNi8ebIEGgGCkaZmOiX2vXVDz2o9vPneaIH-kvKJAvjiRldx8k8MsIvvPtTWXihngvKU6_6HmJx6GM90tiwWgHq6ZTX-e_bbPyabGZXS_BLVW-hq9vzzMeVDIBcKqHfO5jCehrc_-pYSujeJJ7Kwz17PeF8I4vg02p-dJquMB-FkIyiUMcO2QFg8vzlJOLMQ58vLZYGOCjc5ZqOiOIwmHguC_N40k-vXcO5t88qGzEB5c8e4QWrjB1iJRDv6muaK0SDRuyT0UGgqulhhmutnNWrTtYyNaMjz__balQZBhtbIbd-nT8ErW4qkYnVTL-SK41H8lq_2QLuxgeg6Axw_dUZeVG80_aGvIygdsVoK-DWBLispa-JwzKjAC5-KbVgJLmdwHA3ofuMw-yO054KH8RiqYSmafpPfxdoPwqB0q7K3mbFTQkrkymIz4uSTBur8jYnNoAfvfe3NZJQftq1vGjDWwU22fPJDpIpeTOW0Uilf-22T23BhTnMtZXAB6KTB0ZXIlKFviTF7uenGbE942m7h1opGJrWY3QTaQc4jbd8vGQBZvFh1bbamxn-4oYs2d-BJcqH1mhhENwt5arJn-SH5l8iJyuf0kJYazLpuR1t4BeI_hmLuBPkbfisgo2E1DIugbwEPYE96U2olX3DZ3AUFbMJ2cbH30JkEG_wyGHf7lKA0NDd9GXF6UTOLMI_GYrJkm76QnZYMvDbwAPC_qtVtgWEOwFp99J0_Xh-o0kWEZSTwnSRZSgIF3Y9PLCRL0-4nGig6XTZQ_5MbgxIqOBrEXymAIsweaPd4aRSjfXh4YdWiEzBat5-tiN2BT9DPkVEZcLJ1QJt678Hr7SVROqves6vybLgh7au7Yzj1nT8FAOZTEy9-4wHAjNgokrnpzDg-j3k00qow1yGEuM1G4izpAenuonHeAKsZGxRsm1iKyJOTsApa9pn2ngrSw33NI3HImHGGGgjoayGRr_JGV8SToIfauEDJSyxD0h9hLelJej-XTzvU1_pzUoTP_U54aEvPmUVX5eQBWavrw3knZ3OScchgg-R6hTUH1t0uiib_5lSvx0PbnL_OCXJFjjdbFwnTO_YfvNOgNGr7iVP4C7lwSzT9Hb0r1A7wod_YDQuIKGgfbz2IFfPxGLT-2g8qbvaBg6tJcPJfhJc0gWatuMlyA_SYmVQ391llE32nCY9Y9cQ6AQgLMCjPvoJkPTrpBvObMYjst2BKOa_NXchzrwJSrpwUTFJMp-N4CrdpgmEU742IqTIWglYixWYyGCY70rP0HLVc696PLqPP-t8Kj69clWGO4v2cspbGMtJyee17hlwoq3_G1Vm3kgymByFya71iDTehVHPwlnmMlsRmlUBvgnc7Q8vB7IzYfXbJ14K5cX8Pq-sTqlEQhySrF37FuXlCfFzIXvtJrodYMJzc84i5OXLBWNZUXA18eC3Asotc6yk1WkZa20sLAFAP9T_WVatbAxCVIo-l6ZpWfQu-mReI9EGTwi0nEU83rh9dslSIyofbaalM5JmSWHwyC1y536Klck1J_YnLXNNVatr6w5yXR8G8CJQ4n3kVCyIurh2ZfRqvZcVgfWg8mhgSgt6ZuqCqeIsHpwkYq_nAVdbW-mkAULR-_UJ34QX_gd99OuN3o0lUYgMnaDZ-1lu_W_jwRf9G0-sOyLRUw_VLJTLl4y_QcU3bNkvfIH18Uz5n1iyvms4MnrGZCVyN0r7nmpOJQy6Nk7e46vQHyfj8Z8lVlKO6uh_vCMG9_LS-UNi4XSSKfzSHwSoMAlvfKtKQ01O1HuqR5zTzUB4l27NuQ6EPCvG8pvBil8GJbJuC8X30lTa66DFWqlNZ9yrNyA0npnlB0i48N0WR4jCkVePbtjCOoD2uNydoeiyMMhjJlg7S7-J55HREHIbfR8H0tEoydmTJ8Lr-XGU-xZ_lCUbnICBNtCrz0zCrcJAFmnlfPTXv9R4aWR5xKXZRwWNTM3FsOW5GTXeszobeYiUEpwJ3K6LtCYRa6noDp86F0ary6lIN6eTm5bAdSu7zN2ITIBdhhyc1zMFesLZPOpJ3DTa1p0RWLNawRqWAL58MWYgvP41FulIASBvxq5jvb-PCnyokSRP0m0yRMFxMqpKzixFBZH_lG5EDe4hWyeTdmCXAQADdzAOCxYqLIgsW7C5SV8UXcWMedBLF5j5GGV3jmj_Q8qjvXAVzvSS3-r79X9M3BIyw6E4-LDzmRQ-XCs4HFx2jJSkbrhA3nfL9xeDDqQMuhXbQ86Ocfj6suS9UEQas8pXW0feyicVpBhRomzFpI0TyDrU6Ghx-35DG7egEi7Kpar1-_P_Rr0F93hzS-Qb32MXqlJ7q9XgAQIBX_kVUk1-u20uMZrNu9pIg-k5LNDienQ0Z-u_YY2wdvf-BmK-6CZ87bxKqnwlZ4he_xYzn7m5Sl7dLAnnsOMM6eZ2isJc1qj_D2mE_wL8WIcP_GISUiowgKTZOqtSVQE5Qs3FoQK6BuasD-xqsTNYlcygvJBs6Qw8AcgCb865sdEgQem4X5SyolC1PgDiu229GMKEkzflA1juJHmJ3yMGryIJ6hyNOpR1ypqU_m6nUKEZKtbB-9B9l7XfKg0jQyIYQJskGO0B8OkiU3cTrWcuaIdAYKfJ3Ob6xXvv4WNIA4xOPo7RNKnJckfWA_ii1oqYV5toEXq4r5hpoR9vRBVDofVlOAy7k7gkDcw8QpmqIFbjg2KMu-MUQb957Ux6EICOfiaSqar2VhwSjJsk6x7VNEyKOqeWZwV9g-T-FL58A2DHKwdOaJXzv4D-bOrvoMNRZNGrPAZFfWueRqQjv2Rrxlsn0gwzjaSq2aCq8J0gWaBDewhEy7kxTgZ2WTackKgu2zJyRPHbYjIoVWiUE8roiynRv3WvLM3KzK18TbCLFF5UajLSVWTLtx1wHbHn4APhx4V1PIuy3NwccGV3S6uH1HskrH4A0IHH_sFW-HG7ABHxgCF0UkhLa-Nwbfr6hR8gHCo3gMBMRdtQWkddeRbFQjP6pACuv0GqVmh0kghBq-y-6YfHUN9dh_UVFEgY97yQ7z1-ISn8QoBr6rPMuEmkKQSl-GHc5aF6NpBV5Qg3g-Zqgr4ZCnz17Mf2H0AW5QDBKd8U1Z0E0ZTLaYTTYc-t5KElvXxCYUjYtwBhJ3xrKM5xNUpIMzwGgvZLzxGujY4F_5qaGRL-cCI-Dtz0DkD5cgg60Pw-Zo9jMg5RyGeQr1VuikfNcUrsH0xpUCAQSTgDICaaNI8b6NZiT4qZw9yo03nMCnMvY1Cc2imrne8DTX5aWGlEUuTBcQRIZgh9LGbHMVwJhKHOVoxsQ94nw9-bVNLP0J1HLIjU9jRQg5RgBYAE&bundleId=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 91AA 91 KB
23 KB 12ms
11ms Script
application/javascript 2600:9000:223f:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3526963
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 3_uarKBGRHjFoKicrjgPFugEsvcqkXGMCg_zrfH1ctswAiT5AWVTqQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C552 43 B
215 B 172ms
171ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=da7bee6a-2384-63f3-dbaf-3e26d15f30df&tv=%7Bc:sEMqfL,pingTime:-3,time:81,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:81,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B71~0%5D,as:%5B71~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUinMHm+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C171%7C172%7C173%7C174%7C175%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C194%7C195%7C1a1%7C1a2%7C1a3%7C1a4%7C1a51%7C1b%7C1c1%7C1c2%7C1d1*.1520146-76103085%7C1d11,idMap:1d1*,rmeas:1,rend:0,renddet:IMG.us,siq:30%7D&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C552 43 B
215 B 176ms
175ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=da7bee6a-2384-63f3-dbaf-3e26d15f30df&tv=%7Bc:sEMqfN,pingTime:-6,time:83,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:83,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B73~0%5D,as:%5B73~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUinMHm+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C171%7C172%7C173%7C174%7C175%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C194%7C195%7C1a1%7C1a2%7C1a3%7C1a4%7C1a51%7C1b%7C1c1%7C1c2%7C1d1*.1520146-76103085%7C1d11,idMap:1d1*,rmeas:1,rend:0,renddet:IMG.us,siq:30%7D&tpiLookup=ao:www.eokultv.com%2C89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com*&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF16 43 B
215 B 172ms
172ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=a39e18a9-5080-8a1c-4a18-e46e7486b4da&tv=%7Bc:sEMqg3,pingTime:-10,time:2127,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTguMC41OTkzLjExNyBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1698781911215%7C%7C1730ec3f3fde8d3e8d645f22650f1140%7C%7C2a46ab34512a4512731c109fe969e5e3%7C%7C2a8542079a7c3ba2af04cfd3ad9deacf%7C%7Cfbcc56889b8ea1108b65c160c36e3b18%7C%7Cfc5a12ea1fcadb658166c3cc04be176c%7C%7C14b87a34d9c08724ac6cf1cb028ed9c3%7C%7C0c61645d568072f243adee01ab2d13ce%7C%7C1663701684,sca:%7Bspg:60b9e6e3-faa3-dc15-fec4-813062a01490%7D%7D
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C552 43 B
215 B 172ms
172ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=da7bee6a-2384-63f3-dbaf-3e26d15f30df&tv=%7Bc:sEMqg8,pingTime:-2,time:104,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:252,beZ:253,mfA:258,cmA:259,inA:259,inZ:264,prA:264,prZ:274,si:281,poA:283,poZ:316,cmZ:316,mfZ:316,loA:334,loZ:339,ltA:355,ltZ:355%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:104,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B94~0%5D,as:%5B94~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C17.1520146-76103085%7C171%7C172%7C173%7C174%7C175%7C18.990511-61634098%7C181%7C182%7C183%7C184%7C185%7C19.1520146-76103085%7C191%7C192%7C193%7C194%7C195%7C1a.1549653-72555946%7C1a1%7C1a2%7C1a3%7C1a4%7C1a51%7C1b%7C1c1%7C1c2%7C1d1*.1520146-76103085%7C1d11,idMap:1d1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:30,sinceFw:72,readyFired:false%7D&br=c
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4E21 38 KB
13 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 365612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 14:18:21 GMT
expires: Sat, 26 Oct 2024 14:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 6D80 23 KB
9 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 441629
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Content-Length: 8727
Content-Type: text/html
Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs"
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 26 Oct 2023 17:11:24 GMT
Expires: Fri, 25 Oct 2024 17:11:24 GMT
Last-Modified: Tue, 03 Mar 2020 20:15:00 GMT
Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Server: sffe
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame C552 111 KB
39 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Origin: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 02:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Nov 2023 02:22:22 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame C552 11 KB
4 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-DHvG3x2Rb_kSP3zaaF4RG3ONdZ0wmENVY6yinUVCCyQIG2j11vc5oIVCyeXNj57OjiwXmXdgZK2WJcrl3IT4yp0xbPJoee_6N1nTPzQMoq97Hd0ZB0lA6XQCEOWJJu8iiH2Yv85KwpqTezU4z2Uam_NTBWUk25-HLs1MFv8MnHyUn59JESmRcAoCZ_4Kip8Pw_sx7SO6xOPFQ7xmNpgN0teMdQmYeRS0GTHYj7LQvJPyewSJ6KlmVke7MmBv22WAaoq_9SbQBUVpT_0eucnB8JwO2Cv-0NuJpeTIAnXGF6307zcypDIA_V39wU1HyW1oNkcH4lP4OA3BRcl97fzKM2n5_PbyONVmx-O9IxbmMmKvu9ZZlTO8c13sgJeWN5082pbAIYfuAIBirlfqC3UxePsQApE8Slvyin7gfp3WCxJ_oWj_y8UAMNpvnyLZcPcE-sYaNpYCQN9Wl_tUWO27YR9U6u5cHpNGLnR86xn0EDi-qBG2-yie8-EB2-hrnPPfKPRMtp9Te2-26IKV4zgRH2LBMVNq_E4rE9Wyyi2bYR7X0i04BtCZNbL3BQ0IOq0-2-sTVqfhtxEQ955Ezd5XvxoSztSO3tkN8T8xUNYR_FIpvtyFqwe5rEU_iWXm8IvyUxJmkx65jUP9IXe-eBa7aLfsXzZyTcAp0MK9LTqhB32ecEp3OEzrkYfP-wu7K0yKokKI0cto6k2TQIehg5GIQn7s1F7GF3PJ8lN_lhLKHJWV_g4qsMfAMUoVbYNToihAhHNunfIq3xu7NVjf-od5tP83ufUf0FEMFxOnFZ5Nm48IkNWVLA-TNeEDQE520lHa2sM4cdWdP8A64LMG1ou4q3KkJm9Bz8_n-YmmmfUke5fX7y9Xy6qNhzZH1zzZCorvTeoNi8ebIEGgGCkaZmOiX2vXVDz2o9vPneaIH-kvKJAvjiRldx8k8MsIvvPtTWXihngvKU6_6HmJx6GM90tiwWgHq6ZTX-e_bbPyabGZXS_BLVW-hq9vzzMeVDIBcKqHfO5jCehrc_-pYSujeJJ7Kwz17PeF8I4vg02p-dJquMB-FkIyiUMcO2QFg8vzlJOLMQ58vLZYGOCjc5ZqOiOIwmHguC_N40k-vXcO5t88qGzEB5c8e4QWrjB1iJRDv6muaK0SDRuyT0UGgqulhhmutnNWrTtYyNaMjz__balQZBhtbIbd-nT8ErW4qkYnVTL-SK41H8lq_2QLuxgeg6Axw_dUZeVG80_aGvIygdsVoK-DWBLispa-JwzKjAC5-KbVgJLmdwHA3ofuMw-yO054KH8RiqYSmafpPfxdoPwqB0q7K3mbFTQkrkymIz4uSTBur8jYnNoAfvfe3NZJQftq1vGjDWwU22fPJDpIpeTOW0Uilf-22T23BhTnMtZXAB6KTB0ZXIlKFviTF7uenGbE942m7h1opGJrWY3QTaQc4jbd8vGQBZvFh1bbamxn-4oYs2d-BJcqH1mhhENwt5arJn-SH5l8iJyuf0kJYazLpuR1t4BeI_hmLuBPkbfisgo2E1DIugbwEPYE96U2olX3DZ3AUFbMJ2cbH30JkEG_wyGHf7lKA0NDd9GXF6UTOLMI_GYrJkm76QnZYMvDbwAPC_qtVtgWEOwFp99J0_Xh-o0kWEZSTwnSRZSgIF3Y9PLCRL0-4nGig6XTZQ_5MbgxIqOBrEXymAIsweaPd4aRSjfXh4YdWiEzBat5-tiN2BT9DPkVEZcLJ1QJt678Hr7SVROqves6vybLgh7au7Yzj1nT8FAOZTEy9-4wHAjNgokrnpzDg-j3k00qow1yGEuM1G4izpAenuonHeAKsZGxRsm1iKyJOTsApa9pn2ngrSw33NI3HImHGGGgjoayGRr_JGV8SToIfauEDJSyxD0h9hLelJej-XTzvU1_pzUoTP_U54aEvPmUVX5eQBWavrw3knZ3OScchgg-R6hTUH1t0uiib_5lSvx0PbnL_OCXJFjjdbFwnTO_YfvNOgNGr7iVP4C7lwSzT9Hb0r1A7wod_YDQuIKGgfbz2IFfPxGLT-2g8qbvaBg6tJcPJfhJc0gWatuMlyA_SYmVQ391llE32nCY9Y9cQ6AQgLMCjPvoJkPTrpBvObMYjst2BKOa_NXchzrwJSrpwUTFJMp-N4CrdpgmEU742IqTIWglYixWYyGCY70rP0HLVc696PLqPP-t8Kj69clWGO4v2cspbGMtJyee17hlwoq3_G1Vm3kgymByFya71iDTehVHPwlnmMlsRmlUBvgnc7Q8vB7IzYfXbJ14K5cX8Pq-sTqlEQhySrF37FuXlCfFzIXvtJrodYMJzc84i5OXLBWNZUXA18eC3Asotc6yk1WkZa20sLAFAP9T_WVatbAxCVIo-l6ZpWfQu-mReI9EGTwi0nEU83rh9dslSIyofbaalM5JmSWHwyC1y536Klck1J_YnLXNNVatr6w5yXR8G8CJQ4n3kVCyIurh2ZfRqvZcVgfWg8mhgSgt6ZuqCqeIsHpwkYq_nAVdbW-mkAULR-_UJ34QX_gd99OuN3o0lUYgMnaDZ-1lu_W_jwRf9G0-sOyLRUw_VLJTLl4y_QcU3bNkvfIH18Uz5n1iyvms4MnrGZCVyN0r7nmpOJQy6Nk7e46vQHyfj8Z8lVlKO6uh_vCMG9_LS-UNi4XSSKfzSHwSoMAlvfKtKQ01O1HuqR5zTzUB4l27NuQ6EPCvG8pvBil8GJbJuC8X30lTa66DFWqlNZ9yrNyA0npnlB0i48N0WR4jCkVePbtjCOoD2uNydoeiyMMhjJlg7S7-J55HREHIbfR8H0tEoydmTJ8Lr-XGU-xZ_lCUbnICBNtCrz0zCrcJAFmnlfPTXv9R4aWR5xKXZRwWNTM3FsOW5GTXeszobeYiUEpwJ3K6LtCYRa6noDp86F0ary6lIN6eTm5bAdSu7zN2ITIBdhhyc1zMFesLZPOpJ3DTa1p0RWLNawRqWAL58MWYgvP41FulIASBvxq5jvb-PCnyokSRP0m0yRMFxMqpKzixFBZH_lG5EDe4hWyeTdmCXAQADdzAOCxYqLIgsW7C5SV8UXcWMedBLF5j5GGV3jmj_Q8qjvXAVzvSS3-r79X9M3BIyw6E4-LDzmRQ-XCs4HFx2jJSkbrhA3nfL9xeDDqQMuhXbQ86Ocfj6suS9UEQas8pXW0feyicVpBhRomzFpI0TyDrU6Ghx-35DG7egEi7Kpar1-_P_Rr0F93hzS-Qb32MXqlJ7q9XgAQIBX_kVUk1-u20uMZrNu9pIg-k5LNDienQ0Z-u_YY2wdvf-BmK-6CZ87bxKqnwlZ4he_xYzn7m5Sl7dLAnnsOMM6eZ2isJc1qj_D2mE_wL8WIcP_GISUiowgKTZOqtSVQE5Qs3FoQK6BuasD-xqsTNYlcygvJBs6Qw8AcgCb865sdEgQem4X5SyolC1PgDiu229GMKEkzflA1juJHmJ3yMGryIJ6hyNOpR1ypqU_m6nUKEZKtbB-9B9l7XfKg0jQyIYQJskGO0B8OkiU3cTrWcuaIdAYKfJ3Ob6xXvv4WNIA4xOPo7RNKnJckfWA_ii1oqYV5toEXq4r5hpoR9vRBVDofVlOAy7k7gkDcw8QpmqIFbjg2KMu-MUQb957Ux6EICOfiaSqar2VhwSjJsk6x7VNEyKOqeWZwV9g-T-FL58A2DHKwdOaJXzv4D-bOrvoMNRZNGrPAZFfWueRqQjv2Rrxlsn0gwzjaSq2aCq8J0gWaBDewhEy7kxTgZ2WTackKgu2zJyRPHbYjIoVWiUE8roiynRv3WvLM3KzK18TbCLFF5UajLSVWTLtx1wHbHn4APhx4V1PIuy3NwccGV3S6uH1HskrH4A0IHH_sFW-HG7ABHxgCF0UkhLa-Nwbfr6hR8gHCo3gMBMRdtQWkddeRbFQjP6pACuv0GqVmh0kghBq-y-6YfHUN9dh_UVFEgY97yQ7z1-ISn8QoBr6rPMuEmkKQSl-GHc5aF6NpBV5Qg3g-Zqgr4ZCnz17Mf2H0AW5QDBKd8U1Z0E0ZTLaYTTYc-t5KElvXxCYUjYtwBhJ3xrKM5xNUpIMzwGgvZLzxGujY4F_5qaGRL-cCI-Dtz0DkD5cgg60Pw-Zo9jMg5RyGeQr1VuikfNcUrsH0xpUCAQSTgDICaaNI8b6NZiT4qZw9yo03nMCnMvY1Cc2imrne8DTX5aWGlEUuTBcQRIZgh9LGbHMVwJhKHOVoxsQ94nw9-bVNLP0J1HLIjU9jRQg5RgBYAE&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=20409787662&bidurl=http://www.eokultv.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hzNCtrl9fH_Un6NFj34GYS&adsafe_url=http%3A%2F%2Fwww.eokultv.com&adsafe_type=g&adsafe_url=http%3A%2F%2Fwww.eokultv.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:da7bee6a-2384-63f3-dbaf-3e26d15f30df,c:sEMqeV,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-554d68d5bf-p5wlp,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,fm:tUinMHm+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C171%7C172%7C173%7C174%7C175%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C194%7C195%7C1a1%7C1a2%7C1a3%7C1a4%7C1a51%7C1b%7C1c1%7C1c2%7C1d1*.1520146-76103085%7C1d11,idMap:1d1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:29,oid:f0527463-7826-11ee-9848-46bfbfad7997,v:19.8.458,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1851
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:21:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame C552 30 KB
11 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1520146/76103085/xbbe/creative/adj?p=APEucNWduAWxxFE2yDnPDruzexwLuItWJNxjquzP5r69jxxWWxXDHhQ&d=CokBAKAmf-DHvG3x2Rb_kSP3zaaF4RG3ONdZ0wmENVY6yinUVCCyQIG2j11vc5oIVCyeXNj57OjiwXmXdgZK2WJcrl3IT4yp0xbPJoee_6N1nTPzQMoq97Hd0ZB0lA6XQCEOWJJu8iiH2Yv85KwpqTezU4z2Uam_NTBWUk25-HLs1MFv8MnHyUn59JESmRcAoCZ_4Kip8Pw_sx7SO6xOPFQ7xmNpgN0teMdQmYeRS0GTHYj7LQvJPyewSJ6KlmVke7MmBv22WAaoq_9SbQBUVpT_0eucnB8JwO2Cv-0NuJpeTIAnXGF6307zcypDIA_V39wU1HyW1oNkcH4lP4OA3BRcl97fzKM2n5_PbyONVmx-O9IxbmMmKvu9ZZlTO8c13sgJeWN5082pbAIYfuAIBirlfqC3UxePsQApE8Slvyin7gfp3WCxJ_oWj_y8UAMNpvnyLZcPcE-sYaNpYCQN9Wl_tUWO27YR9U6u5cHpNGLnR86xn0EDi-qBG2-yie8-EB2-hrnPPfKPRMtp9Te2-26IKV4zgRH2LBMVNq_E4rE9Wyyi2bYR7X0i04BtCZNbL3BQ0IOq0-2-sTVqfhtxEQ955Ezd5XvxoSztSO3tkN8T8xUNYR_FIpvtyFqwe5rEU_iWXm8IvyUxJmkx65jUP9IXe-eBa7aLfsXzZyTcAp0MK9LTqhB32ecEp3OEzrkYfP-wu7K0yKokKI0cto6k2TQIehg5GIQn7s1F7GF3PJ8lN_lhLKHJWV_g4qsMfAMUoVbYNToihAhHNunfIq3xu7NVjf-od5tP83ufUf0FEMFxOnFZ5Nm48IkNWVLA-TNeEDQE520lHa2sM4cdWdP8A64LMG1ou4q3KkJm9Bz8_n-YmmmfUke5fX7y9Xy6qNhzZH1zzZCorvTeoNi8ebIEGgGCkaZmOiX2vXVDz2o9vPneaIH-kvKJAvjiRldx8k8MsIvvPtTWXihngvKU6_6HmJx6GM90tiwWgHq6ZTX-e_bbPyabGZXS_BLVW-hq9vzzMeVDIBcKqHfO5jCehrc_-pYSujeJJ7Kwz17PeF8I4vg02p-dJquMB-FkIyiUMcO2QFg8vzlJOLMQ58vLZYGOCjc5ZqOiOIwmHguC_N40k-vXcO5t88qGzEB5c8e4QWrjB1iJRDv6muaK0SDRuyT0UGgqulhhmutnNWrTtYyNaMjz__balQZBhtbIbd-nT8ErW4qkYnVTL-SK41H8lq_2QLuxgeg6Axw_dUZeVG80_aGvIygdsVoK-DWBLispa-JwzKjAC5-KbVgJLmdwHA3ofuMw-yO054KH8RiqYSmafpPfxdoPwqB0q7K3mbFTQkrkymIz4uSTBur8jYnNoAfvfe3NZJQftq1vGjDWwU22fPJDpIpeTOW0Uilf-22T23BhTnMtZXAB6KTB0ZXIlKFviTF7uenGbE942m7h1opGJrWY3QTaQc4jbd8vGQBZvFh1bbamxn-4oYs2d-BJcqH1mhhENwt5arJn-SH5l8iJyuf0kJYazLpuR1t4BeI_hmLuBPkbfisgo2E1DIugbwEPYE96U2olX3DZ3AUFbMJ2cbH30JkEG_wyGHf7lKA0NDd9GXF6UTOLMI_GYrJkm76QnZYMvDbwAPC_qtVtgWEOwFp99J0_Xh-o0kWEZSTwnSRZSgIF3Y9PLCRL0-4nGig6XTZQ_5MbgxIqOBrEXymAIsweaPd4aRSjfXh4YdWiEzBat5-tiN2BT9DPkVEZcLJ1QJt678Hr7SVROqves6vybLgh7au7Yzj1nT8FAOZTEy9-4wHAjNgokrnpzDg-j3k00qow1yGEuM1G4izpAenuonHeAKsZGxRsm1iKyJOTsApa9pn2ngrSw33NI3HImHGGGgjoayGRr_JGV8SToIfauEDJSyxD0h9hLelJej-XTzvU1_pzUoTP_U54aEvPmUVX5eQBWavrw3knZ3OScchgg-R6hTUH1t0uiib_5lSvx0PbnL_OCXJFjjdbFwnTO_YfvNOgNGr7iVP4C7lwSzT9Hb0r1A7wod_YDQuIKGgfbz2IFfPxGLT-2g8qbvaBg6tJcPJfhJc0gWatuMlyA_SYmVQ391llE32nCY9Y9cQ6AQgLMCjPvoJkPTrpBvObMYjst2BKOa_NXchzrwJSrpwUTFJMp-N4CrdpgmEU742IqTIWglYixWYyGCY70rP0HLVc696PLqPP-t8Kj69clWGO4v2cspbGMtJyee17hlwoq3_G1Vm3kgymByFya71iDTehVHPwlnmMlsRmlUBvgnc7Q8vB7IzYfXbJ14K5cX8Pq-sTqlEQhySrF37FuXlCfFzIXvtJrodYMJzc84i5OXLBWNZUXA18eC3Asotc6yk1WkZa20sLAFAP9T_WVatbAxCVIo-l6ZpWfQu-mReI9EGTwi0nEU83rh9dslSIyofbaalM5JmSWHwyC1y536Klck1J_YnLXNNVatr6w5yXR8G8CJQ4n3kVCyIurh2ZfRqvZcVgfWg8mhgSgt6ZuqCqeIsHpwkYq_nAVdbW-mkAULR-_UJ34QX_gd99OuN3o0lUYgMnaDZ-1lu_W_jwRf9G0-sOyLRUw_VLJTLl4y_QcU3bNkvfIH18Uz5n1iyvms4MnrGZCVyN0r7nmpOJQy6Nk7e46vQHyfj8Z8lVlKO6uh_vCMG9_LS-UNi4XSSKfzSHwSoMAlvfKtKQ01O1HuqR5zTzUB4l27NuQ6EPCvG8pvBil8GJbJuC8X30lTa66DFWqlNZ9yrNyA0npnlB0i48N0WR4jCkVePbtjCOoD2uNydoeiyMMhjJlg7S7-J55HREHIbfR8H0tEoydmTJ8Lr-XGU-xZ_lCUbnICBNtCrz0zCrcJAFmnlfPTXv9R4aWR5xKXZRwWNTM3FsOW5GTXeszobeYiUEpwJ3K6LtCYRa6noDp86F0ary6lIN6eTm5bAdSu7zN2ITIBdhhyc1zMFesLZPOpJ3DTa1p0RWLNawRqWAL58MWYgvP41FulIASBvxq5jvb-PCnyokSRP0m0yRMFxMqpKzixFBZH_lG5EDe4hWyeTdmCXAQADdzAOCxYqLIgsW7C5SV8UXcWMedBLF5j5GGV3jmj_Q8qjvXAVzvSS3-r79X9M3BIyw6E4-LDzmRQ-XCs4HFx2jJSkbrhA3nfL9xeDDqQMuhXbQ86Ocfj6suS9UEQas8pXW0feyicVpBhRomzFpI0TyDrU6Ghx-35DG7egEi7Kpar1-_P_Rr0F93hzS-Qb32MXqlJ7q9XgAQIBX_kVUk1-u20uMZrNu9pIg-k5LNDienQ0Z-u_YY2wdvf-BmK-6CZ87bxKqnwlZ4he_xYzn7m5Sl7dLAnnsOMM6eZ2isJc1qj_D2mE_wL8WIcP_GISUiowgKTZOqtSVQE5Qs3FoQK6BuasD-xqsTNYlcygvJBs6Qw8AcgCb865sdEgQem4X5SyolC1PgDiu229GMKEkzflA1juJHmJ3yMGryIJ6hyNOpR1ypqU_m6nUKEZKtbB-9B9l7XfKg0jQyIYQJskGO0B8OkiU3cTrWcuaIdAYKfJ3Ob6xXvv4WNIA4xOPo7RNKnJckfWA_ii1oqYV5toEXq4r5hpoR9vRBVDofVlOAy7k7gkDcw8QpmqIFbjg2KMu-MUQb957Ux6EICOfiaSqar2VhwSjJsk6x7VNEyKOqeWZwV9g-T-FL58A2DHKwdOaJXzv4D-bOrvoMNRZNGrPAZFfWueRqQjv2Rrxlsn0gwzjaSq2aCq8J0gWaBDewhEy7kxTgZ2WTackKgu2zJyRPHbYjIoVWiUE8roiynRv3WvLM3KzK18TbCLFF5UajLSVWTLtx1wHbHn4APhx4V1PIuy3NwccGV3S6uH1HskrH4A0IHH_sFW-HG7ABHxgCF0UkhLa-Nwbfr6hR8gHCo3gMBMRdtQWkddeRbFQjP6pACuv0GqVmh0kghBq-y-6YfHUN9dh_UVFEgY97yQ7z1-ISn8QoBr6rPMuEmkKQSl-GHc5aF6NpBV5Qg3g-Zqgr4ZCnz17Mf2H0AW5QDBKd8U1Z0E0ZTLaYTTYc-t5KElvXxCYUjYtwBhJ3xrKM5xNUpIMzwGgvZLzxGujY4F_5qaGRL-cCI-Dtz0DkD5cgg60Pw-Zo9jMg5RyGeQr1VuikfNcUrsH0xpUCAQSTgDICaaNI8b6NZiT4qZw9yo03nMCnMvY1Cc2imrne8DTX5aWGlEUuTBcQRIZgh9LGbHMVwJhKHOVoxsQ94nw9-bVNLP0J1HLIjU9jRQg5RgBYAE&bundleId=&ias_dspID=3&ias_campId=1013172746&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=20409787662&bidurl=http://www.eokultv.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hzNCtrl9fH_Un6NFj34GYS&adsafe_url=http%3A%2F%2Fwww.eokultv.com&adsafe_type=g&adsafe_url=http%3A%2F%2Fwww.eokultv.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:da7bee6a-2384-63f3-dbaf-3e26d15f30df,c:sEMqeV,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-554d68d5bf-p5wlp,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,fm:tUinMHm+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C171%7C172%7C173%7C174%7C175%7C181%7C182%7C183%7C184%7C185%7C191%7C192%7C193%7C194%7C195%7C1a1%7C1a2%7C1a3%7C1a4%7C1a51%7C1b%7C1c1%7C1c2%7C1d1*.1520146-76103085%7C1d11,idMap:1d1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:29,oid:f0527463-7826-11ee-9848-46bfbfad7997,v:19.8.458,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:20:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11597
x-xss-protection: 0
server: cafe
etag: 8023538936332676572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:20:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2EB8 1 KB
649 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Wed, 01 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E21 38 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 15:26:24 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4B83 42 B
64 B 52ms
51ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstT2z12GqRbWBfYOg596v8AAVlhp31SLn6zkrWo61kZ53LpOTj35tCar5WtpDuZmw7JFk-3C4Vox0_-WS8hyYDnrQqMRxuRBmKijoNRpzRDBHuhWJN3pX7OxOXW-_HMGBcBOAchzFaw3tcR&sai=AMfl-YQ2e_bYCkZmZgY8MYCjRyAi36Betd39s7-m3HxCQfKotl_yNL27KdqR80cY4KDYltbvW75tosMdd6Nbdu5uR3lCnY1QnQY3-pt4kvSEGN8-LmFLsYSjwBVTF8Jy-jNIMeBIzB89gEUYcyy0PHIs&sig=Cg0ArKJSzLUmSJZmZmxIEAE&cid=CAQSTgDICaaNhIFiVk-mrta-r1CQnDdclykiF6fM6tJ5SVceA_GBKrws04oVBPG23-saxT3eEE5aVbugb_-Uxl5UiYbFRRBsKP8jp062Q-RfiBgB&id=lidar2&mcvt=1094&p=160,1300,760,1460&mtos=1094,1094,1094,1094,1094&tos=1094,0,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1438585451&rs=4&la=0&cr=0&vs=4&r=v&rst=1698781910076&rpt=2409&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=ufswebdisp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E74A 43 B
215 B 181ms
180ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c97984bf-7c15-b59b-386e-948576e3fb58&tv=%7Bc:sEMqjp,pingTime:1,time:2619,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:20%7D,%7Br:r,w:160,h:600,t:388%7D,%7Bpiv:100,vs:i,r:,t:1550%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1069,o:1550,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1543~0,1~100%5D,as:%5B381~0.0,1163~160.600%5D%7D%7D,%7Bsl:i,t:1550,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1068~100%5D,as:%5B1068~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:271,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C17.1520146-76103085%7C171%7C172%7C173%7C18*.990511-61634098%7C181%7C182%7C19.1520146-76103085%7C191%7C192%7C1a.1549653-72555946%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d1.1520146-76103085,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:21,sis:631%7D&br=c
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E74A 43 B
215 B 180ms
179ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c97984bf-7c15-b59b-386e-948576e3fb58&tv=%7Bc:sEMqjq,pingTime:1,time:2620,type:c,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:20%7D,%7Br:r,w:160,h:600,t:388%7D,%7Bpiv:100,vs:i,r:,t:1550%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1070,o:1550,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1543~0,1~100%5D,as:%5B381~0.0,1163~160.600%5D%7D%7D,%7Bsl:i,t:1550,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1069~100%5D,as:%5B1069~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:271,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C17.1520146-76103085%7C171%7C172%7C173%7C18*.990511-61634098%7C181%7C182%7C19.1520146-76103085%7C191%7C192%7C1a.1549653-72555946%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d1.1520146-76103085,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:21,sis:631,metricId:grpm1,cmr:t%7D&br=c
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D80 38 KB
17 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 10:04:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 380819
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 16878
X-XSS-Protection: 0
Last-Modified: Tue, 24 Oct 2023 11:28:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs"
Vary: Accept-Encoding
Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Expires: Sat, 26 Oct 2024 10:04:54 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4B83 43 B
215 B 174ms
173ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=1204cfb3-e3e4-0821-b4d9-15e857b84420&tv=%7Bc:sEMqjI,pingTime:1,time:2715,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:39%7D,%7Bpiv:100,vs:i,r:,t:1675%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1040,o:1675,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1669~0%5D,as:%5B1669~160.600%5D%7D%7D,%7Bsl:i,t:1675,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1040~100%5D,as:%5B1040~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:259,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C17.1520146-76103085%7C171%7C172%7C173%7C18.990511-61634098%7C181%7C182%7C19*.1520146-76103085%7C191%7C1a.1549653-72555946%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d1.1520146-76103085,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:40,sis:543%7D&br=c
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4B83 43 B
215 B 172ms
172ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=1204cfb3-e3e4-0821-b4d9-15e857b84420&tv=%7Bc:sEMqjJ,pingTime:1,time:2716,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:39%7D,%7Bpiv:100,vs:i,r:,t:1675%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1041,o:1675,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1669~0%5D,as:%5B1669~160.600%5D%7D%7D,%7Bsl:i,t:1675,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1041~100%5D,as:%5B1041~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:259,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C17.1520146-76103085%7C171%7C172%7C173%7C18.990511-61634098%7C181%7C182%7C19*.1520146-76103085%7C191%7C1a.1549653-72555946%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d1.1520146-76103085,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:40,sis:543%7D&br=c
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2EB8
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMi-FMCdDy5HQRj8HsjlrFk&google_cver=1&google_push=AXcoOmSpiQFR5kUo5E5EDrUr1KbDJibNj6WUAq5ErBbuFIYcFE3HHH5IBDTEka9DzVa5ynolTkwaEb2QJZMT-b6v...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1UdD1XGRSGAfz0uGjw7jCw&google_push=AXcoOmSpiQFR5kUo5E5EDrUr1KbDJibNj6WUAq5ErBbuFIYcFE3HHH5IBDTEka9DzVa5ynolTkwaEb2QJZMT-b6v9QbT5d8oG2on

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1UdD1XGRSGAfz0uGjw7jCw&google_push=AXcoOmSpiQFR5kUo5E5EDrUr1KbDJibNj6WUAq5ErBbuFIYcFE3HHH5IBDTEka9DzVa5ynolTkwaEb2QJZMT-b6v9QbT5d8oG2on

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 31 Oct 2023 19:51:53 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1UdD1XGRSGAfz0uGjw7jCw&google_push=AXcoOmSpiQFR5kUo5E5EDrUr1KbDJibNj6WUAq5ErBbuFIYcFE3HHH5IBDTEka9DzVa5ynolTkwaEb2QJZMT-b6v9QbT5d8oG2on
x-host: tde-deliveryengine-production-5597b7478c-7hvq4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 2EB8 43 B
103 B 26ms
14ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEH01-ZkVTvdwHdqYnmnFuM&google_cver=1&google_push=AXcoOmRM_ZlsOIS-d7hqkERFBWamXgioGv2Be2JqjC3hFZMG508fWct9dif20cHqTlpGm1Y0BQjkkNVTimkb-XNBjL91DHT3Cvc
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2EB8
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GMWwjGLVQ4i8vi31iDMXpA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GMWwjGLVQ4i8vi31iDMXpA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRm3mv6GqJJl3yzfzpdycLZNsZFXVeMKeaOzEqrwclncd4Vh1jOUUhrxmyKphBa0TpSNIyRQIS5aQAvnuugYj6rOIOzro9K

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GMWwjGLVQ4i8vi31iDMXpA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRm3mv6GqJJl3yzfzpdycLZNsZFXVeMKeaOzEqrwclncd4Vh1jOUUhrxmyKphBa0TpSNIyRQIS5aQAvnuugYj6rOIOzro9K
date: Tue, 31 Oct 2023 19:51:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 2EB8 0
44 B 38ms
27ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAOXoSHdw1AGaOa0VciUWi0&google_cver=1&google_push=AXcoOmR2QeWTbodQnuYh6SFrKcxjbIHfG1v-xi-cnMivu6h4bmU2OQhwxHrYErGjsLBhrjKxVZIYGGyCpH0ToEPealWDjUByRB0
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:53 GMT
content-length: 0

GET
H2

200

0.gif
id5-sync.com/i/495/ Frame 2EB8
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEPiB2iIolqjNvIFHFzsOp7U&google_cver=1&google_push=AXcoOmStvJPuNXMJ8KHn90y851GCoVYKehVAplgHtXCLd24Yts66_yI0n30e0EvfHq3hWM8mUXSg-O5sVFBasTU6puo4OWsKvyUEfw
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmStvJPuNXMJ8KHn90y851GCoVYKehVAplgHtXCLd24Y...

43 B
920 B

10ms
9ms

Image
image/gif

162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmStvJPuNXMJ8KHn90y851GCoVYKehVAplgHtXCLd24Yts66_yI0n30e0EvfHq3hWM8mUXSg-O5sVFBasTU6puo4OWsKvyUEfw

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 31 Oct 2023 19:51:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

date: Tue, 31 Oct 2023 19:51:54 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmStvJPuNXMJ8KHn90y851GCoVYKehVAplgHtXCLd24Yts66_yI0n30e0EvfHq3hWM8mUXSg-O5sVFBasTU6puo4OWsKvyUEfw
x-download-options: noopen
vary: Accept
content-length: 273
x-xss-protection: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 2EB8
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEN_Ll5FgjSMY...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSO86BAKVArPP7At1Dk95oktFyqJ_TdEoQnsezyPyl71aGsJrlMSUkas5-9rsA3nA986bvwtsKIIYxWQb1KyGsrQTC63BYd
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

193ms
193ms

Image
image/gif

2.19.245.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Tue, 31 Oct 2023 19:51:54 GMT
pragma: no-cache
date: Tue, 31 Oct 2023 19:51:54 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2EB8
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEFLFyOckJ6BV_MH9yRgv23o&google_cver=1&google_push=AXcoOmQsXGmPku9OJCnZ1n2UyxLqZ62dKnIo1lQ01D4u2AE0ZvMHdDGz1FGy6ZGCHV3...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQsXGmPku9OJCnZ1n2UyxLqZ62dKnIo1lQ01D4u2AE0ZvMHdDGz1FGy6ZGCHV39MdjgxFdtHCIdqKl5CWgZ_Wfn4jH2dGYdow

170 B
188 B

129ms
127ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQsXGmPku9OJCnZ1n2UyxLqZ62dKnIo1lQ01D4u2AE0ZvMHdDGz1FGy6ZGCHV39MdjgxFdtHCIdqKl5CWgZ_Wfn4jH2dGYdow

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 22f82b44.33756f7
date: Tue, 31 Oct 2023 19:51:53 GMT
x-bytefaas-request-id: 202310311951536E0F7426E6F58EC0A52E
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-54-206-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
x-parent-response-time: 95,23.54.206.6
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=9, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202310311951536E0F7426E6F58EC0A52E
x-cache-remote: TCP_MISS from a23-218-219-53.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQsXGmPku9OJCnZ1n2UyxLqZ62dKnIo1lQ01D4u2AE0ZvMHdDGz1FGy6ZGCHV39MdjgxFdtHCIdqKl5CWgZ_Wfn4jH2dGYdow
x-bytefaas-execution-duration: 4.20
access-control-allow-origin: *
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01b208e852c33176d3feed22f13ecd9f565c47a186e70c91dcc14eb251c9949b418eb642db2e0e34a95872f15095f59f698ef97497b362bce0fc83e013012fd77ceaa67b58a33f91fc0e842089a6adec682fdbe4db9647e97be349f417fcf1de983fb101c6d6cd67afac2f9e378e5d4a48
x-origin-response-time: 9,23.218.219.53
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Tue, 31 Oct 2023 19:51:53 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2EB8 0
12 B 25ms
16ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KjFVuJQ26iWeNpahOao-RIGRTvvz_h8GGhXzWSvDZH4PHuy_QpR4Np4z6LBB0Dqdivmq2zmVGv

Requested by

Host: 89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
URL: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15626680059600941049/DE-DEU_XA-07_0__300x250_BAN-A_HTML5_TOFU-no-B2P-RAeBookV2-ALL_0_105/ Frame 7DB7 259 KB
166 KB 18ms
15ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15626680059600941049/DE-DEU_XA-07_0__300x250_BAN-A_HTML5_TOFU-no-B2P-RAeBookV2-ALL_0_105/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

848e75e544aa7c9b82555684bfe08edbcc3ec28a93ce34344b313d23a98e6d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 358177
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 169990
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 16:22:16 GMT
expires: Sat, 26 Oct 2024 16:22:16 GMT
last-modified: Mon, 12 Jun 2023 11:57:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 Cisco_cyan.svg.js Show response
s0.2mdn.net/sadbundle/15626680059600941049/DE-DEU_XA-07_0__300x250_BAN-A_HTML5_TOFU-no-B2P-RAeBookV2-ALL_0_105/ Frame 7DB7 3 KB
1 KB 16ms
10ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15626680059600941049/DE-DEU_XA-07_0__300x250_BAN-A_HTML5_TOFU-no-B2P-RAeBookV2-ALL_0_105/Cisco_cyan.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15626680059600941049/DE-DEU_XA-07_0__300x250_BAN-A_HTML5_TOFU-no-B2P-RAeBookV2-ALL_0_105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c70489f5c3c113d624b62a73bdfd5fad67e9ab85f6a7f548d91d4bdb96654adc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15626680059600941049/DE-DEU_XA-07_0__300x250_BAN-A_HTML5_TOFU-no-B2P-RAeBookV2-ALL_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:12:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103157
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1011
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 11:57:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 15:12:36 GMT

GET
H3 200 ART_RA_Campaign_eBook.svg.js Show response
s0.2mdn.net/sadbundle/15626680059600941049/DE-DEU_XA-07_0__300x250_BAN-A_HTML5_TOFU-no-B2P-RAeBookV2-ALL_0_105/ Frame 7DB7 13 KB
4 KB 18ms
11ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15626680059600941049/DE-DEU_XA-07_0__300x250_BAN-A_HTML5_TOFU-no-B2P-RAeBookV2-ALL_0_105/ART_RA_Campaign_eBook.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15626680059600941049/DE-DEU_XA-07_0__300x250_BAN-A_HTML5_TOFU-no-B2P-RAeBookV2-ALL_0_105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebe52fab74da6dae193400a6b2132e6665c9b14d3be53dce999714e772ef55e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15626680059600941049/DE-DEU_XA-07_0__300x250_BAN-A_HTML5_TOFU-no-B2P-RAeBookV2-ALL_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 16:22:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358176
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3583
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 11:57:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 16:22:17 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F510 43 B
215 B 198ms
196ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=60b9e6e3-faa3-dc15-fec4-813062a01490&tv=%7Bc:sEMqmA,time:3523,type:e,im:%7BpLoad:3135%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:2369,o:1154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1146~0%5D,as:%5B1146~300.250%5D%7D%7D,%7Bsl:i,t:1154,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2369~100%5D,as:%5B2369~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:268,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C17*.1520146-76103085%7C171%7C18.990511-61634098%7C181%7C19.1520146-76103085%7C191%7C1a.1549653-72555946%7C1a1%7C1d1.1520146-76103085,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:24,sis:550%7D&br=c
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:53 GMT
server: nginx
x-server-name: dt23.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF16 43 B
215 B 178ms
177ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=a39e18a9-5080-8a1c-4a18-e46e7486b4da&tv=%7Bc:sEMqo3,pingTime:1,time:2623,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:42%7D,%7Br:r,w:300,h:250,t:486%7D,%7Bpiv:100,vs:i,r:,t:1559%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1064,o:1559,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1550~0,1~100%5D,as:%5B477~0.0,1074~300.250%5D%7D%7D,%7Bsl:i,t:1559,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1063~100%5D,as:%5B1063~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:211,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C17.1520146-76103085%7C171%7C172%7C173%7C174%7C175%7C18.990511-61634098%7C181%7C182%7C183%7C184%7C185%7C19.1520146-76103085%7C191%7C192%7C193%7C1a*.1549653-72555946%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d1.1520146-76103085,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:43,sis:503%7D&br=c
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:54 GMT
server: nginx
x-server-name: dt26.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF16 43 B
215 B 176ms
176ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=a39e18a9-5080-8a1c-4a18-e46e7486b4da&tv=%7Bc:sEMqo4,pingTime:1,time:2624,type:c,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:42%7D,%7Br:r,w:300,h:250,t:486%7D,%7Bpiv:100,vs:i,r:,t:1559%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1065,o:1559,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1550~0,1~100%5D,as:%5B477~0.0,1074~300.250%5D%7D%7D,%7Bsl:i,t:1559,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1064~100%5D,as:%5B1064~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:211,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C17.1520146-76103085%7C171%7C172%7C173%7C174%7C175%7C18.990511-61634098%7C181%7C182%7C183%7C184%7C185%7C19.1520146-76103085%7C191%7C192%7C193%7C1a*.1549653-72555946%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d1.1520146-76103085,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:43,sis:503,metricId:grpm1,cmr:t%7D&br=c
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:54 GMT
server: nginx
x-server-name: dt27.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame 7DB7 73 KB
73 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 7DB7 73 KB
73 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fec887106ba2c9d7c00a3b18f691a517c3f9831926442abd498bdaad4cde786

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D80 0
459 B 43ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.599.0&bgai=B4uhi11pBZZfLO_ex2fcPia6euAIAAAAAOAG6BRMI7sOl44ehggMVAUT2CB2OOgc2&bg=!X1ylXBPNAAbo5yKYyOc7ADQBe5WfOMF-SREFtpviPAlU293E1uVK_WRXtSZoveB6u-ESXM7Gm0RRgHa0ZaE0Yjgw7C76AgAAAdRSAAAABGgBBwoBMg0bsyswx0qepWBJDzecJvDIh_C2BsxzouvvRWdsANkNPCex3ySD9wcmylUPte-Sy4LSB9KTjahtyS37vb9mhIa9ebdnmMLA-kjaKD3v4wx-P5JKmCvOpmVdmPh3GFVQY9t_UasSfKZpIIR-ZEJmXS_58IaKitEfl12Xug-2J7hOtXt2IyY73pECSTsqXGp_j1ZBO0U5KSwIMbunzNnhcIO1dpaMLh1cjgndfELRn0iK5BhjXwjrE5007CMIRlo1RVOQ7V4q7Dkvo7pSNowntfSuCyI926PuHrob27dEeFaDpA14YmCE7Vd5nCkoVngvP6qT9I92x6IWC19SXsaZfZkEmkD1VPoQYVIcXmCi4GFJxuRBG2wFnRcu7sgV1t8ZtQ6341sQjJy1IVP2eAtPL7uNOJkCML8nIVe1NzXD1jbA2ZmeiDlGDsSq-BlIMVtSKQdTSG-U20yJNsgkgbbSC60pgYUmzd2GgasMvJis1MQiM1FNyBVufUSUWtdjnemdar04upSeBqsyfvY_8OkCxIEffBwXLeix7DtnMHxUg5yPhxREXU_XH9ALfrpIrGMj1L94ARMTFv_p8EtE5SFQpLO9olgwJjgP67bgh-xWtlPtWmZdj7VdbPHQVXKeCwBWsqf6BaJIEqQp9DTAOx1WP4l_zAKNoRgCN8TUxGuWGUHLTXlJJ25wGO4CevSY7_9Lk6G0yXZqubfNsqLdLtdMuF9rnW2IldDdIZZo94TvPLB0DibKMgV3qsN4HPya0v_MlqlUfVa9oiUmXoaw_AOBc6pAp7ksUqVQ9ZEG4qpepLKH-z_V7b6nGDyIkW2GWt5ZifRGuH2Hlmu8fBc6DAht2UQOPU8D306lR-COsBwQb0b2tqJhSVZPJ45lQIV5vEPe-UR9KST_OKRwbwl6nyeqFbraAlnEmu2qcMb414nCZsfunOqmWH9mZBdJU4bVBQtjbt4pMNCdyFBc0kZoYi0Kf9R3yY1COp56Of6W5CltzH2argRCo3-qsHcZRx9aIuSoJXeyBfyg15DWCWrSD88yanZYFmboyye6xe8xokxN6qOadnXCMZZAk4Jxi0CbkF0rZRfixwQlpSt9t6L2MVGPATxuxJkij5nzzLcAVefZI_Y9SW-Ij4-DDJBGENp3S8dgX0VzzLR3

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 19:51:54 GMT
X-Content-Type-Options: nosniff
Server: cafe
Content-Type: image/gif
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E21 0
25 B 44ms
44ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BgFGX2VpBZZ6MEtucjuwPh46EoA4AAAAAOAHgBAI&bg=!W1ilWBfNAAbo5yKYyOc7ADQBe5WfOInXillBjXLaHE7usnPYGDsOpShHARg985Fn3vh0XYn5uPokQYB5UL-7mJgE2HJ-AgAAAgtSAAAAB2gBB5kDaWsLYvEtH1le2KzNiLpbiz4fM75P8wC9fF2PrbPspgid7PqGrhULvDiSksWahGqs-_rxtULclkEy4NPPtpP2ahvccm6tpkz6zQq3ssVqWehnJXit4SK-wKsY7xVyCAKqZSnLHwUqwTck9p2n-QD1odHcvL5YLSOBmT1T0oGW6HeqkfO4EF1S4nvZvTirXONIOWdpTl38zt8OQnVir7e9pZs_TyKUX-2LUVAJHrV5S65VxJ5kAWpMUdwsjaZPRJzwMZsXngSHyUYOQh5o_dB2QxWj9C-Z9yK4h2khUpwR-s-Re5DB2eGNJF6fRkDKQ8e8EfDwEFC4VIo5O6357wpaAuDStM4M6Dcu-VpqJM0QcPtd8qywPJK9U1GyIEW1Ai03pm0cjvgaRFtKVt7dzvdwawJ3eCXbsRvO0t4ooY3_17QFvQHHcS-k-Pxi1YnfblupUzWyOwEj-RKrbOXun26btNO8nFC-wvGBlHdoD1HwmC2c90ZygCt4R_yZz6qV8HXVqhe3-kOfA8ucLAEba3iUq9SabX_-RuW_T4oCc3SkyWFblu9dRgBfnta4PWrA5B-1nN4Vv-Vp8QhB8ntlxHOJ5lnXQgpkOI1u2xH6HMGC8fzsACpOBiGLbpkYWftB3dJTA-wBLWgJ7oVZr4LgQjvXnbfQc_uW7QvPg74Ls4IkL70oKRfuPOTtAk8ZDYhB-CDU4rbt0QMVy5owt19HaNzErRNii8WbyUkJo43_bJGCRI8Tv7Vlm8f09xPecRXUN-bUEg7PycgzQtCRnx9QY4W9MFRzVNHAdcCG5sTG1V-7tp_sE84EEbWSPLOARUmxhhv7fd_z6pxybbWY3PirOLvdAJN0-HziISbTePr9Zh7dcG7kqrNMPivcPBvyBKsZgVZKhUD56hvZST2WEHHnUI-bxd466ahin1EwaOyCu9Y-4fY8r4m1HOFlVvz0TLNfOlPV1pI54OMQoM5LmRiskYJJGHdFDEwnq_Rxq5XW6h5X5wEnxaGuVnY4BorEFZ9twCsCwb9be1VnywzY5Ej6cgjx4QQQDfs6dRTPkrpHKtepsylScceTC5r68qAnkryTtWcSy-x29stylj4dspcNhrCDn9I8ZGVsoX_LAcaQK8CHwBInsb8xDbGjhZCW7J_FfYxUDtUOO1MpJEpTxg

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF16 0
25 B 42ms
42ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3203315920492&version=m202309260101&ct=76&x=1&cor=1661149157785097700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B83 0
25 B 68ms
67ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4943375442886&version=m202309260101&ct=76&x=1&cor=18252408594768163000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F510 0
25 B 41ms
40ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6427053213159&version=m202309260101&ct=76&x=1&cor=9030147274417227000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E74A 0
25 B 41ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9930797156773&version=m202309260101&ct=76&x=1&cor=10065548702176176000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C552 0
25 B 46ms
44ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5292461119218&version=m202309260101&ct=76&x=1&cor=6624748079206966000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9732 42 B
69 B 54ms
53ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzPb9OZyhE8uxuEn_t1CRfB_Nd3PgChxm684sfY_3wXQdHXN_UGtvjfeuNvYKHnyGGLncqSRUSHQAl_YpRv-fRMtiCYn5FxWFb8bJ5L-WaXWkxuvEGjUq-eAxkuw8m3YC5l_Adtw2_GXSLWacjiXk3JPiguKVRJob-EilylepP5PZPawDkAlXjjZhm9s0D5RsfBOP6tM4&sai=AMfl-YTA1glTq5YXapTPv1_MhwB8lrN9y-F92fVV_GvzxwcRiSwk_UyOKKpmRllWXh46rlVMp1mJXf3t94etkN6XRu_Ss2Iy9rSJZI2mAmdURl4qFF-kSVHpoTgfBHeW2IXZiNFZPmNFyvU-njl4rCtl&sig=Cg0ArKJSzCYpzLOYcvyJEAE&cid=CAQSTgDICaaNOixLGPdjgY53TRWsVFJLp3Cyypg2eBQK6Z1u4EYHuIs7bhGmxbDCK2SwBEk2wBOSfJkSDOdI8r5Ji-MkBt2kywk_JxKVeMsRMhgB&id=lidarv&acvw=sv%3D958%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D457,975,635,1290%26tos%3D2074,0,0,0,0%26mtos%3D2074,2074,2074,2074,2074%26amtos%3D0,0,0,0,0%26mcvt%3D2074%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2074%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D707%26pst%3D531%26dur%3D58676%26vmtime%3D1731%26dtos%3D2074%26dtoss%3D1%26dvs%3D2059%26dfvs%3D2059%26dvpt%3D2059%26is%3D33554707%26i0%3D33554707%26ic%3D16777217%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2231%26femvt%3D0%26emc%3D11%26emuc%3D0%26emb%3D10,0,0,0,0%26avms%3Dexc%26qi%3D450467798%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnk%3D1698781909835%26ptlt%3D1698781915192%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2074&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1698781912696

Requested by

Host: www.eokultv.com
URL: http://www.eokultv.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C552 43 B
215 B 172ms
171ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=da7bee6a-2384-63f3-dbaf-3e26d15f30df&tv=%7Bc:sEMqNj,pingTime:-10,time:2161,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTguMC41OTkzLjExNyBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1698781911215%7C%7C1730ec3f3fde8d3e8d645f22650f1140%7C%7C2a46ab34512a4512731c109fe969e5e3%7C%7C2a8542079a7c3ba2af04cfd3ad9deacf%7C%7Cfbcc56889b8ea1108b65c160c36e3b18%7C%7Cfc5a12ea1fcadb658166c3cc04be176c%7C%7C14b87a34d9c08724ac6cf1cb028ed9c3%7C%7C0c61645d568072f243adee01ab2d13ce%7C%7C1663701684,sca:%7Bspg:60b9e6e3-faa3-dc15-fec4-813062a01490%7D%7D
Requested by: Host: www.eokultv.com
URL: http://www.eokultv.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:55 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 css
fonts.googleapis.com/ Frame D100 2 KB
571 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:900

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6539183625060334138/8d07b282c8e661b71feb1e048005bbde.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5700bfcb505c60e0f1a05212cb1f4d394dee20e56920da711271b926938f4d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 19:51:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 19:23:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 19:51:55 GMT

GET
H3 200 fb2405b160d35da2c54812c244ca11bc.svg
s0.2mdn.net/sadbundle/6539183625060334138/media/ Frame D100 7 KB
2 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6539183625060334138/media/fb2405b160d35da2c54812c244ca11bc.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ae0acf8f41b691001b7f1ab5413ddb845dc438f0edf7e354960a305f3f9d1bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6539183625060334138/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 17:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7911
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2357
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 14:42:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Oct 2024 17:40:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D100 15 KB
15 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 04:28:14 GMT
x-content-type-options: nosniff
age: 314621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 04:28:14 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 60ms
59ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231026&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e4f9893a2e198e18cd38b887286f5a4814df2661190bb4ca443ef35c56a64ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11990
x-xss-protection: 0

GET
H/1.1 200
OK eokultv.jpg
www.eokultv.com/wp-content/themes/netegitim/ 9 KB
9 KB 40ms
40ms Image
image/jpeg 194.54.82.174
SERVER server.ua

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.eokultv.com/wp-content/themes/netegitim/eokultv.jpg
Protocol: HTTP/1.1
Server: 194.54.82.174 , Ukraine, ASN3236 (SERVER server.ua, UA),
Reverse DNS: server.1ua.photos
Software: LiteSpeed /
Resource Hash: 1416c65215956aa7e5f3c7139cdb5a9aaa21dacc198fd929f4c65daadf662fa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:56 GMT
last-modified: Fri, 17 Sep 2021 21:46:03 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 8743
expires: Thu, 31 Oct 2024 01:51:56 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 19:51:56 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1474 13 KB
5 KB 12ms
10ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.eokultv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15933
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 15:26:23 GMT
expires: Wed, 30 Oct 2024 15:26:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A277 829 B
560 B 21ms
20ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

349b5f435bc7091eb04bb0a3f29d40589a30fa7d66f680a31832dfba364d94eb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hQeG6CvBp3woNmQFlXbcJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.eokultv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hQeG6CvBp3woNmQFlXbcJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 19:51:56 GMT
expires: Tue, 31 Oct 2023 19:51:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F510 43 B
215 B 173ms
172ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=60b9e6e3-faa3-dc15-fec4-813062a01490&tv=%7Bc:sEMr3t,pingTime:5,time:6182,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:23%7D,%7Bpiv:100,vs:i,r:,t:1154%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5028,o:1154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1146~0%5D,as:%5B1146~300.250%5D%7D%7D,%7Bsl:i,t:1154,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5028~100%5D,as:%5B5028~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:233,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C17*.1520146-76103085%7C171%7C18.990511-61634098%7C181%7C19.1520146-76103085%7C191%7C1a.1549653-72555946%7C1a1%7C1d1.1520146-76103085,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:24,sis:550%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:56 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F510 43 B
215 B 172ms
171ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=60b9e6e3-faa3-dc15-fec4-813062a01490&tv=%7Bc:sEMr3t,pingTime:5,time:6182,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:23%7D,%7Bpiv:100,vs:i,r:,t:1154%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5028,o:1154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1146~0%5D,as:%5B1146~300.250%5D%7D%7D,%7Bsl:i,t:1154,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5028~100%5D,as:%5B5028~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:233,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C1514%7C16%7C17*.1520146-76103085%7C171%7C18.990511-61634098%7C181%7C19.1520146-76103085%7C191%7C1a.1549653-72555946%7C1a1%7C1d1.1520146-76103085,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:24,sis:550%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:56 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 1474 38 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 15:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 15:26:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A277 0
0 45ms
44ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231026&jk=2929549923447421&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1474 0
10 B 10ms
9ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JsCIiw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:51:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231026&jk=2929549923447421&bg=!VValVhnNAAbo5yKYyOc7ADQBe5WfOOl2KTCqNxmul7KPLSallN9fVDYgENpIjO6SJyTKHpfZ63RvdtS059-B3wztfpT_AgAAAGNSAAAAA2gBB5kCvr26u5NUgjeSUfgnPgKZZx5TE7iJ33GZlMP22qTdkR7sK04Qk8c_i9hcyEuJrRvKEaFCq1OECLDmauaQHo0SsEzwGe06aNumJPcmXRMnZnxwUG7cH6tHCbw0YUkjioK_zhbIHeBSyyd-WzbtyLWB2vUjbZoDL8lY1Ns_MIJ2f3jGH2ricD9VlpEj1FZ03Tjx1PAmdvc-T5VsKwnfTg7kStCv6yWFCT1mpZLySc9JNnUc0V_EZiNCj2wLeOO6nDHGGD33OgiA50Vs_jpA6wF-_dxrt12xasfUm6VYpMV56Zd93tcRfyscF3HVmh085r5aFPr1hGj0VJFF4FUpxa7hYzuVE_JtRj1QwL_eM5wPKFrBwX__XFuNraZj2-c-Uu5jvH0HZn-svlvgt9z5NjjxqV44oVEqCL7uJE6CM0Z6PUjoU_KlXTQ4mfuGrt5snNHwbhfWo8naS1eVYg2J3wHpYMdxkeqYw9b_qZN0zjyBWDjcizGefh6D6nkGRE3o1plRAVp3V2RRn3x2z5eDiLoq2jPuIA73VJh4SNnV3_zPp7I5eX79xx0RUDAX_d65EfezCfqNZGb75oQ5f8SkbS-GrJhMM5ec3yZNwsnHyGcsFG1o53_z03tXT6c2P_HRNQY0_hMlJi4NMhSrn7-qiXJiz-qtmlVnBK-kF6SiYeofCSin1MdmFMGxQGPlM3vqQaLUul0zs8IDS5dvo-2B1Xv889t31p5OPGfC3UIt9ggQOik8EuJGRhcbJSDghpA4pVrUp9diKqh0Bagy0WYRRU9LFDpGcCGZVKZ2gDZy_T5klcKwAWqOSzXM0unCLKHEPOgjmmvbtOOcikZaVe_F1Ubv_twXIUDYCFRIXh3w-O5ys7g6F4gw6ufeHxqjLaA4yuuMgtMx1-VTu8UzEwAKifSBz6mvoXPmuRkBeeQtfpgajA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A3ED 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0uAMJfE5fW1KlmGdUVReF8KvLe9sagoC3VX_18-KkGIONudtqqbnlppnZ4cId6Wuae8W5nio_ltON33nfFw7HBxBHE-AAINZaim2MlYGkUdyomh9IOxTYtetAYpPp4jSuJTtoF-A5KhDQ&sai=AMfl-YTeeSA_y3i4GpRpa6moHxlRgoUroocF0AtxfgyPbPC9Zx_uClwLiypipFNB3qxLOmS05GyGaeIQ-MD98W4M74hBnplXxyMmgshCwSVyK8fWvGm4rdm7ZdfhHXxL&sig=Cg0ArKJSzL3ejkn3WektEAE&cid=CAQSPADICaaNMvazYQfBZlFhop2A1x_CbjFWW2I7iViIyCw-ROZef8EvAZIcEJOMtmGu9SWs-3aBlE9K6sYfLxgB&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=630483377&rs=2&la=0&cr=0&vs=4&r=v&rst=1698781909718&rpt=6629&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 37ms
36ms Ping
image/gif 2a00:1450:400c:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&top=1&puid=2~loeqw0z9&c=7057876090133&slotId=3528938045066.5&met.4=hvd_lc.loeqw0z8~hvd_ad.loeqw0z9~hvd_mad.loeqw0z9~hvd_admu.loeqw0z9~hvd_src.loeqw0z9&ps=315x177
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::78 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.eokultv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E74A 43 B
215 B 172ms
171ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c97984bf-7c15-b59b-386e-948576e3fb58&tv=%7Bc:sEMrl7,pingTime:5,time:6569,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:20%7D,%7Br:r,w:160,h:600,t:388%7D,%7Bpiv:100,vs:i,r:,t:1550%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:5019,o:1550,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1543~0,1~100%5D,as:%5B381~0.0,1163~160.600%5D%7D%7D,%7Bsl:i,t:1550,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5019~100%5D,as:%5B5019~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:242,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C17.1520146-76103085%7C171%7C172%7C173%7C18*.990511-61634098%7C181%7C182%7C19.1520146-76103085%7C191%7C192%7C1a.1549653-72555946%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d1.1520146-76103085,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:21,sis:631%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:57 GMT
server: nginx
x-server-name: dt27.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4B83 43 B
215 B 174ms
173ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=1204cfb3-e3e4-0821-b4d9-15e857b84420&tv=%7Bc:sEMrlP,pingTime:5,time:6690,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:39%7D,%7Bpiv:100,vs:i,r:,t:1675%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5015,o:1675,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1669~0%5D,as:%5B1669~160.600%5D%7D%7D,%7Bsl:i,t:1675,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5015~100%5D,as:%5B5015~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:224,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C17.1520146-76103085%7C171%7C172%7C173%7C18.990511-61634098%7C181%7C182%7C19*.1520146-76103085%7C191%7C1a.1549653-72555946%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d1.1520146-76103085,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:40,sis:543%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:57 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4B83 43 B
215 B 176ms
175ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520146&asId=1204cfb3-e3e4-0821-b4d9-15e857b84420&tv=%7Bc:sEMrlR,pingTime:5,time:6692,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:39%7D,%7Bpiv:100,vs:i,r:,t:1675%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5017,o:1675,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1669~0%5D,as:%5B1669~160.600%5D%7D%7D,%7Bsl:i,t:1675,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5017~100%5D,as:%5B5017~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:224,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C17.1520146-76103085%7C171%7C172%7C173%7C18.990511-61634098%7C181%7C182%7C19*.1520146-76103085%7C191%7C1a.1549653-72555946%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d1.1520146-76103085,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:40,sis:543%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:57 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF16 43 B
215 B 173ms
173ms Image
image/gif 2600:1f13:800:7782:4735:3296:e5d6:987f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=a39e18a9-5080-8a1c-4a18-e46e7486b4da&tv=%7Bc:sEMrpz,pingTime:5,time:6561,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:42%7D,%7Br:r,w:300,h:250,t:486%7D,%7Bpiv:100,vs:i,r:,t:1559%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:5002,o:1559,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1550~0,1~100%5D,as:%5B477~0.0,1074~300.250%5D%7D%7D,%7Bsl:i,t:1559,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:205,fm:tUinLUF+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C1514%7C16%7C17.1520146-76103085%7C171%7C172%7C173%7C174%7C175%7C18.990511-61634098%7C181%7C182%7C183%7C184%7C185%7C19.1520146-76103085%7C191%7C192%7C193%7C1a*.1549653-72555946%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d1.1520146-76103085,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:43,sis:503%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:4735:3296:e5d6:987f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:57 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9732 42 B
64 B 45ms
45ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRIzt11pBZZfLO_ex2fcPia6euALm0ryOc_jGiej0Ea-BuuPXAhABIOa0gmsoAmCV4pCCoAegAf_bisgDyAEF4AIAqAMBmAQAqgSTAk_QvrM9MPcKSteqfYx4Y_GLrgGfXtJsaP2Qo2KzP9yeqnIo_oacxe7jprVWuBFEULKzWxeDIH9_LBORwDOWybLKt3lGID44vM_fHzJjpbuafYIKB3ku3jwwa2Bf7GYFZCeiGq0l6idiSCqHGnWbJEQ84sm-pyhci_BEAdah5YIUFpZxCVOcCG7lvauEN0NzCwweyT7bKG3p8mm1rD5uCMe6YyQQ1N7T4GuJvvdt5SevHzf1sDMjFV5QrnRBQQjAxaCsvz4nDl6t-inQI44CGDPhT6SltOfVvfEnB5OgH0GABht_rpO0XuuR8RS_C5YucxC685t6j1LgiUcBq4G4Dt__897AYJ1XKrKahGGhMs9qO5gMwAT3iKjavgTgBAGIBaH3idBLoAZUgAfy3vqjAqgH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHAagIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTE4NDU5NzY4NjM3OTIwMTOACgPICwHaDBAKChDgxsWY3-3GlnASAgEDqg0CREXiDRMIjtim44ehggMV91j2CB0Jlwcn2BMMiBQB0BUB4hYCCAH4FgGAFwE&sigh=feVlT2p8NNg&cmd=Ch1jYS12aWRlby1wdWItNzk4MzY1MTI1NzgzODI4MhAAGAI&label=video_skip_shown&ad_mt=5200&acvw=sv%3D958%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D457,975,635,1290%26p0%3D457,975,635,1290%26tos%3D5292,0,0,0,0%26mtos%3D5292,5292,5292,5292,5292%26amtos%3D0,0,0,0,0%26mcvt%3D5292%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5292%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1326%26pst%3D531%26dur%3D58676%26vmtime%3D5199%26is%3D33554707%26i0%3D33554707%26cs%3D50336019%26c%3D1%26c0%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D5292,5292,5292,5292,5292%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D2231%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D26,0,0,0,0%26avms%3Dexc%26qi%3D450467798%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26pnk%3D1698781909835%26ptlt%3D1698781918409%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5292%26ss0%3D0.02&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1698781912696&sdkv=h.3.599.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYxNTQ3MjMyNTQ5NjIMNjY0MTExOTA0Mjg2QLYFUiYQDyUAAHxCKAE6C2ZHTldBTG9QMUJRQglnb29nbGVhZHNIqANQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 19:51:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.eokultv.com
URL: https://www.eokultv.com/wp-content/themes/netegitim/font/fonts/fontawesome-webfont.woff2?v=4.6.1

Domain: www.eokultv.com
URL: https://www.eokultv.com/wp-content/themes/netegitim/font/fonts/fontawesome-webfont.woff?v=4.6.1

Domain: www.eokultv.com
URL: https://www.eokultv.com/wp-content/themes/netegitim/font/fonts/fontawesome-webfont.ttf?v=4.6.1

Verdicts & Comments Add Verdict or Comment

267 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eokultv.com/	1970-01-21 01:29:01	Name: _ga_NGHJB18CB5 Value: GS1.1.1698781908.1.0.1698781908.0.0.0
.eokultv.com/	1970-01-20 15:54:28	Name: _gid Value: GA1.2.1026597884.1698781908
.eokultv.com/	1970-01-20 15:53:01	Name: _gat_gtag_UA_77747364_1 Value: 1
.eokultv.com/	1970-01-20 18:02:37	Name: _gcl_au Value: 1.1.400482007.1698781908
.eokultv.com/	1970-01-21 01:29:01	Name: _ga_FNZMWC1HCX Value: GS1.1.1698781908.1.0.1698781908.60.0.0
.eokultv.com/	1970-01-21 01:29:01	Name: _ga Value: GA1.1.496794985.1698781908
.eokultv.com/	1970-01-21 00:38:37	Name: _ym_uid Value: 1698781908857450292
.eokultv.com/	1970-01-21 00:38:37	Name: _ym_d Value: 1698781908
.yandex.com/	1970-01-21 01:29:01	Name: i Value: +CrvJPiUPalmR8iOE6cGvR82Eoms6kuqMIPgf8+0xu6KTwVrhVid8p39zSSgUPOo/fHhTc7mruOxYnShuTjeT3NwQFU=
.yandex.com/	1970-01-21 00:38:37	Name: yandexuid Value: 4235420161698781908
.eokultv.com/	1970-01-20 15:54:13	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 15:53:02	Name: sync_cookie_csrf Value: 1785231623fake
.mc.yandex.ru/	1970-01-20 15:53:02	Name: sync_cookie_csrf Value: 3139859206fake
.mc.yandex.com/	1970-01-20 15:54:28	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 01:29:01	Name: yandexuid Value: 4235420161698781908
.yandex.ru/	1970-01-21 01:29:01	Name: yuidss Value: 4235420161698781908
.yandex.ru/	1970-01-21 01:29:01	Name: i Value: +CrvJPiUPalmR8iOE6cGvR82Eoms6kuqMIPgf8+0xu6KTwVrhVid8p39zSSgUPOo/fHhTc7mruOxYnShuTjeT3NwQFU=
.yandex.ru/	1970-01-21 01:29:01	Name: yp Value: 1698868308.yu.6923904611698781908
.yandex.ru/	1970-01-21 00:38:37	Name: ymex Value: 1701373908.oyu.6923904611698781908
www.eokultv.com/	1969-12-31 23:59:59	Name: pId Value: vnet5549f2a3-c772-44a3-858e-70dddb77fd4a
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1452780171698781908
.yandex.com/	1970-01-21 00:38:37	Name: yuidss Value: 4235420161698781908
.yandex.com/	1970-01-21 00:38:37	Name: ymex Value: 1730317908.yrts.1698781908
www.eokultv.com/	1969-12-31 23:59:59	Name: TAPAD Value: %7B%22id%22%3A%220ef36d0f-9533-42be-a1be-4185e1a0384b%22%7D
.w55c.net/	1970-01-21 01:23:16	Name: wfivefivec Value: NajiSmlp1QXUMd5
.ctnsnet.com/	1970-01-21 00:38:37	Name: cid_3cb2f3ff35374c5aa6e38ac67bba8391 Value: 1
.ctnsnet.com/	1970-01-21 00:38:37	Name: gid_CAESEHBHYu051hAN58j3JTpfWIw Value: 1
.w55c.net/	1970-01-20 16:36:13	Name: matchgoogle Value: 5
.adnxs.com/	1970-01-20 18:02:37	Name: uuid2 Value: 3008122776583557318
.adform.net/	1970-01-20 16:36:13	Name: C Value: 1
.turn.com/	1970-01-20 20:12:13	Name: uid Value: 8993441568265859303
.doubleclick.net/	1970-01-21 01:14:37	Name: IDE Value: AHWqTUnJptzEpAcfVZ6--lk8CSyXGmk-8blzsCuqdoe15oSFrj5R0hKDm16KzOp7s9k
.adform.net/	1970-01-20 17:19:25	Name: uid Value: 7158300447804030610
.eokultv.com/	1970-01-21 01:14:37	Name: __gads Value: ID=f9d465af1940a9ac:T=1698781909:RT=1698781909:S=ALNI_MabMQ4k_iJ83LRBQ4br6gxrDzoZMg
.eokultv.com/	1970-01-21 01:14:37	Name: __gpi Value: UID=00000caf9f51d5e8:T=1698781909:RT=1698781909:S=ALNI_MakEqXUfynk28AnJrcSeOg4HaN66Q
.doubleclick.net/	1970-01-20 20:12:13	Name: APC Value: AfxxVi5BFLbNeLtppZBRkvMrgyysmhlieIuLnDnamW0NYVayeN9cRA
www.eokultv.com/	1969-12-31 23:59:59	Name: watchID Value: 9afefb62-1457-4bd6-b874-5e92a71007c9
www.eokultv.com/	1970-01-20 16:36:13	Name: userID Value: e9bca173-50e4-4758-8608-2ce0355cb7f3
.adnxs.com/	1970-01-20 18:02:37	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVQJp:CP!A#F@.TOKKnyW<U1`VROYQM-:PR2Ic?pblyM!Fy$CYWr8EUdLJECx#^]ka^Z/X%W#.wL4W1Qw1ThTH9<
.travelaudience.com/	1970-01-21 01:24:42	Name: _tracker Value: %7B%22UUID%22%3A%22D54743D5-7191-4860-1FCF-4B868F0EE30B%22%7D
.de17a.com/	1970-01-21 00:31:25	Name: guid Value: 1.7089188833259247991
.everesttech.net/	1970-01-21 00:38:37	Name: everest_g_v2 Value: g_surferid~ZUFa1wAAAPqZWAAj
ads.travelaudience.com/	1970-01-21 01:24:42	Name: _tracker Value: %7B%22UUID%22%3A%22D54743D5-7191-4860-1FCF-4B868F0EE30B%22%7D
.blismedia.com/	1970-01-21 00:38:41	Name: b Value: 65415AD742775288189CF95DBLIS
.1rx.io/	1970-01-21 00:38:37	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-764ba516-3b47-480d-85d7-fcba14a96992-003%22%7D
.yahoo.com/	1970-01-21 00:38:59	Name: A3 Value: d=AQABBNdaQWUCEAbEpNcRLJz3apHE35pE71kFEgEBAQGsQmVLZQAAAAAA_eMAAA&S=AQAAAl1HZot9WpE1pMTlUTKoj3E
.targeting.unrulymedia.com/	1970-01-21 00:38:37	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-764ba516-3b47-480d-85d7-fcba14a96992-003%22%7D
.3lift.com/	1970-01-20 18:02:37	Name: tluid Value: 1253554292062547865228
.quantserve.com/	1970-01-20 18:02:37	Name: d Value: EBoBCQGoKoEA
.quantserve.com/	1970-01-21 01:23:16	Name: mc Value: 65415ad7-defd4-adec8-0bcb7
.media.net/	1970-01-21 00:38:37	Name: visitor-id Value: 3417835115428500000V10
.casalemedia.com/	1970-01-20 18:02:37	Name: CMPS Value: 5192
.casalemedia.com/	1970-01-20 18:02:37	Name: CMPRO Value: 5192
.pubmatic.com/	1970-01-20 15:54:28	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-21 00:38:37	Name: KADUSERCOOKIE Value: 18C5B08C-62D5-4388-BCBE-2DF5883317A4
.casalemedia.com/	1970-01-21 00:38:37	Name: CMID Value: ZUFa2Ap.pp0qfeuTJJMLIgAA

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://www.eokultv.com/ Message: Access to font at 'https://www.eokultv.com/wp-content/themes/netegitim/font/fonts/fontawesome-webfont.woff2?v=4.6.1' from origin 'http://www.eokultv.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.eokultv.com/wp-content/themes/netegitim/font/fonts/fontawesome-webfont.woff2?v=4.6.1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.eokultv.com/ Message: Access to font at 'https://www.eokultv.com/wp-content/themes/netegitim/font/fonts/fontawesome-webfont.woff?v=4.6.1' from origin 'http://www.eokultv.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.eokultv.com/wp-content/themes/netegitim/font/fonts/fontawesome-webfont.woff?v=4.6.1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.eokultv.com/ Message: Access to font at 'https://www.eokultv.com/wp-content/themes/netegitim/font/fonts/fontawesome-webfont.ttf?v=4.6.1' from origin 'http://www.eokultv.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.eokultv.com/wp-content/themes/netegitim/font/fonts/fontawesome-webfont.ttf?v=4.6.1 Message: Failed to load resource: net::ERR_FAILED
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	error	URL: http://imasdk.googleapis.com/js/core/bridge3.599.0_en.html#goog_1666599177 Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other	error	URL: http://tpc.googlesyndication.com/sodar/hhrtBw21.html Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

89ea935fec4fabf4549ac61ac2a9d764.safeframe.googlesyndication.com
aax.amazon-adsystem.com
ad.turn.com
ads.travelaudience.com
ajax.googleapis.com
analytics.pangle-ads.com
bid.g.doubleclick.net
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
cdn.id5-sync.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
config.aps.amazon-adsystem.com
cs.chocolateplatform.com
cs.media.net
csi.gstatic.com
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
istr-n2.nktcdn.com
ius.ctnsnet.com
lb.eu-1-id5-sync.com
logger.virgul.com
match.360yield.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
ng.virgul.com
ng2.virgul.com
onetag-sys.com
pagead2.googlesyndication.com
pghub.io
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
r.turn.com
region1.analytics.google.com
region1.google-analytics.com
rr4---sn-4g5lznl7.googlevideo.com
rtb.openx.net
s.ad.smaato.net
s0.2mdn.net
sdk.truepush.com
sdki.truepush.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.adsafeprotected.com
static.virgul.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.inmobi.com
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
us-u.openx.net
www.eokultv.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
www.eokultv.com
103.231.212.226
13.224.225.68
13.248.245.213
142.250.13.156
142.250.186.66
15.197.193.217
151.101.194.49
159.203.145.121
162.19.138.119
162.19.138.82
172.217.23.98
172.64.151.101
178.250.1.9
18.159.56.100
18.196.85.191
18.244.135.24
185.64.190.78
185.7.176.202
185.7.176.223
185.86.139.103
193.108.153.6
194.54.82.174
2.18.160.23
2.19.245.101
20.127.253.7
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.168
2600:1f13:800:7782:4735:3296:e5d6:987f
2600:9000:223f:6600:8:48e:53c0:93a1
2600:9000:2362:3e00:1b:5138:8a40:93a1
2600:9000:2491:1200:7:6b7b:1000:93a1
2606:4700:10::ac43:266a
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:1c::9
2a00:1450:4001:801::2004
2a00:1450:4001:802::200a
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:827::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2001
2a00:1450:4001:830::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c00::78
2a00:1450:400c:c06::9d
2a02:6b8::1:119
2a04:4e42:200::649
2a05:d018:d29:3601:9417:d03:489f:5a05
3.162.38.44
34.102.243.38
34.96.105.8
35.186.193.173
35.190.0.66
35.227.252.103
35.241.45.217
35.244.159.8
37.157.6.237
37.252.171.21
46.228.174.117
51.75.86.98
52.212.188.233
54.170.148.223
69.173.144.139
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
039a2d3b0a025c36845720df9d5d8253ed0accd2b7e37cb76c6d2d8cc137e7b8
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08111d73cf694f4b8b7339301e9bb8f18326ff8e5bead87bbd8d7a9ead6e74c6
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c
08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ed73c544b9a0a8e2b42bd0cb7b5d00af6e77b838cbe55485e7e508803ae16fb
10ac3ab3158ad55cb0f47da3e7c7fe53572200eaeb67c6b7253f504d7dc2164c
129d1b84477b2828d1bb357bcf373d369628e0abb13ab4d9dead3dd58d510688
1416c65215956aa7e5f3c7139cdb5a9aaa21dacc198fd929f4c65daadf662fa6
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
19a601291397da6e2aa77140340ac4c04723370cc52a003ad03afd16d54b332e
1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe
1ebbbaaf938a76af2a7dff3db876c9e40e323b2ce1fcda6d96e991da068d39b8
21215d0fa3feba3d7d16e7b0cc6946938f3cdea29afebeb1b3e223aab1c53eef
24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956
2524b3abc53dd390ae8577b213fbc1c76d006087e029594214d43201343eb23a
260ed300137d80e58a1b0baa925e0678fc504c1585c2b962520bdb08b8c23422
26b21b722dc4dbf55256588fb44bda94a48832ef1585ac1a26a9fd77a7e0dd94
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27881c78063a561e8328f5b09db24b7b412c8f6de481b75318487ea457736020
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
2a738bac7916aaed5f90c24ba65205c1a4a058d1895b4d9cd66d6755ab0a272c
2ab6793dc8e7ecc84e623176376fac17df0d4513fc68ab392d3850200da5f13b
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2c935aa3711f0af15b730354c3747e2a30aa982a2baf028c71bff33ea1b67cf3
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
306482bad2815bd821294054cee7ab6fe6609d387b1b4ba595e9e542566604a3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
32845cfa0596f96ab2cfd630c6ddb240b315d37bc2cf6b9bf4d88e154f00fa2f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
349b5f435bc7091eb04bb0a3f29d40589a30fa7d66f680a31832dfba364d94eb
356bd82c89d63b5e89a4a1bcb3a9d662b8e63cbab11ee34faec3c3f87bbcaa9a
3ae0acf8f41b691001b7f1ab5413ddb845dc438f0edf7e354960a305f3f9d1bb
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3df50f63d741d12f6474b2723da114dc6035a5d5752e85b94d6d276200b012cd
3e5262f8dd2e248bae2b81dc6d3910298e930ce8f34d36751392e5e1cfe0be60
3e824e32f3e10791862f7c0166def1dc86b07ed8030f9d0c113674221510af51
3fec887106ba2c9d7c00a3b18f691a517c3f9831926442abd498bdaad4cde786
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4525aeb23c838abe1bba4b3c708f3994ec186a2945f7811d5bbeefb98caac6e0
45ed3238fe2adb23a08918b5ae9ebc46ca02404c4142bfcf4ef07574eb746ad1
466798fae129eb3899a28dc6cd8aaab04bfbad6e4a9f51d598a225041ea64165
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
485e23dc0cd4ab2cacc08421f030e993d58ac0e429da3f76c852f34d93df135c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
496a58f55569b28d6eac2a280df6f71628de8e46bece472c1f16c7665ceb1abf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecf24b7db78a8e99bb3c0581cc859f5edc4ef62e682d91e963ff3e9f8763c62
4fc65e436756cddb5fdfe98535eb5c0dadda31f81801a21fa4c0839d45daebd9
509462bceaa85aa49996bf168611149074a30659a709948634a306a41a7f1af6
5198b4b9434e8096a62ef0b08309a7835e40508875b5cb3f2daa929fe28757ba
53f03808a2d0a36a77027e9541258ca726f26f6c4b179a6794c29205bd9719d7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54aca18f5e54f1055c43b6cc4627b13315a1ca5982fe9b9787f98786be996b26
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56170d5dc5e437edf605f64d0effd274f3e628db747d75fc412bb95637092e22
5700bfcb505c60e0f1a05212cb1f4d394dee20e56920da711271b926938f4d6b
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
617d204630af6b19d0fb864374108dcd2323183f81b5b25343477a60a9f29473
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621fadf96b8d22253dee137fbd7b14cab527de410cb021797096d33dd5119bd3
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
643d6f2ff70d3e19c32e392bf11475635d6d896d7f3847c964c2250c3c46f7b5
6551d1ad2eb228bb2a0a9c3a0f12f2550717ee4b6384e9704ba51707a7b095be
6823cdc5c5bc297bd4ac06187687fecb2a5c110658ebd5efba820132571fe6a2
6849288b64ebc48de45202a8901631a20cd3adee91558f1f8ca6c4dd248d6441
69b1ab00597f3da76b29aa74066430cc3be348c4823deee02de3d2f708f1b3a5
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6c69c12b36d4fc58355ca5b50ca6960588bd1928ca79067d7529c6e9d0192a47
6c882344872d884d0ecdca23bf8056cd7dd1f957018bc467c8c6b571b70a25ee
6dc50509c75d563ba18f32e35c8aa2ff630f46492df8dad7c66515fe6eaf34ef
6efe7e4964448fbdd5349e5116703648d6692fc191736eb19b62515e21a7a3d2
71f067c8fb2fc14558c6f24df9adab0781e227faee33df8f9e82be59fcc41494
73bbb261048fed0af949c8648e3881d4e3478b0153baa48c7f070a4ac761cf93
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7538e77606e6c6ad6fc0d71a7ccbb5ff84c516bdf9ad4f9f7f971fecaa3780e8
78074dd2bf2c0ee5f539e68f9db06281aaaa20b047da8f706a717456c5b85b49
78e1f60ec4ca4ed21fce2fa9d050d7adf1962f2f7991204efa73f3bf0d6bce50
7c0da909438cc10026ad4e61a73d30be3a6cdba12d41f9dc1baa20ca65a2abec
7ca19a280b33c19e3fe4ca818cbb4b267bc2c702d0004a383f1a25eb15b220c6
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7e4f9893a2e198e18cd38b887286f5a4814df2661190bb4ca443ef35c56a64ac
7ebe52fab74da6dae193400a6b2132e6665c9b14d3be53dce999714e772ef55e
8135466f45a58560ad5729f86a10a2dc469c2ac3a6b663cb469256a3190a72ff
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
844b87b27dc65dd4bfd6b4a840673478ecdb0512337f6b30f7af691c339908af
848e75e544aa7c9b82555684bfe08edbcc3ec28a93ce34344b313d23a98e6d41
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84efc2c9aeef49ffe7a4985ffd3fd79695fac6e3ee47dd69087cccb5cfc2eda6
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
882997bd37c070a8ef29082c63eee7bee71badeb7b4fd5f34b4368e9042d2ddb
889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd
8c89d2d658d3eb7b158447aa0066f101a2a0458c9ff4c2a07fed0ccecdd61ba6
8d6d8aa9116c8538da4416d44de1532dcf9f5ec4ddc85f4d524714e8ed918ee2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ee2c9a1bedbe9f410ba54aeab38dc4c32800caa3a1f08fc4ce00ac15c8ed734
8eec8e86acd8d78e51b53ee64e4810278fb924efe416beecc76c2812a271b814
8f5f50df394c9e0fe9687ca800782538fb3bb80993c95b2b2347b76c1c154c24
9150ae79267803d858ea9d801ab8ad2d5a0a018ea978917cf11c5c10aefa58e5
98957d94bdc0993764ef55e732f356f6535ca17cf0c53eeacd8f174af6be556b
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9971f253068e731d60762a53c8578239607db8cf08923d23d9f5955102990193
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b03124345e4ac61b50579a9fcc7a9b97b58ec6b37863db8c54b56c227a4484c
9b49f2b7f1ffab90403101664bf93449c7d605d6cf7f6b163cd0913227b0cfb6
9b7c4b5092f76a3227838d78968efb700570ac9642601f6177e69180c13c71b8
9d008aec3f531b30dc0b3c142d7b1ab36fb678ecff748d469a3247561bbfd510
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a57d21e3d73b42aabe952a1eef88155f5258443b57e34307b53e1276be6db4b7
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7b574eed524aa879be3850c92b0002f47c52062d8511ff5228c9587760fee9f
a98d4ad137369784016869f984b36bb060a8c7e272793d09247bad8b27056987
a9b88d78537e053546fcf606f94ba42f7b1fbc7cadb13da5bcc854ecca3f2c43
aa88fb45e4a1909e20eb95f45f13646dba017d0463edc0a10764b3b307e9373f
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af64d5d738a8f469582aeca115859e2e721dbd78c8b2c28ac4a5b254e4e0fcbe
afe156d43ec395ab77251275d95798b555c97149a09d5f806eb6b0eee47f2989
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28d6ab76893a74a79af8101ec52c977aa41f24cfe99827d1b8aa15827a06131
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
c33f22f397149b0097f3abb97f2b25933fa10bfbdcc935f8b3654940b0743595
c3b19dfb2680cdc789a4a7452f0d016b2c0137a298d1269aa19582f74dbc4457
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c50ffbb0d5049173748e6468980ae6811d8c7effecb8c7428984ea00734545fa
c51ba7ca9c7d104eb46d62e7be6960becae56a4a3d7ee25d9de2ede502b7587d
c600adb1e3d6281621818ba058f98a8fa9ba43bd31a97c2cf98901400ba6f461
c69976cd568b69a76e60900676f5e45c901c66b2cd4b0181e1ac468bc28c986c
c6d4c9a55dfd75be40045ff69afd1efabdd8f66f9848d127268cbef9d0385924
c70489f5c3c113d624b62a73bdfd5fad67e9ab85f6a7f548d91d4bdb96654adc
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
d0adad0cddecce521bf6083fd71c77c27958157ab5af8d5698c73d5288bbc988
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e24dec08f69841a2828a585c6918ff8be70af4bf2b9700a99884f60c8d71d3fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e414b102b2b229302325299d0ab64043eaef34bef01199cda3d4c27c5b166f1d
e4ca7dc00ebd21774414cb682d0c1dd4d3b7b864612e2a0daa610112503d56d7
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
eb08598849aeb07ab4cf9eb083f665672a690700791647e48c11828486696823
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee4716a6da2cb64dac712d35dac832d9f47a2f45094f6c0979ef19d8fbf6438d
ef11845c5c29bd5dbfe4c08bdd8e07da8754fdd6a14629520b3fe2fbd6805016
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1b523ea574bbcdea241789da417c07ba604f437c5d9e35213aa529610cc6bd
f112f56b66c9757f3280d1c855c73741f5c2708309ff1bd4ef18c30b28a5bded
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789
f18a6e42383f01b8e0fbf858086637e59068e57ce9392810a8d5a20658d665b3
f50dafee19c8453317659c166db0db43f1364c8a9a08a60757401175be308764
f63c9bcc64b615ae9a416b2afce6d2c1a62254339072f1abae805ef603150adb
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
fbb185d2fb9ea4375f23b230dc6e42c1ef8834b393b61158aa3529f3d1d9a3cc
fd3fad3e15262b0e096e7d7cc57efd2e684a679ccacb704d94542ba3d7d93d17

www.eokultv.com Open in urlscan Pro 194.54.82.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

447 Requests

84 %HTTPS

43 %IPv6

55 Domains

81 Subdomains

59 IPs

12 Countries

5848 kBTransfer

21041 kBSize

56 Cookies

4 Outgoing links

Redirected requests

447 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.eokultv.com Open in urlscan Pro
194.54.82.174 Public Scan

Screenshot
Live screenshot

Full Image

447
Requests

84 %
HTTPS

43 %
IPv6

55
Domains

81
Subdomains

59
IPs

12
Countries

5848 kB
Transfer

21041 kB
Size

56
Cookies

447 HTTP transactions
15 data transactions