www.geo.tv Open in urlscan Pro
104.16.122.91 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://geo.tv/
Effective URL:
https://www.geo.tv/
Submission: On December 28 via manual (December 28th 2023, 10:17:03 am UTC) from PK — Scanned from DE

Summary HTTP 204 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 15 domains to perform 204 HTTP transactions. The main IP is 104.16.122.91, located in and belongs to CLOUDFLARENET, US. The main domain is www.geo.tv. The Cisco Umbrella rank of the primary domain is 97814.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2023. Valid for: a year.

This is the only time www.geo.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 58	104.16.122.91 104.16.122.91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 7	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
38	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
6 8	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
6 10	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 8	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 4	108.128.252.65 108.128.252.65	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
8	2600:9000:214... 2600:9000:214f:8e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:1f13:800... 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200a	() ()
204	23

58 104.16.122.91 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

geo.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.geo.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.64.151.101 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.210.90 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.128.252.65 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-252-65.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:214f:8e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (None, )

ASN- ()

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	googlesyndication.com 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	533 KB
58	geo.tv 1 redirects geo.tv — Cisco Umbrella Rank: 92084 www.geo.tv — Cisco Umbrella Rank: 97814	726 KB
25	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	315 KB
21	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	229 KB
11	gstatic.com www.gstatic.com	113 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	7 KB
8	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	6 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	143 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	258 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	213 KB
2	googleapis.com firebaseinstallations.googleapis.com	679 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	305 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
204	15

	Domain	Requested by
57	www.geo.tv	www.geo.tv static.cloudflareinsights.com
38	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com www.geo.tv www.gstatic.com
28	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com www.geo.tv pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
11	www.gstatic.com	6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com www.geo.tv
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
9	dt.adsafeprotected.com	6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
8	static.adsafeprotected.com	6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com srcdoc static.adsafeprotected.com
8	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	securepubads.g.doubleclick.net	2 redirects www.geo.tv securepubads.g.doubleclick.net
6	googleads4.g.doubleclick.net	www.geo.tv
6	s0.2mdn.net	www.geo.tv s0.2mdn.net
5	6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	fw.adsafeprotected.com	2 redirects www.geo.tv
4	www.googleadservices.com
4	www.googletagservices.com	6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com www.geo.tv
4	googleads.g.doubleclick.net	6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com www.geo.tv pagead2.googlesyndication.com
3	www.googletagmanager.com	www.geo.tv www.googletagmanager.com
2	firebaseinstallations.googleapis.com	www.gstatic.com
2	region1.google-analytics.com	www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	static.cloudflareinsights.com	www.geo.tv
1	geo.tv	1 redirects
204	23

This site contains links to these domains. Also see Links.

Domain
urdu.geo.tv
live.geo.tv
talent.geo.tv
asool.geo.tv

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://www.geo.tv/
Frame ID: AACDCDDA639974E9DC3AEAE6D5621F45
Requests: 77 HTTP requests in this frame

Frame: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 37F79ADA76AA323FCDAB8DAF06188107
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD421BFB920CDCA2C5D57866508632B4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9719FDD7B8B84F6026B5D34645B2E4CE
Requests: 2 HTTP requests in this frame

Frame: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B31DCE844D7D78E7B8ECD02C7881D378
Requests: 26 HTTP requests in this frame

Frame: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A007324B8E33B75B6C73187A1C66EDC2
Requests: 1 HTTP requests in this frame

Frame: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 162C68D91DFFDAA9FED6F4D39FC3AD08
Requests: 13 HTTP requests in this frame

Frame: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E2309B920D6FA7805227CDD4B5636F2E
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNV4Ey2bBksXVYrqiJaGJ8dtBWNUCIHEiHUfhRA7hRNiP7hYE5h4EzF-m6vNSNeayGuS4cXUZxb-rKVnnTEVwIMqdA0zZFlFprEiERzPeTrKbwXxEUy2ZbqrG66kNKWa_JvBrhwNkYErfVbhXU8qTgHfq4tkLjG5aQj_bRmriuAXeLTQPDk
Frame ID: A0147FA5C5F78E6074FBFF1DB2EB26B8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNWcgxzT5cbQ3I7kAnzE1xP5vB83klg5Nnti_r85PeoQYio50W3tZoa2roTq8rmFOBe92CxoaAopPrOQGxfmfIDbeEHowFavhgVwuBLUl-dY6-DP5NVgyBaHTEKPDQCYNGTmOjEZXUGhaJPAdzWyFbdJDVwRRtaZ0n5F5uNjqfBjTDJeWto
Frame ID: 696BE014665B4B9909834626C15B9881
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 4291EA91C661FADE8851CB447DA686D7
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
Frame ID: 73E76FAD5D88CA7822EFBD5782FB6227
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
Frame ID: 8CC75F5599676DD50F338CBAF42F135D
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 78CFDAEA0EC977F851D589C4DA885B30
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: F6B600A72ED5A953971CF5C3159BB697
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B13D5AE8AFD83E8DD54B09A28E076976
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A8C0DED0751B991D334CC52018122DB5
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Frame ID: E0B01A2F2BB89DD76D7D8519A7B7CEE4
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
Frame ID: 621CFC6CA71448A82B0B7DAC3A7CC7A2
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 717B81DD397929E1FA35F98314FF265B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8E951C9F4F2FF032EB8717963270D650
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_728x90.js
Frame ID: 3529E189CDB274647B4AEE876FE6374A
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_728x90.js
Frame ID: 562AE28CE3CB4C88107631FCC7289CEF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Geo.tv: Latest News Breaking Pakistan, World, Live Videos

Page URL History Show full URLs

http://geo.tv/ HTTP 301
https://www.geo.tv/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

204
Requests

94 %
HTTPS

68 %
IPv6

15
Domains

23
Subdomains

23
IPs

4
Countries

2542 kB
Transfer

6558 kB
Size

13
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://urdu.geo.tv/
Title: Geo Urdu

Search URL Search Domain Scan URL

URL: https://live.geo.tv/

Search URL Search Domain Scan URL

URL: https://talent.geo.tv/
Title: CAREER

Search URL Search Domain Scan URL

URL: https://asool.geo.tv/
Title: GEO ASOOL

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://geo.tv/ HTTP 301
https://www.geo.tv/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1&C=1

Request Chain 91

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY1LGQq0-klllW7eTN0F2QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENdr5Xad3y1IEzXqCbHgY_0&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENdr5Xad3y1IEzXqCbHgY_0%26google_cver%3D1

Request Chain 93

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUxMzA5MzUxMTA0ODQzMzMyNg%3D%3D

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1&C=1

Request Chain 95

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY1LGYmoUug-o5cSJT4bDwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENdr5Xad3y1IEzXqCbHgY_0&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENdr5Xad3y1IEzXqCbHgY_0%26google_cver%3D1

Request Chain 97

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUxMzA5MzUxMTA0ODQzMzMyNg%3D%3D

Request Chain 118

https://securepubads.g.doubleclick.net/pagead/adview?ai=CgJZgGEuNZY_JJKuC1PIPn-K3aMW-2f506Juw_8cS0KyVmEMQASDJ0pIHYJXikIKgB6AB6cWqnQLIAQmpAu2N_Nuno7I-4AIAqAMByANIqgSqAk_QcKG4fGL1tVe5uiz56b6uZxOWBwZQ2AAhI-j8X2vE3VMqW-ebP-Q8m55w8hnYubnZ3umqqv2DJC4iMckOR2XVHkyHIymaq2o5mT28nutO925cOvrFzouqavWArARcvIJzB4m9deVxBTT6hNZnVqcj5yRq2noV98_6F6K4QASz6MgWmyAx9D41Pp7soulJM6IxwDT_B7obMQbMYH28ntZHesyI0MlOQijYpIEb_AaXF-Z9MkOuspJD4Hed7DWNSmFg1e51xZyBsn5gCRHLX6TiEovxz5K_ipbmGFEjNHidwPfLXBcJbPXHVN2cHEDDsKWyM_oz1izz-D_tauc9TvLO1p5SltmZeqiVy-poZ4hYi0fvmTQpvRjPrgfN3Nqhqe-uO3SiaE0Z_EXABNDardPRBOAEAYgF79ucoUySBQQIBBgBkgUECAUYBKAGLoAH_7nV4gGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDOjxTSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMa0_rjzsYMDmgkkaHR0cHM6Ly93d3cuYm9jb25jZXB0LmNvbS9kZS1kZS9zYWxlgAoByAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLiDRMI_vb-uPOxgwMVKwFVCB0f8Q0N2BMO0BUBmBYBgBcBshceChwIABIUcHViLTczNjk0NjYyMTI1NzA1NTUY_bAJ&sigh=csWAYVz04UU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_oEov7K836rajKSQGedXnFUS-cLmlBvlZr-8eY8CADHU6yhQAq03_z5V92vs1OgjgNGM_pZCuciOreO4PyrqP3_DIQ9ZgekIAqxgB&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224483694302226041928%22,%22debug_reporting%22:true,%22destination%22:%22https://boconcept.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22598385385%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216329508745439789249%22}&andc=true

Request Chain 120

https://securepubads.g.doubleclick.net/pagead/adview?ai=CDeTlGEuNZazHJKuC1PIPn-K3aMW-2f506Juw_8cS0KyVmEMQASDJ0pIHYJXikIKgB6AB6cWqnQLIAQmpAu2N_Nuno7I-4AIAqAMByANIqgSqAk_QVe5ieHczeQOEwkc7BL6CQzCVYY4sPHlmwpff1Ni3_Whv1bw__S2GRAm348hh0HtZ-e0pbmOa5K4TE5Y6xWqT9Zwoj8UbKBy71mgv_WHjmE0oFBg0bAPNtSj7J7VfJlbtGEZTs4bW51GvTePQHMkCrl63EvR-cz7wbCJgr55QZOg0xa6GzezDcYattP1fUqLwYvmwsa3a7l8QoxE9lGsDJyM4i9j4wdzguLpUIsTYFoFEgBwq7yPL937IyG_ujZOnvdF7pRsuhVCvE5pJM-Etf-ggxzN-2_QjEMVYQ9YJwDHAPG4sAUa8nKI89MTNwVUPO9v5cVUbbjuHXLwOadHlyim6uzcWvkcjRuNZpiPOPNHF-MKRv1sopc5gAXuWAbyTePTQ6o0d0T_ABNDardPRBOAEAYgF79ucoUySBQQIBBgBkgUECAUYBKAGLoAH_7nV4gGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBC1nifSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMa0_rjzsYMDmgkkaHR0cHM6Ly93d3cuYm9jb25jZXB0LmNvbS9kZS1kZS9zYWxlgAoByAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLiDRMI_fb-uPOxgwMVKwFVCB0f8Q0N2BMO0BUBmBYBgBcBshceChwIABIUcHViLTczNjk0NjYyMTI1NzA1NTUY_bAJ&sigh=Q5oWTs7TZfU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_oEov7K836rajKSQGedXnFUS-cLmlBvlZr-8eY8CADHU6yhQAq03_z5V92vs1OgjgNGM_pZCuciOreO4PyrqP3_DIQ9ZgekIAqxgB&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222537846745093666178%22,%22debug_reporting%22:true,%22destination%22:%22https://boconcept.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22598385385%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216351391793553814609%22}&andc=true

Request Chain 163

https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-7369466212570555&ias_chanId=1&ias_placementId=20338658787&bidurl=https://www.geo.tv/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jo4chEA75vgTTLw0ItlcAT&adContainerId=brand_safety_GUuNZbvhHYfT9u8PtdCIkAk&cbFunctionName=goog_wrapCb_GUuNZbvhHYfT9u8PtdCIkAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.geo.tv&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.geo.tv%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d8c28867-7306-2dd2-3251-a9649263ddf6,c:y5Aaqa,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765c58974b-khcc8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tZJbwSN+11%7C12%7C13*.987057-61527017%7C131%7C132%7C133%7C1411%7C1412%7C1413%7C151%7C152%7C161%7C162,idMap:13*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:18,oid:3b69f463-a56a-11ee-99c2-42aa7a513c47,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

Request Chain 165

https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-7369466212570555&ias_chanId=1&ias_placementId=20338656165&bidurl=https://www.geo.tv/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iVX33YbeNlUMl2aHVUd_Y2&adContainerId=brand_safety_GUuNZaDCIa7N9u8P-cCisAw&cbFunctionName=goog_wrapCb_GUuNZaDCIa7N9u8P-cCisAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.geo.tv&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.geo.tv%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:998c0d61-bed3-e16c-948f-cd1813649c4b,c:y5AaqO,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765c58974b-lttt8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tZJbwTw+11%7C12%7C131%7C1321%7C133%7C134%7C141*.990511-61634096%7C1411%7C1412%7C1413%7C151%7C152%7C161%7C162,idMap:141*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:12,oid:3b69f424-a56a-11ee-b6d4-fa0fae11af81,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

204 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.geo.tv/
Redirect Chain

http://geo.tv/
https://www.geo.tv/

200 KB
32 KB

375ms
345ms

Document
text/html

104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geo.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 8f19d88cf7f8d7b78e186dde0f8a6098a4764690b50fd443b48c15f9742e1cce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
age: 24
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-cache-status: DYNAMIC
cf-ray: 83c90cf5dcef193c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 10:16:56 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
x-cache-hits: 47
x-powered-by: PHP/7.1.33
x-varnish: 693848595 670098480

Redirect headers

CF-RAY: 83c90cf57c24916e-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 28 Dec 2023 10:16:55 GMT
Expires: Thu, 28 Dec 2023 11:16:55 GMT
Location: https://www.geo.tv/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 158ms
112ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c26dab245980ca880244ed2dff3a51a2a3a0361da40882ddc4a6557d6892d708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29102
x-xss-protection: 0
server: cafe
etag: 585 / 19719 / 31080056 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 10:16:56 GMT

GET
H2 200 geo-logo.svg
www.geo.tv//assets/front/images/ 1 KB
628 B 36ms
34ms Image
image/svg+xml 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv//assets/front/images/geo-logo.svg
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f47d21988dc5353063b77175be045bdbb971679a07cfb698c9d335a638b0a8c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 28 Dec 2023 10:16:56 GMT
via: 1.1 varnish (Varnish/6.0)
content-encoding: br
cf-cache-status: HIT
age: 2343478
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 05 Jun 2021 08:53:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-varnish: 713707391 713827340
cache-control: public, max-age=5184000
access-control-allow-credentials: true
cf-ray: 83c90cf80ff3193c-FRA
expires: Mon, 26 Feb 2024 10:16:56 GMT

GET
H2 200 Menu-blue.svg
www.geo.tv/assets/front/images/ 590 B
423 B 34ms
33ms Image
image/svg+xml 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/front/images/Menu-blue.svg
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4c7973ba828a5f79b46ce8b79e9b30f98620d0b955d704665520b2cffe6672

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
via: 1.1 varnish (Varnish/6.0)
content-encoding: br
cf-cache-status: HIT
age: 2515731
x-cache: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 05 Jun 2021 08:53:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-varnish: 565898046
cache-control: public, max-age=5184000
access-control-allow-credentials: true
cf-ray: 83c90cf80ff4193c-FRA
expires: Mon, 26 Feb 2024 10:16:56 GMT

GET
H2 200 GEO-TV-ICONS2.png
www.geo.tv/assets/front/images/ 418 B
556 B 42ms
40ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/front/images/GEO-TV-ICONS2.png
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 217cba752fdb12fa5e7cbf978228cffc8607f1868d030185ea3d772ac5c64e59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 4352023
cf-polished: origFmt=png, origSize=917
x-cache: MISS
content-disposition: inline; filename="GEO-TV-ICONS2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 418
cf-bgj: imgq:85,h2pri
last-modified: Sat, 05 Jun 2021 08:53:12 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 563211273
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cf80ff5193c-FRA
expires: Mon, 26 Feb 2024 10:16:56 GMT

GET
H2 200 geo-logo.svg
www.geo.tv/assets/front/images/ 1 KB
659 B 33ms
31ms Image
image/svg+xml 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/front/images/geo-logo.svg
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f47d21988dc5353063b77175be045bdbb971679a07cfb698c9d335a638b0a8c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 28 Dec 2023 10:16:56 GMT
via: 1.1 varnish (Varnish/6.0)
content-encoding: br
cf-cache-status: HIT
age: 2343478
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 05 Jun 2021 08:53:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-varnish: 713707393 713827338
cache-control: public, max-age=5184000
access-control-allow-credentials: true
cf-ray: 83c90cf80ff6193c-FRA
expires: Mon, 26 Feb 2024 10:16:56 GMT

GET
H2 200 GEO-TV-ICONS2-70X32.png
www.geo.tv/assets/front/images/ 296 B
462 B 35ms
33ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/front/images/GEO-TV-ICONS2-70X32.png
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07bc63d49540c08a69e031f554f240613e2eb0ebb5e82f0b8113a33beda056e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 3988707
cf-polished: origFmt=png, origSize=1538
x-cache: MISS
content-disposition: inline; filename="GEO-TV-ICONS2-70X32.webp"
alt-svc: h3=":443"; ma=86400
content-length: 296
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Jun 2023 14:39:28 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 629572969
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cf80ff8193c-FRA
expires: Mon, 26 Feb 2024 10:16:56 GMT

GET
H2 200 GEO-TV-ICONS1.png
www.geo.tv/assets/front/images/ 824 B
961 B 33ms
32ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/front/images/GEO-TV-ICONS1.png
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de4a5124a7242f772b08ad67038ff18cacebc54aa1937bb1c139a643555bf009

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 1414489
cf-polished: origFmt=png, origSize=2129
x-cache: MISS
content-disposition: inline; filename="GEO-TV-ICONS1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 824
cf-bgj: imgq:85,h2pri
last-modified: Sat, 05 Jun 2021 08:53:12 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 503734290
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cf80ffa193c-FRA
expires: Mon, 26 Feb 2024 10:16:56 GMT

GET
H2 200 700x390.png
www.geo.tv/assets/front/images/placeholders/ 15 KB
16 KB 31ms
29ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/front/images/placeholders/700x390.png
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6545bde27b0d6aeeb7db3782fe3abb6fcf81f6b5e7f0960fe7a4964b3d35786

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 1260433
cf-polished: origFmt=png, origSize=28929
x-cache: MISS
content-disposition: inline; filename="700x390.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15666
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Jun 2021 06:25:41 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 608291144
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cf80ff0193c-FRA
expires: Mon, 26 Feb 2024 10:16:56 GMT

GET
H2 200 video-icon.svg
www.geo.tv/assets/front/images/ 669 B
511 B 32ms
30ms Image
image/svg+xml 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/front/images/video-icon.svg
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f25d368a58ebde5063fa272844946cb21318a43841cd373ac89f6db883e3b69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
via: 1.1 varnish (Varnish/6.0)
content-encoding: br
cf-cache-status: HIT
age: 4069309
x-cache: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 05 Jun 2021 08:53:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-varnish: 717587582
cache-control: public, max-age=5184000
access-control-allow-credentials: true
cf-ray: 83c90cf80ff1193c-FRA
expires: Mon, 26 Feb 2024 10:16:56 GMT

GET
H2 200 100x75.png
www.geo.tv/assets/front/images/placeholders/ 1 KB
2 KB 32ms
31ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/front/images/placeholders/100x75.png
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3309b3af4467208c0e889521ca80f63ab67fb50dea71f69ee4be8c02dd140e19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 2611073
cf-polished: origFmt=png, origSize=6083
x-cache: MISS
content-disposition: inline; filename="100x75.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1524
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Jun 2021 06:25:41 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 389098724
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cf80ff2193c-FRA
expires: Mon, 26 Feb 2024 10:16:56 GMT

GET
H2 200 300x255.png
www.geo.tv/assets/front/images/placeholders/ 7 KB
8 KB 56ms
55ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/front/images/placeholders/300x255.png
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1437843479259c84e469798cc4d180b2eefd9d58d8f7be594f2f0f56c3e7fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 3162818
cf-polished: origFmt=png, origSize=15520
x-cache: MISS
content-disposition: inline; filename="300x255.webp"
alt-svc: h3=":443"; ma=86400
content-length: 7576
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Jun 2021 06:25:41 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 482937388
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cf80ffb193c-FRA
expires: Mon, 26 Feb 2024 10:16:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 170 KB
61 KB 44ms
15ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-547PFWMB

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

678cf7f4fb6895416f5404c0b23e2cefb7d594009c5c25d9b3510873722ba726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61947
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Dec 2023 10:16:56 GMT

GET
H3 200 video_title.png
www.geo.tv/assets/front/images/ 880 B
1 KB 28ms
21ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/front/images/video_title.png
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e3c9004ce9bc4a7dc3f1c58a8ba78b25081aa171acc4d9c74acac4a9968a515

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 609171
cf-polished: origFmt=png, origSize=2437
x-cache: MISS
content-disposition: inline; filename="video_title.webp"
alt-svc: h3=":443"; ma=86400
content-length: 880
cf-bgj: imgq:85,h2pri
last-modified: Sat, 05 Jun 2021 08:53:53 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 472877220
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cf84c9f6ae8-FRA
expires: Mon, 26 Feb 2024 10:16:56 GMT

GET
H3 200 news-headlines.svg
www.geo.tv/assets/front/images/ 6 KB
2 KB 32ms
26ms Image
image/svg+xml 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/front/images/news-headlines.svg
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e847195d78e8450c7da3112e5bd445dda08e2e7be5761cc39513f99df35cc36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
via: 1.1 varnish (Varnish/6.0)
content-encoding: br
cf-cache-status: HIT
age: 609171
x-cache: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 05 Jun 2021 08:53:31 GMT
server: cloudflare
vary: Accept-Encoding
x-varnish: 729726409
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=5184000
access-control-allow-credentials: true
cf-ray: 83c90cf84ca26ae8-FRA
expires: Mon, 26 Feb 2024 10:16:56 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 86ms
57ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.geo.tv/
Origin: https://www.geo.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 83c90cf8691d5d9f-FRA

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e6b6aec9a6784ac88100c0bfb56e1c0ca86374acc5d526fea6381a4131dee05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 147 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96f4386fad802372fb9a6fd72850b79534333f273dc62cbec723c2a42347d1d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81f5a03e1b49cbe1692501481bd08328870b21f448be669a04666ae2a6c96855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 150 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d47a786c6b9e0f114e0ff0c92a8ff81d27d822447e41279494336c84560ea675

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 gn-home.woff
www.geo.tv/assets/front/fonts/ 62 KB
63 KB 28ms
28ms Font
font/woff 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geo.tv/assets/front/fonts/gn-home.woff
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a30e2c2ed7fe927c2d6d4078072fc294fcda1fd71eabf873aa9058cddbe4a7

Request headers

Referer: https://www.geo.tv/
Origin: https://www.geo.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 3446506
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 63752
last-modified: Sat, 05 Jun 2021 08:52:35 GMT
server: cloudflare
vary: Accept-Encoding
x-varnish: 707853267
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cf84cb06ae8-FRA
expires: Mon, 26 Feb 2024 10:16:56 GMT

GET
H3 200 gn-tittle.woff
www.geo.tv/assets/front/fonts/ 65 KB
65 KB 42ms
41ms Font
font/woff 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geo.tv/assets/front/fonts/gn-tittle.woff
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 503b6084518389a77e31936add6d47ef25e4c7b9c00cbf2607d1561d4ffa882d

Request headers

Referer: https://www.geo.tv/
Origin: https://www.geo.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 2614108
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 66052
last-modified: Sat, 05 Jun 2021 08:52:38 GMT
server: cloudflare
vary: Accept-Encoding
x-varnish: 668885415
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cf84cb16ae8-FRA
expires: Mon, 26 Feb 2024 10:16:56 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:18:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28678
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 27 Dec 2024 02:18:58 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 307 KB
66 KB 696ms
696ms Fetch
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1223017833994106&correlator=2990536014784678&eid=31080056&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=1063725%2Cgeo_eng_home_billboard_atf%2Cgeo_eng_home_billboard_btf%2Cgeo_eng_home_rectangle_atf%2Cgeo_eng_home_rectangle_btf%2Cgeo_english%2Chome%2Cbreaking_rectangle_atf&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2F6%2F7&prev_iu_szs=970x250%7C970x90%7C728x90%2C970x90%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1703758616549&lmt=1703758616&adxs=175%2C190%2C1125%2C1125%2C-9&adys=126%2C2495%2C201%2C899%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C0%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.geo.tv%2F&vis=1&psz=1250x0%7C1220x44%7C300x0%7C300x44%7C0x-1&msz=1250x0%7C1220x0%7C300x0%7C300x0%7C0x-1&fws=0%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=308035126.1703758617&ga_sid=1703758617&ga_hid=1935655858&ga_fc=false&dlt=1703758616319&idt=211&prev_scp=pos%3Datf%7Cpos%3Dbtf%7Cpos%3Datf%7Cpos%3Dbtf%7Cpos%3Datf&adks=280437901%2C657127808%2C2222860896%2C2315043056%2C1469323346&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

112765f554f6ac4d1abfca361820a92bbc3358394aa6478d32ee384f41356ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67351
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.geo.tv
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 37F7 6 KB
3 KB 80ms
15ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geo.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 10:16:56 GMT
expires: Fri, 27 Dec 2024 10:16:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 85ms
59ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f89f5934bf4b547f8c2776fdd7062d85bdd653eb34db2817930b0b544c52f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12146
x-xss-protection: 0

POST
H3 204 rum Show response
www.geo.tv/cdn-cgi/ 0
138 B 26ms
20ms XHR
text/plain 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geo.tv/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.geo.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.geo.tv
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 83c90cfa1ec36ae8-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 44ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 10:16:56 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD42 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geo.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 42805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Dec 2023 22:23:31 GMT
expires: Thu, 26 Dec 2024 22:23:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9719 829 B
1 KB 37ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a538fc420222612dc7308431da954acc546e0b860a2cb69088c1caecaa88e21d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QW0Q8BzZqitdlsFZeUxgBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geo.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-QW0Q8BzZqitdlsFZeUxgBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 10:16:56 GMT
expires: Thu, 28 Dec 2023 10:16:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame BD42 39 KB
15 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 08:28:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 08:28:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9719 0
0 42ms
42ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=1223017833994106&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BD42 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fvhDSA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 lazysizes.min.js Show response
www.geo.tv/assets/front/js/ 7 KB
3 KB 42ms
41ms Script
application/javascript 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geo.tv/assets/front/js/lazysizes.min.js
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c02a44f503b3231fe95a34ad29c19f769ecda5305ed596a26dfc4e6b209feb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits: 76
date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
content-encoding: br
cf-cache-status: HIT
age: 3650361
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 05 Jun 2021 08:54:07 GMT
server: cloudflare
vary: Accept-Encoding
x-varnish: 759890716 793643831
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=5184000
access-control-allow-credentials: true
cf-ray: 83c90cfd29ce6ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 l_524821_031350_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-28/ 20 KB
21 KB 146ms
137ms Image
image/jpeg 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-28/l_524821_031350_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb3b66c5e9db0af4c34ba1d75f51d859c51b708c1db273777cdc69d608a92ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
cf-polished: degrade=85, origSize=23453, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 20865
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Dec 2023 10:13:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 907907846
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfd9a386ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 s_524817_023016_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-28/ 3 KB
3 KB 43ms
33ms Image
image/jpeg 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-28/s_524817_023016_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2843e2b4ba5fc006a8f5424fa2ac0d1ab0a34cce0e337722de2c4526fc01faa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 2805
cf-polished: degrade=85, origSize=3286, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 3049
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Dec 2023 09:30:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 695140708
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfd9a3b6ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 s_516014_084007_updates.jpg
www.geo.tv/assets/uploads/updates/2023-10-25/ 3 KB
3 KB 41ms
31ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-10-25/s_516014_084007_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6eee663e97ecd65b65f914f2c20bf1ae30751e0b15d9eafe3fe1ba5d2255352

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 10279
cf-polished: qual=85, origFmt=jpeg, origSize=3056
x-cache: MISS
content-disposition: inline; filename="s_516014_084007_updates.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2716
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Dec 2023 03:40:07 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 694682859
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfd9a3e6ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 s_524828_021704_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-28/ 2 KB
3 KB 145ms
136ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-28/s_524828_021704_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7487ce497b009d573ced1603e2b83a382ac23d72cd7ceb4d0a64866358d23e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=2716
x-cache: MISS
content-disposition: inline; filename="s_524828_021704_updates.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2296
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Dec 2023 09:17:04 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 941086639
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfd9a3f6ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 s_524815_094909_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-28/ 3 KB
3 KB 40ms
31ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-28/s_524815_094909_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f3d76adb21252f4e2351327fd7f981d1a28932b82d909fc7afc1c5c2f78669f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 17114
cf-polished: qual=85, origFmt=jpeg, origSize=2930
x-cache: MISS
content-disposition: inline; filename="s_524815_094909_updates.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2696
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Dec 2023 04:49:09 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 945930157
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfd9a406ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 s_524818_112013_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-28/ 3 KB
3 KB 40ms
30ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-28/s_524818_112013_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04559870df52db288b45a02da788d70a96a22634ba6309cbaafecd7e1ae252ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 11475
cf-polished: qual=85, origFmt=jpeg, origSize=3092
x-cache: MISS
content-disposition: inline; filename="s_524818_112013_updates.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2848
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Dec 2023 06:20:13 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 694537777
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfd9a426ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 t_524822_124818_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-28/ 16 KB
17 KB 38ms
30ms Image
image/jpeg 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-28/t_524822_124818_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d944f4b503015688926da1839f8099054f2b2fcfbb9d72e349cf4724e2e6ebaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 6429
cf-polished: origSize=18279, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 16870
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Dec 2023 07:48:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 945384085
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfd9a446ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 t_524668_022215_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-27/ 6 KB
7 KB 42ms
34ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-27/t_524668_022215_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f45e7bdc46446ff39e729b44220c503f95e43948279ef2f62918a12037d6b64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 85414
cf-polished: qual=85, origFmt=jpeg, origSize=7495
x-cache: MISS
content-disposition: inline; filename="t_524668_022215_updates.webp"
alt-svc: h3=":443"; ma=86400
content-length: 6316
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Dec 2023 09:22:15 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 689157012
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfd9a456ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 t_524692_044847_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-27/ 15 KB
15 KB 40ms
32ms Image
image/jpeg 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-27/t_524692_044847_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5103ee8a4657ded0bfee2edf27e2bcf4d41d30347fcfa101d5973e19f9579cb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 19978
cf-polished: origSize=16063, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 15176
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Dec 2023 11:48:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 907348060
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfd9a476ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 t_524702_062734_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-27/ 14 KB
15 KB 42ms
34ms Image
image/jpeg 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-27/t_524702_062734_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a7165be2f24b117fac801c4cadee42cb51b1b4cd4717611225577b1521a7d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 70080
cf-polished: origSize=15568, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 14807
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Dec 2023 13:27:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 919392264
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfd9a496ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H2 200 container.html Show response
6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B31D 6 KB
3 KB 12ms
11ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geo.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 10:16:56 GMT
expires: Fri, 27 Dec 2024 10:16:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A007 6 KB
3 KB 15ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geo.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 10:16:56 GMT
expires: Fri, 27 Dec 2024 10:16:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 162C 6 KB
3 KB 9ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geo.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 10:16:56 GMT
expires: Fri, 27 Dec 2024 10:16:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E230 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geo.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 10:16:56 GMT
expires: Fri, 27 Dec 2024 10:16:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A014 624 B
825 B 69ms
46ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNV4Ey2bBksXVYrqiJaGJ8dtBWNUCIHEiHUfhRA7hRNiP7hYE5h4EzF-m6vNSNeayGuS4cXUZxb-rKVnnTEVwIMqdA0zZFlFprEiERzPeTrKbwXxEUy2ZbqrG66kNKWa_JvBrhwNkYErfVbhXU8qTgHfq4tkLjG5aQj_bRmriuAXeLTQPDk

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 10:16:57 GMT
expires: Thu, 28 Dec 2023 10:16:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B31D 89 KB
31 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 10:16:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B31D 42 B
63 B 43ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DyQx1_mFKVyiRLgridPIaxPJMDE1VNRHMy9h_ZMpI83yMi3gbOnIM2dVwLb5A4mW5YgLoOzLk4c2q5iczUY-It7RMfLE5CnPWvRbjO9SgBLdenDZY

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B31D 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 21:01:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 21:01:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B31D 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B31D 203 KB
64 KB 95ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 10:16:57 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 696B 624 B
504 B 64ms
47ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNWcgxzT5cbQ3I7kAnzE1xP5vB83klg5Nnti_r85PeoQYio50W3tZoa2roTq8rmFOBe92CxoaAopPrOQGxfmfIDbeEHowFavhgVwuBLUl-dY6-DP5NVgyBaHTEKPDQCYNGTmOjEZXUGhaJPAdzWyFbdJDVwRRtaZ0n5F5uNjqfBjTDJeWto

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 10:16:57 GMT
expires: Thu, 28 Dec 2023 10:16:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4291 89 KB
31 KB 142ms
142ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 10:16:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4291 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 21:01:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 21:01:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4291 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4291 203 KB
64 KB 90ms
46ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 10:16:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4291 42 B
63 B 41ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AGwerzQvdPmDLF--tIPItU7iFCFqXIFiEVRl9IFtX1nlQl3O7sMBS5dG6LCl2UfSGyPalmi2aHAssgDoJe7ahmaEfWaKu7n7PA632ZIx4oS5RgQMw

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame 162C 9 KB
4 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 01:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 01:04:19 GMT

GET
H2 200 f3d12415f986ed3504122551351bc1d0.js Show response
www.gstatic.com/mysidia/ Frame 162C 42 KB
16 KB 40ms
15ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16637
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 07:10:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 162C 2 KB
822 B 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H2 200 50459845d1cbd526a76ea757de42d266.js Show response
www.gstatic.com/mysidia/ Frame 162C 23 KB
10 KB 34ms
10ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/50459845d1cbd526a76ea757de42d266.js?tag=exit_2019

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 01:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9842
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Mar 2024 01:24:47 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 162C 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 23:00:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 162C 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 21:01:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 21:01:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 162C 20 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 162C 203 KB
64 KB 79ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 10:16:57 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 162C 37 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 13:56:43 GMT

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame E230 9 KB
4 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 01:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 01:04:19 GMT

GET
H2 200 f3d12415f986ed3504122551351bc1d0.js Show response
www.gstatic.com/mysidia/ Frame E230 42 KB
16 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16637
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 07:10:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E230 2 KB
822 B 8ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H2 200 50459845d1cbd526a76ea757de42d266.js Show response
www.gstatic.com/mysidia/ Frame E230 23 KB
10 KB 33ms
11ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/50459845d1cbd526a76ea757de42d266.js?tag=exit_2019

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 01:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9842
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Mar 2024 01:24:47 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame E230 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 23:00:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E230 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 21:01:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 21:01:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E230 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E230 203 KB
65 KB 66ms
29ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 10:16:57 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame E230 37 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 13:56:43 GMT

GET
H3 200 t_524710_061201_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-27/ 16 KB
16 KB 23ms
22ms Image
image/jpeg 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-27/t_524710_061201_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dc9b1a501bdf796f5feb6bd6e34a2d3badc69c2aa18a473efe26e1e626463df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 70080
cf-polished: origSize=17079, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 16204
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Dec 2023 13:12:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 907479863
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfe8b316ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 t_524650_094222_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-27/ 13 KB
13 KB 25ms
23ms Image
image/jpeg 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-27/t_524650_094222_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 419fd619a3ace745c8aefca55c64003dd7d3a53ffef0799c779a65601a712fe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 105405
cf-polished: origSize=13913, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13168
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Dec 2023 04:42:22 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 657933649
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfe8b386ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 983_013626_reporter.jpg
www.geo.tv/assets/uploads/reporters/ 3 KB
3 KB 26ms
24ms Image
image/jpeg 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/reporters/983_013626_reporter.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd42aceb2fff4d62a731150752f45a3aefe311f5655156160ab9fdb4f8e08fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 105404
cf-polished: degrade=85, origSize=3373, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 3104
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Nov 2021 08:36:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 880572823
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfe8b3a6ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 1360_100407_reporter.jpg
www.geo.tv/assets/uploads/reporters/ 4 KB
4 KB 27ms
24ms Image
image/jpeg 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/reporters/1360_100407_reporter.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57058ea210f5e5f682788dffa1bd43772ef8824c0f4ffaf0e875855df094cbce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 276369
cf-polished: degrade=85, origSize=3950, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 3755
cf-bgj: imgq:85,h2pri
last-modified: Mon, 25 Dec 2023 05:04:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 636828517
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfe8b3b6ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 1165_085454_reporter.jpg
www.geo.tv/assets/uploads/reporters/ 2 KB
2 KB 23ms
20ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/reporters/1165_085454_reporter.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4ac06215467fcc1050963a941196269103a7594245c5c150b8bc09fc1e7664

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 10275
cf-polished: qual=85, origFmt=jpeg, origSize=2687
x-cache: MISS
content-disposition: inline; filename="1165_085454_reporter.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2104
cf-bgj: imgq:85,h2pri
last-modified: Sun, 31 Jul 2022 15:54:54 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 689418683
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfe8b3c6ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 246_062648_reporter.jpg
www.geo.tv/assets/uploads/reporters/ 3 KB
3 KB 21ms
19ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/reporters/246_062648_reporter.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e71a51a54b7a0323265da75474870d3342625d35ebb62f5303b314b236182aba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 54200
cf-polished: qual=85, origFmt=jpeg, origSize=4456
x-cache: MISS
content-disposition: inline; filename="246_062648_reporter.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2566
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Feb 2017 01:26:48 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 645966611
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfe8b3e6ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 971_113454_reporter.jpg
www.geo.tv/assets/uploads/reporters/ 1 KB
2 KB 29ms
26ms Image
image/jpeg 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/reporters/971_113454_reporter.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f432d15d9cd40aed1890418931abd20fa90be700ce557add25ef043fa32063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 533714
cf-polished: degrade=85, origSize=1938, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 1360
cf-bgj: imgq:85,h2pri
last-modified: Mon, 08 Nov 2021 06:34:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 865238246
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfe8b3f6ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 734_021005_reporter.jpg
www.geo.tv/assets/uploads/reporters/ 2 KB
3 KB 24ms
22ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/reporters/734_021005_reporter.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b217fdc4dafa90994157b29b300a2fede0c9ff389c6b74ef47b71fce50e3a2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 54200
cf-polished: qual=85, origFmt=jpeg, origSize=2923
x-cache: MISS
content-disposition: inline; filename="734_021005_reporter.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2438
cf-bgj: imgq:85,h2pri
last-modified: Mon, 31 May 2021 09:10:05 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 631147637
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfe8b406ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 1355_095121_reporter.jpg
www.geo.tv/assets/uploads/reporters/ 2 KB
3 KB 30ms
28ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/reporters/1355_095121_reporter.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dfce6bc17c50040f0e006072a953671a9477f4ca600bb5f280035a02070fb3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 85951
cf-polished: qual=85, origFmt=jpeg, origSize=2623
x-cache: MISS
content-disposition: inline; filename="1355_095121_reporter.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2238
cf-bgj: imgq:85,h2pri
last-modified: Thu, 21 Dec 2023 04:51:21 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 841573347
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfe8b426ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 1357_111541_reporter.jpg
www.geo.tv/assets/uploads/reporters/ 3 KB
3 KB 23ms
21ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/reporters/1357_111541_reporter.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55300ca9165fd11ff3acc6f4c3ab076acfdf7255b7d741921d0c00415738e1f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 85951
cf-polished: qual=85, origFmt=jpeg, origSize=3104
x-cache: MISS
content-disposition: inline; filename="1357_111541_reporter.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2714
cf-bgj: imgq:85,h2pri
last-modified: Mon, 18 Dec 2023 06:15:41 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 874663129
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cfe8b436ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/ Frame 73E7 139 KB
22 KB 9ms
8ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0cd2b4da2c713342027279abce854abcb9ce9a6386f3336915e040f584b43ba

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 270526
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22393
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 07:08:11 GMT
expires: Tue, 24 Dec 2024 07:08:11 GMT
last-modified: Sun, 24 Dec 2023 17:21:35 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/ Frame 8CC7 139 KB
22 KB 7ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0cd2b4da2c713342027279abce854abcb9ce9a6386f3336915e040f584b43ba

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 270526
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22393
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 07:08:11 GMT
expires: Tue, 24 Dec 2024 07:08:11 GMT
last-modified: Sun, 24 Dec 2023 17:21:35 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E230 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6982a65b5383736ebb0bb0f8520b97b8d0a6484c21733fda1c99ca8f9e29b4fb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A014
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1&C=1

43 B
731 B

66ms
65ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNV4Ey2bBksXVYrqiJaGJ8dtBWNUCIHEiHUfhRA7hRNiP7hYE5h4EzF-m6vNSNeayGuS4cXUZxb-rKVnnTEVwIMqdA0zZFlFprEiERzPeTrKbwXxEUy2ZbqrG66kNKWa_JvBrhwNkYErfVbhXU8qTgHfq4tkLjG5aQj_bRmriuAXeLTQPDk
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0JJxkT6DIXn5QTVbT7UMIBINmyXy0xikROyVDti1TkPKnLnMGtNyqsOYJwAi8nM33ib8ZJt7Qz2VAR9IeRC0OE0a0BFsGrxIM6SWJ07HXjhVL4uhCixvQ5gg36YMFy4yFo9eD8Y%2FeO%2BEg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83c90cff9a249bb9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfzbG3tRXZZdonsRMIEURbyGqA6CCVUeWU5vZG%2BxIp7r%2BzQSN1wGG%2FuKU9wx3cP7Mnr9sn0Yy9PrkLHwkUOrn97%2FEGyVbdr0xEne4bxBChGaUbjQ%2BStnScd4xK2o8Vy7d9OBVp742Hgq5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1&C=1
cache-control: no-cache
cf-ray: 83c90cff6dea9b2d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A014
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY1LGQq0-klllW7eTN0F2QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1

43 B
732 B

48ms
48ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNV4Ey2bBksXVYrqiJaGJ8dtBWNUCIHEiHUfhRA7hRNiP7hYE5h4EzF-m6vNSNeayGuS4cXUZxb-rKVnnTEVwIMqdA0zZFlFprEiERzPeTrKbwXxEUy2ZbqrG66kNKWa_JvBrhwNkYErfVbhXU8qTgHfq4tkLjG5aQj_bRmriuAXeLTQPDk
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYO6B%2FwwpUJwXQXpoLbMK7Aw1U0QEFYSHpivAQKHM4sOF3oLcR2OU6cBZi2TtxnqE9no%2F%2Fcogw7XfYdKdaSNGo9SrQnm%2B5JnAMpoUQS6Df2YYg86oVwztilLO50MkpeKOQ8AkziLcY0uPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83c90cffba729bb9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame A014
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENdr5Xad3y1IEzXqCbHgY_0&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENdr5Xad3y1IEzXqCbHgY_0%26google_cver%3D1

43 B
894 B

25ms
24ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENdr5Xad3y1IEzXqCbHgY_0%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNV4Ey2bBksXVYrqiJaGJ8dtBWNUCIHEiHUfhRA7hRNiP7hYE5h4EzF-m6vNSNeayGuS4cXUZxb-rKVnnTEVwIMqdA0zZFlFprEiERzPeTrKbwXxEUy2ZbqrG66kNKWa_JvBrhwNkYErfVbhXU8qTgHfq4tkLjG5aQj_bRmriuAXeLTQPDk

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
an-x-request-uuid: 5ae17656-05f4-4303-b619-913510f2ee5e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.133; 138.199.38.133; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
an-x-request-uuid: c5fb7120-7792-4343-a5f3-b541cbe000a6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENdr5Xad3y1IEzXqCbHgY_0%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.133; 138.199.38.133; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A014
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUxMzA5MzUxMTA0ODQzMzMyNg%3D%3D

170 B
243 B

17ms
16ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUxMzA5MzUxMTA0ODQzMzMyNg%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
an-x-request-uuid: 78249d50-372f-4e4b-939c-850a0bf7d02c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUxMzA5MzUxMTA0ODQzMzMyNg%3D%3D
x-proxy-origin: 138.199.38.133; 138.199.38.133; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 696B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1&C=1

43 B
770 B

65ms
64ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNWcgxzT5cbQ3I7kAnzE1xP5vB83klg5Nnti_r85PeoQYio50W3tZoa2roTq8rmFOBe92CxoaAopPrOQGxfmfIDbeEHowFavhgVwuBLUl-dY6-DP5NVgyBaHTEKPDQCYNGTmOjEZXUGhaJPAdzWyFbdJDVwRRtaZ0n5F5uNjqfBjTDJeWto
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZ02i9t0Zi3Q%2Bj3URvQ%2FVF9p6209AfnK3QcK9dKQxmRrHWFxDCKKUDXV25rqoL%2F5boUyuBX%2Bbyvb6XSHLEI7YENWDs0YaFwxQFcam2aethYTAIVOSstGvMaEIvtfJ1irNf%2BnfJoBKsgCqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83c90cff9a289bb9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOwfOw9QwPkMpTd5qew6vDADn3t33vQ5At2mz%2BnB1lKzYjCH%2FafJMJG%2Fc%2F5F%2B7o1%2B53l26E6V%2F7JX9jPQX6qeL52u39iKt2ydrtff%2FgJUJnQen7yKMJl%2BBWAJVn0b74v6ua2hxjFHFCgeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1&C=1
cache-control: no-cache
cf-ray: 83c90cff6deb9b2d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 696B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY1LGYmoUug-o5cSJT4bDwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1

43 B
735 B

66ms
66ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNWcgxzT5cbQ3I7kAnzE1xP5vB83klg5Nnti_r85PeoQYio50W3tZoa2roTq8rmFOBe92CxoaAopPrOQGxfmfIDbeEHowFavhgVwuBLUl-dY6-DP5NVgyBaHTEKPDQCYNGTmOjEZXUGhaJPAdzWyFbdJDVwRRtaZ0n5F5uNjqfBjTDJeWto
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x40WryK%2BJvziS3qruUTDniZw6iyJEM2qqXoEQu%2B3IJhHkSY5Ny3bsLVTgfQhwEpwakW1K6vUHfvlz6nwfVI6nUqDbVoSraT3RUPUK5sAAa%2BzY%2BpQgytmdPrnjHrU%2BbOHrmhuFy5qoqbOaw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83c90cffca909bb9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFS1S9qSA0x_FhnAflxtfRY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 696B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENdr5Xad3y1IEzXqCbHgY_0&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENdr5Xad3y1IEzXqCbHgY_0%26google_cver%3D1

43 B
894 B

15ms
13ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENdr5Xad3y1IEzXqCbHgY_0%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNWcgxzT5cbQ3I7kAnzE1xP5vB83klg5Nnti_r85PeoQYio50W3tZoa2roTq8rmFOBe92CxoaAopPrOQGxfmfIDbeEHowFavhgVwuBLUl-dY6-DP5NVgyBaHTEKPDQCYNGTmOjEZXUGhaJPAdzWyFbdJDVwRRtaZ0n5F5uNjqfBjTDJeWto

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
an-x-request-uuid: 5fb05638-179c-4376-8e13-1a2f9f64e063
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.133; 138.199.38.133; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
an-x-request-uuid: 912a614b-c1fb-4380-ab1c-f68478ff4fa8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENdr5Xad3y1IEzXqCbHgY_0%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.133; 138.199.38.133; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 696B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUxMzA5MzUxMTA0ODQzMzMyNg%3D%3D

170 B
232 B

30ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUxMzA5MzUxMTA0ODQzMzMyNg%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
an-x-request-uuid: 51e92ea3-4207-4a58-a28a-17be31a56bbb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUxMzA5MzUxMTA0ODQzMzMyNg%3D%3D
x-proxy-origin: 138.199.38.133; 138.199.38.133; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 73E7 16 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 20:29:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 28 Dec 2023 20:29:40 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 73E7 34 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 19:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 28 Dec 2023 19:07:20 GMT

GET
DATA 200
OK truncated
/ Frame 162C 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13ae20e45c0225e7f5c35c4d48d3d3ec8ae4d3e4861d605da9232551e0fe67c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8CC7 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 20:29:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 28 Dec 2023 20:29:40 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8CC7 34 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 19:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 28 Dec 2023 19:07:20 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B31D 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8297217276591&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B31D 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8297217276591&version=m202309260101&ct=76&x=1&cor=1700859245046199300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B31D 108 KB
42 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BrQSmkz8vcTSc9xp1ZXGLJlHQlDA6p6vCdmLKmqWMW2Scl4nNQLi1wdMsyD-LfZ18evccTz2lcqzX1VpxUARKQRDWXYusK1lP7J3MEuHleX3xPtDMO6cmuxqzW6Dw-sZ4gUjHwHABljZxSAkzS64ilG8c8LUTqZfZEvtv80d1goo05XzA&dbm_d=AKAmf-ATL_x6a8ex66sieZaX6P4keowmT1F8kuwIDFFLoseNHN8qPiijmGw-YFISHGqRngdxCvOYnT1rJWPohnzNKsgD3lmbFlJliRga0a22OtgievwkW3WbgkJ6Pg3MQNaY8737PAtryEekcms6t2l7NUW_ZqYi_jVVQADWmy1U6G7dSQqV2hcUZZ5KD5UgUxE1Dc4nWlWpq3wbUNb8iDxi-6JG-PtOzQnCqn4Tz9d3RAYJFjCEt8YuUI90SERJS11YW5dkJnBv5N_iQ8bFmaC-JXyNRhpb51eZOayKIJCV0WtU2nG3QIv9KALh2voesRlYjN_oxd3P-bhwPTgicWEClqAhEntvNKkNkQNdDsOBN34FJzizB082pBzIeJpLBCDLahEaNGLdT2pFRfBRhQkkExWi3B7hT5fUCLj00fc12vsiXX4e97CjgxXDmQp9-kKesOE6lHh22B7vW8aF0ruhE7LhZqBXlMo5yj6zvnhGXAdnsFxWSeY6s_M7kFt3tmEHxcFBYtqYNHCOursUk7dw_Lcd3_esvMdjrzbE5IBOha3-hU3ifC1QvJK0IAg5-g9BOSONpSbTwo9sX2-AgOB4wywotqpWakPz3l3kRlwQCm4ygsgS19bsAAHkVoMAUaKMVnS_HN8R6dBqIbrw8T9jeMDpR-bDq3R47fq3MiwG3wCz1N1-Iqc4yVC9syy6_NWxu9JkbReJwEq3Pg2gxxhmR7OHwVXRZfVrJhhktHIlxpBpNF5uWnXcxsAyO5nMws2vsTdyL3lV-mxslsG_WphCQS3uoYRl58oAauEcHzI0q1mTvbC23qy-MxAc7ON1_Awt7lE3seL5qIItG0POaYbWUW85Uk5srMrn_PWCCm-ToEQnhfXNxoTvQQ0bkHwWtW1zP3nPEdCLv7SpywVPK3FDpn5KXXIAr3wS0tttwWmArSu6qor8i0VmrEVQyoYO1XHopYkiS23ZOKiNRBdo9g5KZqxftAEJtB_j0FPCVXLIjY36DAUn1JuBLPCaIZNjZIt6KFohVtDmCKblbnvmsWhZFtjfD7I_Xi6fldGXew39tJDA2awncfvGgl4typ3LnVSfC8g2ZGpfStzj2-Lm3ae2DAvnHnUMfsWQgwJNiugduPQmWHVqb-M3XFFB_jRkAagNs49P8WcVBD-Z8lqLh0v4whOnvvz7nMWpnP6iPxH4zf80pUVm0t_kXCaNORZPFP6L8JKnKL8H58I8PryucJVD47vqbtWphStDtNqGLZ-k9gE6FfIkiqGSP9TieYhGgV51v5t4t4miACwbwtNjOjsIo28ojl1uDtQcqgPtk8FF_TivPCK9UFBldjgb42_DjzRCGM1NkGKaUftCJSsUKznBjGitPp5Lv99LFdJKmzUlmSi-cugwMKUDT9_xJ2_UzxHOl_g-5hM1-31zyHm_Y_isglQToNMcfM8XKUUm_-ewcs_-Qmr4R_JUTM4YbVYA71pn1xItm2-J_lsbpymi-ul3kcypbxHhBZkxl4hy0IhtMbb0PIIJji0v--slFXZYfJL4uxG090Dw2bQscMcNoos-lpgS3JIE9yh6-roIwaySrHeXoaK_Rn3mcz8We1j3luuHgxT4GKZ1j6Fr-yjn5HxmQbBg0hNahMc7Mit6Y3p4Fs4QKWe4bMZWV0hByj0aNlzhQ_NTEQ2eyx5kbnUHV634ikPLe8EWHLCP-wd6oIOpPIMVN1aJr0YZhSCK5cpppHIyzZukNcm26RL7wqp69Vosw-B15bjt71SeYEr4rRuaTKQfobqeGXfGeQq9pP8QZA6giGU5RRi0FRynObIBugGm_bOe8R7Qc-4G10sUVmSXYiwN8hnvRSIa_vpfbzwJPRhdLriJ15kUX5XN8LtPccyK235EYstJRYFZU16YE3yoPkWE-sHcthSvn0aJql2AMF4BgR7CydM85TmZ7M8td5d83A-CNckxntczquI3cXlGdvIZ4aNdhjet4Aabx8lAkatxAnzenceUZH--Cx6jupsjZ2cx1jlFOvmIbJokUPvE88YR1CbM6X4DPv9zrhivCSSpUzrwV81fiz7cFt9sDH2BdQtzTvPdYP2TrjBd-iQmuRSgBEEdgx7faSn4KdkzCzCZtlkCB82C5Y4YIIstJAVG6-YX6E7NMvvSA5kKrTcm3i5dwknhm12nXXTxVV20Bn8XqAqbxMTwVfy1YMok0_B-10Xs_fc6cIrYdLsGWvL_dWKBRpw3cDLlITdvM6JaMt_xXKzKeBTgRjKrOmwh5puHJbM0W2oxhyuq0g2a0QxL1oSdfzhBasFuj4in623rTDbu9-YDraMa-WXYtr_x1H6HZ-Tw2KKfCQvoKrJSjpjFzVRT8YKCN1xcpeWMlObyfmY8TS_cYXLc7Uqx6rmQmdo4oz1Boum9j9COVHe4HAxpuIVKCK-HWXhl4FarRr8HcZAIgc5PlKfnYIBrMCVs9qR3x3PV6Ea-7ypcZcyZB4SLvbXEteTsPzvP2g33A5JAVwXiV-syCwWpCwO1O8nMv0kkJBhz8jl3F0R29Kj0offBW7073ePw22KcYSIW6OT-CoTQw3UWnjL1VDyaDa3etxar3AgmryEzfk8L2mZmKkwFHxxThYrfA_XvACFtVh5ST5yKLywvfqD_jngqhRNfVO2Zr2VNoUBDxBjdgJFknDQpGpkffhLlYy80zHOHPpNLb7RgkvcA2oScTmvdmyeHVKxWU41KHp-v8eEBIKFtBqsK3UmEdSkOQ3LFaONi8MH7rJ08pmIU6wbGLKCL4zAHhqmMlsfgIOJM9SrEAqcrIg1SaKXp2ztb0w0efXrIFZluAkpV2YN7yMtrOgXeGRDDaxjY-Kmc-7xQEjfJObY2nnPFdVQWQWm7SG6PoYaGbo7KFjgRjdEMTmGFtaeSu19XVa5OptqD6cv10Rg3cWGRSaXJzur9tPr1jBqsD4KPEvjzl0inp23hQPcoQN1R5NhDt0DKqc7UdJ8uH0obd5zOHMbTL5Vdjbb_YfxGETzEq3shUYfrMUx835XNwWaKQa-4svFa_P4IyJTJSK68WVTxG-grXi1vyLnceX8wDdtS9P5V54bUhnGllh157-vzB4T2O-bBSHE39gzBeBTZlzrA4roSRyY3a7ySlFApu4yN_murrCBLh5gGZFj_uhgqWeq1MYVOrVlWAuSTIbJyKfsQTyivzlmuqwRch6khmG5S-AyBj-bf7yQld3XYnIK3TXi62FBB7QJE-VvZcYZrW8I1oiN6jSiQal9SBseN-Rz5ktn16PNat9BtyUbxbLD5WqMlnnzS7H0n9xG0iBLKhYGPJb-wRThmk9U4APS9YoRfp2YV4yvR3gdWG6EDcbhbjbwcssVaWESFoxWlpS5TUBovF42K5-kiX-59Dj2SaU9xZLQV4HkdTA5rFajiFvp3r1z8Ftuo7gay2E083RjcUyU_6m3GpBjMa0jDwmHFaUf-17pQETmWBZ8qvNH2flNTA9xcKuiC74svnVB9br8BzCP85615T43-pD1I14vvukMVUk-Lrg6b6kQU1zn1MGmAFBMziB3ulnL0GlPodJ97n0y7XYe7w8JL1wCBbRfiiw75nB1P4-9rjKti7tfj-M6C_6vdvnvLiwWsdhF3ore-iKBhcT639V3JEHhfsZ0KWoBbOQ-HsaYHfVZFQvPLLjtz6Tj2Kk7prAKuEsU-wVpmVEItg2g0ah34reChBhg0LxTdufehIW2mAJP9xWSZAzHOA371WkFQjO1IXgksmj3AlDmKlvhIZ9alBvSjp9cXJCfkuBWVQ7t0YFi4e-LeR6B8Y0DqtGsb7hdo8bZyNaenfGPi8itqPpRdlH2XjVCbd6OfBwdJ2iDidokjlZYAJNGZdM3hyw5NuJ1KeRUNWeAntowuHsT2WUmAQFs0oa6w61SANUeWgBwoBub5GOq3SksZSo5x1g2QpNmeUkJbJi-7kldZgAC-1p2129AviXe1G0OdEqQ8CnTUlNTAvLPtemCgnTJWCkXOUXcFLHTVupEb1Xa8oOcbELy4AWBnTsIaoky2dfWJB4FysQxbu3aM&cid=CAQSTgAvHhf_oEov7K836rajKSQGedXnFUS-cLmlBvlZr-8eY8CADHU6yhQAq03_z5V92vs1OgjgNGM_pZCuciOreO4PyrqP3_DIQ9ZgekIAqxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.geo.tv%2F&ds=l&xdt=1&iif=1&cor=1700859245046199300&adk=250412561&idt=67&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6dafe12bd7192e6f136e7beb86b7b9a32ad22536cd9905c9440897845f2c30dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42191
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 66ms
65ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=1223017833994106&bg=!5eal5qnNAAY3kmNgF5I7ADQBe5WfODuzJAUGZywr69AkBRbfv0-q1TvxbqT34EO2F6T3zGLmmExO30Q4fQ70myQ-3hu0AgAAAEVSAAAAAmgBBwoAJ80LsFlU3ekappGAF47n5TJj6j9QxpI0fhgd6XcJng4929kUnHNDmJkC8Eh9bav55y8G0VOsRWaO4ch0kZVPmV8eTmiemnuvKXRcg5rDdOQPgPRqCsY_YeoEMOXy2UmO21eD8RiRh2pt-m9KncsQ-Y7fteVTYM3cGg1zCOMTFVsV96WVtn2cWgGSUW7FZv3TqE5uJ0SDE3-FEkCvDHmbMJrEUrfN-Z-t_4B8jCJNGn0uoxNbnc4GLFPw_-GFyqacclYKoGXHkhHp7gZNzD2gzPgQV1NqAUtTvN3E8B9KF_9Rp6v9-aadWMhZlPxUrJR7jGDvrXzAP9w4DlWoKg6PuBF2LYb_xzi9P-texuwdeGBNskvcJa2ONYqvxdZWd-MiXVXQyiolXXWeV4wvT7pzPLytU6LMzM_P7XxFKO9eDXVb_-uKB94RlYnMtydsDz4ogSoDG3EIHLJCIoRjdtstBnYXFiCIbwCy04vdu2xxpgDro3rHrt7gwVW70K9SbvD1O6AyHer9BNdS-xkdDszyoBFmKFAf3CTtgFEMYiHWZ676_eR2Qpbxkt0f_yF3Mo9RdyMQFJTa3GFfTv0THRMRUjJ4eHKsRcViaL2WPzP8H3td2Hh1tMbc6YvX_b63TAY7wChZPH87zLjlRLZIhMVLwdO5lPa3HYR43xweqgdV4s-hPBSwtDToj70g60ilH9K09Beqi4rj0amuJOQ8ZavIW4l-TPszRMM23FDVIJWvdRm6B-tSOfq_P8t3Nr1ZUXIZ6hW2toe1PzdoHFYOQdY0SoYpvCYSnimBpapz0nZk5OVmUgsGWxYSanYqku8Qb34xiXX9lBxIGyc9yjqVabw07S1jIs25aqbdrqB0dVUcyvlaf3afDmLTgCsy3n_4YD6NeUnPFWfbnfoUAbK3Krt2N81qTi0Pu9PG1J4-cRn_zgMsKW-p3nh_iSvo47-w_pd0t09xBx_Ak-nbOG_9dMcfRLs6nNwFMxKj3OWqyqaIF6iAsmX5YI-qcZJ8bO98tTAyqzx0uAHpuCAH-xXc6RAnhtSF3XDiXb6uNNl9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4291 0
20 B 61ms
61ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1877653472439&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4291 0
20 B 61ms
61ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1877653472439&version=m202309260101&ct=76&x=1&cor=14941335946398915000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4291 108 KB
41 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ArKtno8KwyeCvi1m_YPENN517KvE37yUZL3VhMmZISX_FW0BIAmV_PBRIYaHcOQLy24XEf33uDsHdtjSoxy4cygBUyNiv_-Rwe08bPTf1W2iEidi1eNm6XiVW14UW2ksEuP_Beh3tk0QrqOD-wBWlq4Hdosk8YWaClLLQZPq_2BdFbgQE&dbm_d=AKAmf-Brc4Q_dmiVwos0gtU0oGvDvtPOSXDleLg5bhd2-lylK9zgs1imRzLzx2tp1yp9izrgZPiGN4FXQRZm-Auxx5MHK5b3wE36OaVueVB38mgt7tNvOK4kJi-SuUKXvZz41cB-UD_yoK76-3s_x4VDXmkto5wXQPVlHhOAzp5xvVm51jjG32Rm4JPRtuavLb5Z9G31mq4Fpnv6MLt73zDkSCGFxbjOTbmP1AYAr2gPWXzqxR7t9zMlOfgUk9sDLwo381dogp0A_VNOaoDPpeh3IVWrN8BmWrH3Cv2-8H8qBHgkmavuwEqoqwWBjlnmaeY7g76NcQnxTsl0ZR0RryHyYMvLLbaI0WEdEr6AhFCMAqDjYpfcJpR_nvaerwHXwjGVDdwRziOZjFZ4VnsD9kzQWnsGdbAJt7BoK9L2bgh44wjgisrUVUAFl3wssWRt6D8lBOoRzvrQ7ICiymyewErRunH3LW-enSQJvyNEpKJfQA7k7oOiueyjBF5l5agGYROUwTIzwIcqL4dapzmpgu_ndfNyLbqWw9gPYM2E4a6p9YBmkwkS11oPsq-eGrkNyL5ZkZwRBol0tm0pEueqH2PNQVG8IPq1Y_2iKvBGAhU4rGA46Qr8DuUs8_9RdYqfvObg3ncnfJBs-ieYeW7aGPp03RpmfsN89nioyTqi6K3ndryvaT-ArOXGaTa3frjeYaC5e5CRIWaZIJJ2Waz9QATtFRs6OiZA9_fKUFikOn-HjyGcodJ72OVZKPYOdEhj0WgVO97QD3X7cY14rT-1w-K7_tkojGxpD8qSQ290ycNpUTnhDGcuq3GuItOyH1HQVishQiSOrJSEJeukmS7-MhtG_ur8JELcxyP32-yUa55JQQPFxCpcOhSyRXwTs8as06Wkr7j_2fYmvVRv-CBrhw91jLomVldMQpaA6vXfnOYAUY_TMeHPurzEy2HXgoPduFWiiLuSrc_gZnlcWTPUe8Y0Pf1WoJfYCRSVNSgQV54cVBtkrsjghhQH_OA2uyUEF-aoTKzI2HdNAzoqYe2EQpSx3SkbsjsbDrZEYmuv0_IIYeaL-UQ20ec25jP33ofwj9P4GptJ1TJ3KwYjLr1O2qF-AOXs2Foe1d6-CSRvowgxmxhN-it4P-lqtJGBAafOO1Qsz8FIg4FMDaQd2rsbCGZAND0es3pJUgF8K7FtjZxzq-NfPPy0k6U8PlL4kTTsjm_JbQ80FgDGjjFfAsI_OYD7gFV95i8NNAcTOuxJ0kGloFyMluaz-5IsaC_diWi2bR8GlAZzNCo5K6ZstrQWDvJRAb1SFGdJVXL6idnP3YMoyyYHyFV6yV8wCcUwCwtauDxP9KgaYhDc-_IaEzESWhDGxOjRT57HBlk4LKICAk6WXpi3yRu4lB2Kh1PIy4QtBlURmsjeR4ixNLevXlPvr_jXLFEZAFxdSuC7r9kqkpyLI8ojmRcEfW96ZWH4hTBf9FhfHRf2eT5C1IUQaIsqt_j4iBYLfB3OsMmzXQLXHvnNMEGcudyKUyBYxwlUkoOXHKPP75lzlR7vv9gt3TxNuos9prSmAt3jieP57FAUSSguVwzH6nmIeJnZwucp09stFCO7Vr1NbIs5NaIk0MRK6PVCLAmMFHOL2C5ZAujZcQWT3mVdM0ooT8f0uCfoBOnzkDV56r4Rn2Sf4Tl4Ja5GLCKOn5Zn3gqFihpexPewrYRF8QAKh6oBrX0W5dzLgXZF-6vKLsZXR2JZ1CWHuH8SdMN0ePVrkSWggM2WO2hFypFlTLnqynEccVCJYGdQh0NiaSjXbsfqoAMvM4AlsnYJV48S2oVorGLHhK-3douArOx0ArL_bQAEARCqpU4yYRJN7MwIQlM01ryv6Ei0Ls5kJUDnvAS3qykYVABIqHqEALR1ZDYYO42YQBWG49AN10deku1cMrsHPSHkfM7FdIA29wuDx_ZKTNenBezcU4w3btys95Sxg9G760aIcJJl_c8KH7M39J2CwtXk1b9a2Xnj3DFV5cVnPZG0KXQ8mTjkvUePdxcTGERHvgDM9LmxzFbt_bgm4wEPYSlhjgDjX_hKdqSANQDrXSul9-rGGSPB-DZGB1xWmtm8k4WHGcsH6-OCYrTZhLnOPybHUsz163vhCcX_XwIX0jBeYiWnW-_AGJqvjfXCZ_Ll_ab-V7wBx6a5PiDISfmU9vFVcwMyfXugEyKGCrDD4Uom_kiU_V-mbZ3V2Fz0KOeyc_uboTNzAxxXvPn1GqJ7KklC5kIhOt9WWrUUEvdoC-WBfMj6-GHKzAqJRKkU4QOnqoCmwVv1D3dG1PPBooasvfeCKpvnbQKExFnLAYGYJbhnY2qVYOjSHkN1r2XX7c6xKEBiECEJofuLUAwm51kzQHm86LkZMXd43FEUVdM-ZLF7UuRAwTy7ooovoq38sjhcyIgSD6cfeLfft9h0w268vWPaihW1BRjVVErUp_BIcsyZjQ9HdPkECcr4N6A5DNeU_kTj99x8F59eRYuvW2-jREH8IoQfRI4WUSzeTm2AkT00Vk_ttjgA7t239OOmG7y11Zj1x2fJJn_QuvqcYZ-YjaciPPlTRpv_INHY_1erAiOjcaAk8pA-N-ckoLilrjnRUykOe03ZPyISq--VszKCJe9a6N0gjwJQASuLVrzPh_VTIOXw85QKcBlLWhUf5rusGrUym1zUOEJeC0Ep8iIqzbWib1Wc8gVPzNWMMLA3KPi5orGqnAw_rh6NtOaqO99pnFxugBCFhiZwDF3_FN2Q7OTiXWmQxNkx_9VlBGLlEpv0PK6tVjgT8V5BghyLpR26qkxa19ESsvYzikVjq8lCffmW7V2P3EjO4yDMAceKOzwWWST5_Fl9_HNJmNFXGKagRR8_I-DWwkH7iXM48Icc-dAqKYgZyLRGlvq3sxguvpYboNqPG30jWd6UKPibe60J5gqKsX7Q73h18bZs4EC_JQVV8viCQWVtTjC4M3U2oj5iT7M8hLSS0uW0V6WoggsCJUKInrSIeewCSAWwRXwxISp3uJPdT-LfKhqVa_tlHSFmgKeewaVyVleqM0HTVNF3lIktC583imaQCpGOqSHtbnsYGpDmX7Wb4wKhMWRIIADky_z7ioF229wTRMvwh3h76e1sCkPtX2drBIWBY33qNNeWlCNRAPkS48SSEA94xvFYYhOLN8TLzAepuMuY5YFgSbIMwlCX2Lldr_aiJveu9NgLDEIS2XvtduLMAwPqwopqG-Fx91G29grLk98DunLrFxgJf6vB6i9nQ1sdYsnSK2SK-wf8CJRN55FgcA4fdPuaFpRjmSHaYbE4OHaK1HVx0zSvGPRcIx50FgbVcd-Nq0GFWWMJ4Kh4W-AtN4dVg0ASXc9zPo0qVIXUo3RiSIjJaSQcP5tLRzsHoJH-OAC7J9jl7CK-sM7WTErfUnkdT24O0usHyifFPr2D5AuvqGukryBaRnmzqggy9GEGYIygPvWCDgrfsxbd_hy6nkDiQsYGcHsUeS3SeGRe--DpDcQRmis-YXObJGyP2NKBJdGMNUDMADEECdV4JJC1v6zYSXejbURJDanJAEc29g4CMv_f2yOR24BTYUQoS9L3FZ-de2dy3EuuiY0ARX9cbZiYAgjGIhEYmLgN1S9cqqVA3HzIaPDH2N_qIX2dPeeMK2whhKaCG55og9806YN44Q8ZDfbsKLcFHETVNa9SDD-YkyigypKBNREFmYIUeJIb1qcoQr6afI6hS_emSkMJXoyGAZsuiiQc1hOCU9C7xpKWt1gzBjavnV_uA23nt4hkYGRdyw2zixqLCpuGHgxPpRObkST4HMQcxzOMNQPt2Buqb1pYv-WDreTPXC4ZMPUtL7DnZe-YZ2F0bgCuRNzUW60-nCjPzhhvh6z99MVIxpazmxHtZjUSynipHYCaowwx5FXePx9FhHR09i6Ut8BQmpAHnATsqw3_wrD880Fk_VTDvmRQivqLpQJY4XtLDicrBEEiywIoY0CKPvWRjnYm_bhdayK_qO9pEWg6B9qe-n3gc-be6XkKIYqvrMGE9IazuoCSlLFh&cid=CAQSTgAvHhf_oEov7K836rajKSQGedXnFUS-cLmlBvlZr-8eY8CADHU6yhQAq03_z5V92vs1OgjgNGM_pZCuciOreO4PyrqP3_DIQ9ZgekIAqxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.geo.tv%2F&ds=l&xdt=1&iif=1&cor=14941335946398915000&adk=497053792&idt=149&cac=0&dtd=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89abdadf7755c53b75f644af33178eac6a8c6a9ab682a815ad79ccfde52c6557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42078
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s_524814_093012_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-28/ 2 KB
3 KB 69ms
68ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-28/s_524814_093012_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15319620c05ca0e4aa55cbf9fab51727e464719f5a98be20144152936d857f05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 16107
cf-polished: qual=85, origFmt=jpeg, origSize=2728
x-cache: MISS
content-disposition: inline; filename="s_524814_093012_updates.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2442
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Dec 2023 04:30:12 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 694815430
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cffac776ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 s_524811_085837_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-28/ 3 KB
3 KB 82ms
81ms Image
image/jpeg 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-28/s_524811_085837_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b92d36f6231c3ca7438794c71c2d8f5f3971f9a0b2760b0d4e5a78c2969be6bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 21322
cf-polished: degrade=85, origSize=3005, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 2757
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Dec 2023 03:58:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 874478070
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cffac7c6ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 l_524820_120233_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-28/ 17 KB
17 KB 45ms
44ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-28/l_524820_120233_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c669f55820ad5f3d96e20d59ad755b1762568f0d5a25527d39c04102b2d0cc31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 9370
cf-polished: qual=85, origFmt=jpeg, origSize=21909
x-cache: MISS
content-disposition: inline; filename="l_524820_120233_updates.webp"
alt-svc: h3=":443"; ma=86400
content-length: 17542
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Dec 2023 07:02:33 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 908084782
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cffac7e6ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 l_524816_111640_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-28/ 46 KB
47 KB 53ms
52ms Image
image/jpeg 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-28/l_524816_111640_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0882cf66b1835c4bda99eac583dd74f70c2ba742989ed836c5256b3a402eb5af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 14068
cf-polished: origSize=49911, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 47492
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Dec 2023 06:16:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 695009677
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cffbc806ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 l_524785_024551_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-28/ 21 KB
21 KB 46ms
45ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-28/l_524785_024551_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdbfa7189d8b83f09f5717afc46cc46c92d686bd5393e457a8740936d7405b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 41937
cf-polished: qual=85, origFmt=jpeg, origSize=22758
x-cache: MISS
content-disposition: inline; filename="l_524785_024551_updates.webp"
alt-svc: h3=":443"; ma=86400
content-length: 21230
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Dec 2023 21:45:51 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 864992378
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cffbc826ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 49_9490206_programs.jpg
www.geo.tv/assets/uploads/programs/2015-11-17/image_banner/ 18 KB
18 KB 67ms
66ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/programs/2015-11-17/image_banner/49_9490206_programs.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faf597313dfdcfc0c930ad797c4258e8c65205e1a4ce87681df688cd801c5a7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 6339
cf-polished: qual=85, origFmt=jpeg, origSize=90535
x-cache: MISS
content-disposition: inline; filename="49_9490206_programs.webp"
alt-svc: h3=":443"; ma=86400
content-length: 18540
cf-bgj: imgq:85,h2pri
last-modified: Tue, 15 Jun 2021 14:10:09 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 729885909
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cffbc846ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 70_1421332_programs.jpg
www.geo.tv/assets/uploads/programs/2022-09-21/image_banner/ 28 KB
28 KB 69ms
67ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/programs/2022-09-21/image_banner/70_1421332_programs.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2172b6cfda7de352285e5282afbbe11a385a4cb0477cd2ee215e71a637fe2f5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 6427
cf-polished: qual=85, origFmt=jpeg, origSize=68694
x-cache: MISS
content-disposition: inline; filename="70_1421332_programs.webp"
alt-svc: h3=":443"; ma=86400
content-length: 28810
cf-bgj: imgq:85,h2pri
last-modified: Thu, 13 Jul 2023 11:23:41 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 882649291
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cffbc856ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3 200 52_5864035_programs.jpg
www.geo.tv/assets/uploads/programs/2015-11-17/image_banner/ 22 KB
22 KB 82ms
81ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/programs/2015-11-17/image_banner/52_5864035_programs.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8c5ee9de9a8c57ed357a860b0edc5b7028103e1558da74e72b5efa316f9d2a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 6342
cf-polished: qual=85, origFmt=jpeg, origSize=104984
x-cache: MISS
content-disposition: inline; filename="52_5864035_programs.webp"
alt-svc: h3=":443"; ma=86400
content-length: 22124
cf-bgj: imgq:85,h2pri
last-modified: Tue, 15 Jun 2021 12:11:11 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 503690085
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90cffbc876ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E230
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CgJZgGEuNZY_JJKuC1PIPn-K3aMW-2f506Juw_8cS0KyVmEMQASDJ0pIHYJXikIKgB6AB6cWqnQLIAQmpAu2N_Nuno7I-4AIAqAMByANIqgSqAk_QcKG4fGL1tVe5uiz56b6uZxOWBwZQ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224483694302226041928%22,%22debug_reporting%22:true,%22destination%22:%22https://boconcept.com%22,%22event_report_window%22:...

0
0

56ms
42ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224483694302226041928%22,%22debug_reporting%22:true,%22destination%22:%22https://boconcept.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22598385385%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216329508745439789249%22}&andc=true

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4483694302226041928","debug_reporting":true,"destination":"https://boconcept.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["598385385"],"22":["true"],"4":["12-28"],"6":["true"]},"priority":"500","source_event_id":"16329508745439789249"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 28 Dec 2023 10:16:57 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 28 Dec 2023 10:16:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4483694302226041928","debug_reporting":true,"destination":"https://boconcept.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["598385385"],"22":["true"],"4":["12-28"],"6":["true"]},"priority":"500","source_event_id":"16329508745439789249"}&andc=true
access-control-allow-origin: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 94ms
54ms Preflight
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CgJZgGEuNZY_JJKuC1PIPn-K3aMW-2f506Juw_8cS0KyVmEMQASDJ0pIHYJXikIKgB6AB6cWqnQLIAQmpAu2N_Nuno7I-4AIAqAMByANIqgSqAk_QcKG4fGL1tVe5uiz56b6uZxOWBwZQ2AAhI-j8X2vE3VMqW-ebP-Q8m55w8hnYubnZ3umqqv2DJC4iMckOR2XVHkyHIymaq2o5mT28nutO925cOvrFzouqavWArARcvIJzB4m9deVxBTT6hNZnVqcj5yRq2noV98_6F6K4QASz6MgWmyAx9D41Pp7soulJM6IxwDT_B7obMQbMYH28ntZHesyI0MlOQijYpIEb_AaXF-Z9MkOuspJD4Hed7DWNSmFg1e51xZyBsn5gCRHLX6TiEovxz5K_ipbmGFEjNHidwPfLXBcJbPXHVN2cHEDDsKWyM_oz1izz-D_tauc9TvLO1p5SltmZeqiVy-poZ4hYi0fvmTQpvRjPrgfN3Nqhqe-uO3SiaE0Z_EXABNDardPRBOAEAYgF79ucoUySBQQIBBgBkgUECAUYBKAGLoAH_7nV4gGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDOjxTSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMa0_rjzsYMDmgkkaHR0cHM6Ly93d3cuYm9jb25jZXB0LmNvbS9kZS1kZS9zYWxlgAoByAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLiDRMI_vb-uPOxgwMVKwFVCB0f8Q0N2BMO0BUBmBYBgBcBshceChwIABIUcHViLTczNjk0NjYyMTI1NzA1NTUY_bAJ&sigh=csWAYVz04UU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_oEov7K836rajKSQGedXnFUS-cLmlBvlZr-8eY8CADHU6yhQAq03_z5V92vs1OgjgNGM_pZCuciOreO4PyrqP3_DIQ9ZgekIAqxgB&template_id=419&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 10:16:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 162C
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CDeTlGEuNZazHJKuC1PIPn-K3aMW-2f506Juw_8cS0KyVmEMQASDJ0pIHYJXikIKgB6AB6cWqnQLIAQmpAu2N_Nuno7I-4AIAqAMByANIqgSqAk_QVe5ieHczeQOEwkc7BL6CQzCVYY4s...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222537846745093666178%22,%22debug_reporting%22:true,%22destination%22:%22https://boconcept.com%22,%22event_report_window%22:...

0
0

57ms
42ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222537846745093666178%22,%22debug_reporting%22:true,%22destination%22:%22https://boconcept.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22598385385%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216351391793553814609%22}&andc=true

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2537846745093666178","debug_reporting":true,"destination":"https://boconcept.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["598385385"],"22":["true"],"4":["12-28"],"6":["true"]},"priority":"500","source_event_id":"16351391793553814609"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 28 Dec 2023 10:16:57 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 28 Dec 2023 10:16:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2537846745093666178","debug_reporting":true,"destination":"https://boconcept.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["598385385"],"22":["true"],"4":["12-28"],"6":["true"]},"priority":"500","source_event_id":"16351391793553814609"}&andc=true
access-control-allow-origin: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 88ms
53ms Preflight
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CDeTlGEuNZazHJKuC1PIPn-K3aMW-2f506Juw_8cS0KyVmEMQASDJ0pIHYJXikIKgB6AB6cWqnQLIAQmpAu2N_Nuno7I-4AIAqAMByANIqgSqAk_QVe5ieHczeQOEwkc7BL6CQzCVYY4sPHlmwpff1Ni3_Whv1bw__S2GRAm348hh0HtZ-e0pbmOa5K4TE5Y6xWqT9Zwoj8UbKBy71mgv_WHjmE0oFBg0bAPNtSj7J7VfJlbtGEZTs4bW51GvTePQHMkCrl63EvR-cz7wbCJgr55QZOg0xa6GzezDcYattP1fUqLwYvmwsa3a7l8QoxE9lGsDJyM4i9j4wdzguLpUIsTYFoFEgBwq7yPL937IyG_ujZOnvdF7pRsuhVCvE5pJM-Etf-ggxzN-2_QjEMVYQ9YJwDHAPG4sAUa8nKI89MTNwVUPO9v5cVUbbjuHXLwOadHlyim6uzcWvkcjRuNZpiPOPNHF-MKRv1sopc5gAXuWAbyTePTQ6o0d0T_ABNDardPRBOAEAYgF79ucoUySBQQIBBgBkgUECAUYBKAGLoAH_7nV4gGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBC1nifSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMa0_rjzsYMDmgkkaHR0cHM6Ly93d3cuYm9jb25jZXB0LmNvbS9kZS1kZS9zYWxlgAoByAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLiDRMI_fb-uPOxgwMVKwFVCB0f8Q0N2BMO0BUBmBYBgBcBshceChwIABIUcHViLTczNjk0NjYyMTI1NzA1NTUY_bAJ&sigh=Q5oWTs7TZfU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_oEov7K836rajKSQGedXnFUS-cLmlBvlZr-8eY8CADHU6yhQAq03_z5V92vs1OgjgNGM_pZCuciOreO4PyrqP3_DIQ9ZgekIAqxgB&template_id=419&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 10:16:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/987057/61527017/ Frame B31D 256 KB
77 KB 146ms
37ms Script
application/javascript 108.128.252.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/987057/61527017/skeleton.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-7369466212570555&ias_chanId=1&ias_placementId=20338658787&bidurl=https://www.geo.tv/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jo4chEA75vgTTLw0ItlcAT
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.252.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-252-65.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 23c5e13d99db8866ebe1048f344abaa477fe69ac63452f14810a68d993557f12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame B31D 111 KB
39 KB 107ms
17ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
Origin: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 06:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 06:30:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame B31D 11 KB
4 KB 39ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BrQSmkz8vcTSc9xp1ZXGLJlHQlDA6p6vCdmLKmqWMW2Scl4nNQLi1wdMsyD-LfZ18evccTz2lcqzX1VpxUARKQRDWXYusK1lP7J3MEuHleX3xPtDMO6cmuxqzW6Dw-sZ4gUjHwHABljZxSAkzS64ilG8c8LUTqZfZEvtv80d1goo05XzA&dbm_d=AKAmf-ATL_x6a8ex66sieZaX6P4keowmT1F8kuwIDFFLoseNHN8qPiijmGw-YFISHGqRngdxCvOYnT1rJWPohnzNKsgD3lmbFlJliRga0a22OtgievwkW3WbgkJ6Pg3MQNaY8737PAtryEekcms6t2l7NUW_ZqYi_jVVQADWmy1U6G7dSQqV2hcUZZ5KD5UgUxE1Dc4nWlWpq3wbUNb8iDxi-6JG-PtOzQnCqn4Tz9d3RAYJFjCEt8YuUI90SERJS11YW5dkJnBv5N_iQ8bFmaC-JXyNRhpb51eZOayKIJCV0WtU2nG3QIv9KALh2voesRlYjN_oxd3P-bhwPTgicWEClqAhEntvNKkNkQNdDsOBN34FJzizB082pBzIeJpLBCDLahEaNGLdT2pFRfBRhQkkExWi3B7hT5fUCLj00fc12vsiXX4e97CjgxXDmQp9-kKesOE6lHh22B7vW8aF0ruhE7LhZqBXlMo5yj6zvnhGXAdnsFxWSeY6s_M7kFt3tmEHxcFBYtqYNHCOursUk7dw_Lcd3_esvMdjrzbE5IBOha3-hU3ifC1QvJK0IAg5-g9BOSONpSbTwo9sX2-AgOB4wywotqpWakPz3l3kRlwQCm4ygsgS19bsAAHkVoMAUaKMVnS_HN8R6dBqIbrw8T9jeMDpR-bDq3R47fq3MiwG3wCz1N1-Iqc4yVC9syy6_NWxu9JkbReJwEq3Pg2gxxhmR7OHwVXRZfVrJhhktHIlxpBpNF5uWnXcxsAyO5nMws2vsTdyL3lV-mxslsG_WphCQS3uoYRl58oAauEcHzI0q1mTvbC23qy-MxAc7ON1_Awt7lE3seL5qIItG0POaYbWUW85Uk5srMrn_PWCCm-ToEQnhfXNxoTvQQ0bkHwWtW1zP3nPEdCLv7SpywVPK3FDpn5KXXIAr3wS0tttwWmArSu6qor8i0VmrEVQyoYO1XHopYkiS23ZOKiNRBdo9g5KZqxftAEJtB_j0FPCVXLIjY36DAUn1JuBLPCaIZNjZIt6KFohVtDmCKblbnvmsWhZFtjfD7I_Xi6fldGXew39tJDA2awncfvGgl4typ3LnVSfC8g2ZGpfStzj2-Lm3ae2DAvnHnUMfsWQgwJNiugduPQmWHVqb-M3XFFB_jRkAagNs49P8WcVBD-Z8lqLh0v4whOnvvz7nMWpnP6iPxH4zf80pUVm0t_kXCaNORZPFP6L8JKnKL8H58I8PryucJVD47vqbtWphStDtNqGLZ-k9gE6FfIkiqGSP9TieYhGgV51v5t4t4miACwbwtNjOjsIo28ojl1uDtQcqgPtk8FF_TivPCK9UFBldjgb42_DjzRCGM1NkGKaUftCJSsUKznBjGitPp5Lv99LFdJKmzUlmSi-cugwMKUDT9_xJ2_UzxHOl_g-5hM1-31zyHm_Y_isglQToNMcfM8XKUUm_-ewcs_-Qmr4R_JUTM4YbVYA71pn1xItm2-J_lsbpymi-ul3kcypbxHhBZkxl4hy0IhtMbb0PIIJji0v--slFXZYfJL4uxG090Dw2bQscMcNoos-lpgS3JIE9yh6-roIwaySrHeXoaK_Rn3mcz8We1j3luuHgxT4GKZ1j6Fr-yjn5HxmQbBg0hNahMc7Mit6Y3p4Fs4QKWe4bMZWV0hByj0aNlzhQ_NTEQ2eyx5kbnUHV634ikPLe8EWHLCP-wd6oIOpPIMVN1aJr0YZhSCK5cpppHIyzZukNcm26RL7wqp69Vosw-B15bjt71SeYEr4rRuaTKQfobqeGXfGeQq9pP8QZA6giGU5RRi0FRynObIBugGm_bOe8R7Qc-4G10sUVmSXYiwN8hnvRSIa_vpfbzwJPRhdLriJ15kUX5XN8LtPccyK235EYstJRYFZU16YE3yoPkWE-sHcthSvn0aJql2AMF4BgR7CydM85TmZ7M8td5d83A-CNckxntczquI3cXlGdvIZ4aNdhjet4Aabx8lAkatxAnzenceUZH--Cx6jupsjZ2cx1jlFOvmIbJokUPvE88YR1CbM6X4DPv9zrhivCSSpUzrwV81fiz7cFt9sDH2BdQtzTvPdYP2TrjBd-iQmuRSgBEEdgx7faSn4KdkzCzCZtlkCB82C5Y4YIIstJAVG6-YX6E7NMvvSA5kKrTcm3i5dwknhm12nXXTxVV20Bn8XqAqbxMTwVfy1YMok0_B-10Xs_fc6cIrYdLsGWvL_dWKBRpw3cDLlITdvM6JaMt_xXKzKeBTgRjKrOmwh5puHJbM0W2oxhyuq0g2a0QxL1oSdfzhBasFuj4in623rTDbu9-YDraMa-WXYtr_x1H6HZ-Tw2KKfCQvoKrJSjpjFzVRT8YKCN1xcpeWMlObyfmY8TS_cYXLc7Uqx6rmQmdo4oz1Boum9j9COVHe4HAxpuIVKCK-HWXhl4FarRr8HcZAIgc5PlKfnYIBrMCVs9qR3x3PV6Ea-7ypcZcyZB4SLvbXEteTsPzvP2g33A5JAVwXiV-syCwWpCwO1O8nMv0kkJBhz8jl3F0R29Kj0offBW7073ePw22KcYSIW6OT-CoTQw3UWnjL1VDyaDa3etxar3AgmryEzfk8L2mZmKkwFHxxThYrfA_XvACFtVh5ST5yKLywvfqD_jngqhRNfVO2Zr2VNoUBDxBjdgJFknDQpGpkffhLlYy80zHOHPpNLb7RgkvcA2oScTmvdmyeHVKxWU41KHp-v8eEBIKFtBqsK3UmEdSkOQ3LFaONi8MH7rJ08pmIU6wbGLKCL4zAHhqmMlsfgIOJM9SrEAqcrIg1SaKXp2ztb0w0efXrIFZluAkpV2YN7yMtrOgXeGRDDaxjY-Kmc-7xQEjfJObY2nnPFdVQWQWm7SG6PoYaGbo7KFjgRjdEMTmGFtaeSu19XVa5OptqD6cv10Rg3cWGRSaXJzur9tPr1jBqsD4KPEvjzl0inp23hQPcoQN1R5NhDt0DKqc7UdJ8uH0obd5zOHMbTL5Vdjbb_YfxGETzEq3shUYfrMUx835XNwWaKQa-4svFa_P4IyJTJSK68WVTxG-grXi1vyLnceX8wDdtS9P5V54bUhnGllh157-vzB4T2O-bBSHE39gzBeBTZlzrA4roSRyY3a7ySlFApu4yN_murrCBLh5gGZFj_uhgqWeq1MYVOrVlWAuSTIbJyKfsQTyivzlmuqwRch6khmG5S-AyBj-bf7yQld3XYnIK3TXi62FBB7QJE-VvZcYZrW8I1oiN6jSiQal9SBseN-Rz5ktn16PNat9BtyUbxbLD5WqMlnnzS7H0n9xG0iBLKhYGPJb-wRThmk9U4APS9YoRfp2YV4yvR3gdWG6EDcbhbjbwcssVaWESFoxWlpS5TUBovF42K5-kiX-59Dj2SaU9xZLQV4HkdTA5rFajiFvp3r1z8Ftuo7gay2E083RjcUyU_6m3GpBjMa0jDwmHFaUf-17pQETmWBZ8qvNH2flNTA9xcKuiC74svnVB9br8BzCP85615T43-pD1I14vvukMVUk-Lrg6b6kQU1zn1MGmAFBMziB3ulnL0GlPodJ97n0y7XYe7w8JL1wCBbRfiiw75nB1P4-9rjKti7tfj-M6C_6vdvnvLiwWsdhF3ore-iKBhcT639V3JEHhfsZ0KWoBbOQ-HsaYHfVZFQvPLLjtz6Tj2Kk7prAKuEsU-wVpmVEItg2g0ah34reChBhg0LxTdufehIW2mAJP9xWSZAzHOA371WkFQjO1IXgksmj3AlDmKlvhIZ9alBvSjp9cXJCfkuBWVQ7t0YFi4e-LeR6B8Y0DqtGsb7hdo8bZyNaenfGPi8itqPpRdlH2XjVCbd6OfBwdJ2iDidokjlZYAJNGZdM3hyw5NuJ1KeRUNWeAntowuHsT2WUmAQFs0oa6w61SANUeWgBwoBub5GOq3SksZSo5x1g2QpNmeUkJbJi-7kldZgAC-1p2129AviXe1G0OdEqQ8CnTUlNTAvLPtemCgnTJWCkXOUXcFLHTVupEb1Xa8oOcbELy4AWBnTsIaoky2dfWJB4FysQxbu3aM&cid=CAQSTgAvHhf_oEov7K836rajKSQGedXnFUS-cLmlBvlZr-8eY8CADHU6yhQAq03_z5V92vs1OgjgNGM_pZCuciOreO4PyrqP3_DIQ9ZgekIAqxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.geo.tv%2F&ds=l&xdt=1&iif=1&cor=1700859245046199300&adk=250412561&idt=67&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:36:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 03:36:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame B31D 31 KB
12 KB 38ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 20:42:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B31D 41 KB
14 KB 39ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 490309
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 18:05:08 GMT

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 78CF 50 KB
19 KB 48ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 09:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 09:25:36 GMT

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame F6B6 50 KB
19 KB 49ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 09:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 09:25:36 GMT

GET
DATA 200
OK truncated
/ Frame B31D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a09494fbf9a48f3fde50fe3e84359981d3dbfaadf1e21664f09a11ea87aaf37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 73E7 50 KB
19 KB 28ms
12ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 09:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 09:25:36 GMT

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 8CC7 50 KB
19 KB 29ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 09:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 09:25:36 GMT

GET
H3 200 EKSTRAORDINAER.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/ Frame 8CC7 731 B
760 B 31ms
15ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/EKSTRAORDINAER.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba07f094c709ea7444fe19014c455893ceca8eacdd4342c1418e9f9222310b4d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 07:07:35 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 25 Dec 2023 07:07:35 GMT
x-content-type-options: nosniff
age: 270562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 731
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 17:21:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 FRAME.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/ Frame 8CC7 154 B
184 B 33ms
18ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/FRAME.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457515d82c32215c82aa21bc7f1bfc6073740e9ee8120f3bed1ae21067ccb9c9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 07:07:35 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 25 Dec 2023 07:07:35 GMT
x-content-type-options: nosniff
age: 270562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 17:21:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 SALE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/ Frame 8CC7 872 B
902 B 34ms
18ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/SALE.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f20f2ae62146f59276a9bb2e8a12dd0ec978bba1156639e8a810cad9d1766c41

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 07:07:35 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 25 Dec 2023 07:07:35 GMT
x-content-type-options: nosniff
age: 270562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 872
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 17:21:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/ Frame 8CC7 820 B
849 B 32ms
16ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/Logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a55e8d9047a4c39a00ab6c6b242ca8ae070afcd5a54f6ab59062292663bad4bf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 07:07:35 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 25 Dec 2023 07:07:35 GMT
x-content-type-options: nosniff
age: 270562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 820
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 17:21:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Logo2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/ Frame 8CC7 823 B
854 B 38ms
22ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/Logo2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30a17dfbc9e2dbdd1f971a430d86af584af2c9d492001c3a39f7352c6866f0d4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 07:07:35 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 25 Dec 2023 07:07:35 GMT
x-content-type-options: nosniff
age: 270562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 823
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 17:21:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 CTA.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/ Frame 8CC7 2 KB
2 KB 36ms
21ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/CTA.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18d515fd2b5266e775d62ceb901a69c09885a314fdde9b197269029776cb3a7c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 07:07:35 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 25 Dec 2023 07:07:35 GMT
x-content-type-options: nosniff
age: 270562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1706
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 17:21:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 TXT4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/ Frame 8CC7 3 KB
3 KB 35ms
19ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/TXT4.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0952990780a78c881b6d25d5130d83d147ebd2cef45ef2e6065d18870310da

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 07:07:35 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 25 Dec 2023 07:07:35 GMT
x-content-type-options: nosniff
age: 270562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2887
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 17:21:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 TXT3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/ Frame 8CC7 2 KB
2 KB 37ms
21ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/TXT3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c40a1414dee65a7bb21e61cc6ba9ef15d54f56889b7e6fc62d11fe27f22e6180

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 07:07:35 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 25 Dec 2023 07:07:35 GMT
x-content-type-options: nosniff
age: 270562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1712
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 17:21:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 TXT2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/ Frame 8CC7 3 KB
3 KB 35ms
20ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/TXT2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb45b1b2898586d9b599d50a8892a45a7513086e98652ff6862f390aafebbec

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 07:07:35 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 25 Dec 2023 07:07:35 GMT
x-content-type-options: nosniff
age: 270562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 17:21:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 TXT1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/ Frame 8CC7 2 KB
2 KB 41ms
25ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/TXT1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

327556a594ffeeb540e83451fe9d8fab30224cc5e4abcc41f9e2291fdd137d16

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 07:07:35 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 25 Dec 2023 07:07:35 GMT
x-content-type-options: nosniff
age: 270562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1755
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 17:21:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 IMG1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/ Frame 8CC7 15 KB
15 KB 39ms
24ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/IMG1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6725ee11cc0985355ad6e7df221385e819dac9757626d89acc1693573af4bd5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 07:07:35 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 25 Dec 2023 07:07:35 GMT
x-content-type-options: nosniff
age: 270562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15680
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 17:21:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 IMG2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/ Frame 8CC7 23 KB
23 KB 40ms
24ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/IMG2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0db68301de313dc4ced15afb3a42641eb7563a0514c32e61ae364df01efc57c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 07:07:35 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 25 Dec 2023 07:07:35 GMT
x-content-type-options: nosniff
age: 270562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23301
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 17:21:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 IMG3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/ Frame 8CC7 37 KB
37 KB 38ms
22ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/IMG3.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08d167dabb7c136d3ad87dc3eb93934b1f5edfdc1ceb0c4c9626ccece78b1604

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1438972446015316576/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 07:07:35 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 25 Dec 2023 07:07:35 GMT
x-content-type-options: nosniff
age: 270562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37517
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 17:21:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B13D 38 KB
13 KB 24ms
12ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 174699
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 09:45:18 GMT
expires: Wed, 25 Dec 2024 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634096/ Frame 4291 256 KB
77 KB 80ms
37ms Script
application/javascript 108.128.252.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634096/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-7369466212570555&ias_chanId=1&ias_placementId=20338656165&bidurl=https://www.geo.tv/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iVX33YbeNlUMl2aHVUd_Y2
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.252.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-252-65.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: de7c886e15e57293b0119b2c9b81783d7ff559ad7b2dcc63036201b7417fbbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4291 111 KB
39 KB 48ms
25ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
Origin: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 06:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 06:30:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 4291 11 KB
4 KB 21ms
11ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ArKtno8KwyeCvi1m_YPENN517KvE37yUZL3VhMmZISX_FW0BIAmV_PBRIYaHcOQLy24XEf33uDsHdtjSoxy4cygBUyNiv_-Rwe08bPTf1W2iEidi1eNm6XiVW14UW2ksEuP_Beh3tk0QrqOD-wBWlq4Hdosk8YWaClLLQZPq_2BdFbgQE&dbm_d=AKAmf-Brc4Q_dmiVwos0gtU0oGvDvtPOSXDleLg5bhd2-lylK9zgs1imRzLzx2tp1yp9izrgZPiGN4FXQRZm-Auxx5MHK5b3wE36OaVueVB38mgt7tNvOK4kJi-SuUKXvZz41cB-UD_yoK76-3s_x4VDXmkto5wXQPVlHhOAzp5xvVm51jjG32Rm4JPRtuavLb5Z9G31mq4Fpnv6MLt73zDkSCGFxbjOTbmP1AYAr2gPWXzqxR7t9zMlOfgUk9sDLwo381dogp0A_VNOaoDPpeh3IVWrN8BmWrH3Cv2-8H8qBHgkmavuwEqoqwWBjlnmaeY7g76NcQnxTsl0ZR0RryHyYMvLLbaI0WEdEr6AhFCMAqDjYpfcJpR_nvaerwHXwjGVDdwRziOZjFZ4VnsD9kzQWnsGdbAJt7BoK9L2bgh44wjgisrUVUAFl3wssWRt6D8lBOoRzvrQ7ICiymyewErRunH3LW-enSQJvyNEpKJfQA7k7oOiueyjBF5l5agGYROUwTIzwIcqL4dapzmpgu_ndfNyLbqWw9gPYM2E4a6p9YBmkwkS11oPsq-eGrkNyL5ZkZwRBol0tm0pEueqH2PNQVG8IPq1Y_2iKvBGAhU4rGA46Qr8DuUs8_9RdYqfvObg3ncnfJBs-ieYeW7aGPp03RpmfsN89nioyTqi6K3ndryvaT-ArOXGaTa3frjeYaC5e5CRIWaZIJJ2Waz9QATtFRs6OiZA9_fKUFikOn-HjyGcodJ72OVZKPYOdEhj0WgVO97QD3X7cY14rT-1w-K7_tkojGxpD8qSQ290ycNpUTnhDGcuq3GuItOyH1HQVishQiSOrJSEJeukmS7-MhtG_ur8JELcxyP32-yUa55JQQPFxCpcOhSyRXwTs8as06Wkr7j_2fYmvVRv-CBrhw91jLomVldMQpaA6vXfnOYAUY_TMeHPurzEy2HXgoPduFWiiLuSrc_gZnlcWTPUe8Y0Pf1WoJfYCRSVNSgQV54cVBtkrsjghhQH_OA2uyUEF-aoTKzI2HdNAzoqYe2EQpSx3SkbsjsbDrZEYmuv0_IIYeaL-UQ20ec25jP33ofwj9P4GptJ1TJ3KwYjLr1O2qF-AOXs2Foe1d6-CSRvowgxmxhN-it4P-lqtJGBAafOO1Qsz8FIg4FMDaQd2rsbCGZAND0es3pJUgF8K7FtjZxzq-NfPPy0k6U8PlL4kTTsjm_JbQ80FgDGjjFfAsI_OYD7gFV95i8NNAcTOuxJ0kGloFyMluaz-5IsaC_diWi2bR8GlAZzNCo5K6ZstrQWDvJRAb1SFGdJVXL6idnP3YMoyyYHyFV6yV8wCcUwCwtauDxP9KgaYhDc-_IaEzESWhDGxOjRT57HBlk4LKICAk6WXpi3yRu4lB2Kh1PIy4QtBlURmsjeR4ixNLevXlPvr_jXLFEZAFxdSuC7r9kqkpyLI8ojmRcEfW96ZWH4hTBf9FhfHRf2eT5C1IUQaIsqt_j4iBYLfB3OsMmzXQLXHvnNMEGcudyKUyBYxwlUkoOXHKPP75lzlR7vv9gt3TxNuos9prSmAt3jieP57FAUSSguVwzH6nmIeJnZwucp09stFCO7Vr1NbIs5NaIk0MRK6PVCLAmMFHOL2C5ZAujZcQWT3mVdM0ooT8f0uCfoBOnzkDV56r4Rn2Sf4Tl4Ja5GLCKOn5Zn3gqFihpexPewrYRF8QAKh6oBrX0W5dzLgXZF-6vKLsZXR2JZ1CWHuH8SdMN0ePVrkSWggM2WO2hFypFlTLnqynEccVCJYGdQh0NiaSjXbsfqoAMvM4AlsnYJV48S2oVorGLHhK-3douArOx0ArL_bQAEARCqpU4yYRJN7MwIQlM01ryv6Ei0Ls5kJUDnvAS3qykYVABIqHqEALR1ZDYYO42YQBWG49AN10deku1cMrsHPSHkfM7FdIA29wuDx_ZKTNenBezcU4w3btys95Sxg9G760aIcJJl_c8KH7M39J2CwtXk1b9a2Xnj3DFV5cVnPZG0KXQ8mTjkvUePdxcTGERHvgDM9LmxzFbt_bgm4wEPYSlhjgDjX_hKdqSANQDrXSul9-rGGSPB-DZGB1xWmtm8k4WHGcsH6-OCYrTZhLnOPybHUsz163vhCcX_XwIX0jBeYiWnW-_AGJqvjfXCZ_Ll_ab-V7wBx6a5PiDISfmU9vFVcwMyfXugEyKGCrDD4Uom_kiU_V-mbZ3V2Fz0KOeyc_uboTNzAxxXvPn1GqJ7KklC5kIhOt9WWrUUEvdoC-WBfMj6-GHKzAqJRKkU4QOnqoCmwVv1D3dG1PPBooasvfeCKpvnbQKExFnLAYGYJbhnY2qVYOjSHkN1r2XX7c6xKEBiECEJofuLUAwm51kzQHm86LkZMXd43FEUVdM-ZLF7UuRAwTy7ooovoq38sjhcyIgSD6cfeLfft9h0w268vWPaihW1BRjVVErUp_BIcsyZjQ9HdPkECcr4N6A5DNeU_kTj99x8F59eRYuvW2-jREH8IoQfRI4WUSzeTm2AkT00Vk_ttjgA7t239OOmG7y11Zj1x2fJJn_QuvqcYZ-YjaciPPlTRpv_INHY_1erAiOjcaAk8pA-N-ckoLilrjnRUykOe03ZPyISq--VszKCJe9a6N0gjwJQASuLVrzPh_VTIOXw85QKcBlLWhUf5rusGrUym1zUOEJeC0Ep8iIqzbWib1Wc8gVPzNWMMLA3KPi5orGqnAw_rh6NtOaqO99pnFxugBCFhiZwDF3_FN2Q7OTiXWmQxNkx_9VlBGLlEpv0PK6tVjgT8V5BghyLpR26qkxa19ESsvYzikVjq8lCffmW7V2P3EjO4yDMAceKOzwWWST5_Fl9_HNJmNFXGKagRR8_I-DWwkH7iXM48Icc-dAqKYgZyLRGlvq3sxguvpYboNqPG30jWd6UKPibe60J5gqKsX7Q73h18bZs4EC_JQVV8viCQWVtTjC4M3U2oj5iT7M8hLSS0uW0V6WoggsCJUKInrSIeewCSAWwRXwxISp3uJPdT-LfKhqVa_tlHSFmgKeewaVyVleqM0HTVNF3lIktC583imaQCpGOqSHtbnsYGpDmX7Wb4wKhMWRIIADky_z7ioF229wTRMvwh3h76e1sCkPtX2drBIWBY33qNNeWlCNRAPkS48SSEA94xvFYYhOLN8TLzAepuMuY5YFgSbIMwlCX2Lldr_aiJveu9NgLDEIS2XvtduLMAwPqwopqG-Fx91G29grLk98DunLrFxgJf6vB6i9nQ1sdYsnSK2SK-wf8CJRN55FgcA4fdPuaFpRjmSHaYbE4OHaK1HVx0zSvGPRcIx50FgbVcd-Nq0GFWWMJ4Kh4W-AtN4dVg0ASXc9zPo0qVIXUo3RiSIjJaSQcP5tLRzsHoJH-OAC7J9jl7CK-sM7WTErfUnkdT24O0usHyifFPr2D5AuvqGukryBaRnmzqggy9GEGYIygPvWCDgrfsxbd_hy6nkDiQsYGcHsUeS3SeGRe--DpDcQRmis-YXObJGyP2NKBJdGMNUDMADEECdV4JJC1v6zYSXejbURJDanJAEc29g4CMv_f2yOR24BTYUQoS9L3FZ-de2dy3EuuiY0ARX9cbZiYAgjGIhEYmLgN1S9cqqVA3HzIaPDH2N_qIX2dPeeMK2whhKaCG55og9806YN44Q8ZDfbsKLcFHETVNa9SDD-YkyigypKBNREFmYIUeJIb1qcoQr6afI6hS_emSkMJXoyGAZsuiiQc1hOCU9C7xpKWt1gzBjavnV_uA23nt4hkYGRdyw2zixqLCpuGHgxPpRObkST4HMQcxzOMNQPt2Buqb1pYv-WDreTPXC4ZMPUtL7DnZe-YZ2F0bgCuRNzUW60-nCjPzhhvh6z99MVIxpazmxHtZjUSynipHYCaowwx5FXePx9FhHR09i6Ut8BQmpAHnATsqw3_wrD880Fk_VTDvmRQivqLpQJY4XtLDicrBEEiywIoY0CKPvWRjnYm_bhdayK_qO9pEWg6B9qe-n3gc-be6XkKIYqvrMGE9IazuoCSlLFh&cid=CAQSTgAvHhf_oEov7K836rajKSQGedXnFUS-cLmlBvlZr-8eY8CADHU6yhQAq03_z5V92vs1OgjgNGM_pZCuciOreO4PyrqP3_DIQ9ZgekIAqxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.geo.tv%2F&ds=l&xdt=1&iif=1&cor=14941335946398915000&adk=497053792&idt=149&cac=0&dtd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:36:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 03:36:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 4291 31 KB
12 KB 19ms
10ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 20:42:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4291 41 KB
14 KB 19ms
10ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 490309
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 18:05:08 GMT

GET
DATA 200
OK truncated
/ Frame 4291 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6183113481142bfd364a6a78c99207f86c54f53d58aa46bb86252e7fb45a0e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 thirdparty.js Show response
www.geo.tv/assets/front/ui/js/ 224 KB
66 KB 26ms
25ms Script
application/javascript 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geo.tv/assets/front/ui/js/thirdparty.js?ver=133
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f52ea14d7a4a00c25d15eb104b88c0ced96e2279e194a8f7bbfe6b80e80be6cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
via: 1.1 varnish (Varnish/6.0)
content-encoding: br
cf-cache-status: HIT
age: 3917022
cf-polished: origSize=229655
x-cache: MISS
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 10 Nov 2023 12:05:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 387539063
cache-control: public, max-age=5184000
access-control-allow-credentials: true
cf-ray: 83c90d00ad9d6ae8-FRA
expires: Mon, 26 Feb 2024 10:16:57 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 73ms
43ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 10:16:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 72ms
43ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 10:16:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A8C0 38 KB
13 KB 7ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 174699
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 09:45:18 GMT
expires: Wed, 25 Dec 2024 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12784067222800087067/ Frame E0B0 141 KB
22 KB 21ms
7ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 551741
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22859
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 01:01:16 GMT
expires: Sat, 21 Dec 2024 01:01:16 GMT
last-modified: Wed, 09 Feb 2022 10:31:32 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B31D 0
0 107ms
54ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstnU3u_v0Fc-vCL__yxGJrzAwWgKTkksn1bEECoaOyJ7wDHoAFKBOYdPWKAwpsfLR-2numOa2rS6BCiUrj4gB6KhQCS3T-DsukqP5sTrwvNqaQx4YpPN5EAZjVKjdeECoBVn_VaSC7RGrhCYz2P3DdJBq9WxDo4kms9XNQFW3dZWIXYtqmKKKXYamPd-sdeyQf-mqO46YfEYdJdDTASHgzTlkztf-NMq2B_sk0CkoY7LdomcNkc9PYVAIZmVvphYx1Rd2tTbvIaqpW0km5OrQ0WPAUEc0DRQoYlMFrd8QqSR2krcJqcNckWeCyR0ru-Tl9Wh9OQhVkmrywVDKM2GgimHLbk8sKEP1DPMc992355SqxnLzkQYQxXMuW9ZjhiaHythdeuoWDBTXMKiLyp9Fqrohw3UXtL9yeDojOtjwcGIXPW58RqRUY2ZW8Qs2EPCK4t8mz4Ux3tUFJULmvsWz1aSWAvWJI8T3gCXtlGEmWksP4u1fj2RTvnRMoDkZzMEhI2BD6aupghdQ8HeUfIka3TEJ58NRbA9OpJKBXMNJjthEMkB__VJgfR4FDy9DLoIg8BHg3UVeDn4plq9ShImFF7pZ0OUdqJ21LF0aLGawe87PcZzaW_Pu-bI0Pl3tO2NVlMTAKUNDAsGSIMFJ1SqrGqM61ABOdWaZLgS1yRugW4KPVDUsF3dCiODHZg9aOS5F4pySnBKS_l7RPJYon9kIrnH2n8_PQaQfGZ0zvCsD7nD6NKdnIymTg--2SWysE7Ee07ZcS-7B65tmjStU2BVxHpTNT6w29f5J_YzlKbDpPkX7pMlTxG-XGMFr8RLsA3vDLWRqp-6a5w0mKuP-9iHt8n7F3N9r9Ca6RSCxH7AOy_jJGe2Hj6q8vcHdK4R4_Rue6bcTPatapT3FFgUkm10xeqzcsyjwRbMHg9Un6nSheZyD4SS0zJ7RzUyB-ma-I2Ek2tW-cXBmPlohdYYf3INzmaIeRyeC6pOy4Yagk_Prnov2bn_7iUo6-pma4A2x0VQdaSbFkPmbTi527N8X1D3wGcsmQbUQFvTlIOg-gAphc59Vkhlg1CIR4gOIiz5B_tN8wd_7RJqqIdiLngnFumrcj0fVijG5h0xEj3nRY31e_a47J6aNqXQf1ZKNEo6TxTHfgJxtExTYafEz8XI1zgbjs4L2SaauYkFMAYKVFmCHKtxxNOSc74x3MP14zDP10GSp-MSx3ln-9aSx93ez54jSr-AEeCGhgznsE8n3L1ueJKQHUue2Is1um7bFplt-qriwYZx1hOT2KBMuFrpp0Q2TVYmlAAA-WAtwU6CIt5AKss4Jgle_rfb6fbI5nv329H73nCRnHkA3krUE2YiiXA_OrK47V3oDr9iJJjYQ9GQgjcb6x4G2fX4ZQYTF4Qydq46_DNkUWY7c-HNwoFl3L6a2s2aAZ6VQpHiAzATFrNPT64Pkl4H2dxCkueEMeynsPkbyNQgq9rX3GsbV4VSrV9lqhDRh4Urw-DDx-u&sai=AMfl-YQxwyu3EW3OoocsYuzd4ciZS6h9bt7s5YyA6eXJCWakU94Pu0_ywE3X4ePvKlsCo61aFRf1SHrKKZjzFuIVJtSQGyPv0Yc1bdWW-fzM6WSZEmLzbTH6xERYxAQ0MvVpDj76TL7RLfG1h37l2Q56S4UJArn8SRwWR--AloiR-Ac2C0HpfuOCuJRGjC9y1ZCUMsfy2nBFlx0IoVVVc4dsIk6FAEzt2xX6hjfkZkNezxve0JSM1f8C8FrvddenvRcdLiK7AbYdO0cl77JeEH89HFBAzoK0SI88KRH4cDP6HdoZz74N6dClgEAagnW-Fg&sig=Cg0ArKJSzGvxgDJcjToiEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=224&cbvp=1&cstd=223&cisv=r20231207.62094&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 28 Dec 2023 10:16:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B13D 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 08:28:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 08:28:14 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17990266662471768200/ Frame 621C 141 KB
22 KB 15ms
10ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 227423
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22865
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 19:06:34 GMT
expires: Tue, 24 Dec 2024 19:06:34 GMT
last-modified: Wed, 09 Feb 2022 10:37:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4291 0
0 96ms
52ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlFZwlPti7_6NG3M_Ry84hVb1rgEOJmMtRl0N880-d2WUteO0Tb5KsXKuIM7HpxiKdj5PG7A9rXd_xq38o2yZApFiOJndD_k8d6s72eKzH9h3n_tTyG4OXRpbD1GGZmx_QDDxs6Uv4GXH256RZepj1w3zUgRQf28pzVXasyhpoT-nRmAWU45zt8yygo4vWj_LCf1H5giidvXZb71zYwMKCAzSVUnhaGeJjyAQyIkWjsErUddovDlbxJMjZ9c2dKHJr4eXtzQQ-5BvRXnedko6bABJ0EK_Y5NXdXg14KHbRjQz18nogAjxhmjEF6NyUeWuUTN_fIaHRfgppU-En9e9yoT_uQH9ddfXl6DLc9D4ZwquBd0C3rpyQcRWqw89n7g3PoHSmARET6JNCjRXb65LmaNc4xEk3hYCPSXynpvF-PSasrQEUR43AbSvaNJTTNeW0RlKQ9oHWcQ4MXZHmBLCzRc153LfctgI-uoykqu-SVm_1yS32wfmZaQjhQNvX1O4Q_qaJ-Wv9BeJ1o7X-RDBMDK-NqQJzDubMQunUjfOHsjQSkXiCi5OLW9S5D37YUIHeadTrrMEK7qYFangUpK--80LV-SWQeXOdi_9mTnkYxB_0H6TPrVabf81fJBr62UOmKfIlGyJ4otQF6ZiVmxRGhlA9geKqZp5upj7F1MT3UfuKdFWeiWOruKPHOYFtmZTc3EKm99XrQC0qdtgiQqeGPIKiE-q89mMJnIz1rqonNSVbMY9pbkC2bM0GfjbWNYcwN3_P-yIP5jfxmWRbNqkCmvU6okJUyhMsNf0P8U8f312vpCTeGJPaCbLe3pZccfVgkZ9_xApZqmc4bwbeNJacVA_vqihc6OO28gf1do91bE__GI1ocYueqLhbQ_tN7HPsn6jea232ZvFWWq4V9GsWv6mlwotn77YfpX2NzdpV1GVyrijwFqyaRuUptCdVn3EhJOLvSxfh_PZk4Zxy_fcQBA6s33QJv4SWLaFg0qM-gFuParhl3nRSRW8QdnBrPxEOQldABhNZ3sODU2JeAogZ8uMCy_ny8guocsL2I3kSN702Df0kpVeeYUvxe2W25jUEpmJTM44Hd-_t0fmIZmIXnGZCZ8pn44BJ8apZGUWyiqkHrz1rnCYgE9NSbjlsmZnbQcEDrgOjCrJX2sWsnM9rrHyHrmpltSNn18a9DLyvKCdmsEdzJOy2H4upLKe7rCIBmUgXFHIdgzze5gYJ4WlGE6dqD73B9GpBmElQGzmO2jkHWIEE-1Prh9ghTtYCAiw5hN-deefqzhxvsFB_daz2_zUk1URQ8twds_DmHG_KKUnxD3PHjGHe_z9CNq70McCoJFpw_feFqSyfCe9oskz5HM0686rCqbSa3dgHQjwsn6j-UPZfDFgbB3ClTuPHBLfdFcAFNzETUeJIMjjxzCuBK_rBqA3So3GyaXmWxycVsPgbkn1m63CPDm0abRoV_I_8B266IVRZO35-f9sit7oGPKLDgtaKFIODsBw&sai=AMfl-YSAovT_jlIAAuG8TVjSWWcwFl5GoYwY0X5MVwNM896nlYCJ4ai45MrFtlSguZi-qJ922Ht0R-Ukx47URsGVvMmgybY31TDoysB4g83DlBK6udUvjaYkrc1Ycps25ZmyI2bld3vaMLIYfH_qlCaSplRErxTpoxY0u752DIc-Y83BX1x2WN7p7MaFSzvX-MrLR_qS5glmSKdgwa8--Ub3zMqZuuzDUAmKcO7jzA-9KRsmq96B509ynbH6DUvqackoG1VR0a5y5gsc7e2J84VHDP0fAT6l2hGRUzK1FpSjZjkJKmDr5t_GDEKZWnZ4TQ&sig=Cg0ArKJSzLPVGMFLMEAmEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=158&cbvp=1&cstd=157&cisv=r20231207.82937&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 28 Dec 2023 10:16:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame E0B0 29 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 09:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4405
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 09:03:32 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame A8C0 39 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 08:28:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 08:28:14 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame B31D
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-7369466212570555&ias_chanId=1&ias_placementId=20338658787&bidurl=https://www.geo.tv/&ias_d...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

7ms
7ms

Script
application/javascript

2600:9000:214f:8e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:214f:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: wqioRwQ6PjOF0ajiBJeUY9WeHXPgiZbY
content-encoding: gzip
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
date: Thu, 28 Dec 2023 04:04:10 GMT
x-amz-cf-pop: FRA53-C1
age: 382402
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 13 Dec 2023 19:37:38 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: ybTqxLZjFXDAsZVP1_HEBaI1pXboOU0tYpL974LY1XvzfnHBJQHd_w==

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
server: nginx
x-server-name: app15.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 717B 91 KB
23 KB 33ms
7ms Script
application/javascript 2600:9000:214f:8e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 8503667
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: tYhHM-JY7e5yfZD15H0zcVvrX6n1-Hfj1g7LfJOsYQeKfyxYNoqiog==

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 4291
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-7369466212570555&ias_chanId=1&ias_placementId=20338656165&bidurl=https://www.geo.tv/&ias_d...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

7ms
7ms

Script
application/javascript

2600:9000:214f:8e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:214f:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: wqioRwQ6PjOF0ajiBJeUY9WeHXPgiZbY
content-encoding: gzip
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
date: Thu, 28 Dec 2023 04:04:10 GMT
x-amz-cf-pop: FRA53-C1
age: 382402
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 13 Dec 2023 19:37:38 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: uLNh42SXcJ_-m8arDDtyHDzuZIRod66tljh7xV1H1rjcYw7LWtKT1w==

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:57 GMT
server: nginx
x-server-name: app13.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 8E95 91 KB
23 KB 8ms
8ms Script
application/javascript 2600:9000:214f:8e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 8503667
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: ZXrC6FAXBhI797v-CFSfPsBZlRvwRenXqoL2aJ9r03ojT4ts8as8iw==

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 621C 29 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 09:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4405
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 09:03:32 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B31D 43 B
215 B 717ms
356ms Image
image/gif 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=d8c28867-7306-2dd2-3251-a9649263ddf6&tv=%7Bc:y5Aarj,pingTime:-3,time:88,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:88,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZJbwSN+11%7C12%7C13*.987057-61527017%7C131%7C132%7C133%7C1411%7C1412%7C1413%7C151%7C152%7C161%7C162,idMap:13*,rmeas:1,rend:0,renddet:na,siq:18%7D&br=c
Requested by: Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:58 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B31D 43 B
216 B 532ms
175ms Image
image/gif 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=d8c28867-7306-2dd2-3251-a9649263ddf6&tv=%7Bc:y5Aarl,pingTime:-6,time:90,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:90,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B85~0%5D,as:%5B85~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZJbwSN+11%7C12%7C13*.987057-61527017%7C131%7C132%7C133%7C1411%7C1412%7C1413%7C151%7C152%7C161%7C162,idMap:13*,rmeas:1,rend:0,renddet:na,siq:18%7D&tpiLookup=ao:www.geo.tv*&br=c
Requested by: Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:58 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4291 43 B
215 B 708ms
355ms Image
image/gif 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=998c0d61-bed3-e16c-948f-cd1813649c4b&tv=%7Bc:y5Aarq,pingTime:-3,time:50,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:50,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZJbwSN+11%7C12%7C13.987057-61527017%7C131%7C1321%7C133%7C134%7C141*.990511-61634096%7C1411%7C1412%7C1413%7C151%7C152%7C161%7C162,idMap:141*,rmeas:1,rend:0,renddet:DIV,siq:12%7D&br=c
Requested by: Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:58 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4291 43 B
215 B 527ms
176ms Image
image/gif 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=998c0d61-bed3-e16c-948f-cd1813649c4b&tv=%7Bc:y5Aarr,pingTime:-6,time:51,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:51,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZJbwSN+11%7C12%7C13.987057-61527017%7C131%7C1321%7C133%7C134%7C141*.990511-61634096%7C1411%7C1412%7C1413%7C151%7C152%7C161%7C162,idMap:141*,rmeas:1,rend:0,renddet:DIV,siq:12%7D&tpiLookup=ao:www.geo.tv*%2C6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com*&br=c
Requested by: Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:58 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B31D 43 B
215 B 517ms
177ms Image
image/gif 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=d8c28867-7306-2dd2-3251-a9649263ddf6&tv=%7Bc:y5AarC,pingTime:-2,time:107,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:556,beZ:556,mfA:558,cmA:559,inA:559,inZ:561,prA:562,prZ:570,si:573,poA:574,poZ:587,cmZ:587,mfZ:587,loA:645,loZ:647,ltA:662,ltZ:662%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:107,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B102~0%5D,as:%5B102~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZJbwSN+11%7C12%7C13*.987057-61527017%7C131%7C132%7C133%7C141.990511-61634096%7C1411%7C1412%7C1413%7C151%7C152%7C161%7C162,idMap:13*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:18,sinceFw:87,readyFired:true%7D&br=c
Requested by: Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:58 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4291 43 B
215 B 690ms
354ms Image
image/gif 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=998c0d61-bed3-e16c-948f-cd1813649c4b&tv=%7Bc:y5AarH,pingTime:-2,time:68,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:538,beZ:538,mfA:540,cmA:541,inA:541,inZ:543,prA:543,prZ:546,si:550,poA:550,poZ:564,cmZ:564,mfZ:564,loA:589,loZ:590,ltA:605,ltZ:605%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:68,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B64~0%5D,as:%5B64~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZJbwSN+11%7C12%7C13.987057-61527017%7C131%7C1321%7C133%7C134%7C141*.990511-61634096%7C1411%7C1412%7C1413%7C151%7C152%7C161%7C162,idMap:141*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,siq:12,sinceFw:54,readyFired:true%7D&br=c
Requested by: Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:58 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B31D 0
0 50ms
49ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstnU3u_v0Fc-vCL__yxGJrzAwWgKTkksn1bEECoaOyJ7wDHoAFKBOYdPWKAwpsfLR-2numOa2rS6BCiUrj4gB6KhQCS3T-DsukqP5sTrwvNqaQx4YpPN5EAZjVKjdeECoBVn_VaSC7RGrhCYz2P3DdJBq9WxDo4kms9XNQFW3dZWIXYtqmKKKXYamPd-sdeyQf-mqO46YfEYdJdDTASHgzTlkztf-NMq2B_sk0CkoY7LdomcNkc9PYVAIZmVvphYx1Rd2tTbvIaqpW0km5OrQ0WPAUEc0DRQoYlMFrd8QqSR2krcJqcNckWeCyR0ru-Tl9Wh9OQhVkmrywVDKM2GgimHLbk8sKEP1DPMc992355SqxnLzkQYQxXMuW9ZjhiaHythdeuoWDBTXMKiLyp9Fqrohw3UXtL9yeDojOtjwcGIXPW58RqRUY2ZW8Qs2EPCK4t8mz4Ux3tUFJULmvsWz1aSWAvWJI8T3gCXtlGEmWksP4u1fj2RTvnRMoDkZzMEhI2BD6aupghdQ8HeUfIka3TEJ58NRbA9OpJKBXMNJjthEMkB__VJgfR4FDy9DLoIg8BHg3UVeDn4plq9ShImFF7pZ0OUdqJ21LF0aLGawe87PcZzaW_Pu-bI0Pl3tO2NVlMTAKUNDAsGSIMFJ1SqrGqM61ABOdWaZLgS1yRugW4KPVDUsF3dCiODHZg9aOS5F4pySnBKS_l7RPJYon9kIrnH2n8_PQaQfGZ0zvCsD7nD6NKdnIymTg--2SWysE7Ee07ZcS-7B65tmjStU2BVxHpTNT6w29f5J_YzlKbDpPkX7pMlTxG-XGMFr8RLsA3vDLWRqp-6a5w0mKuP-9iHt8n7F3N9r9Ca6RSCxH7AOy_jJGe2Hj6q8vcHdK4R4_Rue6bcTPatapT3FFgUkm10xeqzcsyjwRbMHg9Un6nSheZyD4SS0zJ7RzUyB-ma-I2Ek2tW-cXBmPlohdYYf3INzmaIeRyeC6pOy4Yagk_Prnov2bn_7iUo6-pma4A2x0VQdaSbFkPmbTi527N8X1D3wGcsmQbUQFvTlIOg-gAphc59Vkhlg1CIR4gOIiz5B_tN8wd_7RJqqIdiLngnFumrcj0fVijG5h0xEj3nRY31e_a47J6aNqXQf1ZKNEo6TxTHfgJxtExTYafEz8XI1zgbjs4L2SaauYkFMAYKVFmCHKtxxNOSc74x3MP14zDP10GSp-MSx3ln-9aSx93ez54jSr-AEeCGhgznsE8n3L1ueJKQHUue2Is1um7bFplt-qriwYZx1hOT2KBMuFrpp0Q2TVYmlAAA-WAtwU6CIt5AKss4Jgle_rfb6fbI5nv329H73nCRnHkA3krUE2YiiXA_OrK47V3oDr9iJJjYQ9GQgjcb6x4G2fX4ZQYTF4Qydq46_DNkUWY7c-HNwoFl3L6a2s2aAZ6VQpHiAzATFrNPT64Pkl4H2dxCkueEMeynsPkbyNQgq9rX3GsbV4VSrV9lqhDRh4Urw-DDx-u&sai=AMfl-YQxwyu3EW3OoocsYuzd4ciZS6h9bt7s5YyA6eXJCWakU94Pu0_ywE3X4ePvKlsCo61aFRf1SHrKKZjzFuIVJtSQGyPv0Yc1bdWW-fzM6WSZEmLzbTH6xERYxAQ0MvVpDj76TL7RLfG1h37l2Q56S4UJArn8SRwWR--AloiR-Ac2C0HpfuOCuJRGjC9y1ZCUMsfy2nBFlx0IoVVVc4dsIk6FAEzt2xX6hjfkZkNezxve0JSM1f8C8FrvddenvRcdLiK7AbYdO0cl77JeEH89HFBAzoK0SI88KRH4cDP6HdoZz74N6dClgEAagnW-Fg&sig=Cg0ArKJSzGvxgDJcjToiEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=400&vt=11&dtpt=176&dett=3&cstd=223&cisv=r20231207.62094&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4291 0
0 45ms
45ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlFZwlPti7_6NG3M_Ry84hVb1rgEOJmMtRl0N880-d2WUteO0Tb5KsXKuIM7HpxiKdj5PG7A9rXd_xq38o2yZApFiOJndD_k8d6s72eKzH9h3n_tTyG4OXRpbD1GGZmx_QDDxs6Uv4GXH256RZepj1w3zUgRQf28pzVXasyhpoT-nRmAWU45zt8yygo4vWj_LCf1H5giidvXZb71zYwMKCAzSVUnhaGeJjyAQyIkWjsErUddovDlbxJMjZ9c2dKHJr4eXtzQQ-5BvRXnedko6bABJ0EK_Y5NXdXg14KHbRjQz18nogAjxhmjEF6NyUeWuUTN_fIaHRfgppU-En9e9yoT_uQH9ddfXl6DLc9D4ZwquBd0C3rpyQcRWqw89n7g3PoHSmARET6JNCjRXb65LmaNc4xEk3hYCPSXynpvF-PSasrQEUR43AbSvaNJTTNeW0RlKQ9oHWcQ4MXZHmBLCzRc153LfctgI-uoykqu-SVm_1yS32wfmZaQjhQNvX1O4Q_qaJ-Wv9BeJ1o7X-RDBMDK-NqQJzDubMQunUjfOHsjQSkXiCi5OLW9S5D37YUIHeadTrrMEK7qYFangUpK--80LV-SWQeXOdi_9mTnkYxB_0H6TPrVabf81fJBr62UOmKfIlGyJ4otQF6ZiVmxRGhlA9geKqZp5upj7F1MT3UfuKdFWeiWOruKPHOYFtmZTc3EKm99XrQC0qdtgiQqeGPIKiE-q89mMJnIz1rqonNSVbMY9pbkC2bM0GfjbWNYcwN3_P-yIP5jfxmWRbNqkCmvU6okJUyhMsNf0P8U8f312vpCTeGJPaCbLe3pZccfVgkZ9_xApZqmc4bwbeNJacVA_vqihc6OO28gf1do91bE__GI1ocYueqLhbQ_tN7HPsn6jea232ZvFWWq4V9GsWv6mlwotn77YfpX2NzdpV1GVyrijwFqyaRuUptCdVn3EhJOLvSxfh_PZk4Zxy_fcQBA6s33QJv4SWLaFg0qM-gFuParhl3nRSRW8QdnBrPxEOQldABhNZ3sODU2JeAogZ8uMCy_ny8guocsL2I3kSN702Df0kpVeeYUvxe2W25jUEpmJTM44Hd-_t0fmIZmIXnGZCZ8pn44BJ8apZGUWyiqkHrz1rnCYgE9NSbjlsmZnbQcEDrgOjCrJX2sWsnM9rrHyHrmpltSNn18a9DLyvKCdmsEdzJOy2H4upLKe7rCIBmUgXFHIdgzze5gYJ4WlGE6dqD73B9GpBmElQGzmO2jkHWIEE-1Prh9ghTtYCAiw5hN-deefqzhxvsFB_daz2_zUk1URQ8twds_DmHG_KKUnxD3PHjGHe_z9CNq70McCoJFpw_feFqSyfCe9oskz5HM0686rCqbSa3dgHQjwsn6j-UPZfDFgbB3ClTuPHBLfdFcAFNzETUeJIMjjxzCuBK_rBqA3So3GyaXmWxycVsPgbkn1m63CPDm0abRoV_I_8B266IVRZO35-f9sit7oGPKLDgtaKFIODsBw&sai=AMfl-YSAovT_jlIAAuG8TVjSWWcwFl5GoYwY0X5MVwNM896nlYCJ4ai45MrFtlSguZi-qJ922Ht0R-Ukx47URsGVvMmgybY31TDoysB4g83DlBK6udUvjaYkrc1Ycps25ZmyI2bld3vaMLIYfH_qlCaSplRErxTpoxY0u752DIc-Y83BX1x2WN7p7MaFSzvX-MrLR_qS5glmSKdgwa8--Ub3zMqZuuzDUAmKcO7jzA-9KRsmq96B509ynbH6DUvqackoG1VR0a5y5gsc7e2J84VHDP0fAT6l2hGRUzK1FpSjZjkJKmDr5t_GDEKZWnZ4TQ&sig=Cg0ArKJSzLPVGMFLMEAmEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=343&vt=11&dtpt=185&dett=3&cstd=157&cisv=r20231207.82937&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B31D 0
26 B 44ms
44ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvk4-gtG8WRoBWN0Ey32URD9WLyNV-3byw6lDgfAJtjWJLwilisDhvPvkgZouCox4RNUy16YrP8aBL2p1sAdlNOxGrfDSx1uzEUgDbeb-FOPSYCO2er6wSQkD7I56nXPEcCIVOy8IapPdnh1yV4DXLgW4s54as-2SPye7fpH79rZPn4jKOWJ0qrDb-S7JMAxT5YI-XmmJ4Oe4ntpA&sai=AMfl-YTnjxZmB0HzP1CbspvD-ezkMELn2PMCg6z_ADi4GA5V0K6Y1QHNCzhbDKLWODdjyEtS9ZiNKlDGhkr-EJAJC7o_qBNzq-1x37illMqN3jx_-H13dvqrOu_GrRreHmBwgzjDo_OJhJVIdyLoimDU0hPk&sig=Cg0ArKJSzIENxglQ6OmXEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 passback_728x90.js Show response
static.adsafeprotected.com/ Frame 3529 3 KB
2 KB 7ms
7ms Script
application/javascript 2600:9000:214f:8e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_728x90.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4
content-encoding: gzip
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
date: Tue, 26 Dec 2023 02:50:20 GMT
x-amz-cf-pop: FRA53-C1
age: 199598
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:52 GMT
server: AmazonS3
etag: W/"696b4c19d35efd706805137a8a4b3831"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: _gwVO27s8hkBEvoY-nzAI4P4CRQLFqgzbeQpxlFBl4hW58lXp0D6NQ==

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4291 0
26 B 46ms
46ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthjm2W--yPLUVf26eodLaDega08dRlUlk5OPIvpBrFNWYUQJjVrrfORuB3SIkZtioiYfSopm6FSUD-RLW08gP68e7cEHjASdMSr0AC-ddsHZRAB7ZZgVS_-WsGXfi53TLseuWrB9MMXB0vwVr2yLim7HA_7ZiBG5ATzdHgiOeBt11j3C4c_84MtyADXdH16UocoL7E7QIHUEA3Cw&sai=AMfl-YRtLP4K3fJQdzpRozlwccMcvKtuiewk_1hB3qyivwNU_Ot_73tGqyfBx1g8WE_Bupun-mnWJTx6Kxx8cMM7lzREINnzCCMchM19QpaEcvFpAZmwmkhudv_XOXk_tHH_uY9DXmoQoaQx144dwr_k2I_q&sig=Cg0ArKJSzMO2t5FITljQEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 passback_728x90.js Show response
static.adsafeprotected.com/ Frame 562A 3 KB
2 KB 7ms
7ms Script
application/javascript 2600:9000:214f:8e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_728x90.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4
content-encoding: gzip
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
date: Tue, 26 Dec 2023 02:50:20 GMT
x-amz-cf-pop: FRA53-C1
age: 199599
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:52 GMT
server: AmazonS3
etag: W/"696b4c19d35efd706805137a8a4b3831"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: xWRdRPCvE8fvTOJ9CMKLw1_nNv3VqUfttUoB-pWdyg-owSK-fzUtAw==

GET
H2 200 IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame 3529 10 KB
10 KB 7ms
7ms Image
image/png 2600:9000:214f:8e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 4DcA1UddzZ2E21bAiUECQTp8M854Vxlu
date: Thu, 21 Dec 2023 15:50:09 GMT
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 584810
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 10216
last-modified: Fri, 18 Feb 2022 23:29:13 GMT
server: AmazonS3
etag: "b1464a7201f691a1e4cf6fc057919d7f"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: QCAsira6_Q814hwd4Q3VRJ1C9O63rLaBRc3vReplIz5-go6AJiDvbg==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B13D 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B39q2GUuNZbvhHYfT9u8PtdCIkAkAAAAAOAHgBAI&bg=!ODulO3TNAAY3kmNgF5I7ADQBe5WfOMZvHplQEvpgBHN6OqHoKalgjEI94HqaJZzFEG0UU5Sf8zfjboImKs9d3GHzGwrFAgAAAJNSAAAAAWgBB5kDJJ8YYTZXJf9sLakZVxXApQzWdiMGm-lFM4E-SiBZW-vMGWU3ra0XlWx1Riof9NGLh1EvVv-NGUJG9RgmktMGG3Rdy9hyQ_2zG53xNhFVyd1WmFTWADNTpAA9ANK_mlJUTkbDZLbiq3tsUZGozcG8KQZ9l8T1JURGM5tUdtBWQgmgrGnylx9gghsIUDTUjHIhfb7cg5mX8bL6PDJAts1jYa7GYo2pmFi2qf8iCIKh17hoL8P9WBS6ibFSrtwEb1gm7TJ7rCU7K-Yfx_uDo_hKDrJsAJ4pbHU0EhqdIMRHmoSs5F_nGm8XJj6KcQKE_ooHMvX2NPsfqDhBKvQ0qUnzohCSsUy6q9ev_EMbF7BfrTz76OKv_NAH_xbsKOHFqLdbpvbSQX41h9zp1VNylisneD7iIPZsArhyiSlz1UHVb1um_JBToc_3McKWSXwRKvDDPV22tzVx_Y5wPUvPTZQ3Y86Lz_BxdUnyJsqhuE97tamq5D1gQVD2TO2jI2ESougBbbe2Ru8llf9S3DPg0yXCEvY04yhKSxC0Cp37Jq9WE5ju3EH9PWZI0-EMS2abydA1vMrclhsW1obZeN4Y3_WoSkVYr1aiRu5trdJoJo98aizMTDEGGsnl-B__j6WUW6Tj5BmqB-588pXmlP-oWDuP60D-MT746qsoSJZ4lHvY8rmwgLSWAOGtKb2qr3E2ZUPJPT_M2CdLlXu-KLtWnangVmS_UczzlQiTuY98yahKs4Do6I-XilORAVNfkAWM3L-GhNxt3IAwHeRfqcHQa1NOPyK-F__WJkb-mSu0JKzW_hqh876n_WZl7rbM4uvm685LiWvTgeNC1uKfuk4n4FnOnVZcYnpUZaYaho_n_g9n_AvgSC3a4HAh15fgzgyB7oW7ip56HrnWFDz8yjnOD5QE2_yIRE3Ezkd_1Ul44fvG3Z-V69grVNwL7CbTKxLWHPwunAYJNxFgvsM1V6RSYShUmLVDjMKfJfWgD1J_BU2FuXNQYxTu5IOKGvsZhCh2sttt_--1rlvL5EoXt3MF1uEMfmC0qW_YRhI14I0tYwjuksnciohWOQ

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame 562A 10 KB
10 KB 8ms
8ms Image
image/png 2600:9000:214f:8e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/passback_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 4DcA1UddzZ2E21bAiUECQTp8M854Vxlu
date: Thu, 21 Dec 2023 15:50:09 GMT
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 584810
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 10216
last-modified: Fri, 18 Feb 2022 23:29:13 GMT
server: AmazonS3
etag: "b1464a7201f691a1e4cf6fc057919d7f"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: 6EuiZtpME06SpZY5cUHd4RRDVhUgHDdWc0xqXLfc_jWJB8LvgN5WrQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B31D 43 B
215 B 396ms
175ms Image
image/gif 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=d8c28867-7306-2dd2-3251-a9649263ddf6&tv=%7Bc:y5Aatz,time:228,type:e,im:%7Bpci:%7Btdr:135%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:228,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B223~0%5D,as:%5B223~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZJbwSN+11%7C12%7C13*.987057-61527017%7C131%7C132%7C133%7C141.990511-61634096%7C1411%7C1412%7C1413%7C151%7C152%7C161%7C162,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:18,sis:170%7D&br=c
Requested by: Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:58 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A8C0 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bw1FNGUuNZaDCIa7N9u8P-cCisAwAAAAAOAHgBAI&bg=!cHOlczzNAAY3kmNgF5I7ADQBe5WfOKV_4pCM9q2zmP0no4CaxhRx689SMoNLuT37n2T5oAjoPwSsmKjlKI5-9WdlqTrdAgAAAGVSAAAAAWgBB5kDfJL3maLLRcV66OohZ4uEPnx0-ypDGEFWAcngs9kThmJOZmnp9ZFDOPqwq_8P38EhaNKiodI14SuYXUNZL69Q_g9Xlr1gMYcK75zDLrwkIr1S5KAMkOBXNQ14t0UTAyYBMuar4kYmEyMJgv0p11bNY7G66N7094JRF0A7amS2_XhKEd94kLGLn_3Q9vyiVO9knBDgWNG9KSWuzszbmxS-lfTujj_jNYpcFKVAzBI80DNIfAiq-VgupSCtAmjp0SF2tX5-eoa71xI-cYLl6N-IX5cc16liRT1aHT-xRurAQk0fkdx4g-5DASZ5QOHQKFfvb6F5BtmBxpsvn9EwtBr_lN7OF1yJyi7zPofMM0Pr9ueXbnG23aLhERHfXzsV1v4czNcxzvQ5to-GJUG9yigqxCir8scp03bHI9i8rTt76vbOgLGMCQKH_nnIw1S72imEn4bk9r60_Opwh6RL8wF4yu0YTK3MgoR6NY1IvEKuUqShXzAUtKNh5oytVlD-3_xRNPjmj0GCW1j2RwSMpiiUS2Wa2wwA-c8sHaar--bTMkIBM6cy2Edri4vLctHU8AfuSGG4Aoz-e4zBbWcg5EIQmS1cc1OXxV7mEo8bMUXvVraLwMO-d6NKa0Ax9xEvaKth86UIiAkonn8SSO8NSbmCduY4l9Rs2dtGEcGjMGAdIz3LY2bG2n4JdoXdXsXjQghnUjN3E1dB4zCEpONfiwGY6VX43m6ZwwqUtf6S6Uuee-s5OVkqIJUII20q4FuD-ZTr8POAmGyTAxoWIlAej5axQVmZXXUiEWX752iaMb32OG1su5C_LAenXFIH4r9IuiU0EJHDL6REqM9P8ujHk7mJeVKPByvxU2szQmWHZzDa1cT1uZzyivuwYrUjHMNazVzwdglpY-of5RiKL1OSTImrjdKEgbS0E34IYU2qYCZC-HwPUnVi_rskgCuRfX01-zc5eQdiXyD-ddq4vjQBUFBXcHaWnJZ1kIdtjtIvWQmoV7gp8bbKhvEvcjP2cVQRvHpcK9L_VlGDsM16Qi33q_272NP5ChY2ajLoyDPHO9-tveGWYUtR-VnBTLy8mEt4aiESEAu1uv5XogbV8e72d-NnZT5xJIGkUtQHxyMghOuUvlPWEoSrUjocmnBBWJaG5Jyaohmi7uFU2z9oMRHgpkQhyHMVyUU6cVrj94E0BsI

Requested by

Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s_524813_093026_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-28/ 3 KB
3 KB 26ms
24ms Image
image/jpeg 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-28/s_524813_093026_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee25bbc842df900e7f0756587db214596db059ea2c036845a4d29b72cc943bd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:58 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 18694
cf-polished: degrade=85, origSize=3206, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 2971
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Dec 2023 04:30:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 908203064
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90d03e91c6ae8-FRA
expires: Mon, 26 Feb 2024 10:16:58 GMT

GET
H3 200 s_524808_083909_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-28/ 4 KB
4 KB 41ms
22ms Image
image/jpeg 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-28/s_524808_083909_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a314abef3b2d4dc9d1c80185e29af7bd6a2bde9e2f18f74cc90a848765ad14b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:58 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 21323
cf-polished: degrade=85, origSize=4040, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 3792
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Dec 2023 03:39:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 945453695
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90d0409376ae8-FRA
expires: Mon, 26 Feb 2024 10:16:58 GMT

GET
H3 200 l_524764_114917_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-27/ 22 KB
22 KB 40ms
25ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-27/l_524764_114917_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 446f0a1dbdbb85562e53e9aa196c07110709db75960692070e9d5b22b899ac4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:58 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 54958
cf-polished: qual=85, origFmt=jpeg, origSize=27269
x-cache: MISS
content-disposition: inline; filename="l_524764_114917_updates.webp"
alt-svc: h3=":443"; ma=86400
content-length: 22118
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Dec 2023 18:49:17 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 692603681
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90d0409396ae8-FRA
expires: Mon, 26 Feb 2024 10:16:58 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B31D 43 B
215 B 359ms
356ms Image
image/gif 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=d8c28867-7306-2dd2-3251-a9649263ddf6&tv=%7Bc:y5AawR,pingTime:-10,time:432,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703758618253%7C%7Cf301603cd4299fef5b690405bd400d71%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7Cc643167fda8fb324032d14f47ad57212%7C%7C0f18eacf6d060a18b359bbaf00fdac15%7C%7C6e5ce1a2207bb12a8464a359ef0849bf%7C%7C482822444ab423ea5ec8a08295aa660c%7C%7C2c5aad3bda34836d7f095634f87fcca6%7C%7C1663701684%7D
Requested by: Host: 6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
URL: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:58 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 my.js Show response
www.geo.tv/assets/front/ui/js/ 6 KB
2 KB 24ms
24ms Script
application/javascript 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geo.tv/assets/front/ui/js/my.js?ver=32326
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ea276480dd4bcf80147ad2c399b9e2cb0b03974207d6451292d268f8d2d8e35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:58 GMT
via: 1.1 varnish (Varnish/6.0)
content-encoding: br
cf-cache-status: HIT
age: 2433663
cf-polished: origSize=10287
x-cache: MISS
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 10 Nov 2023 12:07:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 670467655
cache-control: public, max-age=5184000
access-control-allow-credentials: true
cf-ray: 83c90d051a4f6ae8-FRA
expires: Mon, 26 Feb 2024 10:16:58 GMT

GET
H3 200 mycustom.js Show response
www.geo.tv/assets/front/js/ 31 KB
7 KB 23ms
23ms Script
application/javascript 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geo.tv/assets/front/js/mycustom.js?ver=656
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b338fa7e9312f1dc147024101290a3fef28ab4b82524e11ce53a982d1a908ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits: 59
date: Thu, 28 Dec 2023 10:16:58 GMT
via: 1.1 varnish (Varnish/6.0)
content-encoding: br
cf-cache-status: HIT
age: 4263371
cf-polished: origSize=54888
x-cache: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 24 May 2023 11:54:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 649200847 718801196
cache-control: public, max-age=5184000
access-control-allow-credentials: true
cf-ray: 83c90d051a506ae8-FRA
expires: Mon, 26 Feb 2024 10:16:58 GMT

GET
H3 200 51_9123774_programs.jpg
www.geo.tv/assets/uploads/programs/2015-11-17/image_banner/ 12 KB
12 KB 19ms
19ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/programs/2015-11-17/image_banner/51_9123774_programs.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f69fbd57fe00cf197b9f112ca845c061860c792f450a4e350af35b592fe91984

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:58 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 3053
cf-polished: qual=85, origFmt=jpeg, origSize=22022
x-cache: MISS
content-disposition: inline; filename="51_9123774_programs.webp"
alt-svc: h3=":443"; ma=86400
content-length: 11816
cf-bgj: imgq:85,h2pri
last-modified: Mon, 27 Nov 2023 09:13:13 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 698905817
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90d058abc6ae8-FRA
expires: Mon, 26 Feb 2024 10:16:58 GMT

GET
H3 200 57_6459120_programs.jpg
www.geo.tv/assets/uploads/programs/2015-11-17/image_banner/ 27 KB
27 KB 20ms
20ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/programs/2015-11-17/image_banner/57_6459120_programs.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2aeb17e3738d913b3bebf8f892877c1004555621b4ef643b6190c1fc87bb786

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:58 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 6340
cf-polished: qual=85, origFmt=jpeg, origSize=63990
x-cache: MISS
content-disposition: inline; filename="57_6459120_programs.webp"
alt-svc: h3=":443"; ma=86400
content-length: 27378
cf-bgj: imgq:85,h2pri
last-modified: Thu, 13 Jul 2023 11:22:47 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 826421871
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90d058abd6ae8-FRA
expires: Mon, 26 Feb 2024 10:16:58 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 162C 42 B
174 B 46ms
44ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssT5M_FPM65p9IgGKyp3veD2wtL_6YpfujMr_NPGFR4JaLd27z4k_hJHhW1tnSY6dw_X3n7m8IC5lWfZU4GVynY9s5VzjCv206dp_St9QZAkt8Ae60J_70M9Do9nRRhXEb-g9IrqCUgIhNnhDVa7ezWkrfgjmVTDv6SDKo-7rpKAUL8xIRukhS_&sai=AMfl-YR4Ool0NkZZfZbWgNHeGkSc9DlcHuVF3bJXDajiv7iz0z3QuCoBrooTkkTomaeIQH1a_kQbdC009ItEx7pisXUp_k_l9rpErUpPPs2_Nh9zfQkvhH49TU2hmrCiax3oL8jNBXDvpfG5YGCVpxt4&sig=Cg0ArKJSzFs355W-rpp_EAE&cid=CAQSTgAvHhf_oEov7K836rajKSQGedXnFUS-cLmlBvlZr-8eY8CADHU6yhQAq03_z5V92vs1OgjgNGM_pZCuciOreO4PyrqP3_DIQ9ZgekIAqxgB&id=lidar2&mcvt=1000&p=276,1125,526,1425&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2222860896&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703758617285&rpt=235&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B31D 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoZaZrtU0Vzpbn-UVayHwZ-vVtDCTYs4b2KOfn2D5MOdsTKRJMuGNxAkaHFcicBjbcJZwfsfFC5vxYOfBCNxzEMwdHuMoG3EfL34eY0wR1GnMI6qTiAJuQKbaRlCE32_kdRhbsOrW33DgttjlfJ2bPRnLS&sai=AMfl-YT2LVzIw8spApEh9waRuK0kfruZ6g_ax-qC5EFb_TfvT8pg8bAzxKz-47dtS9k9jECeN81vOUXfEkYnxDvb8VaNHC8sqW7pYd_MhXD2gUco0OYF9F2nkjSQg9Sm4aq9tZDzNuNymk134wvHrx2z&sig=Cg0ArKJSzPo3_c4tyGUGEAE&cid=CAQSTgAvHhf_oEov7K836rajKSQGedXnFUS-cLmlBvlZr-8eY8CADHU6yhQAq03_z5V92vs1OgjgNGM_pZCuciOreO4PyrqP3_DIQ9ZgekIAqxgB&id=lidar2&mcvt=1000&p=126,436,216,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=280437901&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703758617266&rpt=326&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 53_9234248_programs.jpg
www.geo.tv/assets/uploads/programs/2015-11-17/image_banner/ 16 KB
16 KB 43ms
30ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/programs/2015-11-17/image_banner/53_9234248_programs.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77d090ee39ea4173ab0a6048806b4515c53d6fe8d5458abdc66f3643f707ddf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:16:58 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 41937
cf-polished: qual=85, origFmt=jpeg, origSize=92966
x-cache: MISS
content-disposition: inline; filename="53_9234248_programs.webp"
alt-svc: h3=":443"; ma=86400
content-length: 16252
cf-bgj: imgq:85,h2pri
last-modified: Tue, 15 Jun 2021 12:11:12 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 808978066
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90d067b986ae8-FRA
expires: Mon, 26 Feb 2024 10:16:58 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4291 43 B
215 B 187ms
187ms Image
image/gif 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=998c0d61-bed3-e16c-948f-cd1813649c4b&tv=%7Bc:y5AaFA,pingTime:-10,time:928,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703758618253%7C%7Cf301603cd4299fef5b690405bd400d71%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7Cc643167fda8fb324032d14f47ad57212%7C%7C0f18eacf6d060a18b359bbaf00fdac15%7C%7C6e5ce1a2207bb12a8464a359ef0849bf%7C%7C482822444ab423ea5ec8a08295aa660c%7C%7C2c5aad3bda34836d7f095634f87fcca6%7C%7C1663701684,sca:%7Bspg:d8c28867-7306-2dd2-3251-a9649263ddf6%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:58 GMT
server: nginx
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 firebase-app.js Show response
www.gstatic.com/firebasejs/7.1.0/ 12 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.1.0/firebase-app.js

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18de5cf69a219d96e4893face075b87cf39858701e63cfc6e0a069e1e79738f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 04:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4048
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 20:47:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 04:33:03 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4291 0
20 B 66ms
66ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1877653472439&version=m202309260101&ct=76&x=1&cor=14941335946398915000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B31D 0
20 B 63ms
58ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8297217276591&version=m202309260101&ct=76&x=1&cor=1700859245046199300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:16:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 25ms
13ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XFKYZ0D5SX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-547PFWMB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ea8b762d873f508a24dca11d149e06a30eb59212b09a2535bab483df77d85ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:17:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81254
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Dec 2023 10:17:00 GMT

GET
H3 200 menu-bg.jpg
www.geo.tv/assets/front/images/ 4 KB
4 KB 38ms
37ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/front/images/menu-bg.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8622745267aebc8b3ec483b8128627695e3f3a568f1b238985fc682bf2097ab0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:17:00 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 2440932
cf-polished: qual=85, origFmt=jpeg, origSize=43397
x-cache: MISS
content-disposition: inline; filename="menu-bg.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4176
cf-bgj: imgq:85,h2pri
last-modified: Sat, 05 Jun 2021 08:53:29 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 675821779
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90d114ee46ae8-FRA
expires: Mon, 26 Feb 2024 10:17:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 46ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XFKYZ0D5SX&gtm=45je3bt0v9125613770z89167637073&_p=1703758616340&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&ul=English&cid=308035126.1703758617&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1703758620&sct=1&seg=0&dl=https%3A%2F%2Fwww.geo.tv%2F&dt=Geo.tv%3A%20Latest%20News%20Breaking%20Pakistan%2C%20World%2C%20Live%20Videos&en=page_view&_fv=1&_ss=1&ep.page_type=Home%20Page&ep.ad_present=Yes&tfd=4516
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XFKYZ0D5SX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:17:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geo.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/7.1.0/ 21 KB
7 KB 27ms
19ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.1.0/firebase-analytics.js

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7df604a5abc920049758b6399e857195fe27daa7169b2eb6f09be68de8efeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 08:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6832
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 20:47:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 08:52:42 GMT

GET
H3 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/7.1.0/ 45 KB
12 KB 28ms
19ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.1.0/firebase-messaging.js

Requested by

Host: www.geo.tv
URL: https://www.geo.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf0ffaf3d4a4821f6a3ac85bfb0e14a3ba3a81046be00bd3e07e1f5ba0e9650b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11922
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 20:47:53 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 17:34:11 GMT

GET
H3 200 push_notification.js Show response
www.geo.tv/assets/front/js/ 3 KB
2 KB 25ms
25ms Script
application/javascript 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geo.tv/assets/front/js/push_notification.js?v=1.4
Requested by: Host: www.geo.tv
URL: https://www.geo.tv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bd178d9b831f1865b60926de18be64943ca2ad03d4fd94a4e0fdc2ab5b416ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:17:02 GMT
via: 1.1 varnish (Varnish/6.0)
content-encoding: br
cf-cache-status: HIT
age: 2524590
cf-polished: origSize=8002
x-cache: MISS
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 05 Jun 2021 08:54:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 447528176
cache-control: public, max-age=5184000
access-control-allow-credentials: true
cf-ray: 83c90d1f8e1b6ae8-FRA
expires: Mon, 26 Feb 2024 10:17:02 GMT

GET
H3 200 l_524723_073711_updates.jpg
www.geo.tv/assets/uploads/updates/2023-12-27/ 63 KB
64 KB 26ms
25ms Image
image/jpeg 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-12-27/l_524723_073711_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 764963f4d031503590019b87565a7cb9a8a9b021d305b5fc6e82e040f8660db0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:17:02 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 67095
cf-polished: origSize=67800, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 64950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Dec 2023 14:37:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 907283546
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83c90d1fae386ae8-FRA
expires: Mon, 26 Feb 2024 10:17:02 GMT

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/geo-english-web/ Frame 0
0 41ms
21ms Preflight
text/html 2a00:1450:4001:813::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/geo-english-web/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://www.geo.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.geo.tv
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 28 Dec 2023 10:17:02 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/geo-english-web/ 625 B
679 B 266ms
266ms Fetch
application/json 2a00:1450:4001:813::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/geo-english-web/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.1.0/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

6548fc885472578c70debf1500efe7887535b4b4a709fee5a72b4ebfddb1ebc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://www.geo.tv/
x-goog-api-key: AIzaSyDdwRYx0_rsgsKUuL9bddXVHCSJGnDoFHI
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Thu, 28 Dec 2023 10:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.geo.tv
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 489
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
73 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FXTT4N4F7W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-547PFWMB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40d3ed97a4f221416c7176983bdf3117f780ce8acc096b75da56b99b8ce6ae82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:17:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74664
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Dec 2023 10:17:02 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FXTT4N4F7W&gtm=45je3bt0v886923858&_p=1703758616340&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&_fid=eKEvUO6MBHcjO8j62UzBQo&cid=308035126.1703758617&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703758622&sct=1&seg=0&dl=https%3A%2F%2Fwww.geo.tv%2F&dt=Geo.tv%3A%20Latest%20News%20Breaking%20Pakistan%2C%20World%2C%20Live%20Videos&en=page_view&_fv=1&_ss=1&_ee=1&ep.origin=firebase&tfd=6833
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FXTT4N4F7W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geo.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 10:17:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geo.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.geo.tv/	1969-12-31 23:59:59	Name: PHPSESSID Value: r5fofd1h07i32kouve8k4olum1
.geo.tv/	1970-01-21 02:37:34	Name: __gads Value: ID=5a86b65217669a98:T=1703758616:RT=1703758616:S=ALNI_MajpW_FvtTtze6AEJ7tk0b2wSLLkA
.geo.tv/	1970-01-21 02:37:34	Name: __gpi Value: UID=00000d2cd056926a:T=1703758616:RT=1703758616:S=ALNI_Mb-tiNHjhgMhVbyqOC5EEKjUfel2Q
.doubleclick.net/	1970-01-21 02:37:34	Name: IDE Value: AHWqTUlip-XBrORd5YfaN6M_3DEtbL_cmHodk0TdkqckduzEy-Dl3G5cRfk6X_o5
.casalemedia.com/	1970-01-20 19:25:34	Name: CMPS Value: 5157
.adnxs.com/	1970-01-20 19:25:34	Name: uuid2 Value: 2513093511048433326
.doubleclick.net/	1970-01-20 21:35:10	Name: APC Value: AfxxVi7wTinhuDLG12X0waTXei49ZqwUwP4E0UGALOqwiw21_Uwrog
.adnxs.com/	1970-01-20 19:25:34	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU!h+ZiK!]tbPl1M>e)ZlrFUfJ+tGXxoL<x-lYD_$3'Xw5`.:'s`g:xac^NabOHBQ%+R3If)y3KL9D3I?+Q.w6tV
.casalemedia.com/	1970-01-21 02:01:34	Name: CMID Value: ZY1LGYmoUug-o5cSJT4bDwAA
.casalemedia.com/	1970-01-20 19:25:34	Name: CMPRO Value: 5190
.googleadservices.com/	1970-01-20 19:25:34	Name: ar_debug Value: 1
.geo.tv/	1970-01-21 02:51:58	Name: _ga_XFKYZ0D5SX Value: GS1.1.1703758620.1.0.1703758620.0.0.0
.geo.tv/	1970-01-21 02:51:58	Name: _ga Value: GA1.1.308035126.1703758617

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6dc066cac92916eec312718e413bf44f.safeframe.googlesyndication.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
firebaseinstallations.googleapis.com
fw.adsafeprotected.com
geo.tv
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.cloudflareinsights.com
tpc.googlesyndication.com
www.geo.tv
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.16.122.91
108.128.252.65
142.250.185.98
142.250.186.66
142.250.186.98
172.64.151.101
185.89.210.90
2001:4860:4802:34::36
2600:1f13:800:7782:dbfa:3c1a:bc7b:25e8
2600:9000:214f:8e00:8:48e:53c0:93a1
2606:4700::6810:3865
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::2006
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2003
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04559870df52db288b45a02da788d70a96a22634ba6309cbaafecd7e1ae252ca
07bc63d49540c08a69e031f554f240613e2eb0ebb5e82f0b8113a33beda056e0
0882cf66b1835c4bda99eac583dd74f70c2ba742989ed836c5256b3a402eb5af
08d167dabb7c136d3ad87dc3eb93934b1f5edfdc1ceb0c4c9626ccece78b1604
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd178d9b831f1865b60926de18be64943ca2ad03d4fd94a4e0fdc2ab5b416ff
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
112765f554f6ac4d1abfca361820a92bbc3358394aa6478d32ee384f41356ac6
13ae20e45c0225e7f5c35c4d48d3d3ec8ae4d3e4861d605da9232551e0fe67c3
15319620c05ca0e4aa55cbf9fab51727e464719f5a98be20144152936d857f05
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18d515fd2b5266e775d62ceb901a69c09885a314fdde9b197269029776cb3a7c
18de5cf69a219d96e4893face075b87cf39858701e63cfc6e0a069e1e79738f6
1dfce6bc17c50040f0e006072a953671a9477f4ca600bb5f280035a02070fb3e
2172b6cfda7de352285e5282afbbe11a385a4cb0477cd2ee215e71a637fe2f5c
217cba752fdb12fa5e7cbf978228cffc8607f1868d030185ea3d772ac5c64e59
23c5e13d99db8866ebe1048f344abaa477fe69ac63452f14810a68d993557f12
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
30a17dfbc9e2dbdd1f971a430d86af584af2c9d492001c3a39f7352c6866f0d4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3
327556a594ffeeb540e83451fe9d8fab30224cc5e4abcc41f9e2291fdd137d16
3309b3af4467208c0e889521ca80f63ab67fb50dea71f69ee4be8c02dd140e19
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
40d3ed97a4f221416c7176983bdf3117f780ce8acc096b75da56b99b8ce6ae82
419fd619a3ace745c8aefca55c64003dd7d3a53ffef0799c779a65601a712fe8
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
446f0a1dbdbb85562e53e9aa196c07110709db75960692070e9d5b22b899ac4a
457515d82c32215c82aa21bc7f1bfc6073740e9ee8120f3bed1ae21067ccb9c9
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a09494fbf9a48f3fde50fe3e84359981d3dbfaadf1e21664f09a11ea87aaf37
4a7165be2f24b117fac801c4cadee42cb51b1b4cd4717611225577b1521a7d73
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c02a44f503b3231fe95a34ad29c19f769ecda5305ed596a26dfc4e6b209feb2
4e6b6aec9a6784ac88100c0bfb56e1c0ca86374acc5d526fea6381a4131dee05
4f89f5934bf4b547f8c2776fdd7062d85bdd653eb34db2817930b0b544c52f41
503b6084518389a77e31936add6d47ef25e4c7b9c00cbf2607d1561d4ffa882d
5103ee8a4657ded0bfee2edf27e2bcf4d41d30347fcfa101d5973e19f9579cb2
55300ca9165fd11ff3acc6f4c3ab076acfdf7255b7d741921d0c00415738e1f9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
57058ea210f5e5f682788dffa1bd43772ef8824c0f4ffaf0e875855df094cbce
57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99
5e3c9004ce9bc4a7dc3f1c58a8ba78b25081aa171acc4d9c74acac4a9968a515
5ea276480dd4bcf80147ad2c399b9e2cb0b03974207d6451292d268f8d2d8e35
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f45e7bdc46446ff39e729b44220c503f95e43948279ef2f62918a12037d6b64
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6548fc885472578c70debf1500efe7887535b4b4a709fee5a72b4ebfddb1ebc2
678cf7f4fb6895416f5404c0b23e2cefb7d594009c5c25d9b3510873722ba726
6982a65b5383736ebb0bb0f8520b97b8d0a6484c21733fda1c99ca8f9e29b4fb
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6dafe12bd7192e6f136e7beb86b7b9a32ad22536cd9905c9440897845f2c30dd
6dc9b1a501bdf796f5feb6bd6e34a2d3badc69c2aa18a473efe26e1e626463df
6e847195d78e8450c7da3112e5bd445dda08e2e7be5761cc39513f99df35cc36
6f3d76adb21252f4e2351327fd7f981d1a28932b82d909fc7afc1c5c2f78669f
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7487ce497b009d573ced1603e2b83a382ac23d72cd7ceb4d0a64866358d23e68
764963f4d031503590019b87565a7cb9a8a9b021d305b5fc6e82e040f8660db0
77d090ee39ea4173ab0a6048806b4515c53d6fe8d5458abdc66f3643f707ddf2
7f25d368a58ebde5063fa272844946cb21318a43841cd373ac89f6db883e3b69
81f5a03e1b49cbe1692501481bd08328870b21f448be669a04666ae2a6c96855
8622745267aebc8b3ec483b8128627695e3f3a568f1b238985fc682bf2097ab0
89abdadf7755c53b75f644af33178eac6a8c6a9ab682a815ad79ccfde52c6557
8b217fdc4dafa90994157b29b300a2fede0c9ff389c6b74ef47b71fce50e3a2d
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8f19d88cf7f8d7b78e186dde0f8a6098a4764690b50fd443b48c15f9742e1cce
96f4386fad802372fb9a6fd72850b79534333f273dc62cbec723c2a42347d1d2
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
9ea8b762d873f508a24dca11d149e06a30eb59212b09a2535bab483df77d85ca
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1437843479259c84e469798cc4d180b2eefd9d58d8f7be594f2f0f56c3e7fc4
a314abef3b2d4dc9d1c80185e29af7bd6a2bde9e2f18f74cc90a848765ad14b2
a538fc420222612dc7308431da954acc546e0b860a2cb69088c1caecaa88e21d
a55e8d9047a4c39a00ab6c6b242ca8ae070afcd5a54f6ab59062292663bad4bf
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b338fa7e9312f1dc147024101290a3fef28ab4b82524e11ce53a982d1a908ffe
b6a30e2c2ed7fe927c2d6d4078072fc294fcda1fd71eabf873aa9058cddbe4a7
b92d36f6231c3ca7438794c71c2d8f5f3971f9a0b2760b0d4e5a78c2969be6bb
ba07f094c709ea7444fe19014c455893ceca8eacdd4342c1418e9f9222310b4d
bb4c7973ba828a5f79b46ce8b79e9b30f98620d0b955d704665520b2cffe6672
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bdbfa7189d8b83f09f5717afc46cc46c92d686bd5393e457a8740936d7405b73
c26dab245980ca880244ed2dff3a51a2a3a0361da40882ddc4a6557d6892d708
c2843e2b4ba5fc006a8f5424fa2ac0d1ab0a34cce0e337722de2c4526fc01faa
c40a1414dee65a7bb21e61cc6ba9ef15d54f56889b7e6fc62d11fe27f22e6180
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
c6545bde27b0d6aeeb7db3782fe3abb6fcf81f6b5e7f0960fe7a4964b3d35786
c669f55820ad5f3d96e20d59ad755b1762568f0d5a25527d39c04102b2d0cc31
c7f432d15d9cd40aed1890418931abd20fa90be700ce557add25ef043fa32063
ca0952990780a78c881b6d25d5130d83d147ebd2cef45ef2e6065d18870310da
cb3b66c5e9db0af4c34ba1d75f51d859c51b708c1db273777cdc69d608a92ac9
cd42aceb2fff4d62a731150752f45a3aefe311f5655156160ab9fdb4f8e08fa9
cdb45b1b2898586d9b599d50a8892a45a7513086e98652ff6862f390aafebbec
cf0ffaf3d4a4821f6a3ac85bfb0e14a3ba3a81046be00bd3e07e1f5ba0e9650b
d0cd2b4da2c713342027279abce854abcb9ce9a6386f3336915e040f584b43ba
d47a786c6b9e0f114e0ff0c92a8ff81d27d822447e41279494336c84560ea675
d6eee663e97ecd65b65f914f2c20bf1ae30751e0b15d9eafe3fe1ba5d2255352
d944f4b503015688926da1839f8099054f2b2fcfbb9d72e349cf4724e2e6ebaa
de4a5124a7242f772b08ad67038ff18cacebc54aa1937bb1c139a643555bf009
de7c886e15e57293b0119b2c9b81783d7ff559ad7b2dcc63036201b7417fbbf0
e0db68301de313dc4ced15afb3a42641eb7563a0514c32e61ae364df01efc57c
e2aeb17e3738d913b3bebf8f892877c1004555621b4ef643b6190c1fc87bb786
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6725ee11cc0985355ad6e7df221385e819dac9757626d89acc1693573af4bd5
e71a51a54b7a0323265da75474870d3342625d35ebb62f5303b314b236182aba
e7df604a5abc920049758b6399e857195fe27daa7169b2eb6f09be68de8efeb3
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee25bbc842df900e7f0756587db214596db059ea2c036845a4d29b72cc943bd9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f20f2ae62146f59276a9bb2e8a12dd0ec978bba1156639e8a810cad9d1766c41
f47d21988dc5353063b77175be045bdbb971679a07cfb698c9d335a638b0a8c9
f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff
f52ea14d7a4a00c25d15eb104b88c0ced96e2279e194a8f7bbfe6b80e80be6cd
f6183113481142bfd364a6a78c99207f86c54f53d58aa46bb86252e7fb45a0e7
f69fbd57fe00cf197b9f112ca845c061860c792f450a4e350af35b592fe91984
f8c5ee9de9a8c57ed357a860b0edc5b7028103e1558da74e72b5efa316f9d2a9
faf597313dfdcfc0c930ad797c4258e8c65205e1a4ce87681df688cd801c5a7d
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff4ac06215467fcc1050963a941196269103a7594245c5c150b8bc09fc1e7664

www.geo.tv Open in urlscan Pro 104.16.122.91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

204 Requests

94 %HTTPS

68 %IPv6

15 Domains

23 Subdomains

23 IPs

4 Countries

2542 kBTransfer

6558 kBSize

13 Cookies

4 Outgoing links

Page URL History

Redirected requests

204 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.geo.tv Open in urlscan Pro
104.16.122.91 Public Scan

Screenshot
Live screenshot

Full Image

204
Requests

94 %
HTTPS

68 %
IPv6

15
Domains

23
Subdomains

23
IPs

4
Countries

2542 kB
Transfer

6558 kB
Size

13
Cookies

204 HTTP transactions
8 data transactions