www.geosuper.tv Open in urlscan Pro
104.17.143.48 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://geosuper.tv/live
Effective URL:
https://www.geosuper.tv/live
Submission: On November 29 via manual (November 29th 2022, 4:38:14 am UTC) from IN — Scanned from DE

Summary HTTP 138 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 16 domains to perform 138 HTTP transactions. The main IP is 104.17.143.48, located in and belongs to CLOUDFLARENET, US. The main domain is www.geosuper.tv. The Cisco Umbrella rank of the primary domain is 623964.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2022. Valid for: a year.

This is the only time www.geosuper.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.17.142.48 104.17.142.48	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 32	104.17.143.48 104.17.143.48	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	64.233.167.157 64.233.167.157	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3 4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
10	104.17.187.237 104.17.187.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
138	26

1 104.17.142.48 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

geosuper.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 104.17.143.48 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.geosuper.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.17.187.237 (None, )

ASN13335 (CLOUDFLARENET, US)

www.thenews.com.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 182	542 KB
33	geosuper.tv 2 redirects geosuper.tv — Cisco Umbrella Rank: 551611 www.geosuper.tv — Cisco Umbrella Rank: 623964	701 KB
18	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248 stats.g.doubleclick.net — Cisco Umbrella Rank: 142 pubads.g.doubleclick.net — Cisco Umbrella Rank: 421 bid.g.doubleclick.net — Cisco Umbrella Rank: 859 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 271 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 356	249 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 332	319 KB
10	thenews.com.pk www.thenews.com.pk — Cisco Umbrella Rank: 39979	77 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	131 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 705	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 276	3 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 121 www.google.com — Cisco Umbrella Rank: 16	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107 imasdk.googleapis.com — Cisco Umbrella Rank: 492	347 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	95 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 84	20 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1263	12 KB
1	o2online.de portal.o2online.de — Cisco Umbrella Rank: 49615	637 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 106	43 KB
0	5centscdn.com Failed jk3lz82elw79-hls-live.5centscdn.com Failed
138	16

	Domain	Requested by
32	www.geosuper.tv	1 redirects www.geosuper.tv static.cloudflareinsights.com
30	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com www.geosuper.tv s0.2mdn.net
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
11	s0.2mdn.net	imasdk.googleapis.com www.geosuper.tv s0.2mdn.net
10	www.thenews.com.pk	www.geosuper.tv
5	fonts.gstatic.com	fonts.googleapis.com
5	securepubads.g.doubleclick.net	www.geosuper.tv securepubads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com www.geosuper.tv
3	www.gstatic.com	www.geosuper.tv
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	www.geosuper.tv
2	www.googletagservices.com	8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	static.cloudflareinsights.com	www.geosuper.tv
2	imasdk.googleapis.com	www.geosuper.tv imasdk.googleapis.com
1	portal.o2online.de
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	adservice.google.com	imasdk.googleapis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	www.geosuper.tv
1	www.googletagmanager.com	www.geosuper.tv
1	geosuper.tv	1 redirects
0	jk3lz82elw79-hls-live.5centscdn.com Failed	www.geosuper.tv
138	28

This site contains links to these domains. Also see Links.

Domain
www.thenews.com.pk
twitter.com
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-10` - `2023-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2022-02-11` - `2023-03-08`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.geosuper.tv/live
Frame ID: DC3D41E65B1CA9DF55FDC3678400EBCA
Requests: 73 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Frame ID: BAD66EC529DD8CFA0463211844CA321A
Requests: 3 HTTP requests in this frame

Frame: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6D14C607C6D6AB782DDE1274B2711728
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B2C49916EF7C0BB28D1A74D8DD30F833
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2E49530F2FED04F666F5CA4B6925577D
Requests: 2 HTTP requests in this frame

Frame: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5359400AFE5FBAC8E6DD4B48F913B996
Requests: 14 HTTP requests in this frame

Frame: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4040C6C36FFB021BAA5C73BBFCB9AD80
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi63vHTATAB&v=APEucNWz8AqyquAKAl8Mdk8oV9uaXtyUANGcehgy_YgjBKoaLs4iEgaFSA7kwlsLw-54MKqNtg6rEIZ4glYCi_t2MWPzCxBJh_EBydntFTSZxG9U1sZ8RQi4xHXYNldCA_bvTLNn9E_RH6Pty2Ww_At4reEqFudefE2rO7XEOknTNjsi8Ashzyg
Frame ID: 944FFA1DA3E2B0EE1BDD85403013394E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/index.html
Frame ID: 5D4B843BBEC5269079BFFDFF38CF28D3
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F42AC89ACC8DDE286F269AD70F52AE16
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=rDKt1qnCrz&t=1&renderingType=2&ev=01_247
Frame ID: 363BC107B0DE115B4376E3A56911ECF3
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CE17C5A4A283211B768BEDB270127B39
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 00CE653B2769D8A38DA8D4175ABF7BEB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Watch Geo Super Live Streaming, Live Score, Updates, Geosuper.tvEntertainment News

Page URL History Show full URLs

http://geosuper.tv/live HTTP 301
https://www.geosuper.tv/live Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

138
Requests

96 %
HTTPS

65 %
IPv6

16
Domains

28
Subdomains

26
IPs

5
Countries

2544 kB
Transfer

5553 kB
Size

13
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.thenews.com.pk/latest/1014964-billie-eilish-talks-jesse-rutherford-romance-really-inspired-by-this-person

Search URL Search Domain Scan URL

URL: https://www.thenews.com.pk/latest/1014963-irina-shayk-talks-coparenting-with-ex-bradley-cooper-we-dont-have-a-nanny

Search URL Search Domain Scan URL

URL: https://www.thenews.com.pk/latest/1014765-akshay-kumar-believes-india-is-on-its-way-to-become-a-superpower

Search URL Search Domain Scan URL

URL: https://www.thenews.com.pk/latest/1014763-shraddha-kapoor-to-play-a-kashmiri-girl-in-her-next

Search URL Search Domain Scan URL

URL: https://www.thenews.com.pk/latest/1014728-kajol-reveals-what-she-learned-from-her-kids-nysa-and-yug

Search URL Search Domain Scan URL

URL: https://www.thenews.com.pk/latest/1014760-holly-willoughby-and-fearne-cotton-set-to-join-itv-celebrity-juice-for-last-episode

Search URL Search Domain Scan URL

URL: https://www.thenews.com.pk/latest/1014759-sharman-joshi-reveals-why-he-wasnt-a-part-of-golmaal-franchise-after-the-first-film

Search URL Search Domain Scan URL

URL: https://www.thenews.com.pk/latest/1014752-holly-willoughby-gets-support-from-bbc-exec-after-feeling-upset-over-queue-storm

Search URL Search Domain Scan URL

URL: https://twitter.com/geosupertv

Search URL Search Domain Scan URL

URL: https://www.facebook.com/geosuper

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/GEOSUPERYOUTUBE

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://geosuper.tv/live HTTP 301
https://www.geosuper.tv/live Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://www.geosuper.tv/assets/front/img/live_banner.jpg HTTP 302
https://www.geosuper.tv/

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtdtjJElkuGqHnonirVglI&google_cver=1

Request Chain 78

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4WMskjofJ7AMuGeZ.8FxAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtdtjJElkuGqHnonirVglI&google_cver=1&google_hm=2

Request Chain 79

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOt88t_4X-azyEmJ92QYy8E&google_cver=1

Request Chain 80

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAxNTM0MjQzODg2ODk2OTE4Mw%3D%3D

Request Chain 85

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

138 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request live Show response
www.geosuper.tv/
Redirect Chain

http://geosuper.tv/live
https://www.geosuper.tv/live

55 KB
13 KB

236ms
207ms

Document
text/html

104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geosuper.tv/live
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 601cd824135d73d2e0c907bd499b67ec0121a76d015143594857435159926b61

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=30, must-revalidate
cf-cache-status: HIT
cf-ray: 7718a6edea949193-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 29 Nov 2022 04:38:08 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Tue, 29 Nov 2022 04:37:12 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 7718a6ed9bc6bbd4-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 29 Nov 2022 04:38:08 GMT
Expires: Tue, 29 Nov 2022 05:38:08 GMT
Location: https://www.geosuper.tv/live
Server: cloudflare
Server-Timing: cf-q-config;dur=8.000002708286e-06
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 44ms
19ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1642881-1

Requested by

Host: www.geosuper.tv
URL: https://www.geosuper.tv/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16c61d79170a8f22f4721af590c8f8a96ab997350fd5fe81d2af97f5cd39e863

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43671
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Nov 2022 04:38:08 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 40ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,500&display=swap

Requested by

Host: www.geosuper.tv
URL: https://www.geosuper.tv/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f07e51395e24c6f9f352609cae1153f73095017fd973f48bdc5165da03add73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Nov 2022 04:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 04:27:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Nov 2022 04:38:08 GMT

GET
H2 200 video-js.css
www.geosuper.tv/assets/front/css/videojs/css/ 40 KB
13 KB 235ms
233ms Stylesheet
text/css 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geosuper.tv/assets/front/css/videojs/css/video-js.css?i=88888
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35269e9f9c79bd5da8d830b8ebde6f9731da8c044d95eba496c507465cd7ca7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 24 Nov 2022 08:35:21 GMT
server: cloudflare
cf-polished: origSize=46468
etag: W/"637f2cc9-b584"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7718a6ef3d319193-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H2 200 videojs.ads.css
www.geosuper.tv/assets/front/css/videojs/css/ 214 B
288 B 21ms
19ms Stylesheet
text/css 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geosuper.tv/assets/front/css/videojs/css/videojs.ads.css
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46c08a8e730886d75e15a6e49648d48d1859acbbebc308ade3b2ef7960a26148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 24 Nov 2022 08:35:21 GMT
server: cloudflare
age: 393665
cf-polished: origSize=317
etag: W/"637f2cc9-13d"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7718a6ef3d339193-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H2 200 videojs.ima.css
www.geosuper.tv/assets/front/css/videojs/css/ 2 KB
791 B 22ms
20ms Stylesheet
text/css 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geosuper.tv/assets/front/css/videojs/css/videojs.ima.css
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1cbd0cbbd8f9ea5979513e7428ff5db7c6c2b5414eb175b50faea557c14c985

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 24 Nov 2022 08:35:21 GMT
server: cloudflare
age: 393670
cf-polished: origSize=3712
etag: W/"637f2cc9-e80"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7718a6ef3d359193-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H2 200 videojs.socialshare.css
www.geosuper.tv/assets/front/css/videojs/css/ 627 B
364 B 21ms
19ms Stylesheet
text/css 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geosuper.tv/assets/front/css/videojs/css/videojs.socialshare.css
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bedcf079240b9391343d6e1a07958fe8778bf31dae3597fc0631c91f9bb65eea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 24 Nov 2022 08:35:21 GMT
server: cloudflare
age: 393670
cf-polished: origSize=744
etag: W/"637f2cc9-2e8"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7718a6ef3d369193-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 98ms
16ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.geosuper.tv
URL: https://www.geosuper.tv/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af006cf691b634b633bf1ce2c522f804d406dfad88638b86a60a93d971ca897f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27205
x-xss-protection: 0
server: sffe
etag: "1406 / 18 of 1000 / last-modified: 1669676784"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 29 Nov 2022 04:38:08 GMT

GET
H3 200 super-logo-white.png
www.geosuper.tv/assets/front/images/ 3 KB
3 KB 39ms
35ms Image
image/webp 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geosuper.tv/assets/front/images/super-logo-white.png
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87c5551168988e7d8a3cf63f5dfa8e84924480b14c2f0ee8f92cb62f72855534

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
cf-cache-status: HIT
age: 404655
cf-polished: origFmt=png, origSize=4940
content-disposition: inline; filename="super-logo-white.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3072
cf-bgj: imgq:85,h2pri
last-modified: Thu, 24 Nov 2022 08:33:38 GMT
server: cloudflare
etag: "637f2c62-134c"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7718a6f0cc809b58-FRA
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H3 200 live_icon.png
www.geosuper.tv/assets/front/images/ 504 B
800 B 42ms
37ms Image
image/webp 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geosuper.tv/assets/front/images/live_icon.png
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dcade7f27c72fcb611167c45dba56aa79d8636479d5b932845559dd49eaa573

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
cf-cache-status: HIT
age: 404655
cf-polished: origFmt=png, origSize=1887
content-disposition: inline; filename="live_icon.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 504
cf-bgj: imgq:85,h2pri
last-modified: Thu, 24 Nov 2022 08:33:38 GMT
server: cloudflare
etag: "637f2c62-75f"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7718a6f0cc869b58-FRA
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H3 200 urdu-icon.png
www.geosuper.tv/assets/front/images/ 446 B
740 B 33ms
29ms Image
image/webp 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geosuper.tv/assets/front/images/urdu-icon.png
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 937ab289b9514264556cb2a4c4bf2b06ad7f3ef62f75b41ee5108a2ec03fe89f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
cf-cache-status: HIT
age: 404655
cf-polished: origFmt=png, origSize=1822
content-disposition: inline; filename="urdu-icon.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 446
cf-bgj: imgq:85,h2pri
last-modified: Thu, 24 Nov 2022 08:33:38 GMT
server: cloudflare
etag: "637f2c62-71e"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7718a6f0cc889b58-FRA
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H3 200 logo.png
www.geosuper.tv/assets/front/images/ 3 KB
3 KB 34ms
30ms Image
image/webp 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geosuper.tv/assets/front/images/logo.png
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60564605ee78d565f25c02bc4d6b87d41cb899cd57af6bec2f376395d0bfe367

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
cf-cache-status: HIT
age: 404655
cf-polished: origFmt=png, origSize=4842
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2964
cf-bgj: imgq:85,h2pri
last-modified: Thu, 24 Nov 2022 08:33:38 GMT
server: cloudflare
etag: "637f2c62-12ea"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7718a6f0cc8b9b58-FRA
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H3 200 jquery-3.6.0.min.js Show response
www.geosuper.tv/assets/front/js/ 87 KB
31 KB 24ms
24ms Script
application/javascript 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geosuper.tv/assets/front/js/jquery-3.6.0.min.js
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 08:35:21 GMT
server: cloudflare
age: 404653
etag: W/"637f2cc9-15d9d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7718a6ef9a289b58-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 370 KB
124 KB 50ms
14ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.geosuper.tv
URL: https://www.geosuper.tv/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126568
x-xss-protection: 0
expires: Tue, 29 Nov 2022 04:38:08 GMT

GET
H3 200 video.js Show response
www.geosuper.tv/assets/front/js/videojs/js/ 418 KB
77 KB 30ms
30ms Script
application/javascript 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geosuper.tv/assets/front/js/videojs/js/video.js
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7933b7981cb6dc993f2ab4258d7f0f3b4e8813d2a1f388d21373b41abf1c209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 24 Nov 2022 08:35:21 GMT
server: cloudflare
age: 393665
cf-polished: origSize=773521
etag: W/"637f2cc9-bcd91"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7718a6f03b739b58-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H3 200 videojs-contrib-hls.js Show response
www.geosuper.tv/assets/front/js/videojs/js/ 270 KB
58 KB 25ms
24ms Script
application/javascript 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geosuper.tv/assets/front/js/videojs/js/videojs-contrib-hls.js
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 043a56d6a2a0d57e0677ccf7b66f714460d07861a2999e2c387b8c0fe4a21881

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 24 Nov 2022 08:35:21 GMT
server: cloudflare
age: 393665
cf-polished: origSize=519541
etag: W/"637f2cc9-7ed75"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7718a6f08bf89b58-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H3 200 videojs.ads.js Show response
www.geosuper.tv/assets/front/js/videojs/js/ 20 KB
5 KB 28ms
27ms Script
application/javascript 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geosuper.tv/assets/front/js/videojs/js/videojs.ads.js
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c56298f1741c6934ca339f30e1e00b236811efc439766fe3a71fba071915ad3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 24 Nov 2022 08:35:21 GMT
server: cloudflare
age: 393665
cf-polished: origSize=43437
etag: W/"637f2cc9-a9ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7718a6f0bc539b58-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H3 200 videojs.ima.js Show response
www.geosuper.tv/assets/front/js/videojs/js/ 22 KB
5 KB 50ms
45ms Script
application/javascript 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geosuper.tv/assets/front/js/videojs/js/videojs.ima.js
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b4b1e9c6e3e4acfc19c32a4f618fc2b908ac72440e2a1794ee338c4c38aa6f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 24 Nov 2022 08:35:21 GMT
server: cloudflare
age: 393665
cf-polished: origSize=45903
etag: W/"637f2cc9-b34f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7718a6f0cc7d9b58-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H3 200 videojs.socialshare.js Show response
www.geosuper.tv/assets/front/js/videojs/js/ 6 KB
2 KB 51ms
46ms Script
application/javascript 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geosuper.tv/assets/front/js/videojs/js/videojs.socialshare.js?ver=1.1.4343
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d3efc40cc4a70ff7557d6ccbc514f4e90d555e5bd4650ca8938ad1227771ecd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 24 Nov 2022 08:35:21 GMT
server: cloudflare
age: 393665
cf-polished: origSize=7774
etag: W/"637f2cc9-1e5e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7718a6f0cc7e9b58-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H3 200 l_20392_120755_updates.jpg
www.geosuper.tv/assets/uploads/updates/2022-11-28/ 47 KB
48 KB 26ms
23ms Image
image/jpeg 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geosuper.tv/assets/uploads/updates/2022-11-28/l_20392_120755_updates.jpg
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eddeb0c045f8b9b1ed7f19851187363328c798f709ff19e7c075f2b50ad0f0ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
cf-cache-status: HIT
age: 32841
cf-polished: origSize=50733, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48516
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 19:07:55 GMT
server: cloudflare
etag: "6385070b-c62d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7718a6f0cc8d9b58-FRA
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H3 200 l_20395_114405_updates.jpg
www.geosuper.tv/assets/uploads/updates/2022-11-28/ 27 KB
27 KB 25ms
21ms Image
image/webp 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geosuper.tv/assets/uploads/updates/2022-11-28/l_20395_114405_updates.jpg
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfb604dffe32ecc8b2390f2196559403174c7263dab9324ea8c8d67a3e93e463

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
cf-cache-status: HIT
age: 35299
cf-polished: qual=85, origFmt=jpeg, origSize=31204
content-disposition: inline; filename="l_20395_114405_updates.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27156
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 18:44:05 GMT
server: cloudflare
etag: "63850175-79e4"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7718a6f0cc8e9b58-FRA
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H3 200 l_20394_114350_updates.jpg
www.geosuper.tv/assets/uploads/updates/2022-11-28/ 39 KB
39 KB 43ms
40ms Image
image/webp 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geosuper.tv/assets/uploads/updates/2022-11-28/l_20394_114350_updates.jpg
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9141c530b52ba203f62cf4cb1d6eb65a4864450f4e3a85899b4275c44c7b77f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
cf-cache-status: HIT
age: 35299
cf-polished: qual=85, origFmt=jpeg, origSize=42147
content-disposition: inline; filename="l_20394_114350_updates.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40032
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 18:43:50 GMT
server: cloudflare
etag: "63850166-a4a3"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7718a6f0cc8f9b58-FRA
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H3 200 l_20390_112504_updates.jpg
www.geosuper.tv/assets/uploads/updates/2022-11-28/ 29 KB
29 KB 36ms
32ms Image
image/webp 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geosuper.tv/assets/uploads/updates/2022-11-28/l_20390_112504_updates.jpg
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0a350141d67ed51d246df1505d36493937ce7e740d25e3c6ed0a755461fcd9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
cf-cache-status: HIT
age: 36780
cf-polished: qual=85, origFmt=jpeg, origSize=34195
content-disposition: inline; filename="l_20390_112504_updates.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29416
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 18:25:04 GMT
server: cloudflare
etag: "6384fd00-8593"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7718a6f0cc909b58-FRA
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H3 200 l_20391_105729_updates.jpg
www.geosuper.tv/assets/uploads/updates/2022-11-28/ 50 KB
51 KB 46ms
43ms Image
image/jpeg 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geosuper.tv/assets/uploads/updates/2022-11-28/l_20391_105729_updates.jpg
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04a8cbc6974488045ea7e7fda5e4bed2d7d4e85982757d70a196184d71da5864

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
cf-cache-status: HIT
age: 38436
cf-polished: origSize=54009, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51632
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 17:57:29 GMT
server: cloudflare
etag: "6384f689-d2f9"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7718a6f0cc929b58-FRA
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H3 200 l_20389_101106_updates.jpg
www.geosuper.tv/assets/uploads/updates/2022-11-28/ 30 KB
30 KB 58ms
55ms Image
image/webp 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geosuper.tv/assets/uploads/updates/2022-11-28/l_20389_101106_updates.jpg
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e44144171b5b232c6a1ab5c35d206254eb6e4e271c077edca12ea9793984520d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
cf-cache-status: HIT
age: 41188
cf-polished: qual=85, origFmt=jpeg, origSize=33134
content-disposition: inline; filename="l_20389_101106_updates.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30242
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 17:11:06 GMT
server: cloudflare
etag: "6384ebaa-816e"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7718a6f0cc939b58-FRA
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H3 200 l_20385_093926_updates.jpg
www.geosuper.tv/assets/uploads/updates/2022-11-28/ 43 KB
43 KB 68ms
65ms Image
image/jpeg 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geosuper.tv/assets/uploads/updates/2022-11-28/l_20385_093926_updates.jpg
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e52544d629779a0599daffc2417c0d6f3013e90b9a929b1f55ba279dee81ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
cf-cache-status: HIT
age: 42839
cf-polished: origSize=45400, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43973
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 16:39:27 GMT
server: cloudflare
etag: "6384e43f-b158"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7718a6f0cc949b58-FRA
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H3 200 l_20388_080358_updates.jpg
www.geosuper.tv/assets/uploads/updates/2022-11-28/ 30 KB
30 KB 30ms
27ms Image
image/webp 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geosuper.tv/assets/uploads/updates/2022-11-28/l_20388_080358_updates.jpg
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d64e4cd5b8ba1a966f1b3b1d96810bfcc778c571c7d1192f67e1740d734d4655

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
cf-cache-status: HIT
age: 47594
cf-polished: qual=85, origFmt=jpeg, origSize=33961
content-disposition: inline; filename="l_20388_080358_updates.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30752
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 15:03:58 GMT
server: cloudflare
etag: "6384cdde-84a9"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7718a6f0cc979b58-FRA
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H3 200 Geosuper-512-2.png
www.geosuper.tv/assets/front/images/ 2 KB
2 KB 70ms
67ms Image
image/webp 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geosuper.tv/assets/front/images/Geosuper-512-2.png
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b463f766deec4252888badcdd8e9246d916f2630dcb52aee365a9d7aaa41358a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
cf-cache-status: HIT
age: 404655
cf-polished: origFmt=png, origSize=3128
content-disposition: inline; filename="Geosuper-512-2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1684
cf-bgj: imgq:85,h2pri
last-modified: Thu, 24 Nov 2022 08:33:38 GMT
server: cloudflare
etag: "637f2c62-c38"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7718a6f0cc999b58-FRA
expires: Wed, 29 Nov 2023 04:38:08 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 125ms
78ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://www.geosuper.tv/
Origin: https://www.geosuper.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7718a6f12d059012-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 64ms
17ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1642881-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 03:24:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4402
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 29 Nov 2022 05:24:46 GMT

GET
H2 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
22 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.geosuper.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 22:12:50 GMT
x-content-type-options: nosniff
age: 541518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21796
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:35:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 22:12:50 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 38ms
25ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.geosuper.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 22:12:37 GMT
x-content-type-options: nosniff
age: 541531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 22:12:37 GMT

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ 20 KB
21 KB 22ms
12ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.geosuper.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 23:51:36 GMT
x-content-type-options: nosniff
age: 362792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 23:51:36 GMT

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 27ms
10ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.geosuper.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 21:29:55 GMT
x-content-type-options: nosniff
age: 457693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 21:29:55 GMT

GET
H3 200 7cHsv4kjgoGqM7E_CfPI42ouvTo.woff2
fonts.gstatic.com/s/barlow/v12/ 23 KB
23 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHsv4kjgoGqM7E_CfPI42ouvTo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cca6c2dd9540ac7b8194f52ad49c3e6312705d4aa25c4cc29d68e9dbb8a3a118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.geosuper.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 21:39:58 GMT
x-content-type-options: nosniff
age: 284290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23424
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:28:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 21:39:58 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=113154289&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geosuper.tv%2Flive&ul=en-us&de=UTF-8&dt=Watch%20Geo%20Super%20Live%20Streaming%2C%20Live%20Score%2C%20Updates%2C%20Geosuper.tv&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1804822199&gjid=614438291&cid=1339817513.1669696689&tid=UA-1642881-1&_gid=837709590.1669696689&_r=1&gtm=2oub90&z=453908100

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geosuper.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 04:38:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geosuper.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 22:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 28 Nov 2023 22:04:29 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 69 B
81 B 31ms
16ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.geosuper.tv

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5afcaea9a4000a915c257e4be6a23c1cb9a3fe785cbe7d0931c4937f8e70851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57
x-xss-protection: 0
expires: Tue, 29 Nov 2022 04:38:08 GMT

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 61ms
19ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1642881-1&cid=1339817513.1669696689&jid=1804822199&gjid=614438291&_gid=837709590.1669696689&_u=YEBAAUAAAAAAACAAI~&z=1680409686

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geosuper.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 29 Nov 2022 04:38:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geosuper.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.geosuper.tv/
Redirect Chain

https://www.geosuper.tv/assets/front/img/live_banner.jpg
https://www.geosuper.tv/

115 KB
115 KB

23ms
23ms

Image
text/html

104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geosuper.tv/
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 04:38:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 04:36:56 GMT
server: cloudflare
age: 26
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=30, must-revalidate
cf-ray: 7718a6f3db0f9b58-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Nov 2022 04:38:09 GMT
cf-cache-status: EXPIRED
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://www.geosuper.tv/
cache-control: public, max-age=60
cf-ray: 7718a6f2883c9b58-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 29 Nov 2022 04:39:09 GMT

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54

Request headers

Referer
Origin: https://www.geosuper.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET playlist.m3u8
jk3lz82elw79-hls-live.5centscdn.com/GeoSuper/074de7e7c226d5c60f8af14c20725352.sdp/ 0
0

GET
H3 200 bridge3.546.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame BAD6 690 KB
221 KB 22ms
6ms Document
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43762f8d21458d2db8345c175545afe7c12bd886a827956d78ae75dafc50179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geosuper.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226628
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 21:11:44 GMT
expires: Tue, 28 Nov 2023 21:11:44 GMT
last-modified: Wed, 16 Nov 2022 18:58:05 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 71ms
22ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Nov 2022 04:38:09 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 62ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.geosuper.tv

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 95 KB
32 KB 1178ms
1178ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4295035210279130&correlator=3189199852352077&eid=31070950&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=1063725%2Cgeosuper_psl_Live_lb_atf%2Cgeosuper_psl_Live_mrec&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C970x90%7C970x250%2C300x250&ifi=1&adks=3912186134%2C3484638759&sfv=1-0-40&prev_scp=pos%3Datf%7Cpos%3Datf&cust_params=topic%3DSports&sc=1&cookie_enabled=1&abxe=1&dt=1669696689157&lmt=1669696632&dlt=1669696688512&idt=606&adxs=436%2C1148&adys=107%2C180&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.geosuper.tv%2Flive&frm=20&vis=1&psz=1600x50%7C300x270&msz=1600x50%7C300x250&fws=0%2C512&ohw=0%2C0&ga_vid=1339817513.1669696689&ga_sid=1669696689&ga_hid=113154289&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

370271e07279d82c6eddef259cd4c651cdf9e778ef4ef69359172e77f5af8f28

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPzmq_DI0vsCFUHQuwgdd50AzQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/9575361904944087040/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPzmq_DI0vsCFUHQuwgdd50AzQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/9575361904944087040/index.html
date: Tue, 29 Nov 2022 04:38:10 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32759
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.geosuper.tv
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6D14 6 KB
3 KB 105ms
11ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geosuper.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 04:38:09 GMT
expires: Wed, 29 Nov 2023 04:38:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame BAD6 29 KB
8 KB 355ms
319ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F1063725%2Fweb_geosuper_live_preroll&description_url=%5Bplaceholder%5D&env=vp&correlator=3055598468011936&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x480&unviewed_position_start=1&sdkv=h.3.546.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=0.2.0&sdki=445&ptt=20&adk=1291049972&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.546.0&media_url=blob%3Ahttps%253a%2F%2Fwww.geosuper.tv%2F0f68494c-7358-4a3e-9b8e-f29e864bf7d5&sid=36818C67-0489-46D9-BC66-4894A3792D5D&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fwww.geosuper.tv%2Flive&dlt=1669696688512&idt=743&dt=1669696689313&cookie_enabled=1&scor=1887245711142559&ged=ve4_td0_tt0_pd0_la0_er222.152.374.452_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55e01290097887321980abbbec4dd28b6826e25b15e173329d41bf241c69b07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7102
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 58ms
23ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

125738319d20dc302fc127a3f51e4298e6e2160d4d704b406be5027ab895cb26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11178
x-xss-protection: 0

POST
H3 204 rum Show response
www.geosuper.tv/cdn-cgi/ 0
141 B 11ms
10ms XHR
text/plain 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geosuper.tv/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.geosuper.tv/live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
content-type: application/json

Response headers

date: Tue, 29 Nov 2022 04:38:09 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.geosuper.tv
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7718a6f45bf39b58-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 60ms
22ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 04:38:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B2C4 13 KB
5 KB 23ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geosuper.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 03:45:53 GMT
expires: Wed, 29 Nov 2023 03:45:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2E49 783 B
1 KB 38ms
15ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d09470620720c9faa42877d2ff3a7d8bc04ae6ae8923c9b6fd5767d259d8c421

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vx_0v3aYDQTXs7RelB_CTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geosuper.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-vx_0v3aYDQTXs7RelB_CTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 04:38:09 GMT
expires: Tue, 29 Nov 2022 04:38:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame B2C4 36 KB
16 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 15:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 15:08:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2E49 0
0 40ms
40ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=4295035210279130&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B2C4 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lw5S5A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame BAD6 31 KB
17 KB 109ms
57ms XHR
text/xml 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BZw7T-DXzuEGfKUN0Uw7F0ecYs0LNxEc_5lVWiLye1umOF-TrK7ZUvPNqxmgLTxEDoFJe40Gd7ma75Wk3YGJTBjRM8zA&dbm_d=AKAmf-AokDP3G1cfhY8xqYhLLcRrEXbscMY_nH0bc42Bz8KZGf5NDehjeokinD7pDeV4PEzj6Y7ty6dr9a4o17tNl4NV47iXXl2uh1mSQy6WNg7kHXMxX23YLVugFMuSzrCs7P8hXV9gkHBx1HxwXEfUfk0fMGUx-IMsdmcYqXGNAma6Aejv6Bktsk2_n6-E4iuO8KtDz7JyJTNCVZfTfERhIQSTfW3j-YXL96Qg4sHgwS4FC0miyemmSjnIVGSqdBBKBM78dfYuytb71C8Csc2HF4mr1fmrz0_2Y0oYy8PFBhDaepS4y-JGh13aOLgvyIwt5LqH3yOHIo6vmI1YopR_XtYZii4L9vtXwmFKfW8r_KmtOtT1QUZWMAGkDsbnnlRY6lyrdNpC7KtLeUj2upU1ByF1SL4hvzjrEoX-CNBxlAL2UNTwvJgz7ebxsmlcDZTV7yJ0BGPyieQZMuiIQOqsy5HFYVqkt4GQe6OYurV7L44jEcJH5lSCJy-YZFIF4GKrJvjqoeako_2EeqfiWsA1CVPFyDgpy3nhGkXY_3vqICnXsl7ADF0GfHOsVgO567LfDQQ6ZeujEwIs_RDyki6BoKi7hk-afmiXJBGYVckVBhQna9ekTiJKkm0-KrfS2gHNdUiRLUPttyyCiXO7WmwWqSqS-F333Ol1AUezzQTMUIy1C39xzqm3HCCsk9Aes1hyFJnIFFfElruQuHqoa_dubRC2XkwQkku1hieWbfuVpiB7I1-3Ih1G-Nid6TfnxyJr7k-bh0JxZEjG5dbzPCHZlm9n2qk3ykHcdS_zsixV4FXEAFWD9jGmQtV68Y5SIui_KkjEXR4gfx3hl_pFDC9-QQjwXuBxBCQ2TxqXJ3g7Duf2UZTZoL5zhn1DScBrCW5r0QXCvbOOnviHzoiZJUFCOacdptjcMNu2tdWgPUbgYKyjP7AFLlHuKk0bN4Lu5Rf7jMXlnEfyYN0ZDui4Kpv_ccUJzpMzoOZlqpEM7nPnw94PBhfUlUOEAQynZFUty9bvggNCZkcVdtYUwZ7SRuvZ_Zee94nbz9pgwKenYvXMQTlcBqQO4UpMEAhagnDQF0dhF1LWeMXJ_q6muFOILMJPhNXSAmDej4ozdhHLbVnCDXyP0kjTlJTN_xmStPec_N6ZDdP5gfpsQ5lhqR4yt70mkPrOZsVusokdVEVNv5BxaFKXp-2Hy6oPKdQqtcqhi1kEhT7mjv97jGI65TIU3b8UB0YaOWn8V7bDqlzJsSsIl__xVbftqETbQBTKtwBmPAIYExq0SnuN2yv9pEgHVczkvRU32Vn1x4cTYNUjUvdv9yOXrobGs2S7JV_gfXYqGIhd-VearU_c504LxsEGlCpC6tvDd_5ZalCxSU54eaVulTihuC71cJ1j_06dMiWQvnd_dJ7oeWT64aAgcLZDsQ1xMpwYiD7LR6awZ4eaJeChc3HtMlMkK-s2uWAXNsFGPrpynzCVmp1gH_Vg1yrKJzALY1BPfSDm9Jv91SHTF2UlJwaB2qwN4o5jzd-B4OAqZpIT5gFmPXGbuYDzT3zVIZYXC3xMKD_xfb8kCth2u0CyWXSqKwW0qR0duX8xctI1WOsDerErIfdZiP8U873-Uois6Vz61hFzhlSbdkqieejtx1kwXLFXW9ZXHROg9Ef5RFelV3PpRaHmD0eYUOMPS5l3qsrxlHXo_DbP__RrKGGFEgPoxoYC3gDzVjg8Q0mPiTsS3gPwwvGprEY17I2Hrwl0Rg-8tpA0sdV2Y_sAd5QyB7aGn3yJjs30GC6lUv_h0WhE54PykSt39m1SCtrYllW-P82U_IfxelJ0rGSGQYoLzAorLBRfv_QGJNZ5JlyzPJD8uEQR_hENpOS3_njutfsgeVB9662yswOWeSOtc8kjqolya3ZiKCbTpzaJ1s_ye-9SJBUsufAWg5sGTJZMx5vhqxNe0zY6osBj4xHDxbCbyhOdiI7Na5TUNDBwiXnaR90c9SNFuLn5SBY6CXgAMX8IayPYlZggrp_SVluV52igQFTxMXuNmHwtkH2Fc9YXylQRTaaPO9NWQ9A-vyfTlE0gXqninvC0Q0arNUeZKechw2PZxgsdYogzDMDgh-wuTA-_YFVTFOauccJw2XEAcaXGnNbfiMA1N4LXoHq0D7pqdSnIXzlMC4pRUwyl6aaT-kLqpJHMq8QlMjtrAfl8-4Ans35djhkBwrjYDFRc05VajbRYFrmJz3znhV4BdswHSbbyqOF7vVZU47LhUPWN64kroqPqUVzMTiDs2ETIHwNblKqcy4BPjqCucbJGKadS6zToqRXpu0LBLohO8qvbdKG5ETJ5H70MBj9Ie-mFE4SBsfBa6yYL_oW1CQJEWbzOpGxpKfPmwZY7CjsQByAYzji3PzEWbuJ0bQLiTiARcDS1SXAaoRCb8xeEyrR4QwtvfW6BaaUglXfWt_YiIo6eIjbDk-xXZO7lXEQbE3mYrViV-GB0e0HYqeROUZv1EKi5j2ZSyBmfCScHiy2G0idOw_vJ1ge5o11mJmv23vCQ3hoqNcr2JR5k76_898-E0tgL_geKWB6P8BEbDpFsFqDecNQdTo3liOW_NlLCa7z5WftGdGDT-h3YLWM2P0S9nTHKLXCyXEyVwEOLPMKW9TY5us8pq-hLB87ZPYVUOeI5k26XiXKodWNoRl7ZZZLXPvYnEQaZI9_GfygkHhaLpDWXoqvpwxLpRXWBlyGUEb1tuPoX0waP357h9H63e23VuF36AcQ2EN6tMgYiuRK5Mkna5X1nhPkK6lY27Elro9UfWDPzNrL8XVtXpusNnOj_9JG8bvMFv1-Bw_B1mwuEEZ2UMbxi_IRckiYlpelo8Jto3owjeVQ6-lYC645RUbw-hH7DqKxSL-iWzr6COQARFRmfJAXRM9Xf1PcU_rQXQ7Z1I8LMGLJrpPZCj1_ZE2TRqDqavOGxWLFAcCZo9jmRvF5hchuD3q_8rpBoeZg8uMiY8slmGVN3CvHzEfjExeIEIXlZ1ipaRshbyHmV56WGHT2L0soC8Hi1QJl2RDpCwLK_Gv71O509yNEabmRMajA_nWBmHUsIruDvfXPrWgZvrRrDPbi4b7E2gFtCbPdMNUsQB_DwnCIgNpPFP9cMDMNEasdBXM7UHJaFNxhBIpbKdEGAaQBGBfNiSNS9wlL0c5qdVE4MuvD-87eWm38MKiXqqG1rmT3M_HXOPLS-8uZk7oQwPJJ5if_ZZ14r9KVpxaRcaynk2Qwwj0Xnbs8SUZN4TrlOCE2SDI14PcAgioItac_AR8zpD8WK6WyF_XiQ3wNOap79PRD3rK4BYRJZzTag3jw1jOMWLvdIX3HFgI9BLa7dyfcmc0of0VzMt77nVhTi_XsQ0LcMH5EXNzduuOzpkuG5Itedcj1kDwffHpbs8R8lYOk4Bilk3ADxmlHfp4VPTeA3aGcYZFjzwWSfaq6WfQtBdk5eaa1ALbQ6lSKcwm_I2eB0hA7YTv9BBKxCZ0tGuHps9-t1n0Co8hKBNqHURyByb1UM5P92SWRA&cid=CAQSPgDq26N9qnCggy_zeNJZfQLIKLquuNJDuIN8AH-P7U6rQht3HTifp4ceg9jRWZ2bA4AdxmdSyXuztfw9bv5pGAEgEw&sdkv=h.3.546.0&osd=2&frm=0&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=0.2.0&sdki=445&ptt=20&adk=1291049972&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.546.0&media_url=blob%3Ahttps%253a%2F%2Fwww.geosuper.tv%2F0f68494c-7358-4a3e-9b8e-f29e864bf7d5&sid=36818C67-0489-46D9-BC66-4894A3792D5D&nel=0&eid=44748969%2C44765701&afvsz=450x50%2C468x60%2C480x70%2C728x90&url=https%3A%2F%2Fwww.geosuper.tv%2Flive&dlt=1669696688512&idt=743&dt=1669696689684&ged=ve4_td1_tt1_pd1_la1000_er222.152.374.452_vi0.0.1200.1600_vp100_ts1_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

d2f22b4e47124fa52b1ea1cc1de54670fbe4c76280226563faa88fcc0c509e30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16416
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
42ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=4295035210279130&bg=!RUalRgLNAAbvMpMzzzI7ACkAdvg8WoSfxYYPHIT_I7Ow7vsXa9ChEz2rqiekJAkbguGSbfC01YDcbAIAAABOUgAAAAJoAQcKAKfWaA5zCXC_dSbVXSLThAXi0piwGPG_LuaVa_UIpIhsr_B3xHFIX614xOzwRkhfw4unnCyxGBwjQ9DmhBv4_rX4rFmsoZvDw9-ocmqWqaWeNc5K56UVxkTDvmhcs5gJZRsTw7T1fKxYGrAnNdBXvOEGFLYLDyc0Yx8fNHOTBZ4U0fbfG1iztbCVUjIULzKt3JD7ZDCd7MkI0gA7LcPbooiBjLwYg11alJkCmFqLyIj5p8fdYMxqfm0vesdC9Ul7aRhiFZuira0W1t2m9_PajxOAlIhMDsekqg9k6aM6_QLvrl_9U8-Kdu8Q7fk1wLLOZmI-IvfcbxmOzAkILU8iy6YMROd-0z7Wgk2WpRdEKpVktLumVW3xhXEIoysMZoGVa58_-E-WF4stg752mUb7Vi0hSyvwxYZW5lqrBwgBZBLK8366yi0euirdky4_8x_bLXTe9rKLsSu9zFf4vu7IZB98UO_zUBO3Hfyh0n3lRzq1UzsIpHzbCGwSmpBB1T8kMm_x6Mzc-Ggz-xhyeS5zu2ufeKoEc1syCOr-knb1L_YKqlANITrV4paKniDd16EDk_f0iZqEB4ctCrkI9EQDyR7vKv_joxTjfFVyiVa5TQiLH3NkgTLQX6PbikhfbMRWcO_8igqF0o9beN_A_a_YVg0osEVH2NT4r-EunslXbl5ivn1Cj1iGwGi4C_BhKrFqiRQ7C2eSPRQzDKJLjG_1eVAgc64l1Zjf4c_RYb5atat1CLTIIwpK8kDsTrM3dlPYubOUKQupCii6Gai9Q7Ka382sDP1MSwEurOvdQ5BfZ_Gg4cO88UEKjLGxTcKp7UVXTygeAO6npeYNa1IoM_-tk4U3WgeSPj1IsuUoc42PtYhIAQvDdqRKQjG2SARc5L8_LM1oaNugPqq1YAGmbmFdSmFtZkuHB57hJNKjU-JhDo4dk7mhxqbmME2Jl0zPu5L8PECWySklKddmgLAe2sv7Z-uk0mQ-zLjAqSkfJy38PUBENRe7tav1oHA5F5R-5iBCSrL4OUQ1s8EQJf8yyC7J9P3vo4GcHknf7I0ZSv8DvAuPz9H5UPst6EyH0t_wt-uobr7vwOfBZMhWZVqAAONagTb9kxk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 jquery-3.6.0.min.js Show response
www.geosuper.tv/assets/front/js/ 87 KB
31 KB 25ms
24ms Script
application/javascript 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geosuper.tv/assets/front/js/jquery-3.6.0.min.js
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 08:35:21 GMT
server: cloudflare
age: 404655
etag: W/"637f2cc9-15d9d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7718a6fa1f1f9b58-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 29 Nov 2023 04:38:10 GMT

GET
H3 200 swiper-bundle.min.js Show response
www.geosuper.tv/assets/front/js/wc-assets/ 132 KB
38 KB 20ms
19ms Script
application/javascript 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geosuper.tv/assets/front/js/wc-assets/swiper-bundle.min.js?xyz=222
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cadd41d57d03baa9fee12da98286e32ffcfc64a05453d4decd672a58aa9a4339

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 08:35:21 GMT
server: cloudflare
age: 404655
etag: W/"637f2cc9-20fff"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7718a6fa1f249b58-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 29 Nov 2023 04:38:10 GMT

GET
H3 200 container.html Show response
8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5359 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geosuper.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 04:38:09 GMT
expires: Wed, 29 Nov 2023 04:38:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4040 6 KB
3 KB 13ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geosuper.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 04:38:09 GMT
expires: Wed, 29 Nov 2023 04:38:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 944F 624 B
419 B 19ms
19ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi63vHTATAB&v=APEucNWz8AqyquAKAl8Mdk8oV9uaXtyUANGcehgy_YgjBKoaLs4iEgaFSA7kwlsLw-54MKqNtg6rEIZ4glYCi_t2MWPzCxBJh_EBydntFTSZxG9U1sZ8RQi4xHXYNldCA_bvTLNn9E_RH6Pty2Ww_At4reEqFudefE2rO7XEOknTNjsi8Ashzyg

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 04:38:10 GMT
expires: Tue, 29 Nov 2022 04:38:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5359 85 KB
35 KB 69ms
67ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CaoPt2wC_lbgLVJbl6snH8QjAQoIy8g8vlaeUmmiH5E-k8JpYwMgiVoP4j4trQVi7Habbhn1g_mpadZxJmhrtSoFP520hgfoHEfs3W4m64GpelX1fAzyM84r7hLga-leXeWth4q3WkMOk0CaAuwEPGlJvQ4bK5gw8b6GCbncz7SLxNu9Q&dbm_d=AKAmf-BtF0iBJJr9gwFQrxfI1Qe95iu63LtAkGHVsYryc7SvBdyIyBzwCG13S81F9Tr1M_inEsN1h_yl-ggFlsC5WWzvaAW8x6YkDTmv4cxUSHn2Y3xWMhXA_OaNP_kWytOM8_hGVi7mmgAZCcYS-oXCH68UqTW_QHQF4AzURI0sropCXJLHetNdwDbidqZBnhFDqiYIj7rnpFcAVqMiGRgab4omp2reELnmB5R0r0_11c4HAM7thXdk5xsYtwK4E67IJmRvFUSrAcSMgyl4a_LJuBR35FOGhVJe-UKbzr31LDKuKyGdmseRP4cECg6U9GEBSVl1ShKyBqRrIwBD1ek7KECk7dAD4MfD9OJlBXXQ5MtdECAEX-dv-b_6_GKkebFPiXuIx70s5VSODQWAKD3FhbEaFTsoTokf_fXHyDDnEyGy9-Oweq9sjgjLtDCAwO10T7tRK_z5YwR91xaZmWEf9Ipg5JzI__1gJiN1iAqoebwwA91OBYIFzJQ0hhPZmkJQ4m5uJMLcV3WFrElAxx9BGV_cBAp8rUJUoKTNeLVAq42-bx3Bd5eL9mJ3pVjbZuSgezt8AFngzz1QnsFuHZfw7_8yt-2ERjqS9FnQPHbzRjEWWAJfXWZpWOU3OPmpC5nbZa09uLtztfaMhinz9p2WAHQDYAXgywcGhw1xgj1mZzVXwqK-uBB-7kbUocEWZL59Ex8MkGr6STKqXA1DDKtywS9TB3zsltOL4_Snu70Dh0MI09L3Jl9NJkJX9amCAk9ex4xlelvgejNAxTBiWvgBBsa5s8SoII1LHjnVBZhELGAdF3Vg-0ujz0968SpefW1dfG73LB-ncwaZ-JkfPsubP5y-8trQdF0LTN2-4q4fj7TZSodtB7sjXnWpM9W9iGMDBWMx8CPZ7jE3-aMDlxgT0UKC6JBEQXDOzJVeaPWGYmVT01xwUGYMUWSaAlB8JikTdGgbLGOrwD-6MLgAzlMwN2OuBAAK213QsiOGPumG5gQUCoJyOmd8tLYYXQTV_ivJtR_Pm7aJeU6fah87wDUbzythe380-LXCPU5OJgnOjReli3YVghWTOrjmJOrq7G7EmzaC2PoK8p4PzLSkrm7VSzrT1viaLSmVk-zl5bo9rUvezIINfM3hcRpqeyaE3xvgAbhVGdn5G5ww674aYSHK0s8C8ZzErFDiQxAsG_Dmf76O8lOo7PTAiBAz-CUWAJBJIwy_TRLTMo6Me1-tZgsNzL0HSOh9MVFF8jMB21bGgLEQksgmrXbN5MN0tpC7KrGkgAu-s65snhW3uaCesSBO3X4-qQstPl58WPMFt3aLC2xXWh-_E4VoUv5v_OFKCx4-caJxDSHee0gkek11hfIdx7lp07pnjs9AG1kxMQ6MpwrbZ-UE4k7kEItxMEPvCkX9Cyifhh7YCsHp_0mH6Bx2RWlO02wG-MLnOtr3uRLZZxW6mCG70iTlq9u6lfeS1prAKcMTIAkYRh5myGCdGNhj8PCbRlfB0g-b1X2y2RrdDwSiGAD5dNVpXbFmN-GN0AZc1BNjA0vEqNA2XpyxQ8she4fvrn6CeXNkMuZll41_e8DgOe0MyUhBZ2xZwijEm0H1tGfFqOgGtuQP6-Nro2QTPmlYnCR5RQGyctFokyv16Fp1HkicOqmmcFPjx_NWmbmQ2m6uCQBTySNOSH94Pptrz68VSCDE-3In0sWLY_p10Z09pWBM9LpARL9twdPoy4g69IoXWvdcHlhdx8lvyUlmN2iqT_e7LjlJOuaoVobAaLOfrq0APy7rKn2Vvt7du_nKCewfr1IqvqqC--ahg5nb0TxbDvlORQNu1j9ebrmumd0dZj1M4qzJ69Zd1U1QIj9uzPMzHxPoNpekHMjhXfuC1VYDmqQ8xzQjKJCTSAn97BsGlKnsXhengrjfT-2-_YvqO-shEWiskZbbexJJHrFJPhffAJH-2RZ92JWnOmkSI4S1rUgav4Iph_XDyQvqkQEr_R8CiQ7YbnHcxsZhVzbJo_ghgc3I1A0nRHWV97vDUH9KAvaki6A_kG5N1KZxoQJdkqEjxyOHzClfvWE_lyzLRceqWeSXpk5NK1i7CglUhbG6mmjcuMpJFd7xyaYikQR8GyvhZb4LlGAc_k6Wf_ahZn366zV_wv5kCUecRnxIk15kr3Qx-Wk77y8a-PwkfNuPeUc2geGMVQhAsburVz93O0zGDoBHETbVmvSnbJaF0JuG_rc03bml6VFSFW2pBmzH8VCjUzIMqpA4hkQNHi-gjTW9l5lcCD7VRWEY8K4zZics92ZmpOQR89rhmGMzC13szEm0dD4ZdS0ekOifXcHag0HHvPLzk-cUsFcoAhDSQ6VM0K1eiKWAT0vE9R8X_D3N-3-gua-tgpralKh-pknVfapnxRYoTq45R2kLxHEpppBV4044epGInEno6EbdMIIVINKrR5B-48SoDJmMNgRU4dkfOAVUJPizoAvBiP86g_YsbFJ5TJ1DFO6AficTrywVMYjmNBFtl5jYl8mxbsxk2P_Or9vtdymoX6TV3F3T3Qu7qUHsc9jI1rcORPlE9JuMOldzgIw42FZyP-TmtMQvYLxiCiM3LOyu4KTey7fYIq4YMcsnOrZF2CPoY_9qHTXrMZrATE4pKadEBD5whr2UVyZ_9yTd-Gvpo-4SQEo4XSxhlHa3wJruuJX2GTF3yYJiz10NQpC-mtxraHxdEx3iWUo1GjkEXY9yWPT3LfH0gc11Tfc4O3K4oldcRe11Vxlmk7XLKYvhUmws7cGtmFEaOfinmsw7AlZ-MKnfbaMoLoEotnFjQGP72otP8WnqFkCWluGTBRJlL-Zs7R4UXy4SdhrdDCZEN5VvnGrQQDTah3sdRfu4SRlc24pRueXskIUwSS0b4GsTmGcrWe04Xj2j0j-EuZXwRazojdIeY6VPzTdsNSTEwjp3B0C9YHfc83iWd-YQpbgCU_tFyRB_WYSSUzrsWs9qtxk7FdNLWOaZvagqnXnWcZdgCgqUPGWebr9sSTO3XV-geDhs3hD6n9H_rlphUVNqv3I1uQMI13fE1WjGtObxMCWj6NcqjNv4Y-sggYo6ximhqjZRkEr6nOQd7JhD3T4Cw6re6dOHjTqWd6rfFZEBrTfcJJQnyu4rdQXao-UvovzbEMzgCW1921Kdz4zuAMsHCDV0T6TxENzDRVo4flWh35hipxzCIzl8fJxpRAqpiGjey93mBEnHAzNmO3_D0q2acKb6X8U8j-F2CHFqqwVdkxdszRuqYB5cEZLpcppdcjFBYiiDXOUnYAZvlSFwK2YK3DC-v9UX4IRfOv_b9rKgkDU&cid=CAQSTADq26N9UrCQ4cyvfbMuLCAdjO29l2iG8V_wPUqL0eAItEzUIfSU041esWDD3Ch9w_P4Z4TuJqxwaCdyuvW4Zi3lbhLShqEPk_qbZgQYASAT&rfl=1%2Chttps%253A%252F%252Fwww.geosuper.tv%252F%240

Requested by

Host: www.geosuper.tv
URL: https://www.geosuper.tv/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28c27190636d247f0b265b265b259d415ac387a3ff70f7bbd70350dfeffa0718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 04:38:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35374
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5359 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Amm5WKgNiRBl3OArngzODtLbMo0AX3SIdDJyho4PSEdW6yfrxxmZhjDOJLRybNoBh8USB1dzLe-sYT_upoV1H0KS-4l5CzVdJ8fH7gXqeNL47xwss

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 04:38:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5359 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 03:45:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Dec 2022 03:45:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5359 18 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:22:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 12:22:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5359 154 KB
48 KB 71ms
32ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 04:38:10 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/ Frame 5D4B 97 KB
22 KB 17ms
13ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/index.html

Requested by

Host: www.geosuper.tv
URL: https://www.geosuper.tv/live

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c9e023e0949ca33ce3196e802acb06286a6809c0cfc6a3f6b9236b021554dbe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 192725
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22908
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 23:06:05 GMT
expires: Sun, 26 Nov 2023 23:06:05 GMT
last-modified: Mon, 27 Jun 2022 08:53:24 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4040 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CfLV9sYyFY7zKDMGg7_UP97qC6AyC8puFbdSP_-XDEK73ps2wMhABIMnSkgdgleKQgqAHoAHLyrqcA8gBCakCZgh7L5dhsT7gAgCoAwHIAwKqBOsBT9A47GapxZeiUI57lGzoRkil8w5lJexT2p_ADfPiK8KyX_1nlUHGQPJaQh74KavqIrSU-7uJjxWkcuyPzvVr22KKHJuf9J33lDxF5xsIXc8qfhPXkwSJY6uy0e76wHqoiO349L4t7e4BbbE3EOEFnHw56O17Hdt3USuaGLjl09eo682t62L7M2ShVnuOxt94vo1QfbLhgsfWSKQ_3thS_1HHcZGDEatC0zGKNldj-rzuVmylLhnE47B5y6UV_FXtZa_suvGYB7XPwszX5Vcm8IAgzDMLCWPwdnxzrY_uiS5bhPm97uooKRAic8AEr9T5wYkE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB521xWOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCTmR7SCBEIgOGAEBABGB0yAqoCOgKAQIAKAcgLAdgTDYgUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi03MzY5NDY2MjEyNTcwNTU1GP2wCQ&sigh=hmfaFwFuBVY&uach_m=[UACH]&cid=CAQSTADq26N9UrCQ4cyvfbMuLCAdjO29l2iG8V_wPUqL0eAItEzUIfSU041esWDD3Ch9w_P4Z4TuJqxwaCdyuvW4Zi3lbhLShqEPk_qbZgQYASAT
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F42A 143 B
166 B 29ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 566
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 04:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4040 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 03:45:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Dec 2022 03:45:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4040 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:22:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 12:22:13 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 944F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtdtjJElkuGqHnonirVglI&google_cver=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtdtjJElkuGqHnonirVglI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi63vHTATAB&v=APEucNWz8AqyquAKAl8Mdk8oV9uaXtyUANGcehgy_YgjBKoaLs4iEgaFSA7kwlsLw-54MKqNtg6rEIZ4glYCi_t2MWPzCxBJh_EBydntFTSZxG9U1sZ8RQi4xHXYNldCA_bvTLNn9E_RH6Pty2Ww_At4reEqFudefE2rO7XEOknTNjsi8Ashzyg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Nov 2022 04:38:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Nov 2022 04:38:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtdtjJElkuGqHnonirVglI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 944F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4WMskjofJ7AMuGeZ.8FxAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtdtjJElkuGqHnonirVglI&google_cver=1&google_hm=2

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtdtjJElkuGqHnonirVglI&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi63vHTATAB&v=APEucNWz8AqyquAKAl8Mdk8oV9uaXtyUANGcehgy_YgjBKoaLs4iEgaFSA7kwlsLw-54MKqNtg6rEIZ4glYCi_t2MWPzCxBJh_EBydntFTSZxG9U1sZ8RQi4xHXYNldCA_bvTLNn9E_RH6Pty2Ww_At4reEqFudefE2rO7XEOknTNjsi8Ashzyg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Nov 2022 04:38:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Nov 2022 04:38:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFtdtjJElkuGqHnonirVglI&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 944F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOt88t_4X-azyEmJ92QYy8E&google_cver=1

43 B
1015 B

12ms
12ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOt88t_4X-azyEmJ92QYy8E&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi63vHTATAB&v=APEucNWz8AqyquAKAl8Mdk8oV9uaXtyUANGcehgy_YgjBKoaLs4iEgaFSA7kwlsLw-54MKqNtg6rEIZ4glYCi_t2MWPzCxBJh_EBydntFTSZxG9U1sZ8RQi4xHXYNldCA_bvTLNn9E_RH6Pty2Ww_At4reEqFudefE2rO7XEOknTNjsi8Ashzyg

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Nov 2022 04:38:10 GMT
AN-X-Request-Uuid: 1f92d4a0-d177-4bc4-9519-5f0c0d8ed810
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.8; 217.64.151.8; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Nov 2022 04:38:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOt88t_4X-azyEmJ92QYy8E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 944F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAxNTM0MjQzODg2ODk2OTE4Mw%3D%3D

170 B
243 B

17ms
16ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAxNTM0MjQzODg2ODk2OTE4Mw%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 04:38:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 29 Nov 2022 04:38:10 GMT
AN-X-Request-Uuid: 5feecabd-0a8f-4484-afb0-7a6a11bcc627
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAxNTM0MjQzODg2ODk2OTE4Mw%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.64.151.8; 217.64.151.8; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4040 154 KB
47 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 04:38:10 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5D4B 16 KB
6 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 30 Nov 2022 04:14:04 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5D4B 34 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 29 Nov 2022 19:53:06 GMT

GET
DATA 200
OK truncated
/ Frame 4040 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaf0f237de420b13417c1370d86457231e8a5b70c906489e9d4d4fc407378883

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F42A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

27ms
20ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 04:38:10 GMT
expires: Tue, 29 Nov 2022 04:38:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 04:38:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 MBD-ZMS-2021-17-1_DT022737_20220131_JPG_300x250.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/ Frame 5D4B 46 KB
46 KB 22ms
12ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/MBD-ZMS-2021-17-1_DT022737_20220131_JPG_300x250.png

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c3778954237779491e330409c51cafad37aed257721906231f9bd42f0b528a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 26 Nov 2022 23:04:24 GMT
x-content-type-options: nosniff
age: 192826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46681
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 Nov 2023 23:04:24 GMT

GET
H3 200 MB-wm_claim1DE_ra_n_web_112x30-ohne-slogan.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/ Frame 5D4B 3 KB
3 KB 35ms
25ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/MB-wm_claim1DE_ra_n_web_112x30-ohne-slogan.png

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9508ae2c0c23698a62dbea2928d7c10e046b3cc1071d96f50d0adb2be8b44c7e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 26 Nov 2022 23:04:24 GMT
x-content-type-options: nosniff
age: 192826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2580
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 Nov 2023 23:04:24 GMT

GET
H3 200 MB-wm_claim1DE_ra_n_web_90x23-ohne-slogan.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/ Frame 5D4B 2 KB
2 KB 34ms
24ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/MB-wm_claim1DE_ra_n_web_90x23-ohne-slogan.png

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5a22510bc8cb4d0abbfb01b2cb09669cf5123e6fdeee9b26cfc3235d6d30354

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 25 Nov 2022 04:27:53 GMT
x-content-type-options: nosniff
age: 346217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2176
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Nov 2023 04:27:53 GMT

GET
H3 200 MBD-ZMS-2021-17-1_DT022737_20220131_JPG_485x250.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/ Frame 5D4B 149 KB
150 KB 32ms
23ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/MBD-ZMS-2021-17-1_DT022737_20220131_JPG_485x250.png

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f7418402b37dd7fdbeb5da7405d103fba03573666213722ac48e4f0ff6dbf64

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 26 Nov 2022 23:04:25 GMT
x-content-type-options: nosniff
age: 192825
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 153083
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 Nov 2023 23:04:25 GMT

GET
H3 200 MBD-ZMS-2021-17-1_DT022737_20220131_JPG_200x60.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/ Frame 5D4B 21 KB
21 KB 38ms
29ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/MBD-ZMS-2021-17-1_DT022737_20220131_JPG_200x60.png

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

534da0b59ab7ec9dfe401f592c87913adbc818dd3f84cfed323b558aa6d6c847

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 25 Nov 2022 08:24:52 GMT
x-content-type-options: nosniff
age: 331998
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21957
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Nov 2023 08:24:52 GMT

GET
H3 200 zms-der-mercedes-unter-den-arbeitgebern-200x200.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/ Frame 5D4B 3 KB
3 KB 31ms
22ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/zms-der-mercedes-unter-den-arbeitgebern-200x200.png

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d626053191b864ea79bf0ba7d0cbf25fd16be9bda29c801512db1a54cf59226d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 25 Nov 2022 08:29:47 GMT
x-content-type-options: nosniff
age: 331703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2618
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Nov 2023 08:29:47 GMT

GET
H3 200 zms-der-mercedes-unter-den-arbeitgebern-250x250.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/ Frame 5D4B 3 KB
3 KB 37ms
28ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/zms-der-mercedes-unter-den-arbeitgebern-250x250.png

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ceafe48df8ea0b64907e46a4cc2ffbb55f6a594286cec6345184efa6b1587b6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 22 Nov 2022 19:18:53 GMT
x-content-type-options: nosniff
age: 551957
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 Nov 2023 19:18:53 GMT

GET
H3 200 MBD-ZMS-2021-17-1_DT022737_20220131_JPG_250x100.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/ Frame 5D4B 39 KB
39 KB 33ms
24ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/MBD-ZMS-2021-17-1_DT022737_20220131_JPG_250x100.png

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f15c7bafdb5c915168bf313fc18cac930edb20bfadd694e179048c7185563daf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 25 Nov 2022 08:24:52 GMT
x-content-type-options: nosniff
age: 331998
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39700
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Nov 2023 08:24:52 GMT

GET
H3 200 zms-der-mercedes-unter-den-arbeitgebern-300x250.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/ Frame 5D4B 3 KB
3 KB 25ms
16ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/zms-der-mercedes-unter-den-arbeitgebern-300x250.png

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f74d3e68f1fce26d945d08b563ea29575c977628c9481579aabb28d89fb41e4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 26 Nov 2022 23:04:26 GMT
x-content-type-options: nosniff
age: 192824
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3199
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 Nov 2023 23:04:26 GMT

GET
H3 200 zms-der-mercedes-unter-den-arbeitgebern-336x280.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/ Frame 5D4B 3 KB
3 KB 36ms
28ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/zms-der-mercedes-unter-den-arbeitgebern-336x280.png

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

914eb922ee7c6242c122fadb8f8be5aa6b3abc1277a7eb8bb132a4e6e12e4bc7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 25 Nov 2022 08:24:52 GMT
x-content-type-options: nosniff
age: 331998
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3394
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Nov 2023 08:24:52 GMT

GET
H3 200 MBD-ZMS-2021-17-1_DT022737_20220131_JPG_336x120.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/ Frame 5D4B 58 KB
58 KB 33ms
25ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/MBD-ZMS-2021-17-1_DT022737_20220131_JPG_336x120.png

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58a0036d7f0d5271e3d08cb9a0f0efde5fe80e274825f5fefcf3cb830f1938ec

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 25 Nov 2022 08:24:52 GMT
x-content-type-options: nosniff
age: 331998
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59731
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Nov 2023 08:24:52 GMT

GET
H3 200 zms-der-mercedes-unter-den-arbeitgebern-300x600_5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/ Frame 5D4B 5 KB
5 KB 35ms
26ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/zms-der-mercedes-unter-den-arbeitgebern-300x600_5.png

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c758a30c5c04c107941f7b911794d297c0ffb2071bb00db3d242c62654627577

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 24 Nov 2022 04:32:30 GMT
x-content-type-options: nosniff
age: 432340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4856
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 24 Nov 2023 04:32:30 GMT

GET
H3 200 zms-der-mercedes-unter-den-arbeitgebern-160x600_3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/ Frame 5D4B 4 KB
4 KB 35ms
27ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/zms-der-mercedes-unter-den-arbeitgebern-160x600_3.png

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bec66f52258b85c3e75c0432b752d305c954c85d3f39bbfa73da68378fb854a9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 26 Nov 2022 23:04:27 GMT
x-content-type-options: nosniff
age: 192823
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3880
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 Nov 2023 23:04:27 GMT

GET
H3 200 MB-star_n_web_40x40.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/ Frame 5D4B 4 KB
4 KB 22ms
13ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/MB-star_n_web_40x40.png

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc1ba3df49d2d6e55830d24a56416c61bc767cc0b8131a65b790fcc6f25aa09a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 26 Nov 2022 23:04:26 GMT
x-content-type-options: nosniff
age: 192824
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3960
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 Nov 2023 23:04:26 GMT

GET
H3 200 MB-star_n_web_64x64.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/ Frame 5D4B 7 KB
7 KB 40ms
31ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/MB-star_n_web_64x64.png

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf4d08bcfd4d7a489e8ba8017fa5fe15fd62757099bee4ce1c12f28880b27006

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 22 Nov 2022 19:03:56 GMT
x-content-type-options: nosniff
age: 552854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7296
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 Nov 2023 19:03:56 GMT

GET
H3 200 zms-der-mercedes-unter-den-arbeitgebern_3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/ Frame 5D4B 6 KB
6 KB 39ms
31ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/zms-der-mercedes-unter-den-arbeitgebern_3.png

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb07bbd2a765ea9c61a1e3bec3538f6e745213dca0b75afb3227c714cfa86d2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 22 Nov 2022 19:26:59 GMT
x-content-type-options: nosniff
age: 551471
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5896
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 Nov 2023 19:26:59 GMT

GET
H3 200 button-job-finden_3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/ Frame 5D4B 994 B
1022 B 24ms
16ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9575361904944087040/button-job-finden_3.png

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd77e8dc3aefa02b2001094ddbb2df80b88f18977ff9460e61268737dd057b9a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 23 Nov 2022 09:13:30 GMT
x-content-type-options: nosniff
age: 501880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 994
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Nov 2023 09:13:30 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 5359 170 KB
59 KB 38ms
6ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.geosuper.tv
URL: https://www.geosuper.tv/live

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
Origin: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 16:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Nov 2022 16:47:17 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 5359 8 KB
3 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CaoPt2wC_lbgLVJbl6snH8QjAQoIy8g8vlaeUmmiH5E-k8JpYwMgiVoP4j4trQVi7Habbhn1g_mpadZxJmhrtSoFP520hgfoHEfs3W4m64GpelX1fAzyM84r7hLga-leXeWth4q3WkMOk0CaAuwEPGlJvQ4bK5gw8b6GCbncz7SLxNu9Q&dbm_d=AKAmf-BtF0iBJJr9gwFQrxfI1Qe95iu63LtAkGHVsYryc7SvBdyIyBzwCG13S81F9Tr1M_inEsN1h_yl-ggFlsC5WWzvaAW8x6YkDTmv4cxUSHn2Y3xWMhXA_OaNP_kWytOM8_hGVi7mmgAZCcYS-oXCH68UqTW_QHQF4AzURI0sropCXJLHetNdwDbidqZBnhFDqiYIj7rnpFcAVqMiGRgab4omp2reELnmB5R0r0_11c4HAM7thXdk5xsYtwK4E67IJmRvFUSrAcSMgyl4a_LJuBR35FOGhVJe-UKbzr31LDKuKyGdmseRP4cECg6U9GEBSVl1ShKyBqRrIwBD1ek7KECk7dAD4MfD9OJlBXXQ5MtdECAEX-dv-b_6_GKkebFPiXuIx70s5VSODQWAKD3FhbEaFTsoTokf_fXHyDDnEyGy9-Oweq9sjgjLtDCAwO10T7tRK_z5YwR91xaZmWEf9Ipg5JzI__1gJiN1iAqoebwwA91OBYIFzJQ0hhPZmkJQ4m5uJMLcV3WFrElAxx9BGV_cBAp8rUJUoKTNeLVAq42-bx3Bd5eL9mJ3pVjbZuSgezt8AFngzz1QnsFuHZfw7_8yt-2ERjqS9FnQPHbzRjEWWAJfXWZpWOU3OPmpC5nbZa09uLtztfaMhinz9p2WAHQDYAXgywcGhw1xgj1mZzVXwqK-uBB-7kbUocEWZL59Ex8MkGr6STKqXA1DDKtywS9TB3zsltOL4_Snu70Dh0MI09L3Jl9NJkJX9amCAk9ex4xlelvgejNAxTBiWvgBBsa5s8SoII1LHjnVBZhELGAdF3Vg-0ujz0968SpefW1dfG73LB-ncwaZ-JkfPsubP5y-8trQdF0LTN2-4q4fj7TZSodtB7sjXnWpM9W9iGMDBWMx8CPZ7jE3-aMDlxgT0UKC6JBEQXDOzJVeaPWGYmVT01xwUGYMUWSaAlB8JikTdGgbLGOrwD-6MLgAzlMwN2OuBAAK213QsiOGPumG5gQUCoJyOmd8tLYYXQTV_ivJtR_Pm7aJeU6fah87wDUbzythe380-LXCPU5OJgnOjReli3YVghWTOrjmJOrq7G7EmzaC2PoK8p4PzLSkrm7VSzrT1viaLSmVk-zl5bo9rUvezIINfM3hcRpqeyaE3xvgAbhVGdn5G5ww674aYSHK0s8C8ZzErFDiQxAsG_Dmf76O8lOo7PTAiBAz-CUWAJBJIwy_TRLTMo6Me1-tZgsNzL0HSOh9MVFF8jMB21bGgLEQksgmrXbN5MN0tpC7KrGkgAu-s65snhW3uaCesSBO3X4-qQstPl58WPMFt3aLC2xXWh-_E4VoUv5v_OFKCx4-caJxDSHee0gkek11hfIdx7lp07pnjs9AG1kxMQ6MpwrbZ-UE4k7kEItxMEPvCkX9Cyifhh7YCsHp_0mH6Bx2RWlO02wG-MLnOtr3uRLZZxW6mCG70iTlq9u6lfeS1prAKcMTIAkYRh5myGCdGNhj8PCbRlfB0g-b1X2y2RrdDwSiGAD5dNVpXbFmN-GN0AZc1BNjA0vEqNA2XpyxQ8she4fvrn6CeXNkMuZll41_e8DgOe0MyUhBZ2xZwijEm0H1tGfFqOgGtuQP6-Nro2QTPmlYnCR5RQGyctFokyv16Fp1HkicOqmmcFPjx_NWmbmQ2m6uCQBTySNOSH94Pptrz68VSCDE-3In0sWLY_p10Z09pWBM9LpARL9twdPoy4g69IoXWvdcHlhdx8lvyUlmN2iqT_e7LjlJOuaoVobAaLOfrq0APy7rKn2Vvt7du_nKCewfr1IqvqqC--ahg5nb0TxbDvlORQNu1j9ebrmumd0dZj1M4qzJ69Zd1U1QIj9uzPMzHxPoNpekHMjhXfuC1VYDmqQ8xzQjKJCTSAn97BsGlKnsXhengrjfT-2-_YvqO-shEWiskZbbexJJHrFJPhffAJH-2RZ92JWnOmkSI4S1rUgav4Iph_XDyQvqkQEr_R8CiQ7YbnHcxsZhVzbJo_ghgc3I1A0nRHWV97vDUH9KAvaki6A_kG5N1KZxoQJdkqEjxyOHzClfvWE_lyzLRceqWeSXpk5NK1i7CglUhbG6mmjcuMpJFd7xyaYikQR8GyvhZb4LlGAc_k6Wf_ahZn366zV_wv5kCUecRnxIk15kr3Qx-Wk77y8a-PwkfNuPeUc2geGMVQhAsburVz93O0zGDoBHETbVmvSnbJaF0JuG_rc03bml6VFSFW2pBmzH8VCjUzIMqpA4hkQNHi-gjTW9l5lcCD7VRWEY8K4zZics92ZmpOQR89rhmGMzC13szEm0dD4ZdS0ekOifXcHag0HHvPLzk-cUsFcoAhDSQ6VM0K1eiKWAT0vE9R8X_D3N-3-gua-tgpralKh-pknVfapnxRYoTq45R2kLxHEpppBV4044epGInEno6EbdMIIVINKrR5B-48SoDJmMNgRU4dkfOAVUJPizoAvBiP86g_YsbFJ5TJ1DFO6AficTrywVMYjmNBFtl5jYl8mxbsxk2P_Or9vtdymoX6TV3F3T3Qu7qUHsc9jI1rcORPlE9JuMOldzgIw42FZyP-TmtMQvYLxiCiM3LOyu4KTey7fYIq4YMcsnOrZF2CPoY_9qHTXrMZrATE4pKadEBD5whr2UVyZ_9yTd-Gvpo-4SQEo4XSxhlHa3wJruuJX2GTF3yYJiz10NQpC-mtxraHxdEx3iWUo1GjkEXY9yWPT3LfH0gc11Tfc4O3K4oldcRe11Vxlmk7XLKYvhUmws7cGtmFEaOfinmsw7AlZ-MKnfbaMoLoEotnFjQGP72otP8WnqFkCWluGTBRJlL-Zs7R4UXy4SdhrdDCZEN5VvnGrQQDTah3sdRfu4SRlc24pRueXskIUwSS0b4GsTmGcrWe04Xj2j0j-EuZXwRazojdIeY6VPzTdsNSTEwjp3B0C9YHfc83iWd-YQpbgCU_tFyRB_WYSSUzrsWs9qtxk7FdNLWOaZvagqnXnWcZdgCgqUPGWebr9sSTO3XV-geDhs3hD6n9H_rlphUVNqv3I1uQMI13fE1WjGtObxMCWj6NcqjNv4Y-sggYo6ximhqjZRkEr6nOQd7JhD3T4Cw6re6dOHjTqWd6rfFZEBrTfcJJQnyu4rdQXao-UvovzbEMzgCW1921Kdz4zuAMsHCDV0T6TxENzDRVo4flWh35hipxzCIzl8fJxpRAqpiGjey93mBEnHAzNmO3_D0q2acKb6X8U8j-F2CHFqqwVdkxdszRuqYB5cEZLpcppdcjFBYiiDXOUnYAZvlSFwK2YK3DC-v9UX4IRfOv_b9rKgkDU&cid=CAQSTADq26N9UrCQ4cyvfbMuLCAdjO29l2iG8V_wPUqL0eAItEzUIfSU041esWDD3Ch9w_P4Z4TuJqxwaCdyuvW4Zi3lbhLShqEPk_qbZgQYASAT&rfl=1%2Chttps%253A%252F%252Fwww.geosuper.tv%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 16:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 16:31:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 5359 29 KB
11 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 13:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 13:36:26 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5359 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
URL: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:22:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:22:14 GMT

GET
DATA 200
OK truncated
/ Frame 5359 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52e406fd868d8f4cf0a1ede5655d5a0ba7640d4d7754ce1c9ca14e3ecf54c652

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/5798567487121391616/ Frame 363B 45 KB
12 KB 34ms
18ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=rDKt1qnCrz&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b341623cd3ab06b1ab6cdf2fc9f133648da75db0b6e6c15812545e536af2bfd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 04:38:10 GMT
expires: Wed, 29 Nov 2023 04:38:10 GMT
last-modified: Wed, 14 Sep 2022 11:46:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5359 0
0 89ms
52ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYEPAUOOgAUIQcb1BZHRrz4Mmwz3yw-l7dJiqOK_TLi-szHP8Go9Anr9CpB0NYS9-mcJnITm_hD3npkp9jrtluzODwl4X4_7cwyYZID7O2JemWFmU0Ux5LB-S3TysFmiOSlTTrnrgFL4eUVlb9x8dlL3rVUxRTrn1momp5Z840a_-HXJvWzr42IYDY29ztzc1WlR-3rO2cFWRGfVXfXzJzuncH2EGCZTFkW-5EUDIp8mCe1xatmWjF76tkvtH7_YMV9ZZ49DGDYv0gkpti8LnI2ZMab2rVEcBO2TInP-ditcLwR6Cd0a7H-sFcOT8ZEv7chWCzJscrIG4bGBzs8J1bdKbjnJ7t3sfMUabIDjfREqrIrMCBs6-8V8anZGcF1Sx-gBY6k2m_Q7jCeyPViP7WMa8k-W8vh2JdS_X013AY_m8Lcx7r-EZTzGaj-u8eGjMfl332yMEPopoDUu9aaCG3OGc_vJX16dXSqJfxmEj4ugd0rl9_Uxu-5oGQ0ZK6D98bvFj5tl5CT_ja19j1yIe3yLS7VgXJRAznwmSUCVJyibr5-6eAzYNB44QsdhMynPdt1nC8t253pLf79KAknR_NLRwxJ5PTO95NYywzCCQ63axJfSbGqSH4Ibe3JaO34tIn38GcWY3A4p7dP2fYw7pN9R37OjYV7ws7J_iGB_vXHjLSoWvgp6RCrOcWV2XreVjKbhPKi2j6Rt39EAotx5ka0ILHA98AbQQJOdjij7s1AYaCUd5-M9hMSVWqqHzYRIz59ZnKSZfugxH5H4xlOoX8HtpXsfiC3kHh0ZZeBOlYtY3as7WXfvwnHJxa9ipyh4LkFwTcHeWx_WwD3rr-JldpqsDKNCwBc_AaPpyPjl2OY3alDPEeydX-jC8gPSogjwcOJhHkjKoNNuUooMEreTwj-pgkfHof_P4FhCAPZ6Cvxcc2gug7NiOFOLatki9Ptq9ZfUaurpWBIgnwn_lo9fldlfzmo3r-eyyUeEcXCaVR2-1y2MoE7XL5AS9ts3rqo-j0iFHRP3_BiFPIle2jiPiLOJiROLxtxS4BHDnwTEAa-5px75xJD0Y5nbQAkXn6Okseqcq1NyxwIK5E2xrJvLbccFMi5PY3EzoYhHT9mNaw1lL2xIk8PPTBaYkKUbFP-Fqe8HgugQDRHwqaI3E4DR5Dj6hPOw_vktThAhi8BnJyFc7CyEoMrrnmVzWyDrK6VfxDQ5RqXhShbSxbTQscrscv5pnF&sai=AMfl-YQADlJAA8VQAw7YKujbwC9zWWlE5eApTSRJRN49cIgq6N7xtR-TW_SGuFlWL1EGOhAsN_iUOdA73uWib9EEorCs2GSyWXZPX3e9L8BcScaEFDxVHgo6y3ZOvc_gvzVhyotjJtYWNHwmSPTmauD3KNLJeQg7AGlCwSfNVpKrb6yLexzpLOzCb9BqkShFhX1OiGo3YjlFHiP7B6CzOi2J5_2krla7aF4-YjVtQOJSPuXnZ3Huy9aOfAvbu3JUGUhE2O_hi2BaQuR2Tr_n60ksOCmkCOsgp8B8PGFiDWOQrQ&sig=Cg0ArKJSzK6SF-NhalLyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=124&cbvp=1&cstd=118&cisv=r20221110.30311&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.geosuper.tv
URL: https://www.geosuper.tv/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Nov 2022 04:38:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Nov 2022 04:38:10 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CE17 22 KB
8 KB 11ms
10ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 04:25:46 GMT
expires: Wed, 29 Nov 2023 04:25:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 363B 118 KB
40 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=rDKt1qnCrz&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=rDKt1qnCrz&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 11:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62873
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Nov 2022 11:10:17 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 363B 63 KB
25 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=rDKt1qnCrz&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=rDKt1qnCrz&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Nov 2022 04:38:10 GMT

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame CE17 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 15:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 15:08:10 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5359 0
0 59ms
44ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYEPAUOOgAUIQcb1BZHRrz4Mmwz3yw-l7dJiqOK_TLi-szHP8Go9Anr9CpB0NYS9-mcJnITm_hD3npkp9jrtluzODwl4X4_7cwyYZID7O2JemWFmU0Ux5LB-S3TysFmiOSlTTrnrgFL4eUVlb9x8dlL3rVUxRTrn1momp5Z840a_-HXJvWzr42IYDY29ztzc1WlR-3rO2cFWRGfVXfXzJzuncH2EGCZTFkW-5EUDIp8mCe1xatmWjF76tkvtH7_YMV9ZZ49DGDYv0gkpti8LnI2ZMab2rVEcBO2TInP-ditcLwR6Cd0a7H-sFcOT8ZEv7chWCzJscrIG4bGBzs8J1bdKbjnJ7t3sfMUabIDjfREqrIrMCBs6-8V8anZGcF1Sx-gBY6k2m_Q7jCeyPViP7WMa8k-W8vh2JdS_X013AY_m8Lcx7r-EZTzGaj-u8eGjMfl332yMEPopoDUu9aaCG3OGc_vJX16dXSqJfxmEj4ugd0rl9_Uxu-5oGQ0ZK6D98bvFj5tl5CT_ja19j1yIe3yLS7VgXJRAznwmSUCVJyibr5-6eAzYNB44QsdhMynPdt1nC8t253pLf79KAknR_NLRwxJ5PTO95NYywzCCQ63axJfSbGqSH4Ibe3JaO34tIn38GcWY3A4p7dP2fYw7pN9R37OjYV7ws7J_iGB_vXHjLSoWvgp6RCrOcWV2XreVjKbhPKi2j6Rt39EAotx5ka0ILHA98AbQQJOdjij7s1AYaCUd5-M9hMSVWqqHzYRIz59ZnKSZfugxH5H4xlOoX8HtpXsfiC3kHh0ZZeBOlYtY3as7WXfvwnHJxa9ipyh4LkFwTcHeWx_WwD3rr-JldpqsDKNCwBc_AaPpyPjl2OY3alDPEeydX-jC8gPSogjwcOJhHkjKoNNuUooMEreTwj-pgkfHof_P4FhCAPZ6Cvxcc2gug7NiOFOLatki9Ptq9ZfUaurpWBIgnwn_lo9fldlfzmo3r-eyyUeEcXCaVR2-1y2MoE7XL5AS9ts3rqo-j0iFHRP3_BiFPIle2jiPiLOJiROLxtxS4BHDnwTEAa-5px75xJD0Y5nbQAkXn6Okseqcq1NyxwIK5E2xrJvLbccFMi5PY3EzoYhHT9mNaw1lL2xIk8PPTBaYkKUbFP-Fqe8HgugQDRHwqaI3E4DR5Dj6hPOw_vktThAhi8BnJyFc7CyEoMrrnmVzWyDrK6VfxDQ5RqXhShbSxbTQscrscv5pnF&sai=AMfl-YQADlJAA8VQAw7YKujbwC9zWWlE5eApTSRJRN49cIgq6N7xtR-TW_SGuFlWL1EGOhAsN_iUOdA73uWib9EEorCs2GSyWXZPX3e9L8BcScaEFDxVHgo6y3ZOvc_gvzVhyotjJtYWNHwmSPTmauD3KNLJeQg7AGlCwSfNVpKrb6yLexzpLOzCb9BqkShFhX1OiGo3YjlFHiP7B6CzOi2J5_2krla7aF4-YjVtQOJSPuXnZ3Huy9aOfAvbu3JUGUhE2O_hi2BaQuR2Tr_n60ksOCmkCOsgp8B8PGFiDWOQrQ&sig=Cg0ArKJSzK6SF-NhalLyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=247&vt=11&dtpt=123&dett=3&cstd=118&cisv=r20221110.30311&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.geosuper.tv
URL: https://www.geosuper.tv/live

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Nov 2022 04:38:10 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 363B 47 KB
47 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=rDKt1qnCrz&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:34:00 GMT
x-content-type-options: nosniff
age: 250
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Nov 2022 04:49:00 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 363B 46 KB
46 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=rDKt1qnCrz&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:35:05 GMT
x-content-type-options: nosniff
age: 185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Nov 2022 04:50:05 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 363B 7 KB
5 KB 35ms
20ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

882853d40cdf98b5559a5989978878f45ca5f705e3a9ee19a689778e8f818c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5529
x-xss-protection: 0

GET
H3 200 60005582_20221117025422338_Honor-70_Buds.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 363B 47 KB
47 KB 13ms
12ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20221117025422338_Honor-70_Buds.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdb577ef9c49fc569b276ed1c737f11579d14471f19e9585f0b7e158fd47f62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=rDKt1qnCrz&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 11:16:17 GMT
x-content-type-options: nosniff
age: 62513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47911
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 10:54:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Nov 2022 11:16:17 GMT

GET
H3 200 60005582_20221115024205628_728x090_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 363B 200 B
226 B 16ms
15ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20221115024205628_728x090_BG.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c89dcd1837b0ad1f896d5dee97d4c91e1ff3e7605979fa4e897a39babead563e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=rDKt1qnCrz&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 08:45:52 GMT
x-content-type-options: nosniff
age: 71538
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 10:42:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Nov 2022 08:45:52 GMT

GET
H3 200 60005582_20221123074352137_728x090_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 363B 218 B
244 B 15ms
14ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20221123074352137_728x090_LOOK-02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b32809b891125c9f9513f06becc99df7803a6ef311aa57a672bf1003ee7bec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=rDKt1qnCrz&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 22:10:45 GMT
x-content-type-options: nosniff
age: 23245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 218
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 15:43:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Nov 2022 22:10:45 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 363B 43 B
637 B 33ms
10ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=28511221_4307561_346972465_145341330_DIV0203A20221117&ref=28511221_4307561_346972465_145341330_DIV0203A20221117
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 04:38:10 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 43

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 363B 26 KB
26 KB 11ms
10ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=rDKt1qnCrz&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:37:19 GMT
x-content-type-options: nosniff
age: 51
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Nov 2022 04:52:19 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 363B 17 KB
6 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 04:38:10 GMT

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 00CE 36 KB
16 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 15:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 15:08:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE17 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjRtNsoyFY-z3GeOM9u8PkZ6q0AQAAAAAOAHgBAI&bg=!BAelB0PNAAbvMpMzzzI7ACkAdvg8Wp19w4RRlty_PO7VtBZY9XWw5KRBo5mbCBmcn7VU-hwtvAbmwgIAAACfUgAAAARoAQcKAArSk1pWKS36M1MamQLlaAeB-bdKKIr6CnFiFJMU4FNgc3L3gNq9phkgKvvIVEdCweqy0YAUH8RKMYLAenfCFtdc3enuZV6mO9Q3OjUdLRcr4uVhnycS41celI7wsCcgIcjyVE4iiAJlGdndMF-th7JKR47FP8liaLo0ujPWi59BnR-S2GI6xXSK1fpGuKjVL8innGq2uq3AEpHbOxyP1sAPjRBcfuq5QWYSooIcDc4YOsOhXiOASS8eqsoTOSQvJSDCJDg-AWsPRfN6zzItNPtia0cG7yjR9DvOBEA-8my88ckk5xwTuskDxQllfwviNlUzU5DmTNWusD9a8lPkzaftR5P125-FE-wmK3iTSZrfqHeS69LLlSvrrHFcSPSdaz-V9YYEA48mp1c7K9uSWWsTzH-PU-CD2WeTWPBlGrLD8KxG2W6OscAgDgojXZQEWAP7GKC8HhCxnIxz94Ytjmf5KSGCrqAo1j4t-mO8i_vUeKyu_-rsZ8O9iH-2nvC7TJSat4B6GAYeB0Tu9O0pFFbBWHwYZwdEdDAEJ8ToYH0n65srBjPXRplPgs99k2FWIzR0MeU16UFRi2fMvaeTqS4wW_qQdX00mtYs0ZcgJdPyifqTsma8pSp6jIObnlbmHvUKmXPbjYIV4_DjwaxIwaaTFYVeeSfDkNYSfTWj52vVxbGh5hyhY47F2Xv1ftYasz2-pXPGr3a5eemmuDxFer0vF411-mqrs6R0x0wB5LaUfeBgOcpW2mWQbgFXTCusJo1asuXPZy7dSm2W3I_z_AWSvYJv85mFza7XGsi-YnZ8sovmj53jKsKmfpKGykbkwKHsKCV7ii7XFVYWNYw4pSj6dE_VB4nJu28p8KqYq_zY_q52FtLB8CLZ3IeQbmU64-i8TLgUG5qbLE5m1ACPDmYuRL27wYdPwdnuOnKjqzz7aKqGiy2TUpwK59F-X7AyLzCMi2DN0R0BlZLhFVMDrej3Djms43CajF-_L1--2psQ2n9I

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 04:38:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4040 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQT_nU-9jKxtC_4dR1TjmYwj3SioE5AhrK68hGbZMxs8vfmNWp-sdRtTMU9ZwA5V2ikH6mKpw914-CI1CGfE7S15qA6-Q-dgJ3ph2NuIEcKkV-HnX_ZeuS4BwCZnPCX3mtFoEE_g&sai=AMfl-YSWGJVlgnEl3rquJLQbfU7FZeTUjcQ0Ka4fiuxXy_r8JRcDW0sUtrs8pi6uBu1m6NS9a_nUQmcD5OBM0_4qMGyxPlmHJDOF9G2-vnEqMY_asmAhTjw4UE3zl3at3ZZpo4GLOqErBxpIsCAKOGZ8&sig=Cg0ArKJSzDJwdQNXe8afEAE&cid=CAQSTADq26N9UrCQ4cyvfbMuLCAdjO29l2iG8V_wPUqL0eAItEzUIfSU041esWDD3Ch9w_P4Z4TuJqxwaCdyuvW4Zi3lbhLShqEPk_qbZgQYASAT&id=lidar2&mcvt=1000&p=217,1148,467,1448&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3484638759&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669696690372&rpt=169&isd=0&lsd=0&met=mue&wmsd=0&pbe=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 04:38:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5359 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKwwc5y2NxvxAtRFrpSrslPP28l_j0jQoETZpWXSgMtUB9p_A9-YlL88zJW8-ydG99g7pO6nPhE-NilEBN5u-tu5m_tTrOJAxe2AxVx8iFVFcRq8QPTPuB4A7-h-vnGbZg8AjxYA&sai=AMfl-YTZCmpxxZtQ6xcmsJFrsyfSlpjPKj4tE-O6H0rJydL2K3srPgZOgTGTwiDNhb9oXiFEZMZ0WdBowGTDVzMq0o_lF16Xzy1txyIYbUf6JWist1IZAKFBtibH16iFXWKwR21ttiviu1yREZ8C1rEE&sig=Cg0ArKJSzIz49xaCh9MVEAE&cid=CAQSTADq26N9UrCQ4cyvfbMuLCAdjO29l2iG8V_wPUqL0eAItEzUIfSU041esWDD3Ch9w_P4Z4TuJqxwaCdyuvW4Zi3lbhLShqEPk_qbZgQYASAT&id=lidar2&mcvt=1000&p=107,436,197,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3912186134&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669696690362&rpt=233&isd=0&lsd=0&met=ce&wmsd=0&pbe=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 04:38:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 mycustom.js Show response
www.geosuper.tv/assets/front/js/ 4 KB
1 KB 19ms
18ms Script
application/javascript 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geosuper.tv/assets/front/js/mycustom.js?xyz=12445
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 843721f8c259799c59f5e1b37ad256ed9565c9417d5837dc7be8d1c01ecafcd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:12 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 24 Nov 2022 09:25:40 GMT
server: cloudflare
age: 404655
cf-polished: origSize=6648
etag: W/"637f3894-19f8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7718a70698c59b58-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 29 Nov 2023 04:38:12 GMT

GET
H3 200 wc_custom.js Show response
www.geosuper.tv/assets/front/js/wc-assets/ 3 KB
1 KB 25ms
24ms Script
application/javascript 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geosuper.tv/assets/front/js/wc-assets/wc_custom.js?xyz=423231
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a233ccdd13215118fac0e8d8ac0a6cacbc2ea528e984574c95f84b8e065124fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:12 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 24 Nov 2022 08:35:21 GMT
server: cloudflare
age: 404655
cf-polished: origSize=7183
etag: W/"637f2cc9-1c0f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7718a70698c69b58-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 29 Nov 2023 04:38:12 GMT

GET
H3 200 poll.js Show response
www.geosuper.tv/assets/front/js/poll/ 2 KB
842 B 22ms
21ms Script
application/javascript 104.17.143.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geosuper.tv/assets/front/js/poll/poll.js?xyz=3
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.143.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30b24e530d3d843f50ea0bc11747bc7cced6066a353401043727a4744af15e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:12 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 24 Nov 2022 08:35:21 GMT
server: cloudflare
age: 404655
cf-polished: origSize=3269
etag: W/"637f2cc9-cc5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7718a70698c79b58-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 29 Nov 2023 04:38:12 GMT

GET
H2 200 get_entertainment_news_widget Show response
www.thenews.com.pk/ 11 KB
3 KB 156ms
130ms XHR
text/html 104.17.187.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenews.com.pk/get_entertainment_news_widget
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/assets/front/js/jquery-3.6.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.187.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 2f9333a4bbd253aa5c3ec15bcc31a11eb37bab1c963f9c0f873d77cf85b8c690

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.geosuper.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 34
date: Tue, 29 Nov 2022 04:38:12 GMT
via: 1.1 varnish (Varnish/6.0)
content-encoding: br
cf-cache-status: DYNAMIC
age: 13
x-powered-by: PHP/7.1.33
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
x-varnish: 196686 65542
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
access-control-allow-credentials: true
cf-ray: 7718a706cc319b61-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 79ms
64ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.geosuper.tv
URL: https://www.geosuper.tv/assets/front/js/jquery-3.6.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:12 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7718a707bdee910c-FRA

GET
H3 200 s_1014964_091844_updates.jpg
www.thenews.com.pk/assets/uploads/updates/2022-11-29/ 5 KB
6 KB 38ms
25ms Image
image/jpeg 104.17.187.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenews.com.pk/assets/uploads/updates/2022-11-29/s_1014964_091844_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.187.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fbe2fb2ba004ec852bc71103ead400890c01ec92f08fe9081ba5cd88ea28124

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:12 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 1115
cf-polished: degrade=85, origSize=5671, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5630
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Nov 2022 04:18:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 557407
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7718a707bb3291e1-FRA
expires: Sat, 28 Jan 2023 04:38:12 GMT

GET
H3 200 s_1014963_085831_updates.jpg
www.thenews.com.pk/assets/uploads/updates/2022-11-29/ 6 KB
7 KB 31ms
18ms Image
image/jpeg 104.17.187.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenews.com.pk/assets/uploads/updates/2022-11-29/s_1014963_085831_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.187.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9916dbd628c9bba96070cc042e29e58d097a04718d90ea4f765400096083eae7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:12 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 2166
cf-polished: degrade=85, origSize=6617, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6555
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Nov 2022 03:58:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 262159
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7718a707bb3691e1-FRA
expires: Sat, 28 Jan 2023 04:38:12 GMT

GET
H3 200 s_1014765_014045_updates.jpg
www.thenews.com.pk/assets/uploads/updates/2022-11-29/ 4 KB
5 KB 39ms
26ms Image
image/webp 104.17.187.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenews.com.pk/assets/uploads/updates/2022-11-29/s_1014765_014045_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.187.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84cf7f2a54fb0106f511f26a920a78751f8fe52c8ddf47ca67a9abeae66a3b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:12 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 28686
cf-polished: qual=85, origFmt=jpeg, origSize=5120
x-cache: MISS
content-disposition: inline; filename="s_1014765_014045_updates.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4570
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 20:40:45 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 426393
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7718a707bb3891e1-FRA
expires: Sat, 28 Jan 2023 04:38:12 GMT

GET
H3 200 s_1014763_010605_updates.jpg
www.thenews.com.pk/assets/uploads/updates/2022-11-29/ 6 KB
6 KB 39ms
26ms Image
image/jpeg 104.17.187.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenews.com.pk/assets/uploads/updates/2022-11-29/s_1014763_010605_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.187.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebedecb29cce379d9f194ecfc2a6bc0229e98eef680f175d00f80d20284732e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:12 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 30782
cf-polished: origSize=6222, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5778
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 20:06:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 196849
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7718a707bb3991e1-FRA
expires: Sat, 28 Jan 2023 04:38:12 GMT

GET
H3 200 s_1014728_125511_updates.jpg
www.thenews.com.pk/assets/uploads/updates/2022-11-28/ 4 KB
4 KB 55ms
43ms Image
image/webp 104.17.187.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenews.com.pk/assets/uploads/updates/2022-11-28/s_1014728_125511_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.187.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 636cf91032ff35438bfaab57ff4f812ad231256587f29b8c7f634066e12a5482

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:12 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 31430
cf-polished: qual=85, origFmt=jpeg, origSize=4655
x-cache: MISS
content-disposition: inline; filename="s_1014728_125511_updates.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3820
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 19:55:11 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 229407
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7718a707bb3b91e1-FRA
expires: Sat, 28 Jan 2023 04:38:12 GMT

GET
H3 200 s_1014760_115451_updates.jpg
www.thenews.com.pk/assets/uploads/updates/2022-11-28/ 7 KB
7 KB 30ms
17ms Image
image/jpeg 104.17.187.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenews.com.pk/assets/uploads/updates/2022-11-28/s_1014760_115451_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.187.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6705ac7cd3accad696e45e71b0d8dde05e7575ba22289e85418f20f9d04710b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:12 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 34498
cf-polished: origSize=7848, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7198
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 18:54:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 164472
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7718a707bb3d91e1-FRA
expires: Sat, 28 Jan 2023 04:38:12 GMT

GET
H3 200 s_1014759_114634_updates.jpg
www.thenews.com.pk/assets/uploads/updates/2022-11-28/ 8 KB
8 KB 44ms
32ms Image
image/jpeg 104.17.187.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenews.com.pk/assets/uploads/updates/2022-11-28/s_1014759_114634_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.187.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d87ebfbe08f51339dc1ed30baa1df383e94e63a29061c52c73ab70adc98c31d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:12 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 34871
cf-polished: degrade=85, origSize=7755, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7732
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 18:46:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 426625
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7718a707bb4091e1-FRA
expires: Sat, 28 Jan 2023 04:38:12 GMT

GET
H3 200 s_1014752_113612_updates.jpg
www.thenews.com.pk/assets/uploads/updates/2022-11-28/ 4 KB
4 KB 44ms
32ms Image
image/webp 104.17.187.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenews.com.pk/assets/uploads/updates/2022-11-28/s_1014752_113612_updates.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.187.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9649fddb12f6561cc89a368b7b75860a52cac3d4a4b43deb5822698c6f630148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:12 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 35097
cf-polished: qual=85, origFmt=jpeg, origSize=4624
x-cache: MISS
content-disposition: inline; filename="s_1014752_113612_updates.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3772
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 18:36:12 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 633
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7718a707bb4391e1-FRA
expires: Sat, 28 Jan 2023 04:38:12 GMT

GET
H3 200 L0x8DFMnlVwD4h3hu_qn.woff2
www.thenews.com.pk/assets/front/fonts/Domine/ 27 KB
27 KB 41ms
20ms Font
font/woff2 104.17.187.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenews.com.pk/assets/front/fonts/Domine/L0x8DFMnlVwD4h3hu_qn.woff2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.187.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82290f3cc6248941ab05553c59b4eaca44fd1d94c706eea6b1cab650a0b127da

Request headers

Referer: https://www.geosuper.tv/
Origin: https://www.geosuper.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:38:12 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 115906
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27720
last-modified: Fri, 23 Jul 2021 11:21:32 GMT
server: cloudflare
vary: Accept-Encoding
x-varnish: 263217
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7718a707dc7c9104-FRA
expires: Sat, 28 Jan 2023 04:38:12 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/7.5.0/ 12 KB
5 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.5.0/firebase-app.js

Requested by

Host: www.geosuper.tv
URL: https://www.geosuper.tv/live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e440e4c0a288d80f6d9e16d5d9d055e1563ac6243d61ce924383e5ad17ed642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 18:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4111
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 23:18:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Nov 2023 18:05:08 GMT

GET
H3 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/7.5.0/ 45 KB
12 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.5.0/firebase-messaging.js

Requested by

Host: www.geosuper.tv
URL: https://www.geosuper.tv/live

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

454f1c9b77d235b42dce8059682ae7fc26940376beb704bbbfd86dd4da4567de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 18:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12042
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 23:18:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Nov 2023 18:05:23 GMT

GET
H3 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/7.5.0/ 21 KB
7 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.5.0/firebase-analytics.js

Requested by

Host: www.geosuper.tv
URL: https://www.geosuper.tv/live

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d299d6880a57b7b5fffa1f6cdc7bae418008d4efab6626d5373871757b67c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geosuper.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 09:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7015
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 23:18:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 09:29:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jk3lz82elw79-hls-live.5centscdn.com
URL: https://jk3lz82elw79-hls-live.5centscdn.com/GeoSuper/074de7e7c226d5c60f8af14c20725352.sdp/playlist.m3u8

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.geosuper.tv/	1970-01-20 17:24:16	Name: _ga Value: GA1.2.1339817513.1669696689
.geosuper.tv/	1970-01-20 07:49:43	Name: _gid Value: GA1.2.837709590.1669696689
.geosuper.tv/	1970-01-20 07:48:16	Name: _gat_gtag_UA_1642881_1 Value: 1
.doubleclick.net/	1970-01-20 17:09:52	Name: IDE Value: AHWqTUmTVqxV--OfjEvaPfgkPE8i1h7VAwBNsyM7V6CKheFH_PKamoOYReR9tYbMHOg
.geosuper.tv/	1970-01-20 17:09:52	Name: __gads Value: ID=da57ef6c4f82e123:T=1669696689:S=ALNI_MatDYrNw-VETXBUb7JxfbJTRbW_Yg
.geosuper.tv/	1970-01-20 17:09:52	Name: __gpi Value: UID=00000b8a05debe42:T=1669696689:RT=1669696689:S=ALNI_MYr2Jm1AZU-yimhup-2kKYI7xntnw
.adnxs.com/	1970-01-20 09:57:52	Name: uuid2 Value: 7015342438868969183
.casalemedia.com/	1970-01-20 16:33:52	Name: CMID Value: Y4WMskjofJ7AMuGeZ.8FxAAA
.casalemedia.com/	1970-01-20 09:57:52	Name: CMPS Value: 5231
.casalemedia.com/	1970-01-20 09:57:52	Name: CMPRO Value: 5231
.doubleclick.net/	1970-01-20 07:48:20	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 09:57:52	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilaj!d>B!]tbPl1M>e)ZlrFUfJ+tGXxomQ4sEnbPihtDXF:C^-^ycCyC-k]5*Y$j+rq.3If)y3KL9D3I?+7^sf8@
.o2online.de/	1970-01-20 07:58:21	Name: webShopPV Value: ?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=28511221_4307561_346972465_145341330_DIV0203A20221117&ref=28511221_4307561_346972465_145341330_DIV0203A20221117

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.geosuper.tv/live Message: Access to XMLHttpRequest at 'https://jk3lz82elw79-hls-live.5centscdn.com/GeoSuper/074de7e7c226d5c60f8af14c20725352.sdp/playlist.m3u8' from origin 'https://www.geosuper.tv' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://jk3lz82elw79-hls-live.5centscdn.com/GeoSuper/074de7e7c226d5c60f8af14c20725352.sdp/playlist.m3u8 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8a48b6fdd6528f713dba6a3ff2d0b34d.safeframe.googlesyndication.com
adservice.google.com
bid.g.doubleclick.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
geosuper.tv
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
jk3lz82elw79-hls-live.5centscdn.com
pagead2.googlesyndication.com
portal.o2online.de
pubads.g.doubleclick.net
s0.2mdn.net
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.geosuper.tv
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.thenews.com.pk
jk3lz82elw79-hls-live.5centscdn.com
104.17.142.48
104.17.143.48
104.17.187.237
142.250.181.226
185.80.39.216
216.58.212.130
2606:4700::6810:3865
2a00:1450:4001:800::200e
2a00:1450:4001:801::2001
2a00:1450:4001:806::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::2004
2a00:1450:4001:827::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a00:1450:400c:c00::9a
37.252.171.53
64.233.167.157
82.113.101.132
043a56d6a2a0d57e0677ccf7b66f714460d07861a2999e2c387b8c0fe4a21881
04a8cbc6974488045ea7e7fda5e4bed2d7d4e85982757d70a196184d71da5864
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9e023e0949ca33ce3196e802acb06286a6809c0cfc6a3f6b9236b021554dbe
0d3efc40cc4a70ff7557d6ccbc514f4e90d555e5bd4650ca8938ad1227771ecd
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
125738319d20dc302fc127a3f51e4298e6e2160d4d704b406be5027ab895cb26
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
16c61d79170a8f22f4721af590c8f8a96ab997350fd5fe81d2af97f5cd39e863
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b32809b891125c9f9513f06becc99df7803a6ef311aa57a672bf1003ee7bec5
1c56298f1741c6934ca339f30e1e00b236811efc439766fe3a71fba071915ad3
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1f74d3e68f1fce26d945d08b563ea29575c977628c9481579aabb28d89fb41e4
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
28c27190636d247f0b265b265b259d415ac387a3ff70f7bbd70350dfeffa0718
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2f7418402b37dd7fdbeb5da7405d103fba03573666213722ac48e4f0ff6dbf64
2f9333a4bbd253aa5c3ec15bcc31a11eb37bab1c963f9c0f873d77cf85b8c690
2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e
30b24e530d3d843f50ea0bc11747bc7cced6066a353401043727a4744af15e40
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35269e9f9c79bd5da8d830b8ebde6f9731da8c044d95eba496c507465cd7ca7d
370271e07279d82c6eddef259cd4c651cdf9e778ef4ef69359172e77f5af8f28
3fbe2fb2ba004ec852bc71103ead400890c01ec92f08fe9081ba5cd88ea28124
3fdb577ef9c49fc569b276ed1c737f11579d14471f19e9585f0b7e158fd47f62
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
454f1c9b77d235b42dce8059682ae7fc26940376beb704bbbfd86dd4da4567de
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46c08a8e730886d75e15a6e49648d48d1859acbbebc308ade3b2ef7960a26148
46c3778954237779491e330409c51cafad37aed257721906231f9bd42f0b528a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52e406fd868d8f4cf0a1ede5655d5a0ba7640d4d7754ce1c9ca14e3ecf54c652
534da0b59ab7ec9dfe401f592c87913adbc818dd3f84cfed323b558aa6d6c847
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e01290097887321980abbbec4dd28b6826e25b15e173329d41bf241c69b07a
58a0036d7f0d5271e3d08cb9a0f0efde5fe80e274825f5fefcf3cb830f1938ec
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
601cd824135d73d2e0c907bd499b67ec0121a76d015143594857435159926b61
60564605ee78d565f25c02bc4d6b87d41cb899cd57af6bec2f376395d0bfe367
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636cf91032ff35438bfaab57ff4f812ad231256587f29b8c7f634066e12a5482
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ceafe48df8ea0b64907e46a4cc2ffbb55f6a594286cec6345184efa6b1587b6
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6ebedecb29cce379d9f194ecfc2a6bc0229e98eef680f175d00f80d20284732e
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7b4b1e9c6e3e4acfc19c32a4f618fc2b908ac72440e2a1794ee338c4c38aa6f8
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
82290f3cc6248941ab05553c59b4eaca44fd1d94c706eea6b1cab650a0b127da
843721f8c259799c59f5e1b37ad256ed9565c9417d5837dc7be8d1c01ecafcd7
84cf7f2a54fb0106f511f26a920a78751f8fe52c8ddf47ca67a9abeae66a3b1b
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
87c5551168988e7d8a3cf63f5dfa8e84924480b14c2f0ee8f92cb62f72855534
882853d40cdf98b5559a5989978878f45ca5f705e3a9ee19a689778e8f818c9c
8e440e4c0a288d80f6d9e16d5d9d055e1563ac6243d61ce924383e5ad17ed642
8f07e51395e24c6f9f352609cae1153f73095017fd973f48bdc5165da03add73
914eb922ee7c6242c122fadb8f8be5aa6b3abc1277a7eb8bb132a4e6e12e4bc7
937ab289b9514264556cb2a4c4bf2b06ad7f3ef62f75b41ee5108a2ec03fe89f
9508ae2c0c23698a62dbea2928d7c10e046b3cc1071d96f50d0adb2be8b44c7e
9649fddb12f6561cc89a368b7b75860a52cac3d4a4b43deb5822698c6f630148
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9916dbd628c9bba96070cc042e29e58d097a04718d90ea4f765400096083eae7
9d299d6880a57b7b5fffa1f6cdc7bae418008d4efab6626d5373871757b67c34
9d87ebfbe08f51339dc1ed30baa1df383e94e63a29061c52c73ab70adc98c31d
9dcade7f27c72fcb611167c45dba56aa79d8636479d5b932845559dd49eaa573
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0a350141d67ed51d246df1505d36493937ce7e740d25e3c6ed0a755461fcd9a
a233ccdd13215118fac0e8d8ac0a6cacbc2ea528e984574c95f84b8e065124fa
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a5afcaea9a4000a915c257e4be6a23c1cb9a3fe785cbe7d0931c4937f8e70851
af006cf691b634b633bf1ce2c522f804d406dfad88638b86a60a93d971ca897f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b341623cd3ab06b1ab6cdf2fc9f133648da75db0b6e6c15812545e536af2bfd1
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b463f766deec4252888badcdd8e9246d916f2630dcb52aee365a9d7aaa41358a
b7933b7981cb6dc993f2ab4258d7f0f3b4e8813d2a1f388d21373b41abf1c209
bec66f52258b85c3e75c0432b752d305c954c85d3f39bbfa73da68378fb854a9
bedcf079240b9391343d6e1a07958fe8778bf31dae3597fc0631c91f9bb65eea
bf4d08bcfd4d7a489e8ba8017fa5fe15fd62757099bee4ce1c12f28880b27006
c1cbd0cbbd8f9ea5979513e7428ff5db7c6c2b5414eb175b50faea557c14c985
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c5a22510bc8cb4d0abbfb01b2cb09669cf5123e6fdeee9b26cfc3235d6d30354
c758a30c5c04c107941f7b911794d297c0ffb2071bb00db3d242c62654627577
c89dcd1837b0ad1f896d5dee97d4c91e1ff3e7605979fa4e897a39babead563e
c9e52544d629779a0599daffc2417c0d6f3013e90b9a929b1f55ba279dee81ca
cadd41d57d03baa9fee12da98286e32ffcfc64a05453d4decd672a58aa9a4339
cca6c2dd9540ac7b8194f52ad49c3e6312705d4aa25c4cc29d68e9dbb8a3a118
cfb604dffe32ecc8b2390f2196559403174c7263dab9324ea8c8d67a3e93e463
d09470620720c9faa42877d2ff3a7d8bc04ae6ae8923c9b6fd5767d259d8c421
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2f22b4e47124fa52b1ea1cc1de54670fbe4c76280226563faa88fcc0c509e30
d626053191b864ea79bf0ba7d0cbf25fd16be9bda29c801512db1a54cf59226d
d64e4cd5b8ba1a966f1b3b1d96810bfcc778c571c7d1192f67e1740d734d4655
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb07bbd2a765ea9c61a1e3bec3538f6e745213dca0b75afb3227c714cfa86d2
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44144171b5b232c6a1ab5c35d206254eb6e4e271c077edca12ea9793984520d
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
eaf0f237de420b13417c1370d86457231e8a5b70c906489e9d4d4fc407378883
eddeb0c045f8b9b1ed7f19851187363328c798f709ff19e7c075f2b50ad0f0ed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15c7bafdb5c915168bf313fc18cac930edb20bfadd694e179048c7185563daf
f43762f8d21458d2db8345c175545afe7c12bd886a827956d78ae75dafc50179
f6705ac7cd3accad696e45e71b0d8dde05e7575ba22289e85418f20f9d04710b
f9141c530b52ba203f62cf4cb1d6eb65a4864450f4e3a85899b4275c44c7b77f
fc1ba3df49d2d6e55830d24a56416c61bc767cc0b8131a65b790fcc6f25aa09a
fd77e8dc3aefa02b2001094ddbb2df80b88f18977ff9460e61268737dd057b9a
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.geosuper.tv Open in urlscan Pro 104.17.143.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

138 Requests

96 %HTTPS

65 %IPv6

16 Domains

28 Subdomains

26 IPs

5 Countries

2544 kBTransfer

5553 kBSize

13 Cookies

11 Outgoing links

Page URL History

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.geosuper.tv Open in urlscan Pro
104.17.143.48 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

96 %
HTTPS

65 %
IPv6

16
Domains

28
Subdomains

26
IPs

5
Countries

2544 kB
Transfer

5553 kB
Size

13
Cookies

138 HTTP transactions
8 data transactions